Ejemplo n.º 1
0
        public void AuditRulesTests_RestrictedColumn(string assemblyName, string dataSourceName)
        {
            var dataSource = DataSource(dataSourceName);

            try
            {
                var key = dataSource.Insert(EmployeeTableName, new Employee()
                {
                    FirstName = "A", MiddleName = "B", LastName = "C"
                }).ToInt32().Execute();
                var goodUser = new UserToken(true);
                var badUser  = new UserToken(false);
                ExceptWhenPredicate isAdminCheck = user => ((UserToken)user).IsAdmin;
                var dsReadCheck  = dataSource.WithRules(new RestrictColumn("MiddleName", OperationTypes.Select, isAdminCheck));
                var dsWriteCheck = dataSource.WithRules(new RestrictColumn("MiddleName", OperationTypes.Update, isAdminCheck));

                //SELECT
                {
                    var shouldBeSet = dsReadCheck.WithUser(goodUser).GetByKey(EmployeeTableName, key).ToObject <Employee>().Execute();
                    Assert.Equal("B", shouldBeSet.MiddleName, "MiddleName was to be set");
                }
                {
                    var shouldBeMissing = dsReadCheck.WithUser(badUser).GetByKey(EmployeeTableName, key).ToObject <Employee>().Execute();
                    Assert.IsNull(shouldBeMissing.MiddleName, "MiddleName was supposed to be clear");
                }
                //UPDATE
                {
                    var shouldNotBeChanged = dsWriteCheck.WithUser(badUser).Update(EmployeeTableName, new { FirstName = "AA", MiddleName = "Z", EmployeeKey = key }).ToObject <Employee>().Execute();
                    Assert.Equal("B", shouldNotBeChanged.MiddleName, "MiddleName was not supposed to be changed");
                }
                {
                    var shouldBeChanged = dsWriteCheck.WithUser(goodUser).Update(EmployeeTableName, new { FirstName = "BB", MiddleName = "X", EmployeeKey = key }).ToObject <Employee>().Execute();
                    Assert.Equal("X", shouldBeChanged.MiddleName, "MiddleName was supposed to be changed");
                }
                //SELECT after UPDATE
                {
                    var shouldBeSet = dsReadCheck.WithUser(goodUser).Update(EmployeeTableName, new { FirstName = "AA", MiddleName = "B", EmployeeKey = key }).ToObject <Employee>().Execute();
                    Assert.Equal("B", shouldBeSet.MiddleName, "MiddleName was to be set");
                }
                {
                    var shouldBeMissing = dsReadCheck.WithUser(badUser).Update(EmployeeTableName, new { FirstName = "BB", MiddleName = "X", EmployeeKey = key }).ToObject <Employee>().Execute();
                    Assert.IsNull(shouldBeMissing.MiddleName, "MiddleName was supposed to be clear");
                }
            }
            finally
            {
                Release(dataSource);
            }
        }
Ejemplo n.º 2
0
 /// <summary>
 /// Initializes a new instance of the <see cref="RestrictColumn"/> class.
 /// </summary>
 /// <param name="columnName">Name of the column.</param>
 /// <param name="appliesWhen">While operations are being restricted.</param>
 /// <param name="exceptWhen">This function will return true if the rule doesn't apply to this user..</param>
 public RestrictColumn(string columnName, OperationTypes appliesWhen, ExceptWhenPredicate exceptWhen) : base(appliesWhen)
 {
     ColumnName = columnName;
     ExceptWhen = exceptWhen;
 }
Ejemplo n.º 3
0
 /// <summary>
 /// Initializes a new instance of the <see cref="RestrictColumn"/> class.
 /// </summary>
 /// <param name="columnName">Name of the column.</param>
 /// <param name="appliesWhen">While operations are being restricted.</param>
 /// <param name="exceptWhen">This function will return true if the rule doesn't apply to this user..</param>
 public RestrictColumn(string columnName, OperationTypes appliesWhen, ExceptWhenPredicate exceptWhen) : base(appliesWhen)
 {
     ColumnName = columnName;
     ExceptWhen = exceptWhen;
 }