Added more authorization tests.

framework/src/Volo.Abp.Authorization/Volo/Abp/Authorization/MethodInvocationAuthorizationService.cs

@@ -27,8 +27,11 @@ namespace Volo.Abp.Authorization
                 return;
             }
 
-            var authorizationPolicy = await AuthorizationPolicy.CombineAsync(_abpAuthorizationPolicyProvider,
-                GetAuthorizationDataAttributes(context.Method));
+            var authorizationPolicy = await AuthorizationPolicy.CombineAsync(
+                _abpAuthorizationPolicyProvider,
+                GetAuthorizationDataAttributes(context.Method)
+            );
+
             if (authorizationPolicy == null)
             {
                 return;

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/Authorization_Tests.cs

@@ -9,16 +9,33 @@ namespace Volo.Abp.Authorization
     public class Authorization_Tests : AuthorizationTestBase
     {
         private readonly IMyAuthorizedService1 _myAuthorizedService1;
+        private readonly IMySimpleAuthorizedService _simpleAuthorizedService;
         private readonly IMyAuthorizedServiceWithRole _myAuthorizedServiceWithRole;
         private readonly IPermissionDefinitionManager _permissionDefinitionManager;
 
         public Authorization_Tests()
         {
             _myAuthorizedService1 = GetRequiredService<IMyAuthorizedService1>();
+            _simpleAuthorizedService = GetRequiredService<IMySimpleAuthorizedService>();
             _myAuthorizedServiceWithRole = GetRequiredService<IMyAuthorizedServiceWithRole>();
             _permissionDefinitionManager = GetRequiredService<IPermissionDefinitionManager>();
         }
 
+        [Fact]
+        public async Task Should_Not_Allow_To_Call_Authorized_Method_For_Anonymous_User()
+        {
+            await Assert.ThrowsAsync<AbpAuthorizationException>(async () =>
+            {
+                await _simpleAuthorizedService.ProtectedByClassAsync();
+            });
+        }
+
+        [Fact]
+        public async Task Should_Allow_To_Call_Anonymous_Method_For_Anonymous_User()
+        {
+            (await _simpleAuthorizedService.AnonymousAsync()).ShouldBe(42);
+        }
+
         [Fact]
         public async Task Should_Not_Allow_To_Call_Method_If_Has_No_Permission_ProtectedByClass()
         {

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/IMyAuthorizedService1.cs

@@ -11,6 +11,5 @@ namespace Volo.Abp.Authorization.TestServices
         Task<int> ProtectedByClass();
 
         Task<int> ProtectedByClassAsync();
-
     }
 }

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/IMySimpleAuthorizedService.cs

@@ -0,0 +1,11 @@
+using System.Threading.Tasks;
+
+namespace Volo.Abp.Authorization.TestServices
+{
+    public interface IMySimpleAuthorizedService
+    {
+        Task<int> ProtectedByClassAsync();
+
+        Task<int> AnonymousAsync();
+    }
+}

framework/test/Volo.Abp.Authorization.Tests/Volo/Abp/Authorization/TestServices/MySimpleAuthorizedService.cs

@@ -0,0 +1,21 @@
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authorization;
+using Volo.Abp.DependencyInjection;
+
+namespace Volo.Abp.Authorization.TestServices
+{
+    [Authorize]
+    public class MySimpleAuthorizedService : IMySimpleAuthorizedService, ITransientDependency
+    {
+        public Task<int> ProtectedByClassAsync()
+        {
+            return Task.FromResult(42);
+        }
+
+        [AllowAnonymous]
+        public Task<int> AnonymousAsync()
+        {
+            return Task.FromResult(42);
+        }
+    }
+}