public void Create_WithValidPrincipal_WithRole()
{
var principalStub = MockRepository.GenerateStub <ISecurityPrincipal>();
principalStub.Stub(stub => stub.User).Return("test.user");
var princialRoleStub = MockRepository.GenerateStub <ISecurityPrincipalRole>();
princialRoleStub.Stub(stub => stub.Group).Return("UID: testGroup");
princialRoleStub.Stub(stub => stub.Position).Return("UID: Official");
principalStub.Stub(stub => stub.Role).Return(princialRoleStub);
SecurityContext context = CreateContext();
ISecurityPrincipal principal = principalStub;
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(principal, context);
var principalUser = token.Principal.User.GetObject();
Assert.That(principalUser.UserName, Is.EqualTo("test.user"));
Assert.That(token.Principal.Tenant, Is.EqualTo(principalUser.Tenant).Using(DomainObjectHandleComparer.Instance));
Assert.That(token.Principal.Roles.Count, Is.EqualTo(1));
Assert.That(token.Principal.Roles[0].Group.GetObject().UniqueIdentifier, Is.EqualTo("UID: testGroup"));
Assert.That(token.Principal.Roles[0].Position.GetObject().UniqueIdentifier, Is.EqualTo("UID: Official"));
Assert.That(token.Principal.IsNull, Is.False);
}
public void Create_WithValidPrincipal_WithSubstitutedRole()
{
var principalStub = MockRepository.GenerateStub <ISecurityPrincipal> ();
principalStub.Stub(stub => stub.User).Return("substituting.user");
principalStub.Stub(stub => stub.SubstitutedUser).Return("test.user");
var princialSubstitutedRoleStub = MockRepository.GenerateStub <ISecurityPrincipalRole> ();
princialSubstitutedRoleStub.Stub(stub => stub.Group).Return("UID: testGroup");
princialSubstitutedRoleStub.Stub(stub => stub.Position).Return("UID: Official");
principalStub.Stub(stub => stub.SubstitutedRole).Return(princialSubstitutedRoleStub);
SecurityContext context = CreateContext();
ISecurityPrincipal principal = principalStub;
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(principal, context);
Assert.That(token.Principal.User, Is.Null);
Assert.That(token.Principal.Tenant.GetObject().UniqueIdentifier, Is.EqualTo("UID: testTenant"));
Assert.That(token.Principal.Roles.Count, Is.EqualTo(1));
Assert.That(token.Principal.Roles[0].Group.GetObject().UniqueIdentifier, Is.EqualTo("UID: testGroup"));
Assert.That(token.Principal.Roles[0].Position.GetObject().UniqueIdentifier, Is.EqualTo("UID: Official"));
Assert.That(token.Principal.IsNull, Is.False);
}
public void Create_WithNotExistingAbstractRole()
{
SecurityContext context = CreateContext(ProjectRoles.Developer, UndefinedAbstractRoles.Undefined, ProjectRoles.QualityManager);
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
builder.CreateToken(CreateTestPrincipal(), context);
}
public void Create_WithNotExistingOwningUser()
{
SecurityContext context = CreateContextWithNotExistingOwningUser();
ISecurityPrincipal user = CreateTestPrincipal();
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
builder.CreateToken(user, context);
}
public void Create_WithValidAbstractRoles()
{
SecurityContext context = CreateContext(ProjectRoles.QualityManager, ProjectRoles.Developer);
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(CreateTestPrincipal(), context);
Assert.That(token.AbstractRoles.Count, Is.EqualTo(2));
}
public void Create_AbstractRolesEmpty()
{
SecurityContext context = CreateContext();
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(CreateTestPrincipal(), context);
Assert.That(token.AbstractRoles, Is.Empty);
}
public void Create_WithInvalidPrincipal_EmptyUserName()
{
SecurityContext context = CreateContext();
ISecurityPrincipal principal = CreatePrincipal("");
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
builder.CreateToken(principal, context);
}
public void Create_WithoutOwningUser()
{
SecurityContext context = CreateContextWithoutOwningUser();
ISecurityPrincipal user = CreateTestPrincipal();
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(user, context);
Assert.That(token.OwningUser, Is.Null);
}
public void Create_WithValidAbstractRole()
{
SecurityContext context = CreateContext(ProjectRoles.QualityManager);
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(CreateTestPrincipal(), context);
Assert.That(token.AbstractRoles.Count, Is.EqualTo(1));
Assert.That(
token.AbstractRoles[0].GetObject().Name,
Is.EqualTo("QualityManager|Remotion.SecurityManager.UnitTests.TestDomain.ProjectRoles, Remotion.SecurityManager.UnitTests"));
}
public void Create_WithInactiveTransaction()
{
SecurityContext context = CreateContext();
ISecurityPrincipal principal = CreateTestPrincipal();
using (ClientTransactionTestHelper.MakeInactive(ClientTransactionScope.CurrentTransaction))
{
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(principal, context);
Assert.That(token.Principal.IsNull, Is.False);
}
}
public void Create_WithValidOwningUser()
{
SecurityContext context = CreateContext();
ISecurityPrincipal user = CreateTestPrincipal();
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(user, context);
var owningUser = token.OwningUser;
Assert.That(owningUser, Is.Not.Null);
Assert.That(owningUser.GetObject().UserName, Is.EqualTo("group0/user1"));
}
public void Create_WithValidOwningGroup()
{
SecurityContext context = CreateContext();
ISecurityPrincipal user = CreateTestPrincipal();
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(user, context);
var group = token.OwningGroup;
Assert.That(group, Is.Not.Null);
Assert.That(group.GetObject().UniqueIdentifier, Is.EqualTo("UID: testOwningGroup"));
}
public void Create_WithNullPrincipal()
{
SecurityContext context = CreateContext();
var principalStub = MockRepository.GenerateStub <ISecurityPrincipal> ();
principalStub.Stub(stub => stub.IsNull).Return(true);
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(principalStub, context);
Assert.That(token.Principal.User, Is.Null);
Assert.That(token.Principal.Tenant, Is.Null);
Assert.That(token.Principal.Roles, Is.Empty);
Assert.That(token.Principal.IsNull, Is.True);
}
public void Create_WithValidPrincipal()
{
SecurityContext context = CreateContext();
ISecurityPrincipal principal = CreateTestPrincipal();
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(principal, context);
var user = token.Principal.User.GetObject();
Assert.That(user.UserName, Is.EqualTo("test.user"));
Assert.That(token.Principal.Tenant, Is.EqualTo(user.Tenant).Using(DomainObjectHandleComparer.Instance));
Assert.That(token.Principal.Roles, Is.Not.Empty);
Assert.That(token.Principal.Roles, Is.EquivalentTo(user.Roles).Using(PrincipalRoleComparer.Instance));
Assert.That(token.Principal.IsNull, Is.False);
}
public void Create_WithValidPrincipal_WithInvalidSubstitutedUser()
{
var principalStub = MockRepository.GenerateStub <ISecurityPrincipal> ();
principalStub.Stub(stub => stub.User).Return("substituting.user");
principalStub.Stub(stub => stub.SubstitutedUser).Return("notexisting.user");
SecurityContext context = CreateContext();
ISecurityPrincipal principal = principalStub;
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
SecurityToken token = builder.CreateToken(principal, context);
Assert.That(token.Principal.User, Is.Null);
Assert.That(token.Principal.Tenant.GetObject().UniqueIdentifier, Is.EqualTo("UID: testTenant"));
Assert.That(token.Principal.Roles, Is.Empty);
Assert.That(token.Principal.IsNull, Is.False);
}
public void Create_WithInvalidPrincipal_WithSubstitutedRoleButNoSubstitutedUser()
{
var principalStub = MockRepository.GenerateStub <ISecurityPrincipal> ();
principalStub.Stub(stub => stub.User).Return("substituting.user");
principalStub.Stub(stub => stub.SubstitutedUser).Return(null);
var princialSubstitutedRoleStub = MockRepository.GenerateStub <ISecurityPrincipalRole> ();
princialSubstitutedRoleStub.Stub(stub => stub.Group).Return("UID: testGroup");
princialSubstitutedRoleStub.Stub(stub => stub.Position).Return("UID: Official");
principalStub.Stub(stub => stub.SubstitutedRole).Return(princialSubstitutedRoleStub);
SecurityContext context = CreateContext();
ISecurityPrincipal principal = principalStub;
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
builder.CreateToken(principal, context);
}
public void Create_WithValidPrincipal_WithInvalidSubstitutedRoleFromPosition_ThrowsAccessControlException()
{
var principalStub = MockRepository.GenerateStub <ISecurityPrincipal>();
principalStub.Stub(stub => stub.User).Return("substituting.user");
principalStub.Stub(stub => stub.SubstitutedUser).Return("test.user");
var princialSubstitutedRoleStub = MockRepository.GenerateStub <ISecurityPrincipalRole>();
princialSubstitutedRoleStub.Stub(stub => stub.Group).Return("UID: testGroup");
princialSubstitutedRoleStub.Stub(stub => stub.Position).Return("UID: notexisting.position");
principalStub.Stub(stub => stub.SubstitutedRole).Return(princialSubstitutedRoleStub);
SecurityContext context = CreateContext();
ISecurityPrincipal principal = principalStub;
SecurityTokenBuilder builder = CreateSecurityTokenBuilder();
Assert.That(
() => builder.CreateToken(principal, context),
Throws.TypeOf <AccessControlException>().With.Message.EqualTo("The position 'UID: notexisting.position' could not be found."));
}