public void TestRevokePermission_MultiplePermissionsExist()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
var permissionAssignment1 = new PermissionAssignment
{
PrincipalId = grantee.PrincipalId,
PermissionId = permission.PermissionId,
ResourceId = resource.ResourceId,
IsAllowed = false
};
var permissionAssignment2 = new PermissionAssignment
{
PrincipalId = grantee.PrincipalId,
PermissionId = permission.PermissionId,
ResourceId = resource.ResourceId,
IsAllowed = false
};
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
context.PermissionAssignments.Add(permissionAssignment1);
context.PermissionAssignments.Add(permissionAssignment2);
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, grantor.PrincipalId);
Func <Task> revokeAction = async() =>
{
await service.RevokePermissionAsync(revokedPermission);
};
service.Invoking(x => x.RevokePermission(revokedPermission)).ShouldThrow <NotSupportedException>()
.WithMessage("There should not be more than one permission assignment to set is allowed true.");
revokeAction.ShouldThrow <NotSupportedException>()
.WithMessage("There should not be more than one permission assignment to set is allowed true.");
}
public async Task TestGrantPermission_PermissionIsNotAResourcePermission()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
resourceService.Setup(x => x.GetResourcePermissions(It.IsAny <string>(), It.IsAny <int?>())).Returns(GetAvailablePermissionsList());
resourceService.Setup(x => x.GetResourcePermissionsAsync(It.IsAny <string>(), It.IsAny <int?>())).ReturnsAsync(GetAvailablePermissionsList());
Assert.AreEqual(0, context.PermissionAssignments.Count());
var grantedPermission = new GrantedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, grantor.PrincipalId);
service.Invoking(x => x.GrantPermission(grantedPermission)).ShouldThrow <NotSupportedException>()
.WithMessage(String.Format("The requested permission with id [{0}] is not a valid permission for the resource.", permission.PermissionId));
Func <Task> f = async() =>
{
await service.GrantPermissionsAsync(grantedPermission);
};
f.ShouldThrow <NotSupportedException>()
.WithMessage(String.Format("The requested permission with id [{0}] is not a valid permission for the resource.", permission.PermissionId));
}
public void TestGrantPermission_ResourceDoesNotExist()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
ForeignResourceCache foreignResourceCache = null;
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
var grantedPermission = new GrantedPermission(grantee.PrincipalId, permission.PermissionId, 0, resourceType.Value, grantor.PrincipalId);
//invoking async
Func <Task> grantAction = async() =>
{
await service.GrantPermissionsAsync(grantedPermission);
};
service.Invoking(x => x.GrantPermission(grantedPermission)).ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The foreign resource with id [{0}] and resource type [{1}] does not exist in CAM.",
grantedPermission.ForeignResourceId,
grantedPermission.ResourceTypeAsString));
grantAction.ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The foreign resource with id [{0}] and resource type [{1}] does not exist in CAM.",
grantedPermission.ForeignResourceId,
grantedPermission.ResourceTypeAsString));
}
public void TestRevokePermission_GrantorDoesNotExist()
{
var grantee = new Principal
{
PrincipalId = 1,
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, 0);
//invoking async
Func <Task> revokeAction = async() =>
{
await service.RevokePermissionAsync(revokedPermission);
};
service.Invoking(x => x.RevokePermission(revokedPermission)).ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The user with id [{0}] granting the permission could not be found.", revokedPermission.Audit.UserId));
revokeAction.ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The user with id [{0}] granting the permission could not be found.", revokedPermission.Audit.UserId));
}
public async Task TestRevokePermission_PermissionIsAlreadyGrantedButAllowed()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
var permissionAssignment = new PermissionAssignment
{
PrincipalId = grantee.PrincipalId,
PermissionId = permission.PermissionId,
ResourceId = resource.ResourceId,
IsAllowed = true
};
context.SetupActions.Add(() =>
{
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
context.PermissionAssignments.Add(permissionAssignment);
permissionAssignment.IsAllowed = true;
Assert.AreEqual(1, context.PermissionAssignments.Count());
});
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
resourceService.Setup(x => x.GetResourcePermissions(It.IsAny <string>(), It.IsAny <int?>())).Returns(GetAvailablePermissionsList(permission));
resourceService.Setup(x => x.GetResourcePermissionsAsync(It.IsAny <string>(), It.IsAny <int?>())).ReturnsAsync(GetAvailablePermissionsList(permission));
Action tester = () =>
{
Assert.AreEqual(1, context.PermissionAssignments.Count());
Assert.IsFalse(context.PermissionAssignments.First().IsAllowed);
};
context.Revert();
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, grantor.PrincipalId);
service.RevokePermission(revokedPermission);
context.Revert();
await service.RevokePermissionAsync(revokedPermission);
tester();
}
public async Task TestRevokePermission_PrincipalIsNotUserAccount()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
context.SetupActions.Add(() =>
{
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
Assert.AreEqual(0, context.PermissionAssignments.Count());
});
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
resourceService.Setup(x => x.GetResourcePermissions(It.IsAny <string>(), It.IsAny <int?>())).Returns(GetAvailablePermissionsList(permission));
resourceService.Setup(x => x.GetResourcePermissionsAsync(It.IsAny <string>(), It.IsAny <int?>())).ReturnsAsync(GetAvailablePermissionsList(permission));
Action tester = () =>
{
Assert.AreEqual(1, context.PermissionAssignments.Count());
var firstAssignment = context.PermissionAssignments.First();
Assert.IsFalse(firstAssignment.IsAllowed);
Assert.AreEqual(grantor.PrincipalId, firstAssignment.AssignedBy);
Assert.AreEqual(permission.PermissionId, firstAssignment.PermissionId);
Assert.AreEqual(grantee.PrincipalId, firstAssignment.PrincipalId);
Assert.AreEqual(resource.ResourceId, firstAssignment.ResourceId);
DateTimeOffset.Now.Should().BeCloseTo(firstAssignment.AssignedOn, 2000);
};
context.Revert();
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, grantor.PrincipalId);
service.RevokePermission(revokedPermission);
tester();
context.Revert();
context.PermissionAssignments = new PermissionAssignmentTestDbSet();
await service.RevokePermissionAsync(revokedPermission);
tester();
}
