Beispiel #1
0
        public void RbacEquality_WithEquals_AllSegmentsSame_ReturnTrue_Test2()
        {
            var rbac1 = Rbac.Parse("*.users.read.*");
            var rbac2 = Rbac.Parse("*.users.read.*");

            Assert.True(rbac1.Equals(rbac2));
        }
Beispiel #2
0
        public void RbacSegmentEquality_WithEquals_ReturnFalse_Test2()
        {
            var rbac1 = Rbac.Parse("*.*.*.123");
            var rbac2 = Rbac.Parse("*.*.*.987");

            Assert.False(rbac1.Object.Equals(rbac2.Object));
        }
Beispiel #3
0
        public void RbacEquality_WithOperator_AllSegmentsSame_ReturnTrue_Test1()
        {
            var rbac1 = Rbac.Parse("*.*.*.*");
            var rbac2 = Rbac.Parse("*.*.*.*");

            Assert.True(rbac1 == rbac2);
        }
Beispiel #4
0
        public void RbacSegmentEquality_WithEquals_ReturnTrue_Test1()
        {
            var rbac1 = Rbac.Parse("*.*.*.123");
            var rbac2 = Rbac.Parse("*.*.*.987");

            Assert.True(rbac1.Action.Equals(rbac2.Action));
        }
Beispiel #5
0
        public void RbacSegmentEquality_WithOperator_ReturnTrue_Test2()
        {
            var rbac1 = Rbac.Parse("*.*.*.123");
            var rbac2 = Rbac.Parse("*.*.*.123");

            Assert.True(rbac1.Object == rbac2.Object);
        }
Beispiel #6
0
        public void RbacEquality_WithEquals_ObjectSegmentsDifferent_ReturnFalse_Test()
        {
            var rbac1 = Rbac.Parse("*.*.*.123");
            var rbac2 = Rbac.Parse("*.*.*.987");

            Assert.False(rbac1.Equals(rbac2));
        }
Beispiel #7
0
        public void RbacEquality_WithOperator_ActionSegmentsDifferent_ReturnFalse_Test()
        {
            var rbac1 = Rbac.Parse("*.*.123.*");
            var rbac2 = Rbac.Parse("*.*.987.*");

            Assert.False(rbac1 == rbac2);
        }
Beispiel #8
0
        protected override bool ValidateModel(Role model, out IEnumerable <string> errors)
        {
            var errorList = new List <string>();

            if (string.IsNullOrEmpty(model.Name))
            {
                errorList.Add("name is a required field");
            }

            if (string.IsNullOrEmpty(model.MembershipId))
            {
                errorList.Add("membership_id is a required field");
            }

            try
            {
                var permissionList = new List <Rbac>();
                if (model.Permissions != null)
                {
                    foreach (var permission in model.Permissions)
                    {
                        var rbac = Rbac.Parse(permission);
                        permissionList.Add(rbac);
                    }
                }

                var forbiddenList = new List <Rbac>();
                if (model.Forbidden != null)
                {
                    foreach (var forbidden in model.Forbidden)
                    {
                        var rbac = Rbac.Parse(forbidden);
                        forbiddenList.Add(rbac);
                    }
                }

                // Is there any conflict?
                foreach (var permissionRbac in permissionList)
                {
                    foreach (var forbiddenRbac in forbiddenList)
                    {
                        if (permissionRbac == forbiddenRbac)
                        {
                            errorList.Add($"Permitted and forbidden sets are conflicted. The same permission is there in the both set. ('{permissionRbac}')");
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                errorList.Add(ex.Message);
            }

            errors = errorList;
            return(!errors.Any());
        }
Beispiel #9
0
        public void RbacParseTest()
        {
            var rbac1 = Rbac.Parse("ertugrulozcan.users.write.*");

            Assert.AreEqual("ertugrulozcan", rbac1.Subject);
            Assert.AreEqual("users", rbac1.Resource);
            Assert.AreEqual("write", rbac1.Action);
            Assert.AreEqual(RbacSegment.All, rbac1.Object);

            var rbac2 = Rbac.Parse("*.users.write");

            Assert.AreEqual(RbacSegment.All, rbac2.Subject);
            Assert.AreEqual("users", rbac2.Resource);
            Assert.AreEqual("write", rbac2.Action);
            Assert.AreEqual(RbacSegment.All, rbac2.Object);

            var rbac3 = Rbac.Parse("*.users.write.5d46d74a92f36369307a312b");

            Assert.AreEqual(RbacSegment.All, rbac3.Subject);
            Assert.AreEqual("users", rbac3.Resource);
            Assert.AreEqual("write", rbac3.Action);
            Assert.AreEqual("5d46d74a92f36369307a312b", rbac3.Object);
        }
Beispiel #10
0
        public void RbacParseTest()
        {
            var rbac1 = Rbac.Parse("subject.resource.action.*");

            Assert.AreEqual("subject", rbac1.Subject);
            Assert.AreEqual("resource", rbac1.Resource);
            Assert.AreEqual("action", rbac1.Action);
            Assert.AreEqual(RbacSegment.All, rbac1.Object);

            var rbac2 = Rbac.Parse("*.resource.action.*");

            Assert.AreEqual(RbacSegment.All, rbac2.Subject);
            Assert.AreEqual("resource", rbac2.Resource);
            Assert.AreEqual("action", rbac2.Action);
            Assert.AreEqual(RbacSegment.All, rbac2.Object);

            var rbac3 = Rbac.Parse("*.resource.action.object");

            Assert.AreEqual(RbacSegment.All, rbac3.Subject);
            Assert.AreEqual("resource", rbac3.Resource);
            Assert.AreEqual("action", rbac3.Action);
            Assert.AreEqual("object", rbac3.Object);
        }
Beispiel #11
0
        public void Rbac_ToString_Test()
        {
            var rbac = Rbac.Parse("123.users.create.987");

            Assert.AreEqual("123.users.create.987", rbac.ToString());
        }
Beispiel #12
0
        public void RbacSegmentEquality_AllSegmentCheck_ReturnTrue_Test()
        {
            var rbac1 = Rbac.Parse("*.*.*.123");

            Assert.True(rbac1.Resource == RbacSegment.All);
        }
Beispiel #13
0
        public void RbacEquality_NullCheck_WithNotNull_ReturnFalse_Test()
        {
            var rbac = Rbac.Parse("*.*.*.123");

            Assert.False(rbac == null);
        }
Beispiel #14
0
 /// <summary>
 /// Returns whether the role of utilizer has the permission specified in the given rbac expression. Also if the rbac action is 'update' and the rcab object is equal to the utilizer id (ie the utilizer is the user doing the action) accepted to be permitted.
 /// </summary>
 /// <param name="rbac"></param>
 /// <param name="utilizer"></param>
 /// <returns></returns>
 public bool HasPermission(IUtilizer utilizer, string rbac)
 {
     return(this.CheckPermission(utilizer.Role, utilizer.MembershipId, Rbac.Parse(rbac), utilizer));
 }
Beispiel #15
0
 /// <summary>
 /// Returns whether the given role has the permission specified in the given rbac expression. Also if the rbac action is 'update' and the rcab object is equal to the utilizer id (ie the utilizer is the user doing the action) accepted to be permitted.
 /// </summary>
 /// <param name="role"></param>
 /// <param name="rbac"></param>
 /// <param name="utilizer"></param>
 /// <returns></returns>
 public bool HasPermission(Role role, string rbac, Utilizer utilizer)
 {
     return(CheckPermission(role, Rbac.Parse(rbac), utilizer));
 }
Beispiel #16
0
 /// <summary>
 /// Returns whether the given role has the permission specified in the given rbac expression.
 /// </summary>
 /// <param name="role"></param>
 /// <param name="rbac"></param>
 /// <returns></returns>
 public bool HasPermission(Role role, string rbac)
 {
     return(CheckPermission(role, Rbac.Parse(rbac)));
 }