public void CanNotUseModelPermissions()
{
var permissionsMap = new Dictionary <Type, ModelSettings>();
var permissions = new ModelPermissionSettings()
{
RolesForCreate = "Admin",
RolesForView = "Admin",
RolesForIndex = "Admin",
RolesForDelete = "Admin",
RolesForManage = "Admin",
RolesForImport = "Admin"
};
permissionsMap[typeof(Link)] = new ModelSettings()
{
Permissions = permissions
};
var securityHelper = new EntitySettingsHelper();
securityHelper.Init(permissionsMap);
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "moderator", "custom", true)));
// Check everything is false.
Assert.IsFalse(securityHelper.HasAccessToCreate <Link>());
Assert.IsFalse(securityHelper.HasAccessToDelete <Link>());
Assert.IsFalse(securityHelper.HasAccessToImport <Link>());
Assert.IsFalse(securityHelper.HasAccessToIndex <Link>());
Assert.IsFalse(securityHelper.HasAccessToManage <Link>());
Assert.IsFalse(securityHelper.HasAccessToView <Link>());
}
public void CanCreateViaPermissionsAsGuest()
{
var settings = new Dictionary <string, object>();
settings["Link"] = new Dictionary <string, object>();
settings.GetSection("Link")["Create"] = "?";
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", false)));
var security = new EntitySettingsHelper(settings);
var helper = new EntityHelper <Link>(security);
var link = new Link()
{
Name = "helix cms", Url = "http://helixcms.com", Group = "sites", SortIndex = 2
};
var result = helper.Create(link);
// This is a viewmodel
Assert.AreEqual(result.Success, true);
Assert.AreEqual(result.Message, string.Empty);
Assert.IsNotNull(result.Item);
Assert.AreNotEqual(result.ItemAs <Link>().Id, 0);
Assert.IsNotNullOrEmpty(result.ItemAs <Link>().Name);
Assert.IsTrue(result.IsAuthorized);
Assert.IsTrue(result.IsAvailable);
}
private EntityHelper <T> CreateHelper <T>() where T : IEntity, new()
{
var content = ContentLoader.GetTextFileContent("Models.ini.config");
var inidoc = new IniDocument(content, false);
var settings = new EntitySettingsHelper(inidoc);
var helper = new EntityHelper <T>(settings);
return(helper);
}
public void GuestOkInherited()
{
var settings = new Dictionary<string, object>();
var helper = new EntitySettingsHelper(settings);
settings["CommonPermissions"] = new Dictionary<string, object>();
settings.Section("CommonPermissions")["Create"] = "?";
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", false)));
Assert.IsTrue(helper.HasAccessTo("Feedback", "Create"));
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", true)));
Assert.IsTrue(helper.HasAccessTo("Feedback", "Create"));
}
public void MustBeLoggedIn()
{
var settings = new Dictionary<string, object>();
var helper = new EntitySettingsHelper(settings);
settings["Article"] = new Dictionary<string, object>();
settings.Section("Article")["Create"] = "*";
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", false)));
Assert.IsFalse(helper.HasAccessTo("Article", "Create"));
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", true)));
Assert.IsTrue(helper.HasAccessTo("Article", "Create"));
}
public void MustBeLoggedInInherited()
{
var settings = new Dictionary <string, object>();
var helper = new EntitySettingsHelper(settings);
settings["CommonPermissions"] = new Dictionary <string, object>();
settings.Section("CommonPermissions")["Create"] = "*";
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", false)));
Assert.IsFalse(helper.HasAccessTo("Article", "Create"));
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", true)));
Assert.IsTrue(helper.HasAccessTo("Article", "Create"));
}
public void GuestOk()
{
var settings = new Dictionary <string, object>();
var helper = new EntitySettingsHelper(settings);
settings["Article"] = new Dictionary <string, object>();
settings.Section("Article")["Create"] = "?";
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", false)));
Assert.IsTrue(helper.HasAccessTo("Article", "Create"));
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "normaluser", "custom", true)));
Assert.IsTrue(helper.HasAccessTo("Article", "Create"));
}
/// <summary>
/// Builds the entity security helper.
/// </summary>
/// <returns></returns>
public EntitySettingsHelper GetModelSettingsAsHelper()
{
var helper = Cacher.Get<EntitySettingsHelper>("EntitySettingsHelper", 500, () =>
{
var models = GetModelDefs();
var settings = new EntitySettingsHelper();
var settingsMap = new Dictionary<Type, ModelSettings>();
foreach (var model in models)
settingsMap[model.Model] = model;
settings.Init(settingsMap);
return settings;
});
return helper;
}
public void CanNotUseModelPermissions()
{
var permissionsMap = new Dictionary<Type, ModelSettings>();
var permissions = new ModelPermissionSettings()
{
RolesForCreate = "Admin",
RolesForView = "Admin",
RolesForIndex = "Admin",
RolesForDelete = "Admin",
RolesForManage = "Admin",
RolesForImport = "Admin"
};
permissionsMap[typeof(Link)] = new ModelSettings()
{
Permissions = permissions
};
var securityHelper = new EntitySettingsHelper();
securityHelper.Init(permissionsMap);
Auth.Init(new AuthWin("Admin", new UserPrincipal(1, "kishore", "moderator", "custom", true)));
// Check everything is false.
Assert.IsFalse(securityHelper.HasAccessToCreate<Link>());
Assert.IsFalse(securityHelper.HasAccessToDelete<Link>());
Assert.IsFalse(securityHelper.HasAccessToImport<Link>());
Assert.IsFalse(securityHelper.HasAccessToIndex<Link>());
Assert.IsFalse(securityHelper.HasAccessToManage<Link>());
Assert.IsFalse(securityHelper.HasAccessToView<Link>());
}
