public void Constructor_WithOnBehalfOf_SetsProperties()
{
var onBehalfOfActor = new AuditActor(
machineName: null,
machineIP: null,
userName: null,
authenticationType: null,
credentialKey: null,
timeStampUtc: DateTime.MinValue);
var actor = new AuditActor(
machineName: "a",
machineIP: "b",
userName: "******",
authenticationType: "d",
credentialKey: "e",
timeStampUtc: DateTime.MinValue,
onBehalfOf: onBehalfOfActor);
Assert.Equal("a", actor.MachineName);
Assert.Equal("b", actor.MachineIP);
Assert.Equal("c", actor.UserName);
Assert.Equal("d", actor.AuthenticationType);
Assert.Equal("e", actor.CredentialKey);
Assert.Equal(DateTime.MinValue, actor.TimestampUtc);
Assert.Same(onBehalfOfActor, actor.OnBehalfOf);
}
public async Task GetAspNetOnBehalfOfAsync_WithContext_SupportsNullUser()
{
var request = new Mock <HttpRequestBase>();
var context = new Mock <HttpContextBase>();
request.SetupGet(x => x.ServerVariables)
.Returns(new NameValueCollection()
{
{ "HTTP_X_FORWARDED_FOR", "1.2.3.4" }
});
context.Setup(x => x.Request)
.Returns(request.Object);
context.Setup(x => x.User)
.Returns((IPrincipal)null);
var actor = await AuditActor.GetAspNetOnBehalfOfAsync(context.Object);
Assert.NotNull(actor);
Assert.Null(actor.AuthenticationType);
Assert.Equal("1.2.3.0", actor.MachineIP);
Assert.Null(actor.MachineName);
Assert.Null(actor.OnBehalfOf);
Assert.InRange(actor.TimestampUtc, DateTime.UtcNow.AddMinutes(-1), DateTime.UtcNow.AddMinutes(1));
Assert.Null(actor.UserName);
}
public async Task GetAspNetOnBehalfOfAsync_WithContext_ObfuscatesLastIpAddressOctet()
{
var request = new Mock <HttpRequestBase>();
var identity = new Mock <IIdentity>();
var user = new Mock <IPrincipal>();
var context = new Mock <HttpContextBase>();
request.SetupGet(x => x.ServerVariables)
.Returns(new NameValueCollection()
{
{ "HTTP_X_FORWARDED_FOR", "1.2.3.4" }
});
identity.Setup(x => x.Name)
.Returns("b");
identity.Setup(x => x.AuthenticationType)
.Returns("c");
user.Setup(x => x.Identity)
.Returns(identity.Object);
context.Setup(x => x.Request)
.Returns(request.Object);
context.Setup(x => x.User)
.Returns(user.Object);
var actor = await AuditActor.GetAspNetOnBehalfOfAsync(context.Object);
Assert.NotNull(actor);
Assert.Equal("c", actor.AuthenticationType);
Assert.Equal("1.2.3.0", actor.MachineIP);
Assert.Null(actor.MachineName);
Assert.Null(actor.OnBehalfOf);
Assert.InRange(actor.TimestampUtc, DateTime.UtcNow.AddMinutes(-1), DateTime.UtcNow.AddMinutes(1));
Assert.Equal("b", actor.UserName);
}
public AuditActor(string machineName, string machineIP, string userName, string authenticationType, DateTime timeStampUtc, AuditActor onBehalfOf)
{
MachineName = machineName;
UserName = userName;
AuthenticationType = authenticationType;
TimestampUtc = timeStampUtc;
OnBehalfOf = onBehalfOf;
}
public AuditActor(string machineName, string machineIP, string userName, string authenticationType, DateTime timeStampUtc, AuditActor onBehalfOf)
{
MachineName = machineName;
UserName = userName;
AuthenticationType = authenticationType;
TimestampUtc = timeStampUtc;
OnBehalfOf = onBehalfOf;
}
protected override async Task <AuditActor> GetActor()
{
// Construct an actor representing the user the service is acting on behalf of
AuditActor onBehalfOf = null;
if (_getOnBehalfOf != null)
{
onBehalfOf = await _getOnBehalfOf();
}
return(await AuditActor.GetCurrentMachineActor(onBehalfOf));
}
public async Task GetAspNetOnBehalfOfAsync_WithoutContext_ReturnsMachineActorNullHttpContext()
{
var actor = await AuditActor.GetAspNetOnBehalfOfAsync();
var machineActor = await AuditActor.GetCurrentMachineActorAsync();
Assert.Equal(machineActor.MachineName, actor.MachineName);
Assert.Equal(machineActor.MachineIP, actor.MachineIP);
Assert.Equal(machineActor.UserName, actor.UserName);
Assert.Equal(machineActor.CredentialKey, actor.CredentialKey);
}
private static Task <AuditActor> GetOnBehalfOf()
{
var actor = new AuditActor(
machineName: "a",
machineIP: "b",
userName: "******",
authenticationType: "d",
timeStampUtc: DateTime.MinValue);
return(Task.FromResult <AuditActor>(actor));
}
public static async Task<AuditActor> GetCurrentMachineActor(AuditActor onBehalfOf)
{
// Try to get local IP
string ipAddress = await GetLocalIP();
return new AuditActor(
Environment.MachineName,
ipAddress,
$@"{Environment.UserDomainName}\{Environment.UserName}",
"MachineUser",
DateTime.UtcNow,
onBehalfOf);
}
public static async Task <AuditActor> GetCurrentMachineActor(AuditActor onBehalfOf)
{
// Try to get local IP
string ipAddress = await GetLocalIP();
return(new AuditActor(
Environment.MachineName,
ipAddress,
$@"{Environment.UserDomainName}\{Environment.UserName}",
"MachineUser",
DateTime.UtcNow,
onBehalfOf));
}
public void Constructor_SetsProperties()
{
var record = new Mock <AuditRecord>();
var actor = new AuditActor(
machineName: null,
machineIP: null,
userName: null,
authenticationType: null,
timeStampUtc: DateTime.MinValue);
var entry = new AuditEntry(record.Object, actor);
Assert.Same(record.Object, entry.Record);
Assert.Same(actor, entry.Actor);
}
public void Constructor_WithoutOnBehalfOf_AcceptsEmptyStringValues()
{
var actor = new AuditActor(
machineName: "",
machineIP: "",
userName: "",
authenticationType: "",
timeStampUtc: DateTime.MinValue);
Assert.Equal("", actor.MachineName);
Assert.Equal("", actor.MachineIP);
Assert.Equal("", actor.UserName);
Assert.Equal("", actor.AuthenticationType);
}
public async Task GetCurrentMachineActorAsync_WithoutOnBehalfOf()
{
var actor = await AuditActor.GetCurrentMachineActorAsync();
var expectedIpAddress = await AuditActor.GetLocalIpAddressAsync();
Assert.NotNull(actor);
Assert.Equal(Environment.MachineName, actor.MachineName);
Assert.Equal(expectedIpAddress, actor.MachineIP);
Assert.Equal($@"{Environment.UserDomainName}\{Environment.UserName}", actor.UserName);
Assert.Equal("MachineUser", actor.AuthenticationType);
Assert.InRange(actor.TimestampUtc, DateTime.UtcNow.AddMinutes(-1), DateTime.UtcNow.AddMinutes(1));
Assert.Null(actor.OnBehalfOf);
}
public void Constructor_WithoutOnBehalfOf_AcceptsNullValues()
{
var actor = new AuditActor(
machineName: null,
machineIP: null,
userName: null,
authenticationType: null,
timeStampUtc: DateTime.MinValue);
Assert.Null(actor.MachineName);
Assert.Null(actor.MachineIP);
Assert.Null(actor.UserName);
Assert.Null(actor.AuthenticationType);
}
private static async Task VerifyActor(JObject jObject)
{
var actor = jObject["Actor"];
Assert.Equal(Environment.MachineName, actor["MachineName"].Value <string>());
var expectedIpAddress = await AuditActor.GetLocalIpAddressAsync();
Assert.Equal(expectedIpAddress, actor["MachineIP"].Value <string>());
Assert.Equal($@"{Environment.UserDomainName}\{Environment.UserName}", actor["UserName"].Value <string>());
Assert.Equal("MachineUser", actor["AuthenticationType"].Value <string>());
Assert.InRange(actor["TimestampUtc"].Value <DateTime>(), DateTime.UtcNow.AddMinutes(-1), DateTime.UtcNow.AddMinutes(1));
Assert.Equal(JTokenType.Null, actor["OnBehalfOf"].Type);
}
public void Constructor_WithoutOnBehalfOf_SetsProperties()
{
var actor = new AuditActor(
machineName: "a",
machineIP: "b",
userName: "******",
authenticationType: "d",
timeStampUtc: DateTime.MinValue);
Assert.Equal("a", actor.MachineName);
Assert.Equal("b", actor.MachineIP);
Assert.Equal("c", actor.UserName);
Assert.Equal("d", actor.AuthenticationType);
Assert.Equal(DateTime.MinValue, actor.TimestampUtc);
}
public async Task GetCurrentMachineActorAsync_WithOnBehalfOf_AcceptsNull()
{
var expectedResult = await AuditActor.GetCurrentMachineActorAsync();
var actualResult = await AuditActor.GetCurrentMachineActorAsync(onBehalfOf : null);
Assert.NotNull(expectedResult);
Assert.NotNull(actualResult);
Assert.Equal(expectedResult.MachineName, actualResult.MachineName);
Assert.Equal(expectedResult.MachineIP, actualResult.MachineIP);
Assert.Equal(expectedResult.UserName, actualResult.UserName);
Assert.Equal(expectedResult.AuthenticationType, actualResult.AuthenticationType);
Assert.InRange(actualResult.TimestampUtc, expectedResult.TimestampUtc, expectedResult.TimestampUtc.AddMinutes(1));
Assert.Null(actualResult.OnBehalfOf);
}
public void Constructor_WithOnBehalfOf_AcceptsEmptyStringValues()
{
var actor = new AuditActor(
machineName: string.Empty,
machineIP: string.Empty,
userName: string.Empty,
authenticationType: string.Empty,
credentialKey: string.Empty,
timeStampUtc: DateTime.MinValue,
onBehalfOf: null);
Assert.Equal(string.Empty, actor.MachineName);
Assert.Equal(string.Empty, actor.MachineIP);
Assert.Equal(string.Empty, actor.UserName);
Assert.Equal(string.Empty, actor.AuthenticationType);
}
public async Task GetLocalIpAddressAsync_ReturnsAppropriateValueForLocalMachine()
{
string expectedIpAddress = null;
if (NetworkInterface.GetIsNetworkAvailable())
{
var entry = await Dns.GetHostEntryAsync(Dns.GetHostName());
if (entry != null)
{
expectedIpAddress =
TryGetAddress(entry.AddressList, AddressFamily.InterNetworkV6) ??
TryGetAddress(entry.AddressList, AddressFamily.InterNetwork);
}
}
var actualIpAddress = await AuditActor.GetLocalIpAddressAsync();
Assert.Equal(expectedIpAddress, actualIpAddress);
}
public void CloudAuditServiceObfuscateAuditRecord()
{
// Arrange
CloudBlobContainer nullBlobContainer = null;
var service = new CloudAuditingService(nullBlobContainer, AuditActor.GetCurrentMachineActorAsync);
AuditActor onBehalfOf = new AuditActor("machineName", "3.3.3.3", "userName1", "NoAuthentication", "someKey", DateTime.Now, null);
AuditActor auditActor = new AuditActor("machineName", "2.2.2.2", "userName1", "NoAuthentication", "someKey", DateTime.Now, onBehalfOf);
Package p = new Package()
{
User = new User("userName"),
UserKey = 1,
PackageRegistration = new PackageRegistration()
{
Id = "regId"
}
};
PackageAuditRecord packageAuditRecord = new PackageAuditRecord(p, AuditedPackageAction.Create);
// Act
var auditEntry = service.RenderAuditEntry(new AuditEntry(packageAuditRecord, auditActor));
// Assert
var entry = (JObject)JsonConvert.DeserializeObject(auditEntry);
var record = entry["Record"];
var actor = entry["Actor"];
Assert.Equal("-1", record["PackageRecord"]["UserKey"].ToString());
Assert.Equal(string.Empty, record["PackageRecord"]["FlattenedAuthors"].ToString());
Assert.Equal("ObfuscatedUserName", actor["UserName"].ToString());
Assert.Equal("2.2.2.0", actor["MachineIP"].ToString());
Assert.Equal("ObfuscatedUserName", actor["OnBehalfOf"]["UserName"].ToString());
Assert.Equal("3.3.3.0", actor["OnBehalfOf"]["MachineIP"].ToString());
}
public AuditEntry(AuditRecord record, AuditActor actor)
{
Record = record;
Actor = actor;
}
protected virtual Task <AuditActor> GetActorAsync()
{
return(AuditActor.GetCurrentMachineActorAsync());
}
public async Task GetAspNetOnBehalfOfAsync_WithoutContext_ReturnsNullForNullHttpContext()
{
var actor = await AuditActor.GetAspNetOnBehalfOfAsync();
Assert.Null(actor);
}
public AuditEntry(AuditRecord record, AuditActor actor)
{
Record = record;
Actor = actor;
}
