public void TestRevokePermission_MultiplePermissionsExist()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
var permissionAssignment1 = new PermissionAssignment
{
PrincipalId = grantee.PrincipalId,
PermissionId = permission.PermissionId,
ResourceId = resource.ResourceId,
IsAllowed = false
};
var permissionAssignment2 = new PermissionAssignment
{
PrincipalId = grantee.PrincipalId,
PermissionId = permission.PermissionId,
ResourceId = resource.ResourceId,
IsAllowed = false
};
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
context.PermissionAssignments.Add(permissionAssignment1);
context.PermissionAssignments.Add(permissionAssignment2);
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, grantor.PrincipalId);
Func <Task> revokeAction = async() =>
{
await service.RevokePermissionAsync(revokedPermission);
};
service.Invoking(x => x.RevokePermission(revokedPermission)).ShouldThrow <NotSupportedException>()
.WithMessage("There should not be more than one permission assignment to set is allowed true.");
revokeAction.ShouldThrow <NotSupportedException>()
.WithMessage("There should not be more than one permission assignment to set is allowed true.");
}
public void TestToString()
{
var granteePrincipalId = 1;
var grantorPrincipalId = 2;
var permissionId = 3;
var foreignResourceId = 4;
var resourceType = ResourceType.Program;
var grantedPermission = new RevokedPermission(granteePrincipalId, permissionId, foreignResourceId, resourceType.Value, grantorPrincipalId);
Assert.IsNotNull(grantedPermission.ToString());
}
public void TestGetResourceType()
{
var granteePrincipalId = 1;
var grantorPrincipalId = 2;
var permissionId = 3;
var foreignResourceId = 4;
var resourceType = ResourceType.Program;
var grantedPermission = new RevokedPermission(granteePrincipalId, permissionId, foreignResourceId, resourceType.Value, grantorPrincipalId);
Assert.AreEqual(resourceType, grantedPermission.GetResourceType());
}
public void TestConstructor()
{
var granteePrincipalId = 1;
var grantorPrincipalId = 2;
var permissionId = 3;
var foreignResourceId = 4;
var resourceType = ResourceType.Program.Value;
var grantedPermission = new RevokedPermission(granteePrincipalId, permissionId, foreignResourceId, resourceType, grantorPrincipalId);
Assert.IsNotNull(grantedPermission.Audit);
Assert.IsFalse(grantedPermission.IsAllowed);
Assert.AreEqual(granteePrincipalId, grantedPermission.GranteePrincipalId);
Assert.AreEqual(grantorPrincipalId, grantedPermission.Audit.UserId);
Assert.AreEqual(permissionId, grantedPermission.PermissionId);
Assert.AreEqual(foreignResourceId, grantedPermission.ForeignResourceId);
Assert.AreEqual(resourceType, grantedPermission.ResourceTypeAsString);
DateTimeOffset.Now.Should().BeCloseTo(grantedPermission.Audit.Date, 2000);
}
public void TestRevokePermission_ResourceDoesNotExist()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(default(ForeignResourceCache));
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(default(ForeignResourceCache));
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, 0, resourceType.Value, grantor.PrincipalId);
//invoking async
Func <Task> revokeAction = async() =>
{
await service.RevokePermissionAsync(revokedPermission);
};
service.Invoking(x => x.RevokePermission(revokedPermission)).ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The foreign resource with id [{0}] and resource type [{1}] does not exist in CAM.",
revokedPermission.ForeignResourceId,
revokedPermission.ResourceTypeAsString));
revokeAction.ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The foreign resource with id [{0}] and resource type [{1}] does not exist in CAM.",
revokedPermission.ForeignResourceId,
revokedPermission.ResourceTypeAsString));
}
public void TestRevokePermission_GrantorDoesNotExist()
{
var grantee = new Principal
{
PrincipalId = 1,
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, 0);
//invoking async
Func <Task> revokeAction = async() =>
{
await service.RevokePermissionAsync(revokedPermission);
};
service.Invoking(x => x.RevokePermission(revokedPermission)).ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The user with id [{0}] granting the permission could not be found.", revokedPermission.Audit.UserId));
revokeAction.ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The user with id [{0}] granting the permission could not be found.", revokedPermission.Audit.UserId));
}
public void TestRevokePermission_PermissionDoesNotExist()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Resources.Add(resource);
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
var revokedPermission = new RevokedPermission(grantee.PrincipalId, 0, resource.ForeignResourceId, resourceType.Value, grantor.PrincipalId);
//invoking async
Func <Task> revokeAction = async() =>
{
await service.RevokePermissionAsync(revokedPermission);
};
service.Invoking(x => x.RevokePermission(revokedPermission)).ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The permission with id [{0}] was not found.", revokedPermission.PermissionId));
revokeAction.ShouldThrow <ModelNotFoundException>()
.WithMessage(String.Format("The permission with id [{0}] was not found.", revokedPermission.PermissionId));
}
/// <summary>
/// Revoke a permission explicity from a user.
/// </summary>
/// <param name="revokedPermission">The revoked permission.</param>
public Task RevokePermissionAsync(RevokedPermission revokedPermission)
{
return(HandleAsync(revokedPermission));
}
/// <summary>
/// Revoke a permission explicity from a user.
/// </summary>
/// <param name="revokedPermission">The revoked permission.</param>
public void RevokePermission(RevokedPermission revokedPermission)
{
Handle(revokedPermission);
}
public async Task TestRevokePermission_PermissionIsAlreadyGrantedButAllowed()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
var permissionAssignment = new PermissionAssignment
{
PrincipalId = grantee.PrincipalId,
PermissionId = permission.PermissionId,
ResourceId = resource.ResourceId,
IsAllowed = true
};
context.SetupActions.Add(() =>
{
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
context.PermissionAssignments.Add(permissionAssignment);
permissionAssignment.IsAllowed = true;
Assert.AreEqual(1, context.PermissionAssignments.Count());
});
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
resourceService.Setup(x => x.GetResourcePermissions(It.IsAny <string>(), It.IsAny <int?>())).Returns(GetAvailablePermissionsList(permission));
resourceService.Setup(x => x.GetResourcePermissionsAsync(It.IsAny <string>(), It.IsAny <int?>())).ReturnsAsync(GetAvailablePermissionsList(permission));
Action tester = () =>
{
Assert.AreEqual(1, context.PermissionAssignments.Count());
Assert.IsFalse(context.PermissionAssignments.First().IsAllowed);
};
context.Revert();
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, grantor.PrincipalId);
service.RevokePermission(revokedPermission);
context.Revert();
await service.RevokePermissionAsync(revokedPermission);
tester();
}
public async Task TestRevokePermission_PrincipalIsNotUserAccount()
{
var grantor = new Principal
{
PrincipalId = 1,
};
var grantee = new Principal
{
PrincipalId = 2
};
var permission = new CAM.Data.Permission
{
PermissionId = CAM.Data.Permission.EditOffice.Id,
PermissionName = CAM.Data.Permission.EditOffice.Value
};
var resourceType = ResourceType.Program;
var resource = new Resource
{
ResourceId = 8,
ForeignResourceId = 10,
ResourceTypeId = resourceType.Id,
};
var foreignResourceCache = new ForeignResourceCache(resource.ForeignResourceId, resource.ResourceId, resource.ResourceTypeId, null, null, null);
context.SetupActions.Add(() =>
{
context.Principals.Add(grantor);
context.Principals.Add(grantee);
context.Permissions.Add(permission);
context.Resources.Add(resource);
Assert.AreEqual(0, context.PermissionAssignments.Count());
});
resourceService.Setup(x => x.GetResourceByForeignResourceId(It.IsAny <int>(), It.IsAny <int>())).Returns(foreignResourceCache);
resourceService.Setup(x => x.GetResourceByForeignResourceIdAsync(It.IsAny <int>(), It.IsAny <int>())).ReturnsAsync(foreignResourceCache);
resourceService.Setup(x => x.GetResourcePermissions(It.IsAny <string>(), It.IsAny <int?>())).Returns(GetAvailablePermissionsList(permission));
resourceService.Setup(x => x.GetResourcePermissionsAsync(It.IsAny <string>(), It.IsAny <int?>())).ReturnsAsync(GetAvailablePermissionsList(permission));
Action tester = () =>
{
Assert.AreEqual(1, context.PermissionAssignments.Count());
var firstAssignment = context.PermissionAssignments.First();
Assert.IsFalse(firstAssignment.IsAllowed);
Assert.AreEqual(grantor.PrincipalId, firstAssignment.AssignedBy);
Assert.AreEqual(permission.PermissionId, firstAssignment.PermissionId);
Assert.AreEqual(grantee.PrincipalId, firstAssignment.PrincipalId);
Assert.AreEqual(resource.ResourceId, firstAssignment.ResourceId);
DateTimeOffset.Now.Should().BeCloseTo(firstAssignment.AssignedOn, 2000);
};
context.Revert();
var revokedPermission = new RevokedPermission(grantee.PrincipalId, permission.PermissionId, resource.ForeignResourceId, resourceType.Value, grantor.PrincipalId);
service.RevokePermission(revokedPermission);
tester();
context.Revert();
context.PermissionAssignments = new PermissionAssignmentTestDbSet();
await service.RevokePermissionAsync(revokedPermission);
tester();
}