private void GetPasswordPolicies() { Policies.Add(GetDomainPolicy()); var fineGrainedPolicies = GetFineGrainedPolicies(); fineGrainedPolicies.ForEach(x => x.AppliesToUsers = GetPasswordPolicyUsers(x)); Policies.AddRange(fineGrainedPolicies); }
/// <summary> /// Criando regras iniciais e de testes /// </summary> private void Seed_Security() { if (!Groups.Any()) { var groups = new Group[] { new Group { Name = "Security" }, new Group { Name = "Management" }, new Group { Name = "Configuration" }, new Group { Name = "Sales" }, new Group { Name = "Operation" } }; Groups.AddRange(groups); foreach (var enterprise in Enterprises) { var name = enterprise.Name.EndsWith('s') ? enterprise.Name + "\'s" : enterprise.Name; var group = new Group { Name = $"{name} User", Enterprise = enterprise }; Groups.Add(group); } SaveChanges(); } if (IsTest) { if (!Users.Any()) { { var enterprise = Enterprises .Single(e => e.Name == "Enterprise Test"); var email = $"user@{enterprise.Name}.com".Replace(" ", "").ToLower(); var user = new User { Name = "User", PublicId = CryptoHelper.Guid("U$1"), PrivateId = CryptoHelper.Guid("U$1"), Email = email, Password = CryptoHelper.Guid("user2019"), Enterprise = enterprise }; Users.Add(user); } foreach (var group in Groups .Where(e => e.EnterpriseId == null)) { foreach (var enterprise in Enterprises) { var email = $"{group.Name}@{enterprise.Name}.com".Replace(" ", "").ToLower(); var user = new User { Name = group.Name, PublicId = CryptoHelper.Guid(group.Name + "#" + enterprise.Name), PrivateId = CryptoHelper.Guid(group.Name + "$" + enterprise.Name), Email = email, Password = CryptoHelper.Guid(group.Name.ToLower()), Enterprise = enterprise }; Users.Add(user); var userGroup = new UserGroup { User = user, Group = group }; UserGroups.AddRange(userGroup); } } SaveChanges(); } } if (!Areas.Any()) { var areas = new Area[] { new Area { Id = (int)AreaEnum.User, Name = "User" }, new Area { Id = (int)AreaEnum.Group, Name = "Group" }, new Area { Id = (int)AreaEnum.Customer, Name = "Customer" } }; Areas.AddRange(areas); SaveChanges(); } if (IsTest) { if (!AreaAccess.Any()) { // Sales tem acesso de leitura e escrita no CRM { var area = Areas .Find((int)AreaEnum.Customer); var group = Groups .First(e => e.Name == "Sales"); var areaAccess = new AreaAccess { Area = area, Group = group, CanCreate = true, CanDelete = false, CanModify = true, CanRead = true }; AreaAccess.Add(areaAccess); } // Management tem acesso completo ao CRM { var area = Areas .Find((int)AreaEnum.Customer); var group = Groups .First(e => e.Name == "Management"); var areaAccess = new AreaAccess { Area = area, Group = group, CanCreate = true, CanDelete = true, CanModify = true, CanRead = true }; AreaAccess.Add(areaAccess); } // Operation só pode consultar o CRM { var area = Areas .Find((int)AreaEnum.Customer); var group = Groups .First(e => e.Name == "Operation"); var areaAccess = new AreaAccess { Area = area, Group = group, CanCreate = false, CanDelete = false, CanModify = false, CanRead = true }; AreaAccess.Add(areaAccess); } // Segurança pode criar novos grupos { var area = Areas .Find((int)AreaEnum.Group); var group = Groups .First(e => e.Name == "Security"); var areaAccess = new AreaAccess { Area = area, Group = group, CanCreate = true, CanDelete = true, CanModify = true, CanRead = true }; AreaAccess.Add(areaAccess); } // Segurança pode criar novos usuários { var area = Areas .Find((int)AreaEnum.User); var group = Groups .First(e => e.Name == "Security"); var areaAccess = new AreaAccess { Area = area, Group = group, CanCreate = true, CanDelete = true, CanModify = true, CanRead = true }; AreaAccess.Add(areaAccess); } SaveChanges(); } } if (!Policies.Any()) { var area = Areas .Find((int)AreaEnum.User); var policies = new Policy[] { new Policy { Id = (int)PolicyEnum.User_ChangePassword, Area = area, Name = "Change Password" }, new Policy { Id = (int)PolicyEnum.User_ChangeEmail, Area = area, Name = "Change Email" } }; Policies.AddRange(policies); SaveChanges(); } if (IsTest) { if (!PolicyAccess.Any()) { // Segurança tem acesso às políticas de segurança { var area = Areas .Find((int)AreaEnum.User); var group = Groups .First(e => e.Name == "Security"); foreach (var policy in Policies .Where(e => e.AreaId == area.Id)) { var policyAccess = new PolicyAccess { Group = group, Policy = policy }; PolicyAccess.AddRange(policyAccess); } } SaveChanges(); } } }