protected override void ExecuteTest()
{
var securityInstaller = new SecurityInstaller();
var container = new WindsorContainer();
// Add the array resolver for resolving arrays of services automatically
container.Kernel.Resolver.AddSubResolver(
new ArrayResolver(container.Kernel));
container.Install(
securityInstaller,
new PresenterInstaller(),
new InfrastructureServiceInstaller(),
new ServiceInstaller(),
new RepositoryInstaller(),
new UIAspNetInstaller());
try
{
var result1 = container.Resolve<IRoleAuthorization>("IRoleAuthorization.PrincipalRoleAuthorization");
//var result2 = container.Resolve<IRoleAuthorization>("IRoleAuthorization.SuperintendentRoleAuthorization");
//var result = container.Kernel.ResolveAll(typeof(IRoleAuthorization), (IDictionary)null);
}
catch (Exception ex)
{
throw;
}
Debug.WriteLine("Hello.");
Debug.WriteLine("Hello.");
}
public void InitialData_Core_Permissions_Parse()
{
var src = new List <string>
{
"+2|Normal|+1:_____________________________________________+++++++++++++++++++",
// break is irrelevant because this is the second entry.
"-2|Normal|+7:_____________________________________________+++++++++++++++++++",
"+6|Normal|-6:_______________________________________________________________+",
// break is relevant because this is the first entry.
"-1000|Normal|+6:_______________________________________________________________+",
};
InitialDataTest(() =>
{
var actions = SecurityInstaller.ParseInitialPermissions(
Providers.Instance.SecurityHandler.SecurityContext, src).ToArray();
Assert.AreEqual(3, actions.Length);
Assert.IsFalse(actions[0].Break);
Assert.IsFalse(actions[0].Unbreak);
Assert.AreEqual(2, actions[0].Entries.Count);
Assert.AreEqual(2, actions[0].Entries[0].EntityId);
Assert.AreEqual(1, actions[0].Entries[0].IdentityId);
Assert.AreEqual(0x07FFFFUL, actions[0].Entries[0].AllowBits);
Assert.AreEqual(0UL, actions[0].Entries[0].DenyBits);
Assert.IsFalse(actions[0].Entries[0].LocalOnly);
Assert.AreEqual(2, actions[0].Entries[1].EntityId);
Assert.AreEqual(7, actions[0].Entries[1].IdentityId);
Assert.AreEqual(0x07FFFFUL, actions[0].Entries[1].AllowBits);
Assert.AreEqual(0UL, actions[0].Entries[1].DenyBits);
Assert.IsFalse(actions[0].Entries[1].LocalOnly);
Assert.IsFalse(actions[1].Break);
Assert.IsFalse(actions[1].Unbreak);
Assert.AreEqual(1, actions[1].Entries.Count);
Assert.AreEqual(6, actions[1].Entries[0].EntityId);
Assert.AreEqual(6, actions[1].Entries[0].IdentityId);
Assert.AreEqual(1UL, actions[1].Entries[0].AllowBits);
Assert.AreEqual(0UL, actions[1].Entries[0].DenyBits);
Assert.IsTrue(actions[1].Entries[0].LocalOnly);
Assert.IsTrue(actions[2].Break);
Assert.IsFalse(actions[2].Unbreak);
Assert.AreEqual(1, actions[2].Entries.Count);
Assert.AreEqual(1000, actions[2].Entries[0].EntityId);
Assert.AreEqual(6, actions[2].Entries[0].IdentityId);
Assert.AreEqual(1UL, actions[2].Entries[0].AllowBits);
Assert.AreEqual(0UL, actions[2].Entries[0].DenyBits);
Assert.IsFalse(actions[2].Entries[0].LocalOnly);
});
}
public async Task OD_Security_GetAcl_InvisibleSource()
{
await ODataTestAsync(async() =>
{
// ARRANGE
var contentNode = Node.LoadNode("/Root/Content");
//var itNode = new SystemFolder(contentNode) { Name = "IT" };
//itNode.Save();
var user = new User(User.Administrator.Parent)
{
Name = "U1", Email = "*****@*****.**", Enabled = true
};
user.Save();
var permissionData = new List <string>
{
" + 2|Normal|+ 1:_____________________________________________+++++++++++++++++++",
" + 2|Normal|+ 7:_____________________________________________+++++++++++++++++++",
$"+ 2|Normal|+{user.Id}:_________________________________________________+______________",
$"+{contentNode.Id}|Normal|+{user.Id}:_____________________________________________+__________________",
};
var categoriesToNormalize = new[] { EntryType.Normal };
using (new SystemAccount())
{
var aclEditor = Providers.Instance.SecurityHandler.CreateAclEditor();
aclEditor
.UnbreakInheritance(2, categoriesToNormalize)
.UnbreakInheritance(contentNode.Id, categoriesToNormalize)
.Apply();
aclEditor
.RemoveExplicitEntries(2)
.RemoveExplicitEntries(contentNode.Id)
.Apply();
aclEditor
.Apply(SecurityInstaller.ParseInitialPermissions(aclEditor.Context, permissionData));
}
Assert.IsTrue(Providers.Instance.SecurityHandler.HasPermission(user, contentNode, PermissionType.SeePermissions));
// ACTION
ODataResponse response;
using (new CurrentUserBlock(user))
response = await ODataGetAsync(
$"/OData.svc/Root('Content')/GetAcl", null)
.ConfigureAwait(false);
// ASSERT
AssertNoError(response);
var result = ODataTestBase.GetObject(response);
Assert.AreEqual(contentNode.Id, result.SelectToken("id").Value <int>());
Assert.AreEqual(contentNode.Path, result.SelectToken("path").Value <string>());
Assert.IsTrue(result.SelectToken("inherits").Value <bool>());
Assert.IsFalse(result.SelectToken("isPublic").Value <bool>());
Assert.AreEqual(1, ((JArray)result["entries"]).Count);
var entry = result.SelectToken("entries[0]");
Assert.AreEqual(user.Id, entry.SelectToken("identity.id").Value <int>());
Assert.AreEqual("Somewhere", entry.SelectToken("ancestor").Value <string>());
Assert.IsFalse(entry.SelectToken("inherited").Value <bool>());
Assert.IsTrue(entry.SelectToken("propagates").Value <bool>());
Assert.AreEqual("allow", entry.SelectToken("permissions.See.value").Value <string>());
Assert.AreEqual(null, entry.SelectToken("permissions.See.from").Value <string>());
Assert.AreEqual(null, entry.SelectToken("permissions.Open").Value <string>());
Assert.AreEqual("allow", entry.SelectToken("permissions.SeePermissions.value").Value <string>());
Assert.AreEqual("Somewhere", entry.SelectToken("permissions.SeePermissions.from").Value <string>());
Assert.AreEqual("allow", entry.SelectToken("permissions.TakeOwnership.value").Value <string>());
Assert.AreEqual(null, entry.SelectToken("permissions.TakeOwnership.from").Value <string>());
}).ConfigureAwait(false);
}
public async Task OD_Security_GetAcl_InheritedCombined()
{
await ODataTestAsync(async() =>
{
// ARRANGE
var contentNode = Node.LoadNode("/Root/Content");
var itNode = new SystemFolder(contentNode)
{
Name = "IT"
};
itNode.Save();
var permissionData = new List <string>
{
" + 2|Normal|+1:_____________________________________________+++++++++++++++++++",
" + 2|Normal|+7:_____________________________________________+++++++++++++++++++",
" + 2|Normal|+6:___________________________________________________________+++++",
$"+{contentNode.Id}|Normal|+6:_____________________________________________+__________________",
};
var categoriesToNormalize = new[] { EntryType.Normal };
using (new SystemAccount())
{
var aclEditor = Providers.Instance.SecurityHandler.CreateAclEditor();
aclEditor
.UnbreakInheritance(2, categoriesToNormalize)
.UnbreakInheritance(contentNode.Id, categoriesToNormalize)
.Apply();
aclEditor
.RemoveExplicitEntries(2)
.RemoveExplicitEntries(contentNode.Id)
.Apply(SecurityInstaller.ParseInitialPermissions(aclEditor.Context, permissionData));
}
// ACTION
var response = await ODataGetAsync(
$"/OData.svc/Root/Content('IT')/GetAcl", null)
.ConfigureAwait(false);
// ASSERT
AssertNoError(response);
var result = ODataTestBase.GetObject(response);
Assert.AreEqual(itNode.Id, result.SelectToken("id").Value <int>());
Assert.AreEqual(itNode.Path, result.SelectToken("path").Value <string>());
Assert.IsTrue(result.SelectToken("inherits").Value <bool>());
Assert.IsTrue(result.SelectToken("isPublic").Value <bool>());
Assert.AreEqual(3, ((JArray)result["entries"]).Count);
var entry = result.SelectToken("entries[?(@identity.id == 6)]");
Assert.AreEqual(Identifiers.VisitorUserId, entry.SelectToken("identity.id").Value <int>());
Assert.AreEqual("/Root/Content", entry.SelectToken("ancestor").Value <string>());
Assert.IsTrue(entry.SelectToken("inherited").Value <bool>());
Assert.IsTrue(entry.SelectToken("propagates").Value <bool>());
Assert.AreEqual("allow", entry.SelectToken("permissions.See.value").Value <string>());
Assert.AreEqual("/Root/Content", entry.SelectToken("permissions.See.from").Value <string>());
Assert.AreEqual("allow", entry.SelectToken("permissions.Open.value").Value <string>());
Assert.AreEqual("/Root", entry.SelectToken("permissions.Open.from").Value <string>());
Assert.AreEqual("allow", entry.SelectToken("permissions.TakeOwnership.value").Value <string>());
Assert.AreEqual("/Root/Content", entry.SelectToken("permissions.TakeOwnership.from").Value <string>());
}).ConfigureAwait(false);
}
public async Task OD_Security_GetAcl_SeeOnlyIdentities()
{
await ODataTestAsync(async() =>
{
// ARRANGE
var contentNode = Node.LoadNode("/Root/Content");
//var itNode = new SystemFolder(contentNode) { Name = "IT" };
//itNode.Save();
var user = new User(User.Administrator.Parent)
{
Name = "U1", Email = "*****@*****.**", Enabled = true
};
user.Save();
var permissionData = new List <string>
{
" + 2|Normal|+ 1:_____________________________________________+++++++++++++++++++",
" + 2|Normal|+ 7:_____________________________________________+++++++++++++++++++",
$"+ 2|Normal|+{user.Id}:_________________________________________________+_____________+",
$"+{contentNode.Id}|Normal|+{user.Id}:_____________________________________________+__________________",
};
var categoriesToNormalize = new[] { EntryType.Normal };
using (new SystemAccount())
{
var aclEditor = Providers.Instance.SecurityHandler.CreateAclEditor();
aclEditor
.UnbreakInheritance(2, categoriesToNormalize)
.UnbreakInheritance(contentNode.Id, categoriesToNormalize)
.Apply();
aclEditor
.RemoveExplicitEntries(2)
.RemoveExplicitEntries(contentNode.Id)
.Apply(SecurityInstaller.ParseInitialPermissions(aclEditor.Context, permissionData));
}
Assert.IsTrue(Providers.Instance.SecurityHandler.HasPermission(user, contentNode, PermissionType.SeePermissions));
// ACTION
ODataResponse response;
using (new CurrentUserBlock(user))
response = await ODataGetAsync(
$"/OData.svc/Root('Content')/GetAcl", null)
.ConfigureAwait(false);
// ASSERT
AssertNoError(response);
var result = ODataTestBase.GetObject(response);
Assert.AreEqual(contentNode.Id, result.SelectToken("id").Value <int>());
Assert.AreEqual(contentNode.Path, result.SelectToken("path").Value <string>());
Assert.IsTrue(result.SelectToken("inherits").Value <bool>());
Assert.IsFalse(result.SelectToken("isPublic").Value <bool>());
Assert.AreEqual(3, ((JArray)result["entries"]).Count);
var admin = result.SelectToken("entries[?(@identity.id == 1)].identity");
Assert.AreEqual(Identifiers.AdministratorUserId, admin.SelectToken("id").Value <int>());
Assert.AreEqual("Admin", admin.SelectToken("name").Value <string>());
Assert.AreEqual("user", admin.SelectToken("kind").Value <string>());
Assert.AreEqual(null, admin.SelectToken("domain").Value <string>());
Assert.AreEqual(null, admin.SelectToken("avatar").Value <string>());
var admins = result.SelectToken("entries[?(@identity.id == 7)].identity");
Assert.AreEqual(Identifiers.AdministratorsGroupId, admins.SelectToken("id").Value <int>());
Assert.AreEqual("Administrators", admins.SelectToken("name").Value <string>());
Assert.AreEqual("group", admins.SelectToken("kind").Value <string>());
Assert.AreEqual(null, admins.SelectToken("domain").Value <string>());
Assert.AreEqual(null, admins.SelectToken("avatar").Value <string>());
var u1 = result.SelectToken($"entries[?(@identity.id == {user.Id})].identity");
Assert.AreEqual(user.Id, u1.SelectToken("id").Value <int>());
Assert.AreEqual("U1", u1.SelectToken("name").Value <string>());
Assert.AreEqual("user", u1.SelectToken("kind").Value <string>());
Assert.AreEqual("BuiltIn", u1.SelectToken("domain").Value <string>());
Assert.AreEqual("", u1.SelectToken("avatar").Value <string>());
}).ConfigureAwait(false);
}
