public void ShouldEditClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var alreadyExistingClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(alreadyExistingClaimSet);
var editModel = new EditClaimSetModel {
ClaimSetName = "TestClaimSetEdited", ClaimSetId = alreadyExistingClaimSet.ClaimSetId
};
Scoped <ISecurityContext>(securityContext =>
{
var command = new EditClaimSetCommand(securityContext);
command.Execute(editModel);
});
var editedClaimSet = Transaction(securityContext => securityContext.ClaimSets.Single(x => x.ClaimSetId == alreadyExistingClaimSet.ClaimSetId));
editedClaimSet.ClaimSetName.ShouldBe(editModel.ClaimSetName);
}
public void ShouldNotDeleteClaimSetIfNotAnExistingId()
{
var testApplication = new Application
{
ApplicationName = "TestApplication2"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = $"TestClaimSet{DateTime.Now:O}", Application = testApplication
};
Save(testClaimSet);
var claimSetToDelete = new DeleteClaimSetModel()
{
Name = testClaimSet.ClaimSetName,
Id = 99,
IsEditable = true
};
Scoped <ISecurityContext>(securityContext =>
{
var validator = new DeleteClaimSetModelValidator(securityContext);
var validationResults = validator.Validate(claimSetToDelete);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("No such claim set exists in the database");
});
}
public void ShouldNotDeleteClaimSetIfNotEditable()
{
var testApplication = new Application
{
ApplicationName = "TestApplication1"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = $"TestClaimSet{DateTime.Now:O}", Application = testApplication
};
Save(testClaimSet);
var claimSetToDelete = new DeleteClaimSetModel()
{
Name = testClaimSet.ClaimSetName,
Id = testClaimSet.ClaimSetId,
IsEditable = false
};
Scoped <ISecurityContext>(securityContext =>
{
var validator = new DeleteClaimSetModelValidator(securityContext);
var validationResults = validator.Validate(claimSetToDelete);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("Only user created claim sets can be deleted");
});
}
public void ShouldNotDeleteClaimSetHasAnAssociatedApplication()
{
var testApplication = new Application
{
ApplicationName = "TestApplication3"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = $"TestClaimSet{DateTime.Now:O}", Application = testApplication
};
Save(testClaimSet);
var claimSetToDelete = new DeleteClaimSetModel()
{
Name = testClaimSet.ClaimSetName,
Id = testClaimSet.ClaimSetId,
IsEditable = true,
VendorApplicationCount = 1
};
Scoped <ISecurityContext>(securityContext =>
{
var validator = new DeleteClaimSetModelValidator(securityContext);
var validationResults = validator.Validate(claimSetToDelete);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe($"Cannot delete this claim set. This claim set has {claimSetToDelete.VendorApplicationCount} associated application(s).");
});
}
public void ShouldReturnTrueIfRequiredClaimSetsExist()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testAbConnectClaimSet = new ClaimSet {
ClaimSetName = CloudsOdsAcademicBenchmarksConnectApp.DefaultClaimSet, Application = testApplication
};
Save(testAbConnectClaimSet);
var testAdminAppClaimSet = new ClaimSet {
ClaimSetName = CloudOdsAdminApp.InternalAdminAppClaimSet, Application = testApplication
};
Save(testAdminAppClaimSet);
Scoped <IClaimSetCheckService>(service =>
{
var result = service.RequiredClaimSetsExist();
result.ShouldBeTrue();
});
}
public void ShouldNotEditClaimSetIfNameNotUnique()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var alreadyExistingClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet1", Application = testApplication
};
Save(alreadyExistingClaimSet);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet2", Application = testApplication
};
Save(testClaimSet);
var editModel = new EditClaimSetModel {
ClaimSetName = "TestClaimSet1", ClaimSetId = testClaimSet.ClaimSetId
};
Scoped <ISecurityContext>(securityContext =>
{
var validator = new EditClaimSetModelValidator(securityContext);
var validationResults = validator.Validate(editModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("A claim set with this name already exists in the database. Please enter a unique name.");
});
}
public void ShouldNotAddClaimSetIfNameNotUnique()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var alreadyExistingClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(alreadyExistingClaimSet);
var newClaimSet = new AddClaimSetModel {
ClaimSetName = "TestClaimSet"
};
var validator = new AddClaimSetModelValidator(TestContext);
var validationResults = validator.Validate(newClaimSet);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("A claim set with this name already exists in the database. Please enter a unique name.");
}
public void ShouldNotCopyClaimSetIfNameNotUnique()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var newClaimSet = new CopyClaimSetModel()
{
Name = "TestClaimSet",
OriginalId = testClaimSet.ClaimSetId
};
var validator = new CopyClaimSetModelValidator(TestContext);
var validationResults = validator.Validate(newClaimSet);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("The new claim set must have a unique name");
}
public void ShouldNotAddDuplicateResourcesToClaimSetDuringEdit()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
var existingResources = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId)
.ToList();
var duplicateResource = existingResources.Single(x => x.Name == "TestParentResourceClaim1");
var editResourceOnClaimSetModel = new EditClaimSetResourceModel
{
ClaimSetId = testClaimSet.ClaimSetId,
ResourceClaim = duplicateResource,
ExistingResourceClaims = existingResources
};
var validator = new EditClaimSetResourceModelValidator();
var validationResults = validator.Validate(editResourceOnClaimSetModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("Only unique resource claims can be added. The following is a duplicate resource:\nTestParentResourceClaim1");
}
public void ShouldNotEditClaimSetIfNameLengthGreaterThan255Characters()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet1", Application = testApplication
};
Save(testClaimSet);
var editModel = new EditClaimSetModel {
ClaimSetName = "ThisIsAClaimSetWithNameLengthGreaterThan255CharactersThisIsAClaimSetWithNameLengthGreaterThan255CharactersThisIsAClaimSetWithNameLengthGreaterThan255CharactersThisIsAClaimSetWithNameLengthGreaterThan255CharactersThisIsAClaimSetWithNameLengthGreaterThan255CharactersThisIsAClaimSetWithNameLengthGreaterThan255Characters", ClaimSetId = testClaimSet.ClaimSetId
};
Scoped <ISecurityContext>(securityContext =>
{
var validator = new EditClaimSetModelValidator(securityContext);
var validationResults = validator.Validate(editModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("The claim set name must be less than 255 characters.");
});
}
public void ShouldNotEditClaimSetIfNameEmpty()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet1", Application = testApplication
};
Save(testClaimSet);
var editModel = new EditClaimSetModel {
ClaimSetName = "", ClaimSetId = testClaimSet.ClaimSetId
};
Scoped <ISecurityContext>(securityContext =>
{
var validator = new EditClaimSetModelValidator(securityContext);
var validationResults = validator.Validate(editModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("'Claim Set Name' must not be empty.");
});
}
public void ShouldResetAuthorizationStrategiesForParentResourcesOnClaimSet()
{
var testApplication = new Application
{
ApplicationName = "TestApplicationName"
};
Save(testApplication);
var testClaimSet = new ClaimSet
{
ClaimSetName = "TestClaimSet",
Application = testApplication
};
Save(testClaimSet);
var appAuthorizationStrategies = SetupApplicationAuthorizationStrategies(testApplication).ToList();
var testResourceClaims = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
var testResourceToEdit = testResourceClaims.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestParentResourceClaim1");
var resultResourceClaimBeforeOverride = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId).Single(x => x.Id == testResourceToEdit.ResourceClaimId);
resultResourceClaimBeforeOverride.AuthStrategyOverridesForCRUD[0].ShouldBeNull();
resultResourceClaimBeforeOverride.AuthStrategyOverridesForCRUD[1].ShouldBeNull();
resultResourceClaimBeforeOverride.AuthStrategyOverridesForCRUD[2].ShouldBeNull();
resultResourceClaimBeforeOverride.AuthStrategyOverridesForCRUD[3].ShouldBeNull();
SetupOverridesForResourceCreateAction(testResourceToEdit.ResourceClaimId, testClaimSet.ClaimSetId,
appAuthorizationStrategies.Single(x => x.AuthorizationStrategyName == "TestAuthStrategy4")
.AuthorizationStrategyId);
var resultResourceClaimAfterOverride = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId).Single(x => x.Id == testResourceToEdit.ResourceClaimId);
resultResourceClaimAfterOverride.AuthStrategyOverridesForCRUD[0].ShouldNotBeNull();
resultResourceClaimAfterOverride.AuthStrategyOverridesForCRUD[0].AuthStrategyName.ShouldBe("TestAuthStrategy4");
resultResourceClaimAfterOverride.AuthStrategyOverridesForCRUD[1].ShouldBeNull();
resultResourceClaimAfterOverride.AuthStrategyOverridesForCRUD[2].ShouldBeNull();
resultResourceClaimAfterOverride.AuthStrategyOverridesForCRUD[3].ShouldBeNull();
var resetModel = new ResetToDefaultAuthStrategyModel
{
ResourceClaimId = testResourceToEdit.ResourceClaimId,
ClaimSetId = testClaimSet.ClaimSetId
};
var command = new ResetToDefaultAuthStrategyCommand(TestContext);
command.Execute(resetModel);
var resultResourceClaimAfterReset = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId).Single(x => x.Id == testResourceToEdit.ResourceClaimId);
resultResourceClaimAfterReset.AuthStrategyOverridesForCRUD[0].ShouldBeNull();
resultResourceClaimAfterReset.AuthStrategyOverridesForCRUD[1].ShouldBeNull();
resultResourceClaimAfterReset.AuthStrategyOverridesForCRUD[2].ShouldBeNull();
resultResourceClaimAfterReset.AuthStrategyOverridesForCRUD[3].ShouldBeNull();
}
public void ShouldOverrideAuthorizationStrategiesForParentResourcesOnClaimSet()
{
var testApplication = new Application
{
ApplicationName = "TestApplicationName"
};
Save(testApplication);
var testClaimSet = new ClaimSet
{
ClaimSetName = "TestClaimSet",
Application = testApplication
};
Save(testClaimSet);
var appAuthorizationStrategies = SetupApplicationAuthorizationStrategies(testApplication).ToList();
var testResourceClaims = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
SetupResourcesWithDefaultAuthorizationStrategies(appAuthorizationStrategies, testResourceClaims.ToList());
var testResource1ToEdit = testResourceClaims.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestParentResourceClaim1");
var testResource2ToNotEdit = testResourceClaims.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestParentResourceClaim2");
var overrideModel = new OverrideDefaultAuthorizationStrategyModel
{
ResourceClaimId = testResource1ToEdit.ResourceClaimId,
ClaimSetId = testClaimSet.ClaimSetId,
AuthorizationStrategyForCreate = appAuthorizationStrategies.Single(x => x.AuthorizationStrategyName == "TestAuthStrategy4").AuthorizationStrategyId,
AuthorizationStrategyForRead = 0,
AuthorizationStrategyForUpdate = 0,
AuthorizationStrategyForDelete = 0
};
Scoped <ISecurityContext>(securityContext =>
{
var command = new OverrideDefaultAuthorizationStrategyCommand(securityContext);
command.Execute(overrideModel);
});
var resourceClaimsForClaimSet =
Scoped <IGetResourcesByClaimSetIdQuery, List <Management.ClaimSetEditor.ResourceClaim> >(
query => query.AllResources(testClaimSet.ClaimSetId).ToList());
var resultResourceClaim1 = resourceClaimsForClaimSet.Single(x => x.Id == overrideModel.ResourceClaimId);
resultResourceClaim1.AuthStrategyOverridesForCRUD[0].AuthStrategyName.ShouldBe("TestAuthStrategy4");
resultResourceClaim1.AuthStrategyOverridesForCRUD[1].ShouldBeNull();
resultResourceClaim1.AuthStrategyOverridesForCRUD[2].ShouldBeNull();
resultResourceClaim1.AuthStrategyOverridesForCRUD[3].ShouldBeNull();
var resultResourceClaim2 = resourceClaimsForClaimSet.Single(x => x.Id == testResource2ToNotEdit.ResourceClaimId);
resultResourceClaim2.AuthStrategyOverridesForCRUD[0].ShouldBeNull();
resultResourceClaim2.AuthStrategyOverridesForCRUD[1].ShouldBeNull();
resultResourceClaim2.AuthStrategyOverridesForCRUD[2].ShouldBeNull();
resultResourceClaim2.AuthStrategyOverridesForCRUD[3].ShouldBeNull();
}
public void ShouldEditParentResourcesOnClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var testResources = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
var testResource1ToEdit = testResources.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestParentResourceClaim1");
var testResource2ToNotEdit = testResources.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestParentResourceClaim2");
var editedResource = new ResourceClaim
{
Id = testResource1ToEdit.ResourceClaimId,
Name = testResource1ToEdit.ResourceName,
Create = false,
Read = false,
Update = true,
Delete = true
};
var editResourceOnClaimSetModel = new Mock <IEditResourceOnClaimSetModel>();
editResourceOnClaimSetModel.Setup(x => x.ClaimSetId).Returns(testClaimSet.ClaimSetId);
editResourceOnClaimSetModel.Setup(x => x.ResourceClaim).Returns(editedResource);
var command = new EditResourceOnClaimSetCommand(TestContext);
command.Execute(editResourceOnClaimSetModel.Object);
var resourceClaimsForClaimSet = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId).ToList();
var parentResources = testResources.Where(x =>
x.ClaimSet.ClaimSetId == testClaimSet.ClaimSetId && x.ResourceClaim.ParentResourceClaim == null).Select(x => x.ResourceClaim).ToList();
resourceClaimsForClaimSet.Count().ShouldBe(parentResources.Count);
var resultResourceClaim1 = resourceClaimsForClaimSet.Single(x => x.Id == editedResource.Id);
resultResourceClaim1.Create.ShouldBe(editedResource.Create);
resultResourceClaim1.Read.ShouldBe(editedResource.Read);
resultResourceClaim1.Update.ShouldBe(editedResource.Update);
resultResourceClaim1.Delete.ShouldBe(editedResource.Delete);
var resultResourceClaim2 = resourceClaimsForClaimSet.Single(x => x.Id == testResource2ToNotEdit.ResourceClaimId);
resultResourceClaim2.Create.ShouldBe(true);
resultResourceClaim2.Read.ShouldBe(false);
resultResourceClaim2.Update.ShouldBe(false);
resultResourceClaim2.Delete.ShouldBe(false);
}
public void ShouldCopyClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var testResourceClaims = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
var newClaimSet = new Mock <ICopyClaimSetModel>();
newClaimSet.Setup(x => x.Name).Returns("TestClaimSet_Copy");
newClaimSet.Setup(x => x.OriginalId).Returns(testClaimSet.ClaimSetId);
var command = new CopyClaimSetCommand(TestContext);
var copyClaimSetId = command.Execute(newClaimSet.Object);
var copiedClaimSet = TestContext.ClaimSets.Single(x => x.ClaimSetId == copyClaimSetId);
copiedClaimSet.ClaimSetName.ShouldBe(newClaimSet.Object.Name);
Transaction <SqlServerSecurityContext>(securityContext =>
{
var query = new GetResourcesByClaimSetIdQuery(securityContext, GetMapper());
var results = query.AllResources(copiedClaimSet.ClaimSetId).ToArray();
var testParentResourceClaimsForId =
testResourceClaims.Where(x => x.ClaimSet.ClaimSetId == testClaimSet.ClaimSetId && x.ResourceClaim.ParentResourceClaim == null).Select(x => x.ResourceClaim).ToArray();
results.Length.ShouldBe(testParentResourceClaimsForId.Length);
results.Select(x => x.Name).ShouldBe(testParentResourceClaimsForId.Select(x => x.ResourceName), true);
results.Select(x => x.Id).ShouldBe(testParentResourceClaimsForId.Select(x => x.ResourceClaimId), true);
results.All(x => x.Create).ShouldBe(true);
foreach (var testParentResourceClaim in testParentResourceClaimsForId)
{
var testChildren = securityContext.ResourceClaims.Where(x =>
x.ParentResourceClaimId == testParentResourceClaim.ResourceClaimId).ToList();
var parentResult = results.First(x => x.Id == testParentResourceClaim.ResourceClaimId);
parentResult.Children.Select(x => x.Name).ShouldBe(testChildren.Select(x => x.ResourceName), true);
parentResult.Children.Select(x => x.Id).ShouldBe(testChildren.Select(x => x.ResourceClaimId), true);
parentResult.Children.All(x => x.Create).ShouldBe(true);
}
});
Transaction <SqlServerUsersContext>(usersContext =>
{
usersContext.Applications.Count(x => x.ClaimSetName == copiedClaimSet.ClaimSetName).ShouldBe(0);
});
}
public void ShouldDeleteChildResourceOnClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var testResources = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
var parentResourcesOnClaimSetOriginalCount =
testResources.Count(x => x.ResourceClaim.ParentResourceClaim == null);
var testParentResource = testResources.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestParentResourceClaim1");
var childResourcesForParentOriginalCount = testResources.Count(x => x.ResourceClaim.ParentResourceClaimId == testParentResource.ResourceClaimId);
var testChildResourceToDelete = testResources.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestChildResourceClaim1" && x.ParentResourceClaimId == testParentResource.ResourceClaimId);
var deleteResourceOnClaimSetModel = new DeleteClaimSetResourceModel
{
ClaimSetId = testClaimSet.ClaimSetId,
ResourceClaimId = testChildResourceToDelete.ResourceClaimId,
ClaimSetName = testClaimSet.ClaimSetName,
ResourceName = testChildResourceToDelete.ResourceName
};
Scoped <ISecurityContext>(securityContext =>
{
var command = new DeleteResourceOnClaimSetCommand(securityContext);
command.Execute(deleteResourceOnClaimSetModel);
});
var resourceClaimsForClaimSet =
Scoped <IGetResourcesByClaimSetIdQuery, List <Management.ClaimSetEditor.ResourceClaim> >(
query => query.AllResources(testClaimSet.ClaimSetId).ToList());
resourceClaimsForClaimSet.Count.ShouldBe(parentResourcesOnClaimSetOriginalCount);
Transaction(securityContext =>
{
var resultChildResources =
securityContext.ClaimSetResourceClaims.Where(x => x.ClaimSet.ClaimSetId == testClaimSet.ClaimSetId && x.ResourceClaim.ParentResourceClaimId == testParentResource.ResourceClaimId);
resultChildResources.Count().ShouldBe(childResourcesForParentOriginalCount - 1);
var resultResourceClaim = resultChildResources.SingleOrDefault(x => x.ResourceClaim.ResourceClaimId == testChildResourceToDelete.ResourceClaimId);
resultResourceClaim.ShouldBeNull();
});
}
public void ShouldAddChildResourcesToClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var testResources = SetupResourceClaims(testApplication);
var testParentResource1 = testResources.Single(x => x.ResourceName == "TestParentResourceClaim1");
var testChildResource1ToAdd = Transaction(securityContext => securityContext.ResourceClaims.Single(x => x.ResourceName == "TestChildResourceClaim1" && x.ParentResourceClaimId == testParentResource1.ResourceClaimId));
var resourceToAdd = new ResourceClaim()
{
Id = testChildResource1ToAdd.ResourceClaimId,
Name = testChildResource1ToAdd.ResourceName,
Create = true,
Read = false,
Update = true,
Delete = false
};
var existingResources = ResourceClaimsForClaimSet(testClaimSet.ClaimSetId);
var editResourceOnClaimSetModel = new EditClaimSetResourceModel
{
ClaimSetId = testClaimSet.ClaimSetId,
ResourceClaim = resourceToAdd,
ExistingResourceClaims = existingResources
};
Scoped <ISecurityContext>(securityContext =>
{
var command = new EditResourceOnClaimSetCommand(securityContext);
command.Execute(editResourceOnClaimSetModel);
});
var resourceClaimsForClaimSet = ResourceClaimsForClaimSet(testClaimSet.ClaimSetId);
var resultChildResourceClaim1 =
resourceClaimsForClaimSet.Single(x => x.Name == testChildResource1ToAdd.ResourceName);
resultChildResourceClaim1.Create.ShouldBe(resourceToAdd.Create);
resultChildResourceClaim1.Read.ShouldBe(resourceToAdd.Read);
resultChildResourceClaim1.Update.ShouldBe(resourceToAdd.Update);
resultChildResourceClaim1.Delete.ShouldBe(resourceToAdd.Delete);
}
public void ShouldNotImportIfClaimSetNotUnique()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var alreadyExistingClaimSet = new ClaimSet {
ClaimSetName = "Test ClaimSet", Application = testApplication
};
Save(alreadyExistingClaimSet);
SetupResourceClaims(testApplication);
var testJSON = @"{
""title"": ""testfile"",
""template"": {
""claimSets"": [
{
""name"": ""Test Claimset"",
""resourceClaims"": [
{
""Name"": ""TestParentResourceClaim1"",
""Read"": true,
""Create"": false,
""Update"": false,
""Delete"": false,
""Children"": []
}
]
}
]
}
}";
var importModel = GetImportModel(testJSON);
Scoped <ISecurityContext>(securityContext =>
{
var validator = new ClaimSetFileImportModelValidator(securityContext);
var validationResults = validator.Validate(importModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Select(x => x.ErrorMessage).ShouldContain(
"This template contains a claimset with a name which already exists in the system. Please use a unique name for 'Test Claimset'.\n");
});
}
public void ShouldAddParentResourceToClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var testResources = SetupResourceClaims(testApplication);
var testResourceToAdd = testResources.Single(x => x.ResourceName == "TestParentResourceClaim1");
var resourceToAdd = new ResourceClaim()
{
Id = testResourceToAdd.ResourceClaimId,
Name = testResourceToAdd.ResourceName,
Create = true,
Read = false,
Update = true,
Delete = false
};
var existingResources = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId)
.ToList();
var editResourceOnClaimSetModel = new EditClaimSetResourceModel
{
ClaimSetId = testClaimSet.ClaimSetId,
ResourceClaim = resourceToAdd,
ExistingResourceClaims = existingResources
};
var command = new EditResourceOnClaimSetCommand(TestContext);
command.Execute(editResourceOnClaimSetModel);
var resourceClaimsForClaimSet = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId).ToList();
var resultResourceClaim1 = resourceClaimsForClaimSet.Single(x => x.Name == testResourceToAdd.ResourceName);
resultResourceClaim1.Create.ShouldBe(resourceToAdd.Create);
resultResourceClaim1.Read.ShouldBe(resourceToAdd.Read);
resultResourceClaim1.Update.ShouldBe(resourceToAdd.Update);
resultResourceClaim1.Delete.ShouldBe(resourceToAdd.Delete);
}
public void ShouldNotResetWhenResourceActionsDoNotExist()
{
var testApplication = new Application
{
ApplicationName = "TestApplicationName"
};
Save(testApplication);
var testClaimSet = new ClaimSet
{
ClaimSetName = "TestClaimSet",
Application = testApplication
};
Save(testClaimSet);
var testResourceClaims = SetupResourceClaims(testApplication);
var testResourceToEdit = testResourceClaims.Single(x => x.ResourceName == "TestParentResourceClaim1");
Transaction(securityContext => securityContext.ClaimSetResourceClaims
.Any(x => x.ResourceClaim.ResourceClaimId == testResourceToEdit.ResourceClaimId && x.ClaimSet.ClaimSetId == testClaimSet.ClaimSetId))
.ShouldBe(false);
var invalidResetModel = new ResetToDefaultAuthStrategyModel
{
ResourceClaimId = testResourceToEdit.ResourceClaimId,
ClaimSetId = testClaimSet.ClaimSetId
};
Scoped <ISecurityContext>(securityContext =>
{
var command = new ResetToDefaultAuthStrategyCommand(securityContext);
command.Execute(invalidResetModel);
});
Scoped <ISecurityContext>(securityContext =>
{
var validator = new ResetToDefaultAuthStrategyModelValidator(securityContext);
var validationResults = validator.Validate(invalidResetModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("No actions for this claimset and resource exist in the system");
});
}
public void ShouldNotDeleteIfResourceNotOnClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var testResources = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
var resourceNotOnClaimSet = new ResourceClaim
{
Application = testApplication,
ClaimName = "TestClaim99",
DisplayName = "TestResource99",
ParentResourceClaim = null,
ResourceName = "TestResource99"
};
Save(resourceNotOnClaimSet);
var deleteResourceOnClaimSetModel = new DeleteClaimSetResourceModel
{
ClaimSetId = testClaimSet.ClaimSetId,
ResourceClaimId = resourceNotOnClaimSet.ResourceClaimId,
ClaimSetName = testClaimSet.ClaimSetName,
ResourceName = resourceNotOnClaimSet.ResourceName
};
Scoped <ISecurityContext>(securityContext =>
{
var validator = new DeleteClaimSetResourceModelValidator(securityContext);
var validationResults = validator.Validate(deleteResourceOnClaimSetModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("This resource does not exist on the claimset.");
});
}
public void ShouldNotOverrideWhenResourceActionsDoNotExist()
{
var testApplication = new Application
{
ApplicationName = "TestApplicationName"
};
Save(testApplication);
var testClaimSet = new ClaimSet
{
ClaimSetName = "TestClaimSet",
Application = testApplication
};
Save(testClaimSet);
var appAuthorizationStrategies = SetupApplicationAuthorizationStrategies(testApplication).ToList();
var testResourceClaims = SetupResourceClaims(testApplication);
var testResource1ToEdit = testResourceClaims.Single(x => x.ResourceName == "TestParentResourceClaim1");
Transaction(securityContext => securityContext.ClaimSetResourceClaims
.Any(x => x.ResourceClaim.ResourceClaimId == testResource1ToEdit.ResourceClaimId && x.ClaimSet.ClaimSetId == testClaimSet.ClaimSetId))
.ShouldBe(false);
var invalidOverrideModel = new OverrideDefaultAuthorizationStrategyModel
{
ResourceClaimId = testResource1ToEdit.ResourceClaimId,
ClaimSetId = testClaimSet.ClaimSetId,
AuthorizationStrategyForCreate = appAuthorizationStrategies.Single(x => x.AuthorizationStrategyName == "TestAuthStrategy4").AuthorizationStrategyId,
AuthorizationStrategyForRead = appAuthorizationStrategies.Single(x => x.AuthorizationStrategyName == "TestAuthStrategy2").AuthorizationStrategyId,
AuthorizationStrategyForUpdate = appAuthorizationStrategies.Single(x => x.AuthorizationStrategyName == "TestAuthStrategy2").AuthorizationStrategyId,
AuthorizationStrategyForDelete = appAuthorizationStrategies.Single(x => x.AuthorizationStrategyName == "TestAuthStrategy2").AuthorizationStrategyId
};
Scoped <ISecurityContext>(securityContext =>
{
var validator = new OverrideDefaultAuthorizationStrategyModelValidator(securityContext);
var validationResults = validator.Validate(invalidOverrideModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("No actions for this claimset and resource exist in the system");
});
}
public void ShouldNotAddInvalidResourcesToClaimSetDuringEdit()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var testResources = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
var testResource = testResources.Single(x => x.ResourceClaim.ResourceName == "TestParentResourceClaim1").ResourceClaim;
var invalidResource = new ResourceClaim
{
Id = testResource.ResourceClaimId,
Name = testResource.ResourceName,
Create = false,
Read = false,
Update = false,
Delete = false
};
var editResourceOnClaimSetModel = new EditClaimSetResourceModel
{
ClaimSetId = testClaimSet.ClaimSetId,
ResourceClaim = invalidResource,
ExistingResourceClaims = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId)
.ToList()
};
var validator = new EditClaimSetResourceModelValidator();
var validationResults = validator.Validate(editResourceOnClaimSetModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Single().ErrorMessage.ShouldBe("Only valid resources can be added. A resource must have at least one action associated with it to be added. The following is an invalid resource:\nTestParentResourceClaim1");
}
public void ShouldDeleteParentResourceOnClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var testResources = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
var parentResourcesOnClaimSetOriginalCount =
testResources.Count(x => x.ResourceClaim.ParentResourceClaim == null);
var testResourceToDelete = testResources.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestParentResourceClaim1");
var deleteResourceOnClaimSetModel = new DeleteClaimSetResourceModel
{
ClaimSetId = testClaimSet.ClaimSetId,
ResourceClaimId = testResourceToDelete.ResourceClaimId,
ClaimSetName = testClaimSet.ClaimSetName,
ResourceName = testResourceToDelete.ResourceName
};
var command = new DeleteResourceOnClaimSetCommand(TestContext);
command.Execute(deleteResourceOnClaimSetModel);
var resourceClaimsForClaimSet =
TestContext.ClaimSetResourceClaims.Where(x => x.ClaimSet.ClaimSetId == testClaimSet.ClaimSetId && x.ResourceClaim.ParentResourceClaimId == null);
resourceClaimsForClaimSet.Count().ShouldBe(parentResourcesOnClaimSetOriginalCount - 1);
var resultResourceClaim = resourceClaimsForClaimSet.SingleOrDefault(x => x.ResourceClaim.ResourceClaimId == testResourceToDelete.ResourceClaimId);
resultResourceClaim.ShouldBeNull();
}
public void ShouldNotExportIfTitleEmpty()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet1 = new ClaimSet {
ClaimSetName = "TestClaimSet1", Application = testApplication
};
Save(testClaimSet1);
var testClaimSet2 = new ClaimSet {
ClaimSetName = "TestClaimSet2", Application = testApplication
};
Save(testClaimSet2);
var getClaimSetById = new GetClaimSetByIdQuery(TestContext);
var exportModel = new ClaimSetFileExportModel
{
ClaimSets = new List <Management.ClaimSetEditor.ClaimSet>
{
getClaimSetById.Execute(testClaimSet1.ClaimSetId),
getClaimSetById.Execute(testClaimSet2.ClaimSetId)
},
SelectedForExport = new List <int>
{
testClaimSet1.ClaimSetId, testClaimSet2.ClaimSetId
}
};
var validator = new ClaimSetFileExportModelValidator();
var validationResults = validator.Validate(exportModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Select(x => x.ErrorMessage).ShouldContain("'Title' must not be empty.");
}
public void ShouldGetClaimSetById()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet = new ClaimSet {
ClaimSetName = "TestClaimSet", Application = testApplication
};
Save(testClaimSet);
var query = new GetClaimSetByIdQuery(TestContext);
var result = query.Execute(testClaimSet.ClaimSetId);
result.Name.ShouldBe(testClaimSet.ClaimSetName);
result.Id.ShouldBe(testClaimSet.ClaimSetId);
}
public void ShouldNotExportIfNoSelectedClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet1 = new ClaimSet {
ClaimSetName = "TestClaimSet1", Application = testApplication
};
Save(testClaimSet1);
var testClaimSet2 = new ClaimSet {
ClaimSetName = "TestClaimSet2", Application = testApplication
};
Save(testClaimSet2);
var getClaimSetById = new GetClaimSetByIdQuery(TestContext);
var exportModel = new ClaimSetFileExportModel
{
Title = "TestDownload",
ClaimSets = new List <Management.ClaimSetEditor.ClaimSet>
{
getClaimSetById.Execute(testClaimSet1.ClaimSetId),
getClaimSetById.Execute(testClaimSet2.ClaimSetId)
},
SelectedForExport = new List <int>()
};
var validator = new ClaimSetFileExportModelValidator();
var validationResults = validator.Validate(exportModel);
validationResults.IsValid.ShouldBe(false);
validationResults.Errors.Select(x => x.ErrorMessage).ShouldContain("You must select at least one claimset to proceed.");
}
public void ShouldExportClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSet1 = new ClaimSet {
ClaimSetName = "TestClaimSet1", Application = testApplication
};
Save(testClaimSet1);
var testClaimSet2 = new ClaimSet {
ClaimSetName = "TestClaimSet2", Application = testApplication
};
Save(testClaimSet2);
SetupParentResourceClaimsWithChildren(testClaimSet1, testApplication);
SetupParentResourceClaimsWithChildren(testClaimSet2, testApplication);
var exportModel = Scoped <IGetClaimSetByIdQuery, ClaimSetFileExportModel>(getClaimSetById =>
{
var editorClaimSets = new List <Management.ClaimSetEditor.ClaimSet>
{
getClaimSetById.Execute(testClaimSet1.ClaimSetId),
getClaimSetById.Execute(testClaimSet2.ClaimSetId)
};
return(new ClaimSetFileExportModel
{
Title = "TestDownload",
ClaimSets = editorClaimSets,
SelectedForExport = new List <int>
{
testClaimSet1.ClaimSetId, testClaimSet2.ClaimSetId
}
});
});
var sharingModel = Scoped <ClaimSetFileExportCommand, SharingModel>(command => command.Execute(exportModel));
var resourcesForClaimSet1 =
Scoped <IGetResourcesByClaimSetIdQuery, Management.ClaimSetEditor.ResourceClaim[]>(
query => query.AllResources(testClaimSet1.ClaimSetId).ToArray());
var resourcesForClaimSet2 =
Scoped <IGetResourcesByClaimSetIdQuery, Management.ClaimSetEditor.ResourceClaim[]>(
query => query.AllResources(testClaimSet2.ClaimSetId).ToArray());
sharingModel.Title.ShouldContain("TestDownload");
var sharedClaimSets = sharingModel.Template.ClaimSets;
sharedClaimSets.Length.ShouldBe(2);
var sharedClaimSet1 = sharedClaimSets[0];
var sharedClaimSet2 = sharedClaimSets[1];
sharedClaimSet1.Name.ShouldBe(testClaimSet1.ClaimSetName);
MatchResources(sharedClaimSet1.ResourceClaims, resourcesForClaimSet1);
sharedClaimSet2.Name.ShouldBe(testClaimSet2.ClaimSetName);
MatchResources(sharedClaimSet2.ResourceClaims, resourcesForClaimSet2);
}
public void ShouldOverrideAuthorizationStrategiesForChildResourcesOnClaimSet()
{
var testApplication = new Application
{
ApplicationName = "TestApplicationName"
};
Save(testApplication);
var testClaimSet = new ClaimSet
{
ClaimSetName = "TestClaimSet",
Application = testApplication
};
Save(testClaimSet);
var appAuthorizationStrategies = SetupApplicationAuthorizationStrategies(testApplication).ToList();
var testResourceClaims = SetupParentResourceClaimsWithChildren(testClaimSet, testApplication);
SetupResourcesWithDefaultAuthorizationStrategies(appAuthorizationStrategies, testResourceClaims.ToList());
var testParentResource = testResourceClaims.Select(x => x.ResourceClaim).Single(x => x.ResourceName == "TestParentResourceClaim1");
var testChildResourceToEdit = testResourceClaims.Select(x => x.ResourceClaim).Single(x =>
x.ResourceName == "TestChildResourceClaim1" &&
x.ParentResourceClaimId == testParentResource.ResourceClaimId);
var testChildResourceNotToEdit = testResourceClaims.Select(x => x.ResourceClaim).Single(x =>
x.ResourceName == "TestChildResourceClaim2" &&
x.ParentResourceClaimId == testParentResource.ResourceClaimId);
var overrideModel = new OverrideDefaultAuthorizationStrategyModel
{
ResourceClaimId = testChildResourceToEdit.ResourceClaimId,
ClaimSetId = testClaimSet.ClaimSetId,
AuthorizationStrategyForCreate = appAuthorizationStrategies.Single(x => x.AuthorizationStrategyName == "TestAuthStrategy4").AuthorizationStrategyId,
AuthorizationStrategyForRead = 0,
AuthorizationStrategyForUpdate = 0,
AuthorizationStrategyForDelete = 0
};
var command = new OverrideDefaultAuthorizationStrategyCommand(TestContext);
command.Execute(overrideModel);
var resourceClaimsForClaimSet = new GetResourcesByClaimSetIdQuery(TestContext, GetMapper()).AllResources(testClaimSet.ClaimSetId).ToList();
var resultParentResource = resourceClaimsForClaimSet.Single(x => x.Id == testParentResource.ResourceClaimId);
var resultChildResource1 =
resultParentResource.Children.Single(x => x.Id == testChildResourceToEdit.ResourceClaimId);
resultChildResource1.AuthStrategyOverridesForCRUD[0].AuthStrategyName.ShouldBe("TestAuthStrategy4");
resultChildResource1.AuthStrategyOverridesForCRUD[1].ShouldBeNull();
resultChildResource1.AuthStrategyOverridesForCRUD[2].ShouldBeNull();
resultChildResource1.AuthStrategyOverridesForCRUD[3].ShouldBeNull();
var resultResourceClaim2 = resultParentResource.Children.Single(x => x.Id == testChildResourceNotToEdit.ResourceClaimId);
resultResourceClaim2.AuthStrategyOverridesForCRUD[0].ShouldBeNull();
resultResourceClaim2.AuthStrategyOverridesForCRUD[1].ShouldBeNull();
resultResourceClaim2.AuthStrategyOverridesForCRUD[2].ShouldBeNull();
resultResourceClaim2.AuthStrategyOverridesForCRUD[3].ShouldBeNull();
}
public void ShouldDeleteClaimSet()
{
var testApplication = new Application
{
ApplicationName = $"Test Application {DateTime.Now:O}"
};
Save(testApplication);
var testClaimSetToDelete = new ClaimSet
{
ClaimSetName = "TestClaimSet_Delete", Application = testApplication
};
Save(testClaimSetToDelete);
SetupParentResourceClaimsWithChildren(testClaimSetToDelete, testApplication);
var testClaimSetToPreserve = new ClaimSet
{
ClaimSetName = "TestClaimSet_Preserve", Application = testApplication
};
Save(testClaimSetToPreserve);
var resourceClaimsForPreservedClaimSet = SetupParentResourceClaimsWithChildren(testClaimSetToPreserve, testApplication);
var deleteModel = new Mock <IDeleteClaimSetModel>();
deleteModel.Setup(x => x.Name).Returns(testClaimSetToDelete.ClaimSetName);
deleteModel.Setup(x => x.Id).Returns(testClaimSetToDelete.ClaimSetId);
Scoped <ISecurityContext>(securityContext =>
{
var command = new DeleteClaimSetCommand(securityContext);
command.Execute(deleteModel.Object);
});
Transaction(securityContext => securityContext.ClaimSets.SingleOrDefault(x => x.ClaimSetId == testClaimSetToDelete.ClaimSetId)).ShouldBeNull();
Transaction(securityContext => securityContext.ClaimSetResourceClaims.Count(x => x.ClaimSet.ClaimSetId == testClaimSetToDelete.ClaimSetId))
.ShouldBe(0);
var preservedClaimSet = Transaction(securityContext => securityContext.ClaimSets.Single(x => x.ClaimSetId == testClaimSetToPreserve.ClaimSetId));
preservedClaimSet.ClaimSetName.ShouldBe(testClaimSetToPreserve.ClaimSetName);
var results =
Scoped <IGetResourcesByClaimSetIdQuery, Management.ClaimSetEditor.ResourceClaim[]>(
query => query.AllResources(testClaimSetToPreserve.ClaimSetId).ToArray());
var testParentResourceClaimsForId =
resourceClaimsForPreservedClaimSet.Where(x => x.ClaimSet.ClaimSetId == testClaimSetToPreserve.ClaimSetId && x.ResourceClaim.ParentResourceClaim == null).Select(x => x.ResourceClaim).ToArray();
results.Length.ShouldBe(testParentResourceClaimsForId.Length);
results.Select(x => x.Name).ShouldBe(testParentResourceClaimsForId.Select(x => x.ResourceName), true);
results.Select(x => x.Id).ShouldBe(testParentResourceClaimsForId.Select(x => x.ResourceClaimId), true);
results.All(x => x.Create).ShouldBe(true);
Transaction(securityContext =>
{
foreach (var testParentResourceClaim in testParentResourceClaimsForId)
{
var testChildren = securityContext.ResourceClaims.Where(x =>
x.ParentResourceClaimId == testParentResourceClaim.ResourceClaimId).ToList();
var parentResult = results.First(x => x.Id == testParentResourceClaim.ResourceClaimId);
parentResult.Children.Select(x => x.Name).ShouldBe(testChildren.Select(x => x.ResourceName), true);
parentResult.Children.Select(x => x.Id).ShouldBe(testChildren.Select(x => x.ResourceClaimId), true);
parentResult.Children.All(x => x.Create).ShouldBe(true);
}
});
}
