private static void ACLExercise2(int id) { var name = "Writer-" + id; var ctx = new SecurityContext(TestUser.User2); var count = 0; var permTypes = new[] { PermissionType.Custom01, PermissionType.Custom02 }; while (!_stopped) { Thread.Sleep(10); if (0 == (count % 1000)) { Console.WriteLine("Running time: {0}, errors: {1}. {2} {3}", DateTime.UtcNow - started, errors, name, count); } PermissionType perm1, perm2; var i = count % 2; perm1 = permTypes[i]; perm2 = permTypes[1 - i]; AclEditor.Create(ctx) .Allow(5, TestUser.User1.Id, false, perm1) .Allow(5, TestUser.User1.Id, false, perm2) .Apply(); count++; } }
private static void RunACL(ProgramArguments arguments) { var entities = SystemStartTests.CreateTestEntities(); var groups = SystemStartTests.CreateTestGroups(); var memberships = Tools.CreateInMemoryMembershipTable(groups); var aces = SystemStartTests.CreateTestAces(); var storage = new DatabaseStorage { Aces = aces, Memberships = memberships, Entities = entities, Messages = new List <Tuple <int, DateTime, byte[]> >() }; StartTheSystem(new MemoryDataProvider(storage)); var ctx = new SecurityContextForConcurrencyTests(TestUser.User2); var ok = ctx.HasPermission(1, PermissionType.See); AclEditor.Create(ctx) .Allow(1, TestUser.User3.Id, false, PermissionType.Custom10) .Allow(2, TestUser.User3.Id, false, PermissionType.Custom10) .Allow(5, TestUser.User3.Id, false, PermissionType.Custom10) .Allow(14, TestUser.User3.Id, false, PermissionType.Custom10) .Allow(50, TestUser.User3.Id, false, PermissionType.Custom10) .Allow(51, TestUser.User3.Id, false, PermissionType.Custom10) .Allow(52, TestUser.User3.Id, false, PermissionType.Custom10) .Apply(); ok = ctx.HasPermission(52, PermissionType.See); started = DateTime.UtcNow; Task.Run(() => ACLExercise1(0)); Enumerable.Range(1, arguments.Agents).Select(x => Task.Run(() => ACLExercise(x))).ToArray(); }
/// <summary> /// Shortcut method for test. Example usage: aclEd.Allow("E2", "U1", false, "___________+___"); /// Bitmask accepts two kind of characters: '_' means active, any other means inactive. /// </summary> /// <returns></returns> public static AclEditor Allow(this AclEditor aclEd, string entity, string identity, string bitMask, bool localOnly = false) { var perms = GetPermissionTypes(bitMask); aclEd.Allow(Tools.GetId(entity), Tools.GetId(identity), localOnly, perms); return(aclEd); }
private static void SetPermission(AclEditor editor, int contentId, int identityId, bool localOnly, PermissionType permissionType, object permissionValue, List <string> messages) { switch (permissionValue.ToString().ToLowerInvariant()) { case "0": case "u": case "undefined": // PermissionValue.Undefined; editor.ClearPermission(contentId, identityId, localOnly, permissionType); break; case "1": case "a": case "allow": // PermissionValue.Allowed; editor.Allow(contentId, identityId, localOnly, permissionType); break; case "2": case "d": case "deny": // PermissionValue.Denied; editor.Deny(contentId, identityId, localOnly, permissionType); break; default: messages.Add($"WARING: Unknown permissionValue: {permissionValue}"); break; } }
public void AclEditor_GettingWithoutVisibleModifiedBy() { var newUser = new User(User.Administrator.Parent) { Name = "UserFor_AclEditor_GettingWithoutVisibleModifiedBy", Email = "*****@*****.**", Enabled = true }; newUser.Save(); newUser = Node.Load <User>(newUser.Id); var content = Content.CreateNew("Car", TestRoot, Guid.NewGuid().ToString()); content.Save(); var contentId = content.Id; new AclEditor(TestRoot) .SetPermission(newUser.Id, true, PermissionType.Open, PermissionValue.Allow) .SetPermission(newUser.Id, true, PermissionType.SetPermissions, PermissionValue.Allow) .Apply(); new AclEditor(User.Administrator) .SetPermission(newUser.Id, true, PermissionType.See, PermissionValue.Deny) .Apply(); var origuser = User.Current; User.Current = newUser; content = Content.Load(contentId); Assert.AreEqual(User.Somebody.Id, content.ContentHandler.CreatedBy.Id); Assert.AreEqual(User.Somebody.Id, content.ContentHandler.ModifiedBy.Id); Assert.AreEqual(User.Somebody.Id, content.ContentHandler.VersionCreatedBy.Id); Assert.AreEqual(User.Somebody.Id, content.ContentHandler.VersionModifiedBy.Id); var ok = false; try { var ed = new AclEditor(Node.LoadNode(content.Id)); ok = true; } //catch (Exception e) //{ // int q = 1; //} finally { User.Current = origuser; } Assert.AreEqual(true, ok); }
private void DeleteAllExplicitSetting(AclEditor aclEditor, Content content) { var explicitEntries = content.ContentHandler.Security.GetExplicitEntries(); foreach (var explicitEntry in explicitEntries) { foreach (var permType in ActiveSchema.PermissionTypes) { var ident = (ISecurityMember)Node.LoadNode(explicitEntry.PrincipalId); aclEditor.SetPermission(ident, explicitEntry.Propagates, permType, PermissionValue.NonDefined); } } }
private static void SetPermissions(AclEditor aclEditor, int contentId, int identityId, bool localOnly, Dictionary <string, object> permissions, List <string> messages) { foreach (var item in permissions) { var permissionType = PermissionType.GetByName(item.Key); if (permissionType == null) { messages.Add($"WARING: Unknown permission: {item.Key}"); continue; } SetPermission(aclEditor, contentId, identityId, localOnly, permissionType, item.Value, messages); } }
public AclEditorAccessor(AclEditor editor) : base(editor) { }
public void UnbreakInheritance(TestEntity entity, bool normalize = false) { AclEditor.Create(this).UnbreakInheritance(entity.Id, normalize).Apply(); }
public void BreakInheritance(TestEntity entity, bool convertToExplicit = true) { AclEditor.Create(this).BreakInheritance(entity.Id, convertToExplicit).Apply(); }