public void RollbackNavigationProperty()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Write, OperationState.Deny, "Person", SecurityTestHelper.CompanyNameEqualsTwo);
Assert.AreEqual(3, dbContextConnectionClass.Company.Include(p => p.Person).Count());
Company company = dbContextConnectionClass.Company.Include(p => p.Person).First(p => p.CompanyName == "2");
Assert.IsNotNull(company.Person);
Person newPerson = new Person();
newPerson.Description = "New person";
newPerson.Company = company;
company.Person = newPerson;
dbContextConnectionClass.Persons.Add(newPerson);
Assert.AreEqual(EntityState.Modified, dbContextConnectionClass.Entry(company).State);
Assert.AreEqual(EntityState.Added, dbContextConnectionClass.Entry(newPerson).State);
SecurityTestHelper.FailSaveChanges(dbContextConnectionClass);
Assert.AreEqual(EntityState.Unchanged, dbContextConnectionClass.Entry(company).State);
Assert.IsFalse(dbContextConnectionClass.ChangeTracker.Entries().Any(p => p.Entity == newPerson));
//Assert.AreEqual(EntityState.Modified, dbContextConnectionClass.Entry(company1).State);
//Assert.IsTrue(dbContextConnectionClass.Entry(company1).Property("Description").IsModified);
//Assert.IsTrue(dbContextConnectionClass.Entry(company1).Property("DecimalItem").IsModified);
//Assert.IsFalse(dbContextConnectionClass.Entry(company1).Property("ItemCount").IsModified);
}
}
public void ReadBlockedMembersFromObjectWithBlockedCollectionProperty()
{
SecurityTestHelper.InitializeContextWithNavigationPropertiesAndCollections();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Read, OperationState.Deny, "Offices", SecurityTestHelper.CompanyNameEqualsTwo);
Assert.AreEqual(3, dbContextConnectionClass.Company.Include(p => p.Offices).Count());
Company company1 = dbContextConnectionClass.Company.Include(p => p.Offices).OrderBy(d => d.Id).First(p => p.CompanyName == "1");
Assert.IsNotNull(company1.Offices);
Assert.AreEqual(2, company1.Offices.Count());
IList <string> company1BlockedMembers = dbContextConnectionClass.Entry(company1).GetBlockedMembers();
Assert.IsNotNull(company1BlockedMembers);
Assert.AreEqual(0, company1BlockedMembers.Count());
Company company2 = dbContextConnectionClass.Company.Include(p => p.Offices).OrderBy(d => d.Id).First(p => p.CompanyName == "2");
Assert.IsNull(company2.Offices);
IList <string> company2BlockedMembers = dbContextConnectionClass.Entry(company2).GetBlockedMembers();
Assert.IsNotNull(company2BlockedMembers);
Assert.AreEqual(2, company2BlockedMembers.Count());
Assert.AreEqual("Offices", company2BlockedMembers.First());
}
}
public static void InitializeContextWithNavigationProperties()
{
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.ResetDatabase();
Company companyFirst = null;
for (int i = 1; i < 4; i++)
{
string indexString = i.ToString();
Company company = new Company();
company.CompanyName = indexString;
company.Description = indexString;
Person person = new Person();
person.PersonName = indexString;
person.Description = indexString;
company.Person = person;
person.Company = company;
Office office = new Office();
office.Name = indexString;
office.Description = indexString;
if (companyFirst == null)
{
companyFirst = company;
}
companyFirst.Offices.Add(office);
dbContextConnectionClass.Company.Add(company);
dbContextConnectionClass.Persons.Add(person);
}
dbContextConnectionClass.SaveChanges();
}
}
public void Read_OneObjectDeny_ObjectCount()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.ReadWrite, OperationState.Deny, SecurityTestHelper.OfficeNameEqualsOne);
Company company = dbContextConnectionClass.Company.Include(p => p.Offices).Single(d => d.CompanyName == "1");
Assert.AreEqual(2, company.Offices.Count);
}
}
public void Read_PolicyAllow_OneObjectDeny()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.Read, OperationState.Deny, SecurityTestHelper.CompanyNameEqualsOne);
Assert.AreEqual(2, dbContextConnectionClass.Company.Count());
}
}
public void Read_PolicyAllow_OneObjectDeny()
{
CreateThreeObjectDbContextConnectionClass();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.Security.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.Security.AddObjectPermission <DbContextConnectionClass, Company>(
SecurityOperation.Read, OperationState.Deny, (p, d) => d.CompanyName == "1");
Assert.AreEqual(2, dbContextConnectionClass.Company.Count());
}
}
public void Modify_FakeCollectionObject()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Read, OperationState.Deny, "Name", SecurityTestHelper.OfficeTrue);
Company company = dbContextConnectionClass.Company.Include(p => p.Offices).First(p => p.CompanyName == "1");
Office office = dbContextConnectionClass.Offices.First();
Assert.IsNull(office.Name);
Office officeFromCollection = company.Offices.First();
Assert.IsNull(officeFromCollection.Name);
}
}
public void ReadCompanyPerson_WhenPersonsIsDeny()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContext = new DbContextConnectionClass()) {
dbContext.PermissionsContainer.AddObjectPermission <DbContextConnectionClass, Office>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Name == "1");
Company company = dbContext.Company.Include(p => p.Offices).First(p => p.CompanyName == "1");
Assert.AreEqual(2, company.Offices.Count);
Assert.IsFalse(company.Offices.Any(c => c.Name == "1"));
Assert.AreEqual(null, company.Person);
}
}
public void Read_PolicyDeny_OneObjectAllow_IncludeNavigateObject()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.DenyAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.Read, OperationState.Allow, SecurityTestHelper.CompanyNameEqualsOne);
Assert.AreEqual(1, dbContextConnectionClass.Company.Include(p => p.Person).Count());
Assert.AreEqual(0, dbContextConnectionClass.Persons.Include(p => p.Company).Count());
Company company = dbContextConnectionClass.Company.Include(p => p.Person).First();
Assert.IsNull(company.Person);
}
}
public void Read_PolicyDeny_OneObjectAllow_IncludeNavigateObject()
{
CreateThreeObjectDbContextConnectionClass();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.Security.SetPermissionPolicy(PermissionPolicy.DenyAllByDefault);
dbContextConnectionClass.Security.AddObjectPermission <DbContextConnectionClass, Company>(
SecurityOperation.Read, OperationState.Allow, (p, d) => d.CompanyName == "1");
Assert.AreEqual(1, dbContextConnectionClass.Company.Include(p => p.Persons).Count());
Assert.AreEqual(0, dbContextConnectionClass.Persons.Include(p => p.Company).Count());
Company company = dbContextConnectionClass.Company.Include(p => p.Persons).First();
Assert.IsNull(company.Persons);
}
}
public void Read_Collection_ObjectCount()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
//Company company = dbContextConnectionClass.Company.Include(p => p.Person).First(p => p.CompanyName == "1");
//Assert.AreEqual(1, company.Offices.Count);
//company = dbContextConnectionClass.Company.Include(p => p.Offices).First(p => p.CompanyName == "1");
//Assert.AreEqual(3, company.Offices.Count);
Company company = dbContextConnectionClass.Company.Include(p => p.Person).First(p => p.CompanyName == "1");
Assert.AreEqual(1, company.Offices.Count, company.CompanyName);
company = dbContextConnectionClass.Company.Include(p => p.Offices).First(p => p.CompanyName == "1");
Assert.AreEqual(3, company.Offices.Count);
}
}
public void Read_PolicyAllow_OneObjectDeny_IncludeNavigateObject_SaveChanges()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.ReadWrite, OperationState.Deny, SecurityTestHelper.PersonNameEqualsOne);
Company company1 = dbContextConnectionClass.Company.Include(p => p.Person).Single(d => d.CompanyName == "1");
Assert.IsNull(company1.Person);
company1.Description = "5";
dbContextConnectionClass.SaveChanges();
}
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
var company1 = dbContextConnectionClass.Company.Include(p => p.Person).First(p => p.Description == "5");
Assert.IsNotNull(company1.Person);
}
}
private void CreateThreeObjectDbContextConnectionClass()
{
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
for (int i = 1; i < 4; i++)
{
Company company = new Company();
company.CompanyName = i.ToString();
company.Description = i.ToString();
Persons persons = new Persons();
persons.PersonName = i.ToString();
persons.Description = i.ToString();
company.Persons = persons;
persons.Company = company;
dbContextConnectionClass.Company.Add(company);
dbContextConnectionClass.Persons.Add(persons);
}
dbContextConnectionClass.SaveChanges();
}
}
public void PolicyAllow_NavigationMemberDeny()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Read, OperationState.Deny, "Person", SecurityTestHelper.CompanyNameEqualsOne);
Assert.AreEqual(3, dbContextConnectionClass.Company.Include(p => p.Person).Count());
Assert.AreEqual(3, dbContextConnectionClass.Persons.Include(p => p.Company).Count());
Company company1 = dbContextConnectionClass.Company.Include(p => p.Person).First(p => p.CompanyName == "1");
Assert.IsNull(company1.Person);
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.Read, OperationState.Deny, SecurityTestHelper.PersonNameEqualsOne);
Company company2 = dbContextConnectionClass.Company.Include(p => p.Person).First(p => p.CompanyName == "1");
Assert.IsNull(company2.Person);
}
}
public void Read_Collection_NestedCriteria()
{
using (DbContextConnectionClass dbContext = new DbContextConnectionClass()) {
Company company = new Company()
{
CompanyName = "Pixar"
};
Office office = new Office()
{
Name = "London",
Company = company
};
dbContext.Offices.Add(office);
dbContext.Company.Add(company);
dbContext.PermissionsContainer.AddObjectPermission <DbContextConnectionClass, Company>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Offices.Any(p => p.Name == "London"));
dbContext.SaveChanges();
Assert.IsNull(dbContext.Company.Where(p => p.CompanyName == "Pixar").FirstOrDefault());
}
}
public void Read_PolicyDeny_OneObjectAllow_IncludeNavigateObject_CheckCollection()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.DenyAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.Read, OperationState.Allow, SecurityTestHelper.CompanyNameEqualsOne);
Company company1 = dbContextConnectionClass.Company.Include(p => p.Person).Include(p => p.Offices).Single();
Assert.IsNull(company1.Person);
Assert.AreEqual(0, company1.Offices.Count);
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.Read, OperationState.Allow, SecurityTestHelper.OfficeNameEqualsOne);
company1 = dbContextConnectionClass.Company.Include(p => p.Person).Include(p => p.Offices).Single();
Assert.AreEqual(1, company1.Offices.Count);
// Assert.IsNotNull(company1.Person);
Office offices = dbContextConnectionClass.Offices.Include(p => p.Company).Single();
Assert.IsNotNull(offices.Company);
}
}
public void ClearDatabase()
{
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.ResetDatabase();
}
}
public void SetUp()
{
using (DbContextConnectionClass contex = new DbContextConnectionClass()) {
contex.Database.EnsureCreated();
}
}
public void ClearDatabase()
{
DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass().MakeRealDbContext();
dbContextConnectionClass.ResetDatabase();
}
public void TearDown()
{
using (DbContextConnectionClass contex = new DbContextConnectionClass()) {
contex.Database.EnsureDeleted();
}
}
