public async Task HasMembership_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
var principal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var groupParent = new Group(principal)
{
Name = "groupParent"
};
authorizationsFixture.Context.Groups().Add(groupParent);
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = groupParent,
PrincipalId = authorizationsFixture.Context.CurrentUserId,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
Assert.True(await authorizationsFixture.AuthorizationsClient.HasMembershipAsync("groupParent"));
}
}
public async Task DeleteChildScope_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager.DeleteScopeAsync("scope1");
authorizationsFixture.Context.SaveChanges();
var parent = new Scope
{
Name = "scope1",
Description = "Scope 1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
parent.Children.Add(
new ScopeHierarchy
{
Parent = parent,
Child = new Scope
{
Name = "scopeChild1",
Description = "Scope Child 1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
}
});
parent.Children.Add(
new ScopeHierarchy
{
Parent = parent,
Child = new Scope
{
Name = "scopeChild2",
Description = "Scope Child 2",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
}
});
authorizationsFixture.Context.Scopes().Add(parent);
authorizationsFixture.Context.SaveChanges();
await authorizationsFixture.AuthorizationsManager.DeleteScopeAsync("scopeChild2");
await authorizationsFixture.Context.SaveChangesAsync();
Assert.NotNull(authorizationsFixture.Context.Scopes()
.FirstOrDefault(r => r.Name == "scope1"));
Assert.NotNull(authorizationsFixture.Context.Scopes()
.FirstOrDefault(r => r.Name == "scopeChild1"));
Assert.Null(authorizationsFixture.Context.Scopes()
.FirstOrDefault(r => r.Name == "scopeChild2"));
Assert.False(authorizationsFixture.Context.ScopeHierarchies().Where(x => x.Child.Name == "scopeChild2" || x.Parent.Name == "scopeChild2").Any());
}
}
public async Task UnaffectRolesFromGroup_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager.CreateRoleAsync("role1", new string[] { "right1", "right2" });
await authorizationsFixture.AuthorizationsManager.CreateRoleAsync("role2", new string[] { "right2" });
await authorizationsFixture.AuthorizationsManager.CreateScopeAsync("scope1", "Scope 1");
await authorizationsFixture.AuthorizationsManager.CreateGroupAsync("group2", "group1");
await authorizationsFixture.AuthorizationsManager.AffectRoleToGroupOnScopeAsync("role1", "group1", "scope1");
await authorizationsFixture.AuthorizationsManager.AffectRoleToGroupOnScopeAsync("role2", "group1", "scope1");
await authorizationsFixture.Context.SaveChangesAsync();
await authorizationsFixture.AuthorizationsManager.UnaffectRolesFromGroupAsync("group1");
await authorizationsFixture.Context.SaveChangesAsync();
Assert.Null(authorizationsFixture.Context
.Authorizations()
.Join(authorizationsFixture.Context.Groups(), a => a.PrincipalId, g => g.Id, (a, g) => g)
.FirstOrDefault(a => a.Name == "group1"));
}
}
public async Task GetRightsOnScopeAfterReset_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager.CreateRoleAsync("role1", new string[] { "right1", "right2" });
await authorizationsFixture.AuthorizationsManager.CreateScopeAsync("scope2", "Scope 2", "scope1");
await authorizationsFixture.AuthorizationsManager.CreateGroupAsync("group2", "group1");
await authorizationsFixture.AuthorizationsManager.AddPrincipalToGroupAsync(authorizationsFixture.Context.CurrentUserId, "group2");
await authorizationsFixture.Context.SaveChangesAsync();
var group = await authorizationsFixture.Context.Groups().FirstAsync(g => g.Name == "group1");
await authorizationsFixture.AuthorizationsManager.AffectRoleToPrincipalOnScopeAsync("role1", group.Id, "scope1");
await authorizationsFixture.Context.SaveChangesAsync();
var r = await authorizationsFixture.AuthorizationsClient.GetRightsAsync("scope1", withChildren : true);
Assert.True(r.HasRightOnScope("right1", "scope2"));
await authorizationsFixture.AuthorizationsManager.UnaffectRoleFromPrincipalOnScopeAsync("role1", group.Id, "scope1");
await authorizationsFixture.Context.SaveChangesAsync();
authorizationsFixture.AuthorizationsClient.Reset();
r = await authorizationsFixture.AuthorizationsClient.GetRightsAsync("scope1", withChildren : true);
Assert.False(r.HasRightOnScope("right1", "scope2"));
}
}
public async Task HasMembershipForUsers_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
var principal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var groupParent = new Group(principal)
{
Name = "groupParent"
};
authorizationsFixture.Context.Groups().Add(groupParent);
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = groupParent,
PrincipalId = authorizationsFixture.Context.CurrentUserId,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
var usersInGroup = await authorizationsFixture.AuthorizationsManager.HasMembershipAsync(new List <Guid> {
authorizationsFixture.Context.CurrentUserId
}, "groupParent");
Assert.True(usersInGroup.Contains(authorizationsFixture.Context.CurrentUserId));
}
}
public async Task CreateScope_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager
.CreateScopeAsync(
"scope1",
"Description scope 1",
new string[] { "scopeParent1", "scopeParent2" });
await authorizationsFixture.Context.SaveChangesAsync();
await authorizationsFixture.AuthorizationsManager
.CreateScopeAsync(
"scope1",
"Description scope 1",
new string[] { "scopeParent1", "scopeParent2" });
await authorizationsFixture.Context.SaveChangesAsync();
var scope = authorizationsFixture.Context.Scopes()
.Include(r => r.Parents)
.Include(r => r.Children)
.FirstOrDefault(r => r.Name == "scope1");
Assert.NotNull(scope);
var parentKeys = scope.Parents.Select(r => r.Parent.Name);
Assert.True(parentKeys.Contains("scopeParent1"));
Assert.True(parentKeys.Contains("scopeParent2"));
}
}
public async Task UnaffectRoleFromPrincipalOnScope_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
// Test removing non existing authorization
await authorizationsFixture.AuthorizationsManager
.UnaffectRoleFromPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.AuthorizationsManager.CreateRoleAsync("role1", new string[] { "right1", "right2" });
await authorizationsFixture.AuthorizationsManager.CreateScopeAsync("scope1", "Scope 1");
await authorizationsFixture.Context.SaveChangesAsync();
// Test removing local existing authorization
await authorizationsFixture.AuthorizationsManager
.AffectRoleToPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.AuthorizationsManager
.UnaffectRoleFromPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.Context.SaveChangesAsync();
Assert.Null(authorizationsFixture.Context
.Authorizations()
.FirstOrDefault(a => a.PrincipalId == authorizationsFixture.Context.CurrentUserId));
// Test persisted authorization
await authorizationsFixture.AuthorizationsManager
.AffectRoleToPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.Context.SaveChangesAsync();
await authorizationsFixture.AuthorizationsManager
.UnaffectRoleFromPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.Context.SaveChangesAsync();
Assert.Null(authorizationsFixture.Context
.Authorizations()
.FirstOrDefault(a => a.PrincipalId == authorizationsFixture.Context.CurrentUserId));
}
}
public async Task DetectMemberships_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
var group1Principal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var group1 = new Group(group1Principal)
{
Name = "group1"
};
authorizationsFixture.Context.Groups().Add(group1);
var group2Principal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var group2 = new Group(group2Principal)
{
Name = "group2"
};
authorizationsFixture.Context.Groups().Add(group2);
var group3Principal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var group3 = new Group(group3Principal)
{
Name = "group3"
};
authorizationsFixture.Context.Groups().Add(group3);
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = group2,
PrincipalId = authorizationsFixture.Context.CurrentUserId,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
var userMemberships = await authorizationsFixture.AuthorizationsClient.DetectMembershipsAsync(
new List <string> {
"group1", "group2"
});
Assert.True(userMemberships.Contains("group2"));
}
}
public async Task AffectRoleOnScope_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager.CreateRoleAsync("role1", new string[] { "right1", "right2" });
await authorizationsFixture.AuthorizationsManager.CreateScopeAsync("scope1", "Scope 1");
await authorizationsFixture.AuthorizationsManager.CreateScopeAsync("scope2", "Scope 2");
await authorizationsFixture.AuthorizationsManager
.AffectRoleToPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.Context.SaveChangesAsync();
await authorizationsFixture.AuthorizationsManager
.AffectRoleToPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.AuthorizationsManager
.UnaffectRoleFromPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.AuthorizationsManager
.AffectRoleToPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope1");
await authorizationsFixture.AuthorizationsManager
.AffectRoleToPrincipalOnScopeAsync(
"role1",
authorizationsFixture.Context.CurrentUserId,
"scope2");
authorizationsFixture.Context.SaveChanges();
var authorizations = authorizationsFixture.Context.Authorizations()
.Include(a => a.Scope)
.Include(a => a.Role)
.Where(a => a.PrincipalId == authorizationsFixture.Context.CurrentUserId)
.ToList();
Assert.True(authorizations.Any(a => a.Role.Name == "role1"));
Assert.True(authorizations.Any(s => s.Scope.Name == "scope1"));
Assert.True(authorizations.Any(s => s.Scope.Name == "scope2"));
}
}
public async Task GetRights_OfParentGroup_OnSpecificScope_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await this.InitAuthorizationsAsync(authorizationsFixture.Context, AuthorizationsTarget.ParentGroup);
var r = await authorizationsFixture.AuthorizationsClient.GetRightsAsync("Q");
Assert.True(r.HasRightOnScope("right5", "Q"));
}
}
public async Task CreateRight_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager.CreateRightAsync("right1");
await authorizationsFixture.Context.SaveChangesAsync();
Assert.NotNull(authorizationsFixture.Context.Rights().FirstOrDefault(r => r.Name == "right1"));
}
}
public async Task GetRights_OnParentScope_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await InitAuthorizationsAsync(authorizationsFixture.Context);
var r = await authorizationsFixture.AuthorizationsClient.GetRightsAsync("M");
Assert.True(r.HasRightOnScope("right6", "M"));
Assert.False(r.HasExplicitRightOnScope("right6", "M"));
}
}
public async Task DeleteGroupWithChildren_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
var parentPrincipal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var parent = new Group(parentPrincipal)
{
Name = "group1"
};
authorizationsFixture.Context.Groups().Add(parent);
var childPrincipal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var child = new Group(childPrincipal)
{
Name = "group2"
};
authorizationsFixture.Context.Groups().Add(child);
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = parent,
PrincipalId = child.Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
var group1FromDb = await authorizationsFixture.Context.Groups().FirstAsync(g => g.Name == "group1");
var group2FromDb = await authorizationsFixture.Context.Groups().FirstAsync(g => g.Name == "group2");
await authorizationsFixture.AuthorizationsManager.DeleteGroupAsync("group1");
await authorizationsFixture.Context.SaveChangesAsync();
Assert.Null(authorizationsFixture.Context.Groups().FirstOrDefault(r => r.Name == "group1"));
Assert.Null(await authorizationsFixture.Context.Principals().FirstOrDefaultAsync(p => p.Id == group1FromDb.Id));
Assert.Null(authorizationsFixture.Context.Groups().FirstOrDefault(r => r.Name == "group2"));
Assert.Null(await authorizationsFixture.Context.Principals().FirstOrDefaultAsync(p => p.Id == group1FromDb.Id));
}
}
public async Task GetRights_OnMultipleScopes_MultiLevel_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await InitAuthorizationsAsync(authorizationsFixture.Context);
var r = await authorizationsFixture.AuthorizationsClient.GetRightsAsync("P");
Assert.True(r.HasRightOnScope("right1", "P"));
Assert.True(r.HasRightOnScope("right2", "P"));
Assert.True(r.HasRightOnScope("right3", "P"));
Assert.False(r.HasRightOnScope("right4", "P"));
}
}
public async Task GetRights_WithChildren_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await this.InitAuthorizationsAsync(authorizationsFixture.Context, AuthorizationsTarget.ChildGroup);
var r = await authorizationsFixture.AuthorizationsClient.GetRightsAsync("G");
Assert.False(r.HasAnyRightUnderScope("G"));
r = await authorizationsFixture.AuthorizationsClient.GetRightsAsync("G", withChildren : true);
Assert.True(r.HasRightOnScope("right5", "R"));
}
}
public async Task AddGroupToGroup_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager.AddGroupToGroupAsync("childGroup", "parentGroup");
await authorizationsFixture.Context.SaveChangesAsync();
var childGroup = await authorizationsFixture.Context.Groups().FirstOrDefaultAsync(g => g.Name == "childGroup");
var parentGroup = await authorizationsFixture.Context.Groups().FirstOrDefaultAsync(g => g.Name == "parentGroup");
Assert.NotNull(childGroup);
Assert.NotNull(parentGroup);
Assert.NotNull(await authorizationsFixture.Context.Memberships().FirstOrDefaultAsync(m => m.PrincipalId == childGroup.Id && m.GroupId == parentGroup.Id));
}
}
public async Task CreateGroup_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager.CreateGroupAsync("group2", parentGroupName : "group1");
await authorizationsFixture.Context.SaveChangesAsync();
var group = authorizationsFixture.Context
.Groups()
.FirstOrDefault(r => r.Name == "group2");
Assert.NotNull(group);
var membership = authorizationsFixture.Context.Memberships().FirstOrDefault(m => m.Group.Name == "group1");
group = authorizationsFixture.Context.Groups().FirstOrDefault(g => g.Id == membership.PrincipalId);
Assert.Equal("group2", group.Name);
}
}
public async Task DeleteRole_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
authorizationsFixture.Context.Roles().Add(
new Role
{
Name = "role1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
await authorizationsFixture.AuthorizationsManager.DeleteRoleAsync("role1");
await authorizationsFixture.Context.SaveChangesAsync();
Assert.Null(authorizationsFixture.Context.Roles().FirstOrDefault(r => r.Name == "role1"));
}
}
public async Task CreateRole_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager
.CreateRoleAsync(
"role1",
new string[] { "right1", "right2" });
await authorizationsFixture.Context.SaveChangesAsync();
var role = authorizationsFixture.Context.Roles()
.Include(r => r.Rights)
.ThenInclude(rr => rr.Right)
.FirstOrDefault(r => r.Name == "role1");
Assert.NotNull(role);
var rightKeys = role.Rights.Select(r => r.Right.Name);
Assert.True(rightKeys.Contains("right1"));
Assert.True(rightKeys.Contains("right2"));
}
}
public async Task AddPrincipalToGroup_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
var parentPrincipal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var parentGroup = new Group(parentPrincipal)
{
Name = "group1"
};
authorizationsFixture.Context.Groups().Add(parentGroup);
var childPrincipal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var childGroup = new Group(childPrincipal)
{
Name = "group2"
};
authorizationsFixture.Context.Groups().Add(childGroup);
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = parentGroup,
PrincipalId = childGroup.Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
var scope = new Scope
{
Name = "Scope1",
Description = "Scope1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
authorizationsFixture.Context.Scopes().Add(scope);
var right = new Right
{
Name = "Right1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
authorizationsFixture.Context.Rights().Add(right);
var role = new Role
{
Name = "Role1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
authorizationsFixture.Context.Roles().Add(role);
authorizationsFixture.Context.Set <RoleRight>().Add(new RoleRight {
Role = role, Right = right
});
authorizationsFixture.Context.Authorizations().Add(new Authorization
{
Scope = scope,
Role = role,
PrincipalId = childGroup.Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
var group = authorizationsFixture.Context
.Groups()
.FirstOrDefault(r => r.Name == "group2");
await authorizationsFixture.AuthorizationsManager
.AddPrincipalToGroupAsync(authorizationsFixture.Context.CurrentUserId, "group2");
await authorizationsFixture.Context.SaveChangesAsync();
var membership = authorizationsFixture.Context.Memberships().FirstOrDefault(m => m.PrincipalId == authorizationsFixture.Context.CurrentUserId);
Assert.NotNull(membership);
await authorizationsFixture.AuthorizationsManager
.RemovePrincipalFromGroupAsync(authorizationsFixture.Context.CurrentUserId, "group2");
await authorizationsFixture.AuthorizationsManager
.AddPrincipalToGroupAsync(authorizationsFixture.Context.CurrentUserId, "group2");
await authorizationsFixture.Context.SaveChangesAsync();
membership = authorizationsFixture.Context.Memberships().FirstOrDefault(m => m.PrincipalId == authorizationsFixture.Context.CurrentUserId);
Assert.NotNull(membership);
}
}
public async Task GetGroupParentLink_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
List <Group> expectedGroups = new List <Group>();
for (int i = 0; i < 10; i++)
{
var principal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var group = new Group(principal)
{
Name = "group" + i
};
expectedGroups.Add(group);
authorizationsFixture.Context.Groups().Add(group);
}
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[0],
PrincipalId = expectedGroups[1].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[0],
PrincipalId = expectedGroups[2].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[2],
PrincipalId = expectedGroups[3].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[3],
PrincipalId = expectedGroups[4].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[4],
PrincipalId = expectedGroups[5].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[4],
PrincipalId = expectedGroups[6].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[6],
PrincipalId = expectedGroups[7].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[6],
PrincipalId = expectedGroups[8].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = expectedGroups[8],
PrincipalId = expectedGroups[9].Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
var targettedGroup = await authorizationsFixture.Context.Groups().FirstOrDefaultAsync(g => g.Name == expectedGroups[9].Name);
var parentLink = await authorizationsFixture.AuthorizationsClient.GetGroupParentLinkAsync(targettedGroup.Id);
string[] expectedParentLinkItems = { "group8", "group6", "group4", "group3", "group2", "group0" };
Assert.Equal(expectedParentLinkItems.Length, parentLink.Count);
foreach (var parentLinkItem in parentLink)
{
var group = await authorizationsFixture.Context.Groups().FirstOrDefaultAsync(g => g.Id == parentLinkItem);
Assert.True(expectedParentLinkItems.Contains(group.Name));
}
}
}
public async Task GetGroupMembers_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
var parentPrincipal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var groupParent = new Group(parentPrincipal)
{
Name = "groupParent"
};
authorizationsFixture.Context.Groups().Add(groupParent);
var groupChild1Principal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var groupChild1 = new Group(groupChild1Principal)
{
Name = "groupChild1"
};
authorizationsFixture.Context.Groups().Add(groupChild1);
var groupChild2Principal = new Principal
{
Id = Guid.NewGuid(),
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
var groupChild2 = new Group(groupChild2Principal)
{
Name = "groupChild2"
};
authorizationsFixture.Context.Groups().Add(groupChild2);
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = groupParent,
PrincipalId = groupChild1.Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
authorizationsFixture.Context.Memberships().Add(new Membership
{
Group = groupParent,
PrincipalId = groupChild2.Id,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
var child1 = await authorizationsFixture.Context.Groups().FirstAsync(g => g.Name == "groupChild1");
var child2 = await authorizationsFixture.Context.Groups().FirstAsync(g => g.Name == "groupChild2");
var childrenIds = await authorizationsFixture.AuthorizationsManager.GetGroupMembersAsync("groupParent");
Assert.True(childrenIds.Contains(child1.Id) && childrenIds.Contains(child2.Id));
}
}
//[Fact]
public async Task ScopeModelValidation_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
var scope1Entity = authorizationsFixture.Context.Scopes().Add(new EntityFrameworkCore.Data.Scope
{
Id = Guid.NewGuid(),
Name = "scope1",
Description = "scope 1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId,
});
var scope2Entity = authorizationsFixture.Context.Scopes().Add(new EntityFrameworkCore.Data.Scope
{
Id = Guid.NewGuid(),
Name = "scope2",
Description = "scope 2",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId,
});
var scope3Entity = authorizationsFixture.Context.Scopes().Add(new EntityFrameworkCore.Data.Scope
{
Id = Guid.NewGuid(),
Name = "scope3",
Description = "scope 3",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId,
});
var scope4Entity = authorizationsFixture.Context.Scopes().Add(new EntityFrameworkCore.Data.Scope
{
Id = Guid.NewGuid(),
Name = "scope4",
Description = "scope 4",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId,
});
var scope5Entity = authorizationsFixture.Context.Scopes().Add(new EntityFrameworkCore.Data.Scope
{
Id = Guid.NewGuid(),
Name = "scope5",
Description = "scope 5",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId,
});
var scope6Entity = authorizationsFixture.Context.Scopes().Add(new EntityFrameworkCore.Data.Scope
{
Id = Guid.NewGuid(),
Name = "scope6",
Description = "scope 6",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId,
});
var scope7Entity = authorizationsFixture.Context.Scopes().Add(new EntityFrameworkCore.Data.Scope
{
Id = Guid.NewGuid(),
Name = "scope7",
Description = "scope 7",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId,
});
authorizationsFixture.Context.ScopeHierarchies().Add(new ScopeHierarchy
{
Child = scope6Entity.Entity,
Parent = scope3Entity.Entity,
});
authorizationsFixture.Context.ScopeHierarchies().Add(new ScopeHierarchy
{
Child = scope6Entity.Entity,
Parent = scope5Entity.Entity,
});
authorizationsFixture.Context.ScopeHierarchies().Add(new ScopeHierarchy
{
Child = scope3Entity.Entity,
Parent = scope2Entity.Entity,
});
authorizationsFixture.Context.ScopeHierarchies().Add(new ScopeHierarchy
{
Child = scope2Entity.Entity,
Parent = scope1Entity.Entity,
});
authorizationsFixture.Context.ScopeHierarchies().Add(new ScopeHierarchy
{
Child = scope5Entity.Entity,
Parent = scope4Entity.Entity,
});
authorizationsFixture.Context.ScopeHierarchies().Add(new ScopeHierarchy
{
Child = scope4Entity.Entity,
Parent = scope1Entity.Entity,
});
authorizationsFixture.Context.ScopeHierarchies().Add(new ScopeHierarchy
{
Child = scope7Entity.Entity,
Parent = scope6Entity.Entity,
});
authorizationsFixture.Context.ScopeHierarchies().Add(new ScopeHierarchy
{
Child = scope2Entity.Entity,
Parent = scope7Entity.Entity,
});
await authorizationsFixture.Context.SaveChangesAsync();
var authorizationsCacheProvider = new AuthorizationsCacheProvider <AuthorizationsTestContext>(authorizationsFixture.Context);
await Assert.ThrowsAsync <BadScopeModelConfigurationException>(async() => await authorizationsCacheProvider.GetScopesAsync(s => s.Id));
}
}
public async Task DeleteScope_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
await authorizationsFixture.AuthorizationsManager.DeleteScopeAsync("scope1");
await authorizationsFixture.Context.SaveChangesAsync();
var parentScope = new Scope
{
Id = Guid.NewGuid(),
Name = "scope1",
Description = "Scope 1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
parentScope.Children.Add(
new ScopeHierarchy
{
Parent = parentScope,
Child = new Scope
{
Name = "scopeChild1",
Description = "Scope Child 1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
}
});
parentScope.Children.Add(
new ScopeHierarchy
{
Parent = parentScope,
Child = new Scope
{
Name = "scopeChild2",
Description = "Scope Child 2",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
}
});
authorizationsFixture.Context.Scopes().Add(parentScope);
var role = new Role
{
Id = Guid.NewGuid(),
Name = "role1",
Rights = new List <RoleRight>
{
new RoleRight
{
Right = new Right
{
Name = "right1",
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
}
}
},
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
};
authorizationsFixture.Context.Roles().Add(role);
authorizationsFixture.Context.Authorizations().Add(new Authorization
{
Scope = parentScope,
Role = role,
PrincipalId = authorizationsFixture.Context.CurrentUserId,
CreationBy = authorizationsFixture.Context.CurrentUserId,
ModificationBy = authorizationsFixture.Context.CurrentUserId
});
await authorizationsFixture.Context.SaveChangesAsync();
await authorizationsFixture.AuthorizationsManager.DeleteScopeAsync("scope1");
await authorizationsFixture.Context.SaveChangesAsync();
Assert.Null(authorizationsFixture.Context.Scopes()
.FirstOrDefault(r => r.Name == "scope1"));
Assert.Null(authorizationsFixture.Context.Scopes()
.FirstOrDefault(r => r.Name == "scopeChild1"));
Assert.Null(authorizationsFixture.Context.Scopes()
.FirstOrDefault(r => r.Name == "scopeChild2"));
Assert.False(authorizationsFixture.Context.ScopeHierarchies().Any());
Assert.Null(
authorizationsFixture.Context.Authorizations()
.FirstOrDefault(
a => a.ScopeId == parentScope.Id &&
a.RoleId == role.Id &&
a.PrincipalId == authorizationsFixture.Context.CurrentUserId));
}
}
public void HasXRightsOnScope_ShouldBeOk()
{
using (var authorizationsFixture = new AuthorizationsFixture())
{
PrincipalRights rightsResult = new PrincipalRights(
authorizationsFixture.Context.CurrentUserId,
"Scope1",
new List <ScopeRights>
{
new ScopeRights(
authorizationsFixture.Context.CurrentUserId,
"Scope1",
new List <Right>
{
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1", "right1", true, authorizationsFixture.Context.CurrentUserId),
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1", "right2", true, authorizationsFixture.Context.CurrentUserId),
},
new List <Right>
{
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1", "right1", false, authorizationsFixture.Context.CurrentUserId),
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1", "right2", false, authorizationsFixture.Context.CurrentUserId),
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1", "right3", false, authorizationsFixture.Context.CurrentUserId),
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1", "right4", false, authorizationsFixture.Context.CurrentUserId),
}),
new ScopeRights(
authorizationsFixture.Context.CurrentUserId,
"Scope2",
new List <Right>(),
new List <Right>
{
new Right(authorizationsFixture.Context.CurrentUserId, "Scope2", "right4", false, authorizationsFixture.Context.CurrentUserId),
}),
new ScopeRights(
authorizationsFixture.Context.CurrentUserId,
"Scope1_Child1",
new List <Right>
{
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1_Child1", "right1", false, authorizationsFixture.Context.CurrentUserId),
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1_Child1", "right2", false, authorizationsFixture.Context.CurrentUserId),
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1_Child1", "right3", true, authorizationsFixture.Context.CurrentUserId),
},
new List <Right>()),
new ScopeRights(
authorizationsFixture.Context.CurrentUserId,
"Scope2_Child1",
new List <Right>
{
new Right(authorizationsFixture.Context.CurrentUserId, "Scope2_Child1", "right4", true, authorizationsFixture.Context.CurrentUserId),
},
new List <Right>()),
new ScopeRights(
authorizationsFixture.Context.CurrentUserId,
"Scope1_Child2",
new List <Right>
{
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1_Child2", "right1", false, authorizationsFixture.Context.CurrentUserId),
new Right(authorizationsFixture.Context.CurrentUserId, "Scope1_Child2", "right2", false, authorizationsFixture.Context.CurrentUserId),
},
new List <Right>()),
});
Assert.True(rightsResult.HasRightOnScope("right3", "Scope1_Child1"));
Assert.True(rightsResult.HasRightOnScope("right1", "Scope1_Child1"));
Assert.False(rightsResult.HasRightOnScope("right3", "Scope1"));
Assert.True(rightsResult.HasAnyRightUnderScope("Scope1"));
Assert.True(rightsResult.HasAnyRightUnderScope("Scope1_Child1"));
Assert.True(rightsResult.HasAnyRightUnderScope("Scope2"));
Assert.True(rightsResult.HasRightUnderScope("right3", "Scope1"));
Assert.False(rightsResult.HasAnyExplicitRightOnScope("Scope1_Child2"));
Assert.True(rightsResult.HasInheritedRightOnScope("right1", "Scope1_Child2"));
}
}
