Beispiel #1
0
        public void Test_Filter(string actionAlias, string[] expectedCheckedPermissionAliases)
        {
            SecurityActionMenuItemFilter       securityActionMenuItemFilter;
            List <ActionMenuItemInfo>          actions;
            Mock <IEntityAccessControlService> mockEntityAccessControlService;
            long id;

            id      = Entity.GetId(actionAlias);
            actions = new List <ActionMenuItemInfo>
            {
                new ActionMenuItemInfo
                {
                    Id       = id,
                    EntityId = id,
                    Children = null
                }
            };

            mockEntityAccessControlService = new Mock <IEntityAccessControlService>(MockBehavior.Strict);
            mockEntityAccessControlService.Setup(
                eacs => eacs.Check(
                    It.Is <IList <EntityRef> >(list => list.SequenceEqual(new [] { new EntityRef(id) }, EntityRefComparer.Instance)),
                    It.Is <IList <EntityRef> >(p => p.Select(er => er.Id).OrderBy(l => l).SequenceEqual(expectedCheckedPermissionAliases.Select(Entity.GetId).OrderBy(l => l)))))
            .Returns(new Dictionary <long, bool> {
                { id, true }
            });
            mockEntityAccessControlService.Setup(eacs => eacs.Check(It.IsAny <EntityRef>(), It.IsAny <IList <EntityRef> >())).Returns(true);

            securityActionMenuItemFilter = new SecurityActionMenuItemFilter(mockEntityAccessControlService.Object);
            securityActionMenuItemFilter.Filter(-1, new[] { id }, actions);

            mockEntityAccessControlService.VerifyAll();
            Assert.That(actions, Has.Count.EqualTo(1), "Action menu item removed incorrectly");
        }
Beispiel #2
0
        public void Test_Filter_CreateNew()
        {
            SecurityActionMenuItemFilter       securityActionMenuItemFilter;
            List <ActionMenuItemInfo>          actions;
            Mock <IEntityAccessControlService> mockEntityAccessControlService;
            IEntity entity;

            entity  = Entity.Get("console:actionMenuItem");
            actions = new List <ActionMenuItemInfo>
            {
                new ActionMenuItemInfo
                {
                    EntityId        = entity.Id,
                    Children        = null,
                    HtmlActionState = ActionService.CreateMenuItemActionState,
                    IsNew           = true
                }
            };

            mockEntityAccessControlService = new Mock <IEntityAccessControlService>(MockBehavior.Strict);
            mockEntityAccessControlService.Setup(eacs => eacs.CanCreate(It.Is <EntityType>(et => new EntityEqualityComparer().Equals(et, entity))))
            .Returns(true);

            securityActionMenuItemFilter = new SecurityActionMenuItemFilter(mockEntityAccessControlService.Object);
            securityActionMenuItemFilter.Filter(-1, new[] { entity.Id }, actions);

            mockEntityAccessControlService.VerifyAll();
            Assert.That(actions, Has.Count.EqualTo(1), "Action menu removed incorrectly");
        }
Beispiel #3
0
        public void Test_Filter_InvalidEntity()
        {
            SecurityActionMenuItemFilter       securityActionMenuItemFilter;
            List <ActionMenuItemInfo>          actions;
            Mock <IEntityAccessControlService> mockEntityAccessControlService;
            long id;

            id      = Entity.GetId("console:viewResourceAction");
            actions = new List <ActionMenuItemInfo>
            {
                new ActionMenuItemInfo
                {
                    Id       = id,
                    EntityId = 0,
                    Children = null
                }
            };

            mockEntityAccessControlService = new Mock <IEntityAccessControlService>(MockBehavior.Strict);
            mockEntityAccessControlService.Setup(
                eacs => eacs.Check(
                    It.Is <IList <EntityRef> >(list => list.SequenceEqual(new[] { new EntityRef(id) }, EntityRefComparer.Instance)),
                    It.IsAny <IList <EntityRef> >()))
            .Returns(new Dictionary <long, bool> {
                { id, true }
            });

            securityActionMenuItemFilter = new SecurityActionMenuItemFilter(mockEntityAccessControlService.Object);
            securityActionMenuItemFilter.Filter(-1, new[] { id }, actions);

            mockEntityAccessControlService.VerifyAll();
        }
Beispiel #4
0
        public void Test_Filter_Children()
        {
            SecurityActionMenuItemFilter       securityActionMenuItemFilter;
            List <ActionMenuItemInfo>          actions;
            Mock <IEntityAccessControlService> mockEntityAccessControlService;
            long parentId;
            long childId;

            parentId = Entity.GetId("console:viewResourceAction");
            childId  = Entity.GetId("console:editResourceAction");
            actions  = new List <ActionMenuItemInfo>
            {
                new ActionMenuItemInfo
                {
                    Id       = parentId,
                    EntityId = parentId,
                    Children = new List <ActionMenuItemInfo>
                    {
                        new ActionMenuItemInfo()
                        {
                            Id       = childId,
                            EntityId = childId,
                            Children = null
                        }
                    }
                }
            };

            mockEntityAccessControlService = new Mock <IEntityAccessControlService>(MockBehavior.Strict);
            mockEntityAccessControlService.Setup(
                eacs => eacs.Check(
                    It.Is <IList <EntityRef> >(list => list.SequenceEqual(new [] { new EntityRef(parentId) }, EntityRefComparer.Instance)),
                    It.IsAny <IList <EntityRef> >()))
            .Returns(new Dictionary <long, bool> {
                { parentId, true }
            });
            mockEntityAccessControlService.Setup(eacs => eacs.Check(It.IsAny <EntityRef>(), It.IsAny <IList <EntityRef> >())).Returns(true);

            securityActionMenuItemFilter = new SecurityActionMenuItemFilter(mockEntityAccessControlService.Object);
            securityActionMenuItemFilter.Filter(-1, new[] { parentId }, actions);

            mockEntityAccessControlService.VerifyAll();
            Assert.That(actions, Has.Count.EqualTo(1), "Action menu removed incorrectly");
            Assert.That(actions[0], Has.Property("Children").Count.EqualTo(1), "Child action menu removed incorrectly");
        }
Beispiel #5
0
        public void Test_Filter_ActionRequiresParentModifyAccess(string parentEntityPermissions, string childEntityPermissions)
        {
            SecurityActionMenuItemFilter securityActionMenuItemFilter;
            UserAccount userAccount;
            EntityType  parentEntityType;
            EntityType  childEntityType;
            IEntity     parentEntity;
            IEntity     childEntity;

            const string viewResourceActionAlias       = "console:viewResourceAction";
            const string editResourceActionAlias       = "console:editResourceAction";
            const string deleteResourceActionAlias     = "console:deleteResourceAction";
            const string addRelationshipActionAlias    = "console:addRelationshipAction";
            const string removeRelationshipActionAlias = "console:removeRelationshipAction";

            var splitParentEntityPermissions = parentEntityPermissions.Split(new[] { ',' },
                                                                             StringSplitOptions.RemoveEmptyEntries);

            var splitChildEntityPermissions = childEntityPermissions.Split(new[] { ',' },
                                                                           StringSplitOptions.RemoveEmptyEntries);


            userAccount      = new UserAccount();
            userAccount.Name = "Test user " + Guid.NewGuid();
            userAccount.Save();

            // parent
            parentEntityType = new EntityType();
            parentEntityType.Inherits.Add(UserResource.UserResource_Type);
            parentEntityType.Save();

            parentEntity = Entity.Create(new EntityRef(parentEntityType));
            parentEntity.SetField("core:name", "A"); // "A" so it will match the access rule
            parentEntity.Save();

            // related child entity
            childEntityType = new EntityType();
            childEntityType.Inherits.Add(UserResource.UserResource_Type);
            childEntityType.Save();

            childEntity = Entity.Create(new EntityRef(childEntityType));
            childEntity.SetField("core:name", "B"); // "B" so it will match the access rule
            childEntity.Save();

            // grant accesses
            // parent entity
            new AccessRuleFactory().AddAllowByQuery(
                userAccount.As <Subject>(),
                parentEntityType.As <SecurableEntity>(),
                splitParentEntityPermissions.Select(s => new EntityRef(s)),
                TestQueries.EntitiesWithNameA().ToReport());

            // child entity
            new AccessRuleFactory().AddAllowByQuery(
                userAccount.As <Subject>(),
                childEntityType.As <SecurableEntity>(),
                splitChildEntityPermissions.Select(s => new EntityRef(s)),
                TestQueries.EntitiesWithNameB().ToReport());

            // actions
            var dummyRequest = new ActionRequestExtended();
            Func <ActionRequestExtended, ActionMenuItem, ActionTargetInfo> dummyHandler = (a, i) => new ActionTargetInfo();
            var actions = new List <ActionMenuItemInfo>();

            foreach (string menuItemAlias in new[]
            {
                viewResourceActionAlias,
                editResourceActionAlias,
                addRelationshipActionAlias,
                removeRelationshipActionAlias,
                deleteResourceActionAlias,
            })
            {
                actions.Add(Entity.Get <ActionMenuItem>(menuItemAlias).ToInfo(dummyRequest, null, dummyHandler));
            }

            actions.Add(new ActionMenuItemInfo
            {
                EntityId        = childEntityType.Id,
                HtmlActionState = "createForm",
                IsNew           = true
            });

            // filter actions
            using (new SetUser(userAccount))
            {
                securityActionMenuItemFilter = new SecurityActionMenuItemFilter();
                securityActionMenuItemFilter.Filter(parentEntity.Id, new[] { childEntity.Id }, actions);
            }

            // checks
            if (splitParentEntityPermissions.Contains("core:read") && splitParentEntityPermissions.Contains("core:modify"))
            {
                Assert.That(actions, Has.Exactly(1).Property("Alias").EqualTo(addRelationshipActionAlias), "Missing add relationship resource action");
                Assert.That(actions, Has.Exactly(1).Property("Alias").EqualTo(removeRelationshipActionAlias), "Missing remove relationship resource action");

                // child create
                if (splitChildEntityPermissions.Contains("core:create"))
                {
                    Assert.That(actions, Has.Exactly(1).Property("HtmlActionState").EqualTo("createForm"), "Missing create resource action");
                }
                else
                {
                    Assert.That(actions, Has.None.Property("HtmlActionState").EqualTo("createForm"), "Create resource action should not be available");
                }

                // child read
                if (splitChildEntityPermissions.Contains("core:read"))
                {
                    Assert.That(actions, Has.Exactly(1).Property("Alias").EqualTo(viewResourceActionAlias), "Missing view resource action");
                }
                else
                {
                    Assert.That(actions, Has.None.Property("Alias").EqualTo(viewResourceActionAlias), "View resource action should not be available");
                }

                // child modify
                if (splitChildEntityPermissions.Contains("core:modify"))
                {
                    Assert.That(actions, Has.Exactly(1).Property("Alias").EqualTo(editResourceActionAlias), "Missing edit resource action");
                }
                else
                {
                    Assert.That(actions, Has.None.Property("Alias").EqualTo(editResourceActionAlias), "Edit resource action should not be available");
                }

                // child delete
                if (splitChildEntityPermissions.Contains("core:delete"))
                {
                    Assert.That(actions, Has.Exactly(1).Property("Alias").EqualTo(deleteResourceActionAlias), "Missing delete resource action");
                }
                else
                {
                    Assert.That(actions, Has.None.Property("Alias").EqualTo(deleteResourceActionAlias), "Delete resource action should not be available");
                }
            }
            else if (splitParentEntityPermissions.Contains("core:read") && !splitParentEntityPermissions.Contains("core:modify"))
            {
                Assert.That(actions, Has.None.Property("Alias").EqualTo(addRelationshipActionAlias), "Add relationship action should not be available");
                Assert.That(actions, Has.None.Property("Alias").EqualTo(removeRelationshipActionAlias), "Remove relationship action should not be available");

                // child create
                Assert.That(actions, Has.None.Property("HtmlActionState").EqualTo("createForm"), "Create resource action should not be available");

                // child read
                if (splitChildEntityPermissions.Contains("core:read"))
                {
                    Assert.That(actions, Has.Exactly(1).Property("Alias").EqualTo(viewResourceActionAlias), "Missing view resource action");
                }
                else
                {
                    Assert.That(actions, Has.None.Property("Alias").EqualTo(viewResourceActionAlias), "View resource action should not be available");
                }

                // child modify
                if (splitChildEntityPermissions.Contains("core:modify"))
                {
                    Assert.That(actions, Has.Exactly(1).Property("Alias").EqualTo(editResourceActionAlias), "Missing edit resource action");
                }
                else
                {
                    Assert.That(actions, Has.None.Property("Alias").EqualTo(editResourceActionAlias), "Edit resource action should not be available");
                }

                // child delete
                Assert.That(actions, Has.None.Property("Alias").EqualTo(deleteResourceActionAlias), "Delete resource action should not be available");
            }
        }