public void AddDuplicate()
{
AuthorizationRuleCollection col = new AuthorizationRuleCollection();
AuthorizationRule rule = new AuthorizationRule(AuthorizationRuleAction.Deny);
rule.Users.Add("toshok");
rule.Verbs.Add("GET");
col.Add(rule);
col.Add(rule);
Assert.AreEqual(2, col.Count, "A1");
Assert.AreEqual("toshok", col[0].Users.ToString(), "A2");
}
private void AddAuthorizationRules(string siteName, PropertyBag authBag)
{
PermissionsFlags permissions = (PermissionsFlags)authBag[3];
string str = (string)authBag[1];
string str2 = (string)authBag[2];
AuthorizationRuleCollection authorizationRuleCollection = this.GetAuthorizationRuleCollection(siteName);
if (!string.IsNullOrEmpty(str))
{
authorizationRuleCollection.Add(AuthorizationRuleAccessType.Allow, str, string.Empty, permissions);
}
if (!string.IsNullOrEmpty(str2))
{
authorizationRuleCollection.Add(AuthorizationRuleAccessType.Allow, string.Empty, str2, permissions);
}
}
public void when_checking_authorization_for_a_matching_resource_and_user_with_both_allow_and_deny_rules()
{
var currentIdentities = new string[] { "L1:DOMAIN1\\User1", "L1:DOMAIN1\\Group1", "Role1" };
var resourceName = "Form1";
var resources = new string[] { resourceName };
var resourceType = ResourceTypes.Form;
var allowedIdentities = new string[] { "L1:DOMAIN1\\UserA", "L1:DOMAIN1\\User1" };
var deniedIdentities = new string[] { "L1:DOMAIN1\\GroupA", "L1:DOMAIN1\\Group1" };
var rules = new AuthorizationRuleCollection();
var allowRule = new AuthorizationRule(resources, resourceType, PermissionType.Allow, allowedIdentities);
rules.Add(allowRule);
var denyRule = new AuthorizationRule(resources, resourceType, PermissionType.Deny, deniedIdentities);
rules.Add(denyRule);
Assert.IsFalse(rules.IsAuthorized(resourceName, resourceType, currentIdentities), "it should not be authorized");
}
public void AddDuplicate2()
{
AuthorizationRuleCollection col = new AuthorizationRuleCollection();
AuthorizationRule rule1 = new AuthorizationRule(AuthorizationRuleAction.Deny);
AuthorizationRule rule2 = new AuthorizationRule(AuthorizationRuleAction.Allow);
rule1.Users.Add("toshok");
rule1.Verbs.Add("GET");
rule2.Users.Add("toshok");
rule2.Verbs.Add("GET");
col.Add(rule1);
col.Add(rule2);
Assert.AreEqual(2, col.Count, "A1");
Assert.AreEqual("toshok", col[0].Users.ToString(), "A2");
Assert.AreEqual(AuthorizationRuleAction.Deny, col[0].Action, "A3");
Assert.AreEqual(AuthorizationRuleAction.Allow, col[1].Action, "A4");
}
/// <summary>
/// Creates virtual directory under site with given name and sets authorization rules.
/// </summary>
/// <param name="siteName">Site name.</param>
/// <param name="account">Account information.</param>
public void CreateFtpAccount(string siteName, FtpAccount account)
{
Site site = this.GetIisSite(siteName);
if (site != null)
{
Application application = site.Applications["/"];
if (application != null)
{
// Convert FTP account name to virtual directory format
var ftpVirtualDir = String.Format("/{0}", account.Name);
//
VirtualDirectory accountDirectory = application.VirtualDirectories[ftpVirtualDir];
//
if (accountDirectory != null)
{
application.VirtualDirectories.Remove(accountDirectory);
}
VirtualDirectory createdVirtualDirectory = application.VirtualDirectories.Add(ftpVirtualDir, account.Folder);
AuthorizationRuleCollection authRulesCollection = this.GetAuthorizationRuleCollection(String.Format("{0}/{1}", siteName, account.Name));
List <AuthorizationRule> rulesToRemove = new List <AuthorizationRule>();
foreach (AuthorizationRule rule in authRulesCollection)
{
if (rule.AccessType == AuthorizationRuleAccessType.Allow && (rule.Users == "?" || rule.Users == "*"))
{
rulesToRemove.Add(rule);
}
}
foreach (AuthorizationRule rule in rulesToRemove)
{
authRulesCollection.Remove(rule);
}
PermissionsFlags permissions = 0;
if (account.CanRead)
{
permissions |= PermissionsFlags.Read;
}
if (account.CanWrite)
{
permissions |= PermissionsFlags.Write;
}
if (account.CanRead || account.CanWrite)
{
authRulesCollection.Add(AuthorizationRuleAccessType.Allow, account.Name, String.Empty, permissions);
}
}
}
this.CommitChanges();
}
/// <summary>
/// Recupera todas as regras cadastradas.
/// </summary>
/// <returns></returns>
public override AuthorizationRuleCollection GetAllRules()
{
var collection = new AuthorizationRuleCollection();
foreach (var i in Navigate(Root))
{
foreach (var j in i.GetRules())
{
collection.Add(j);
}
}
return(collection);
}
public void when_checking_authorization_for_a_matching_resource_and_a_matching_identity()
{
var currentIdentities = new string[] { "L1:DOMAIN1\\User1", "L1:DOMAIN1\\Group1", "Role1" };
var resourceName = "Form1";
var resources = new string[] { resourceName };
var resourceType = ResourceTypes.Form;
var allowedIdentities = new string[] { "L1:DOMAIN1\\User1", "L1:DOMAIN1\\User2" };
var rules = new AuthorizationRuleCollection();
var allowRule = new AuthorizationRule(resources, resourceType, PermissionType.Allow, allowedIdentities);
rules.Add(allowRule);
Assert.IsTrue(rules.IsAuthorized(resourceName, resourceType, currentIdentities), "it should be authorized");
}
public void GetElementKey()
{
MethodInfo minfo = typeof(AuthorizationRuleCollection).GetMethod("GetElementKey", BindingFlags.Instance | BindingFlags.NonPublic);
AuthorizationRuleCollection col = new AuthorizationRuleCollection();
AuthorizationRule rule = new AuthorizationRule(AuthorizationRuleAction.Deny);
rule.Users.Add("toshok");
rule.Verbs.Add("GET");
col.Add(rule);
object[] args = new object[1];
args[0] = rule;
string key = (string)minfo.Invoke(col, args);
Assert.AreEqual("Deny", key, "A1");
}
public override AuthorizationRuleCollection GetAllRulesByPath(string path)
{
string loc = FormatVirtualPath(path);
var validPathsQueue = new Queue <XmlAuthorizationPath>();
XmlAuthorizationPath validPath = null;
var queuePaths = new Queue <XmlAuthorizationPath>();
queuePaths.Enqueue(Root);
while (queuePaths.Count > 0)
{
var p1 = queuePaths.Dequeue();
foreach (var i in p1.Children.ToArray())
{
if (i == null)
{
continue;
}
if ((i.Complex != null && i.Complex.Match(loc).Success) || (loc.Length >= i.FullUrl.Length && loc.IndexOf(i.FullUrl, 0, i.FullUrl.Length, StringComparison.InvariantCultureIgnoreCase) == 0 && (validPath == null || i.FullUrl.Length > validPath.FullUrl.Length)))
{
validPathsQueue.Enqueue(i);
validPath = i;
queuePaths.Enqueue(i);
}
}
if (p1 == null)
{
break;
}
}
var result = new AuthorizationRuleCollection();
foreach (var i in validPathsQueue)
{
foreach (var j in i.GetRules())
{
result.Add(j);
}
}
return(result);
}
/// <summary>
/// Creates ftp site.
/// </summary>
/// <param name="site">Ftp site to be created.</param>
/// <returns>Created site id.</returns>
/// <exception cref="ArgumentNullException">Is thrown in case supplied argument is null.</exception>
/// <exception cref="ArgumentException">
/// Is thrown in case site id or its name is null or empty or if site id is not equal to default ftp site name.
/// </exception>
public string CreateSite(FtpSite site)
{
if (site == null)
{
throw new ArgumentNullException("site");
}
if (String.IsNullOrEmpty(site.SiteId) || String.IsNullOrEmpty(site.Name))
{
throw new ArgumentException("Site id or name is null or empty.");
}
this.CheckFtpServerBindings(site);
PropertyBag siteBag = this.ftpSitesService.GetSiteDefaults();
// Set site name
siteBag[FtpSiteGlobals.Site_Name] = site.Name;
// Set site physical path
siteBag[FtpSiteGlobals.VirtualDirectory_PhysicalPath] = site.ContentPath;
PropertyBag ftpBinding = new PropertyBag();
// Set site binding protocol
ftpBinding[FtpSiteGlobals.BindingProtocol] = "ftp";
// fill binding summary info
ftpBinding[FtpSiteGlobals.BindingInformation] = site.Bindings[0].ToString();
// Set site binding
siteBag[FtpSiteGlobals.Site_SingleBinding] = ftpBinding;
// Auto-start
siteBag[FtpSiteGlobals.FtpSite_AutoStart] = true;
// Set anonumous authentication
siteBag[FtpSiteGlobals.Authentication_AnonymousEnabled] = true;
siteBag[FtpSiteGlobals.Authentication_BasicEnabled] = true;
this.ftpSitesService.AddSite(siteBag);
AuthorizationRuleCollection rules = this.ftpSitesService.GetAuthorizationRuleCollection(site.Name);
rules.Add(AuthorizationRuleAccessType.Allow, "*", String.Empty, PermissionsFlags.Read);
IisFtpSite iisFtpSite = this.ftpSitesService.GetIisFtpSite(site.Name);
iisFtpSite.UserIsolation.Mode = Mode.StartInUsersDirectory;
iisFtpSite.Security.Ssl.ControlChannelPolicy = ControlChannelPolicy.SslAllow;
iisFtpSite.Security.Ssl.DataChannelPolicy = DataChannelPolicy.SslAllow;
this.FillIisFromFtpSite(site);
this.ftpSitesService.CommitChanges();
// Do not start the site because it is started during creation.
try
{
this.ChangeSiteState(site.Name, ServerState.Started);
}
catch
{
// Ignore the error if happened.
}
return(site.Name);
}
