protected internal virtual AuthorizationEntity createGrantAuthorization(string userId, string groupId, Resource resource, string resourceId, params Permission[] permissions)
{
// assuming that there are no default authorizations for *
if (!string.ReferenceEquals(userId, null))
{
ensureValidIndividualResourceId("Cannot create authorization for user " + userId, userId);
}
if (!string.ReferenceEquals(groupId, null))
{
ensureValidIndividualResourceId("Cannot create authorization for group " + groupId, groupId);
}
AuthorizationEntity authorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
authorization.UserId = userId;
authorization.GroupId = groupId;
authorization.setResource(resource);
authorization.ResourceId = resourceId;
if (permissions != null)
{
foreach (Permission permission in permissions)
{
authorization.addPermission(permission);
}
}
return(authorization);
}
public virtual void testGlobalAuthPermissions()
{
AuthorizationEntity authorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
authorization.setResource(Resources.DEPLOYMENT);
assertFalse(authorization.isPermissionGranted(ALL));
assertTrue(authorization.isPermissionGranted(NONE));
IList <Permission> perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
assertTrue(perms.Contains(NONE));
assertEquals(1, perms.Count);
authorization.addPermission(READ);
perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
assertTrue(perms.Contains(NONE));
assertTrue(perms.Contains(READ));
assertEquals(2, perms.Count);
assertTrue(authorization.isPermissionGranted(READ));
assertTrue(authorization.isPermissionGranted(NONE)); // (none is always granted => you are always authorized to do nothing)
try
{
authorization.isPermissionRevoked(READ);
fail("Exception expected");
}
catch (System.InvalidOperationException e)
{
assertTextPresent("ENGINE-03026 Method 'isPermissionRevoked' cannot be used for authorization with type 'GRANT'.", e.Message);
}
}
protected internal virtual AuthorizationEntity updateAuthorization(AuthorizationEntity authorization, string userId, string groupId, Resource resource, string resourceId, params Permission[] permissions)
{
if (authorization == null)
{
authorization = createGrantAuthorization(userId, groupId, resource, resourceId);
updateAuthorizationBasedOnCacheEntries(authorization, userId, groupId, resource, resourceId);
}
if (permissions != null)
{
foreach (Permission permission in permissions)
{
if (permission != null)
{
authorization.addPermission(permission);
}
}
}
return(authorization);
}