Ejemplo n.º 1
0
 public bool HasPermission(string memberUId, PermissionSets permission)
 {
     if (Memberships == null)
     {
         return(false);
     }
     return(Memberships.Any(m => m.MemberUId == memberUId && m.IsActive == true && m.Role.PermissionSet == (short)permission));
 }
        public void RunTestsInSandbox()
        {
            var permissions = PermissionSets.GetMediumTrust(AppDomain.CurrentDomain.BaseDirectory, Environment.MachineName);
            var testResults =
                SandboxTestRunner.RunTestFixturesInSandbox(_testFixtureTypes, permissions, null).SelectMany(
                    r => r.TestResults).Where(r => r.Status != SandboxTestStatus.Ignored);

            Assert.That(testResults.Count(), Is.EqualTo(3));
            foreach (var testResult in testResults)
            {
                testResult.EnsureNotFailed();
            }
        }
        public void GetMediumTrust()
        {
            var tempDirectory          = Environment.GetEnvironmentVariable("TEMP");
            var mediumTrustPermissions = PermissionSets.GetMediumTrust(tempDirectory, Environment.MachineName);
            var directoryName          = Path.GetDirectoryName(tempDirectory);

            Assert.That(mediumTrustPermissions.Length, Is.EqualTo(11));
            Assert.That(((AspNetHostingPermission)mediumTrustPermissions[0]).Level, Is.EqualTo(AspNetHostingPermissionLevel.Medium));
            Assert.That(((DnsPermission)mediumTrustPermissions[1]).IsUnrestricted(), Is.True);
            Assert.That(
                ((EnvironmentPermission)mediumTrustPermissions[2]).GetPathList(EnvironmentPermissionAccess.Read),
                Is.EqualTo("TEMP;TMP;USERNAME;OS;COMPUTERNAME"));
            Assert.That(
                Path.GetDirectoryName(((FileIOPermission)mediumTrustPermissions[3]).GetPathList(FileIOPermissionAccess.Read)[0]),
                Is.EqualTo(directoryName));
            Assert.That(
                Path.GetDirectoryName(((FileIOPermission)mediumTrustPermissions[3]).GetPathList(FileIOPermissionAccess.Write)[0]),
                Is.EqualTo(directoryName));
            Assert.That(
                Path.GetDirectoryName(((FileIOPermission)mediumTrustPermissions[3]).GetPathList(FileIOPermissionAccess.Append)[0]),
                Is.EqualTo(directoryName));
            Assert.That(
                Path.GetDirectoryName(((FileIOPermission)mediumTrustPermissions[3]).GetPathList(FileIOPermissionAccess.PathDiscovery)[0]),
                Is.EqualTo(directoryName));
            Assert.That(
                ((IsolatedStorageFilePermission)mediumTrustPermissions[4]).UsageAllowed, Is.EqualTo(IsolatedStorageContainment.AssemblyIsolationByUser));
            Assert.That(((IsolatedStorageFilePermission)mediumTrustPermissions[4]).UserQuota, Is.EqualTo(9223372036854775807L));
            Assert.That(((PrintingPermission)mediumTrustPermissions[5]).Level, Is.EqualTo(PrintingPermissionLevel.DefaultPrinting));
            Assert.That(
                ((SecurityPermission)mediumTrustPermissions[6]).Flags,
                Is.EqualTo(
                    SecurityPermissionFlag.Assertion
                    | SecurityPermissionFlag.Execution
                    | SecurityPermissionFlag.ControlThread
                    | SecurityPermissionFlag.ControlPrincipal
                    | SecurityPermissionFlag.RemotingConfiguration));
            Assert.That(((SmtpPermission)mediumTrustPermissions[7]).Access, Is.EqualTo(SmtpAccess.Connect));
            Assert.That(((SqlClientPermission)mediumTrustPermissions[8]).IsUnrestricted(), Is.True);
            Assert.That(mediumTrustPermissions[9], Is.TypeOf(typeof(WebPermission)));
            Assert.That(((ReflectionPermission)mediumTrustPermissions[10]).Flags, Is.EqualTo(ReflectionPermissionFlag.RestrictedMemberAccess));
        }
        public void MediumTrust()
        {
            var permissions = PermissionSets
                              .GetMediumTrust(AppDomain.CurrentDomain.BaseDirectory, Environment.MachineName)
                              .Concat(new[] { new ReflectionPermission(ReflectionPermissionFlag.MemberAccess) })
                              .ToArray();

            var types = (from t in typeof(MediumTrustSqlBackendIntegrationTest).Assembly.GetTypes()
                         where t.Namespace == typeof(MediumTrustSqlBackendIntegrationTest).Namespace &&
                         t != typeof(MediumTrustSqlBackendIntegrationTest) &&
                         !t.IsAbstract && t.IsDefined(typeof(TestFixtureAttribute), false)
                         select t).ToArray();

            var testFixtureResults = SandboxTestRunner.RunTestFixturesInSandbox(types, permissions, null);
            var testResults        = testFixtureResults.SelectMany(r => r.TestResults).ToArray();

            foreach (var testResult in testResults)
            {
                testResult.EnsureNotFailed();
            }
            Assert.That(testResults.Count(r => r.Status == SandboxTestStatus.Succeeded), Is.GreaterThan(0));
        }
Ejemplo n.º 5
0
        private void VerifyPermissionForCreateEditItem(BacklogItem item, Project project = null)
        {
            PermissionSets[] permissions = new PermissionSets[] { PermissionSets.SCRUM_MASTER, PermissionSets.PRODUCT_OWNER };

            if (project == null)
            {
                project = projectsService.GetProject(item.ProjectUId);
            }

            if (project.IsTicketProject)
            {
                permissions = new PermissionSets[] { PermissionSets.SCRUM_MASTER, PermissionSets.PRODUCT_OWNER, PermissionSets.TEAM }
            }
            ;


            authorizationService.VerifyPermissionAtProject(item.ProjectUId, permissions);

            if (!project.IsTicketProject && !authorizationService.IsProjectScrumMaster(item.ProjectUId) && item.SprintNumber != null)
            {
                throw new WebFaultException <String>("Product owners can not plan items", System.Net.HttpStatusCode.BadRequest);
            }
        }
        public void MediumTrust()
        {
            var permissions = PermissionSets
                              .GetMediumTrust(AppDomain.CurrentDomain.BaseDirectory, Environment.MachineName)
                              .Concat(
                new IPermission[]
            {
                new ReflectionPermission(ReflectionPermissionFlag.MemberAccess),
                // new SecurityPermission (SecurityPermissionFlag.SerializationFormatter)
            })
                              .ToArray();

            var testFixtureResults = SandboxTestRunner.RunTestFixturesInSandbox(new[] { typeof(UnmappedItemExceptionTest) }, permissions, null);
            var testResults        = testFixtureResults.SelectMany(r => r.TestResults).ToArray();

            foreach (var testResult in testResults)
            {
                try
                {
                    testResult.EnsureNotFailed();
                }
                catch (TestFailedException)
                {
                    var securityException = testResult.Exception as SecurityException;
                    if (securityException != null)
                    {
                        Console.WriteLine("Action:");
                        Console.WriteLine(securityException.Action);
                        Console.WriteLine("Demanded:");
                        Console.WriteLine(securityException.Demanded);
                    }
                    throw;
                }
            }
            Assert.That(testResults.Count(r => r.Status == SandboxTestStatus.Succeeded), Is.GreaterThan(0));
        }
 public void VerifyPermissionAtProjectOrFactoryOwner(string projectUId, PermissionSets[] permissions)
 {
     throw new NotSupportedException();
 }
Ejemplo n.º 8
0
 public bool HasPermission(string memberUId, PermissionSets permission)
 {
     if (Memberships == null)
         return false;
     return Memberships.Any(m => m.MemberUId == memberUId && m.IsActive==true && m.Role.PermissionSet == (short)permission);
 }
Ejemplo n.º 9
0
 public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission)
 {
     return projectsRepository.MemberHasPermissionAtProject(memberUId, projectUId, permission);
 }
Ejemplo n.º 10
0
 public void VerifyUserOrPermissionAtProject(string memberUId, string projectUId, PermissionSets permission)
 {
     if (!projectsService.MemberHasPermissionAtProject(SignedMemberProfile.MemberUId, projectUId, new PermissionSets[] {  permission })
         && SignedMemberProfile.MemberUId != memberUId)
         throw new WebFaultException(System.Net.HttpStatusCode.Forbidden);
 }
Ejemplo n.º 11
0
        public void VerifyPermissionAtProjectOrFactoryOwner(string projectUId, PermissionSets[] permissions)
        {
            if (!authorizedTokens.ContainsKey(SignedMemberToken))
                throw new WebFaultException(System.Net.HttpStatusCode.Unauthorized);

            if (SignedMemberProfile.IsFactoryOwner)
                return;

            VerifyPermissionAtProject(projectUId, permissions);
        }
Ejemplo n.º 12
0
 public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission)
 {
     PermissionSets[] ps = new PermissionSets[1];
     ps[0] = permission;
     return(MemberHasPermissionAtProject(memberUId, projectUId, ps));
 }
Ejemplo n.º 13
0
 public void VerifyPermissionAtProject(string projectUId, PermissionSets permission)
 {
     PermissionSets[] ps = new PermissionSets[1];
     ps[0] = permission;
     VerifyPermissionAtProject(projectUId, ps);
 }
Ejemplo n.º 14
0
        public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets[] permissions)
        {
            short[] permissionsS = new short[permissions.Length];
            for (int i = 0; i < permissions.Length; i++)
                permissionsS[i] = (short)permissions[i];

            using (var context = new ScrumFactoryEntities(this.connectionString)) {

                // does not make sense
                //if (context.Projects.Where(p => p.ProjectUId == projectUId && p.CreateBy == memberUId).Count() > 0)
                //    return true;

                if (context.ProjectMemberships.Where(
                        pmr => pmr.MemberUId == memberUId
                        && pmr.ProjectUId == projectUId
                        && pmr.IsActive == true
                        && permissionsS.Contains(pmr.Role.PermissionSet)).Count() > 0)
                    return true;
            }

            return false;
        }
Ejemplo n.º 15
0
 public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission)
 {
     PermissionSets[] ps = new PermissionSets[1];
     ps[0] = permission;
     return MemberHasPermissionAtProject(memberUId, projectUId, ps);
 }
Ejemplo n.º 16
0
 public int GetMembershipCountOf(string projectUId, PermissionSets permissionSet)
 {
     using (var context = new ScrumFactoryEntities(this.connectionString)) {
         return context.ProjectMemberships.Count(ms => ms.Role.PermissionSet == (short)permissionSet && ms.ProjectUId == projectUId);
     }
 }
Ejemplo n.º 17
0
 public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission)
 {
     return(projectsRepository.MemberHasPermissionAtProject(memberUId, projectUId, permission));
 }
 public void VerifyUserOrPermissionAtProject(string memberUId, string projectUId, PermissionSets permission)
 {
     throw new NotSupportedException();
 }
Ejemplo n.º 19
0
 public void VerifyUserOrPermissionAtProject(string memberUId, string projectUId, PermissionSets permission)
 {
     if (!projectsService.MemberHasPermissionAtProject(SignedMemberProfile.MemberUId, projectUId, new PermissionSets[] { permission }) &&
         SignedMemberProfile.MemberUId != memberUId)
     {
         throw new WebFaultException(System.Net.HttpStatusCode.Forbidden);
     }
 }
Ejemplo n.º 20
0
 public void SetUp()
 {
     _mediumTrustPermissions = PermissionSets.GetMediumTrust(AppDomain.CurrentDomain.BaseDirectory, Environment.MachineName);
 }
Ejemplo n.º 21
0
 public int GetMembershipCountOf(string projectUId, PermissionSets permissionSet)
 {
     using (var context = new ScrumFactoryEntities(this.connectionString)) {
         return(context.ProjectMemberships.Count(ms => ms.Role.PermissionSet == (short)permissionSet && ms.ProjectUId == projectUId));
     }
 }
Ejemplo n.º 22
0
        private void VerifyPermissionForCreateEditItem(BacklogItem item, Project project = null)
        {
            PermissionSets[] permissions = new PermissionSets[] { PermissionSets.SCRUM_MASTER, PermissionSets.PRODUCT_OWNER };

            if (project == null)
                project = projectsService.GetProject(item.ProjectUId);

            if (project.IsTicketProject)
                permissions = new PermissionSets[] { PermissionSets.SCRUM_MASTER, PermissionSets.PRODUCT_OWNER, PermissionSets.TEAM };

            authorizationService.VerifyPermissionAtProject(item.ProjectUId, permissions);

            if (!project.IsTicketProject && !authorizationService.IsProjectScrumMaster(item.ProjectUId) && item.SprintNumber != null)
                throw new WebFaultException<String>("Product owners can not plan items", System.Net.HttpStatusCode.BadRequest);
        }
Ejemplo n.º 23
0
 public void VerifyPermissionAtProject(string projectUId, PermissionSets permission)
 {
     PermissionSets[] ps = new PermissionSets[1];
     ps[0] = permission;
     VerifyPermissionAtProject(projectUId, ps);
 }
Ejemplo n.º 24
0
 public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission)
 {
     throw new NotSupportedException();
 }
Ejemplo n.º 25
0
        public void VerifyPermissionAtProject(string projectUId, PermissionSets[] permissions)
        {
            string token = SignedMemberToken;

            AuthorizationInfo authInfo = null;
            authorizedTokens.TryGetValue(token, out authInfo);

            if (authInfo==null)
                throw new WebFaultException(System.Net.HttpStatusCode.Unauthorized);

            string memberUId = authInfo.MemberUId;

            bool hasPermission = projectsService.MemberHasPermissionAtProject(memberUId, projectUId, permissions);
            if(!hasPermission)
                throw new WebFaultException(System.Net.HttpStatusCode.Forbidden);
        }