public RuntimePolicy Execute(IRuntimePolicyContext policyContext)
{
UserInfo user = UserController.GetCurrentUserInfo();
RuntimePolicy runtimePolicy = user.IsSuperUser ? RuntimePolicy.On : RuntimePolicy.Off;
return(runtimePolicy);
}
public void GetBasePolicyFromConfiguration()
{
var locatorMock = new Mock <IServiceLocator>();
var factory = new Factory(locatorMock.Object);
RuntimePolicy result = factory.InstantiateDefaultRuntimePolicy();
Assert.Equal(RuntimePolicy.On, result);
}
public void LeaveGlimpseOnWithLocalRequest(bool isLocal, RuntimePolicy expectedPolicy)
{
var httpContextMock = new Mock<HttpContextBase>();
httpContextMock.Setup(m => m.Request.IsLocal).Returns(isLocal);
var policyContextMock = new Mock<IRuntimePolicyContext>();
policyContextMock.Setup(m => m.GetRequestContext<HttpContextBase>()).Returns(httpContextMock.Object);
var policy = new LocalPolicy();
var result = policy.Execute(policyContextMock.Object);
Assert.Equal(expectedPolicy, result);
}
private RuntimePolicy DetermineRuntimePolicy(RuntimeEvent runtimeEvent, RuntimePolicy maximumAllowedPolicy)
{
if (maximumAllowedPolicy == RuntimePolicy.Off)
{
return(maximumAllowedPolicy);
}
var frameworkProvider = Configuration.FrameworkProvider;
var logger = Configuration.Logger;
// only run policies for this runtimeEvent
var policies =
Configuration.RuntimePolicies.Where(
policy => policy.ExecuteOn.HasFlag(runtimeEvent));
var policyContext = new RuntimePolicyContext(frameworkProvider.RequestMetadata, Configuration.Logger, frameworkProvider.RuntimeContext);
foreach (var policy in policies)
{
var policyResult = RuntimePolicy.Off;
try
{
policyResult = policy.Execute(policyContext);
if (policyResult != RuntimePolicy.On)
{
logger.Debug("RuntimePolicy set to '{0}' by IRuntimePolicy of type '{1}' during RuntimeEvent '{2}'.", policyResult, policy.GetType(), runtimeEvent);
}
}
catch (Exception exception)
{
logger.Warn("Exception when executing IRuntimePolicy of type '{0}'. RuntimePolicy is now set to 'Off'.", exception, policy.GetType());
}
// Only use the lowest policy allowed for the request
if (policyResult < maximumAllowedPolicy)
{
maximumAllowedPolicy = policyResult;
}
// If the policy indicates Glimpse is Off, then we stop processing any other runtime policy
if (maximumAllowedPolicy == RuntimePolicy.Off)
{
break;
}
}
return(maximumAllowedPolicy);
}
public void LeaveGlimpseOnWithLocalRequest(bool isLocal, RuntimePolicy expectedPolicy)
{
var httpContextMock = new Mock <HttpContextBase>();
httpContextMock.Setup(m => m.Request.IsLocal).Returns(isLocal);
var policyContextMock = new Mock <IRuntimePolicyContext>();
policyContextMock.Setup(m => m.GetRequestContext <HttpContextBase>()).Returns(httpContextMock.Object);
var policy = new LocalPolicy();
var result = policy.Execute(policyContextMock.Object);
Assert.Equal(expectedPolicy, result);
}
private RuntimePolicy DetermineRuntimePolicy(RuntimeEvent runtimeEvent, RuntimePolicy maximumAllowedPolicy)
{
if (maximumAllowedPolicy == RuntimePolicy.Off)
{
return maximumAllowedPolicy;
}
var frameworkProvider = Configuration.FrameworkProvider;
var logger = Configuration.Logger;
// only run policies for this runtimeEvent
var policies =
Configuration.RuntimePolicies.Where(
policy => policy.ExecuteOn.HasFlag(runtimeEvent));
var policyContext = new RuntimePolicyContext(frameworkProvider.RequestMetadata, Configuration.Logger, frameworkProvider.RuntimeContext);
foreach (var policy in policies)
{
var policyResult = RuntimePolicy.Off;
try
{
policyResult = policy.Execute(policyContext);
if (policyResult != RuntimePolicy.On)
{
logger.Debug("RuntimePolicy set to '{0}' by IRuntimePolicy of type '{1}' during RuntimeEvent '{2}'.", policyResult, policy.GetType(), runtimeEvent);
}
}
catch (Exception exception)
{
logger.Warn("Exception when executing IRuntimePolicy of type '{0}'. RuntimePolicy is now set to 'Off'.", exception, policy.GetType());
}
// Only use the lowest policy allowed for the request
if (policyResult < maximumAllowedPolicy)
{
maximumAllowedPolicy = policyResult;
}
// If the policy indicates Glimpse is Off, then we stop processing any other runtime policy
if (maximumAllowedPolicy == RuntimePolicy.Off)
{
break;
}
}
return maximumAllowedPolicy;
}
/// <summary>
/// Initializes a new instance of the <see cref="GlimpseConfiguration" /> class.
/// </summary>
/// <param name="frameworkProvider">The framework provider.</param>
/// <param name="endpointConfiguration">The resource endpoint configuration.</param>
/// <param name="clientScripts">The client scripts collection.</param>
/// <param name="logger">The logger.</param>
/// <param name="defaultRuntimePolicy">The default runtime policy.</param>
/// <param name="htmlEncoder">The Html encoder.</param>
/// <param name="persistenceStore">The persistence store.</param>
/// <param name="inspectors">The inspectors collection.</param>
/// <param name="resources">The resources collection.</param>
/// <param name="serializer">The serializer.</param>
/// <param name="tabs">The tabs collection.</param>
/// <param name="runtimePolicies">The runtime policies collection.</param>
/// <param name="defaultResource">The default resource.</param>
/// <param name="proxyFactory">The proxy factory.</param>
/// <param name="messageBroker">The message broker.</param>
/// <param name="endpointBaseUri">The endpoint base Uri.</param>
/// <param name="timerStrategy">The timer strategy.</param>
/// <param name="runtimePolicyStrategy">The runtime policy strategy.</param>
/// <exception cref="System.ArgumentNullException">An exception is thrown if any parameter is <c>null</c>.</exception>
public GlimpseConfiguration(
IFrameworkProvider frameworkProvider,
ResourceEndpointConfiguration endpointConfiguration,
ICollection<IClientScript> clientScripts,
ILogger logger,
RuntimePolicy defaultRuntimePolicy,
IHtmlEncoder htmlEncoder,
IPersistenceStore persistenceStore,
ICollection<IInspector> inspectors,
ICollection<IResource> resources,
ISerializer serializer,
ICollection<ITab> tabs,
ICollection<IDisplay> displays,
ICollection<IRuntimePolicy> runtimePolicies,
IResource defaultResource,
IProxyFactory proxyFactory,
IMessageBroker messageBroker,
string endpointBaseUri,
Func<IExecutionTimer> timerStrategy,
Func<RuntimePolicy> runtimePolicyStrategy)
{
if (frameworkProvider == null)
{
throw new ArgumentNullException("frameworkProvider");
}
if (endpointConfiguration == null)
{
throw new ArgumentNullException("endpointConfiguration");
}
if (logger == null)
{
throw new ArgumentNullException("logger");
}
if (htmlEncoder == null)
{
throw new ArgumentNullException("htmlEncoder");
}
if (persistenceStore == null)
{
throw new ArgumentNullException("persistenceStore");
}
if (clientScripts == null)
{
throw new ArgumentNullException("clientScripts");
}
if (resources == null)
{
throw new ArgumentNullException("inspectors");
}
if (serializer == null)
{
throw new ArgumentNullException("serializer");
}
if (tabs == null)
{
throw new ArgumentNullException("tabs");
}
if (displays == null)
{
throw new ArgumentNullException("displays");
}
if (runtimePolicies == null)
{
throw new ArgumentNullException("runtimePolicies");
}
if (defaultResource == null)
{
throw new ArgumentNullException("defaultResource");
}
if (proxyFactory == null)
{
throw new ArgumentNullException("proxyFactory");
}
if (messageBroker == null)
{
throw new ArgumentNullException("messageBroker");
}
if (endpointBaseUri == null)
{
throw new ArgumentNullException("endpointBaseUri");
}
if (timerStrategy == null)
{
throw new ArgumentNullException("timerStrategy");
}
if (runtimePolicyStrategy == null)
{
throw new ArgumentNullException("runtimePolicyStrategy");
}
Logger = logger;
ClientScripts = clientScripts;
FrameworkProvider = frameworkProvider;
HtmlEncoder = htmlEncoder;
PersistenceStore = persistenceStore;
Inspectors = inspectors;
ResourceEndpoint = endpointConfiguration;
Resources = resources;
Serializer = serializer;
Tabs = tabs;
Displays = displays;
RuntimePolicies = runtimePolicies;
DefaultRuntimePolicy = defaultRuntimePolicy;
DefaultResource = defaultResource;
ProxyFactory = proxyFactory;
MessageBroker = messageBroker;
EndpointBaseUri = endpointBaseUri;
TimerStrategy = timerStrategy;
RuntimePolicyStrategy = runtimePolicyStrategy;
}
/// <summary>
/// Executes the resource.
/// </summary>
/// <param name="resourceName">Name of the resource.</param>
/// <param name="parameters">The parameters.</param>
/// <exception cref="System.ArgumentNullException">Throws an exception if either parameter is <c>null</c>.</exception>
public void ExecuteResource(string resourceName, ResourceParameters parameters)
{
if (string.IsNullOrEmpty(resourceName))
{
throw new ArgumentNullException("resourceName");
}
if (parameters == null)
{
throw new ArgumentNullException("parameters");
}
string message;
var logger = Configuration.Logger;
var context = new ResourceResultContext(logger, Configuration.FrameworkProvider, Configuration.Serializer, Configuration.HtmlEncoder);
// First we determine the current policy as it has been processed so far
RuntimePolicy policy = DetermineAndStoreAccumulatedRuntimePolicy(RuntimeEvent.ExecuteResource);
// It is possible that the policy now says Off, but if the requested resource is the default resource or one of it dependent resources,
// then we need to make sure there is a good reason for not executing that resource, since the default resource (or one of it dependencies)
// is the one we most likely need to set Glimpse On with in the first place.
IDependOnResources defaultResourceDependsOnResources = Configuration.DefaultResource as IDependOnResources;
if (resourceName.Equals(Configuration.DefaultResource.Name) || (defaultResourceDependsOnResources != null && defaultResourceDependsOnResources.DependsOn(resourceName)))
{
// To be clear we only do this for the default resource (or its dependencies), and we do this because it allows us to secure the default resource
// the same way as any other resource, but for this we only rely on runtime policies that handle ExecuteResource runtime events and we ignore
// ignore previously executed runtime policies (most likely during BeginRequest).
// Either way, the default runtime policy is still our starting point and when it says Off, it remains Off
policy = DetermineRuntimePolicy(RuntimeEvent.ExecuteResource, Configuration.DefaultRuntimePolicy);
}
if (policy == RuntimePolicy.Off)
{
string errorMessage = string.Format(Resources.ExecuteResourceInsufficientPolicy, resourceName);
logger.Info(errorMessage);
new StatusCodeResourceResult(403, errorMessage).Execute(context);
return;
}
var resources =
Configuration.Resources.Where(
r => r.Name.Equals(resourceName, StringComparison.InvariantCultureIgnoreCase));
IResourceResult result;
switch (resources.Count())
{
case 1: // 200 - OK
try
{
var resource = resources.First();
var resourceContext = new ResourceContext(parameters.GetParametersFor(resource), Configuration.PersistenceStore, logger);
var privilegedResource = resource as IPrivilegedResource;
if (privilegedResource != null)
{
result = privilegedResource.Execute(resourceContext, Configuration);
}
else
{
result = resource.Execute(resourceContext);
}
}
catch (Exception ex)
{
logger.Error(Resources.GlimpseRuntimeExecuteResourceError, ex, resourceName);
result = new ExceptionResourceResult(ex);
}
break;
case 0: // 404 - File Not Found
message = string.Format(Resources.ExecuteResourceMissingError, resourceName);
logger.Warn(message);
result = new StatusCodeResourceResult(404, message);
break;
default: // 500 - Server Error
message = string.Format(Resources.ExecuteResourceDuplicateError, resourceName);
logger.Warn(message);
result = new StatusCodeResourceResult(500, message);
break;
}
try
{
result.Execute(context);
}
catch (Exception exception)
{
logger.Fatal(Resources.GlimpseRuntimeExecuteResourceResultError, exception, result.GetType());
}
}
/// <summary>
/// Initializes a new instance of the <see cref="GlimpseConfiguration" /> class.
/// </summary>
/// <param name="frameworkProvider">The framework provider.</param>
/// <param name="endpointConfiguration">The resource endpoint configuration.</param>
/// <param name="clientScripts">The client scripts collection.</param>
/// <param name="logger">The logger.</param>
/// <param name="defaultRuntimePolicy">The default runtime policy.</param>
/// <param name="htmlEncoder">The Html encoder.</param>
/// <param name="persistenceStore">The persistence store.</param>
/// <param name="inspectors">The inspectors collection.</param>
/// <param name="resources">The resources collection.</param>
/// <param name="serializer">The serializer.</param>
/// <param name="tabs">The tabs collection.</param>
/// <param name="runtimePolicies">The runtime policies collection.</param>
/// <param name="defaultResource">The default resource.</param>
/// <param name="proxyFactory">The proxy factory.</param>
/// <param name="messageBroker">The message broker.</param>
/// <param name="endpointBaseUri">The endpoint base Uri.</param>
/// <param name="timerStrategy">The timer strategy.</param>
/// <param name="runtimePolicyStrategy">The runtime policy strategy.</param>
/// <exception cref="System.ArgumentNullException">An exception is thrown if any parameter is <c>null</c>.</exception>
public GlimpseConfiguration(
IFrameworkProvider frameworkProvider,
ResourceEndpointConfiguration endpointConfiguration,
ICollection <IClientScript> clientScripts,
ILogger logger,
RuntimePolicy defaultRuntimePolicy,
IHtmlEncoder htmlEncoder,
IPersistenceStore persistenceStore,
ICollection <IInspector> inspectors,
ICollection <IResource> resources,
ISerializer serializer,
ICollection <ITab> tabs,
ICollection <IRuntimePolicy> runtimePolicies,
IResource defaultResource,
IProxyFactory proxyFactory,
IMessageBroker messageBroker,
string endpointBaseUri,
Func <IExecutionTimer> timerStrategy,
Func <RuntimePolicy> runtimePolicyStrategy)
{
if (frameworkProvider == null)
{
throw new ArgumentNullException("frameworkProvider");
}
if (endpointConfiguration == null)
{
throw new ArgumentNullException("endpointConfiguration");
}
if (logger == null)
{
throw new ArgumentNullException("logger");
}
if (htmlEncoder == null)
{
throw new ArgumentNullException("htmlEncoder");
}
if (persistenceStore == null)
{
throw new ArgumentNullException("persistenceStore");
}
if (clientScripts == null)
{
throw new ArgumentNullException("clientScripts");
}
if (resources == null)
{
throw new ArgumentNullException("inspectors");
}
if (serializer == null)
{
throw new ArgumentNullException("serializer");
}
if (tabs == null)
{
throw new ArgumentNullException("tabs");
}
if (runtimePolicies == null)
{
throw new ArgumentNullException("runtimePolicies");
}
if (defaultResource == null)
{
throw new ArgumentNullException("defaultResource");
}
if (proxyFactory == null)
{
throw new ArgumentNullException("proxyFactory");
}
if (messageBroker == null)
{
throw new ArgumentNullException("messageBroker");
}
if (endpointBaseUri == null)
{
throw new ArgumentNullException("endpointBaseUri");
}
if (timerStrategy == null)
{
throw new ArgumentNullException("timerStrategy");
}
if (runtimePolicyStrategy == null)
{
throw new ArgumentNullException("runtimePolicyStrategy");
}
Logger = logger;
ClientScripts = clientScripts;
FrameworkProvider = frameworkProvider;
HtmlEncoder = htmlEncoder;
PersistenceStore = persistenceStore;
Inspectors = inspectors;
ResourceEndpoint = endpointConfiguration;
Resources = resources;
Serializer = serializer;
Tabs = tabs;
RuntimePolicies = runtimePolicies;
DefaultRuntimePolicy = defaultRuntimePolicy;
DefaultResource = defaultResource;
ProxyFactory = proxyFactory;
MessageBroker = messageBroker;
EndpointBaseUri = endpointBaseUri;
TimerStrategy = timerStrategy;
RuntimePolicyStrategy = runtimePolicyStrategy;
}
private bool IsGlimpseEnabled()
{
RuntimePolicy runtimePolicy = _runtimePolicyStrategy();
return(runtimePolicy >= RuntimePolicy.PersistResults);
}
