public void SecureForCausesHighCpu()
{
User user = new User {
Name = "Mr. Test"
};
Content contentWithoutPermission = new Content {
Title = "Content Without Permission"
};
Content contentWithPermission = new Content {
Title = "Content With Permission"
};
using (IDocumentSession session = store.OpenSession())
{
session.Store(user);
session.Store(contentWithoutPermission);
session.Store(contentWithPermission);
client::Raven.Bundles.Authorization.Model.DocumentAuthorization authorization = client::Raven.Client.Authorization.AuthorizationClientExtensions.GetAuthorizationFor(session, contentWithoutPermission) ??
new client::Raven.Bundles.Authorization.Model.DocumentAuthorization();
authorization.Permissions.Add(new client::Raven.Bundles.Authorization.Model.DocumentPermission {
Allow = false, Operation = Operation, User = user.Id
});
client::Raven.Client.Authorization.AuthorizationClientExtensions.SetAuthorizationFor(session, contentWithoutPermission, authorization);
authorization = client::Raven.Client.Authorization.AuthorizationClientExtensions.GetAuthorizationFor(session, contentWithPermission) ?? new client::Raven.Bundles.Authorization.Model.DocumentAuthorization();
authorization.Permissions.Add(new client::Raven.Bundles.Authorization.Model.DocumentPermission {
Allow = true, Operation = Operation, User = user.Id
});
client::Raven.Client.Authorization.AuthorizationClientExtensions.SetAuthorizationFor(session, contentWithPermission, authorization);
session.SaveChanges();
}
while (store.DatabaseCommands.GetStatistics().StaleIndexes.Length > 0)
{
Thread.Sleep(10);
}
for (int i = 0; i < 5; i++)
{
using (IDocumentSession session = store.OpenSession())
{
client::Raven.Client.Authorization.AuthorizationClientExtensions.SecureFor(session, user.Id, Operation);
Content contentY = session.Query <Content>().FirstOrDefault();
Assert.NotNull(contentY);
Assert.Equal(contentWithPermission.Id, contentY.Id);
}
}
}
public void Create_Library_And_Set_Permission_For_Roles_Administrators_And_For_User_Andrea()
{
using (IDocumentSession session = store.OpenSession(DatabaseName))
{
SetupRoles(session);
SetupUsers(session);
}
using (IDocumentSession session = store.OpenSession(DatabaseName))
{
var library = new Library { Id = "library/andrea-lib" };
session.Store(library);
var documentAuthorization = new client::Raven.Bundles.
Authorization.Model.
DocumentAuthorization
{
Permissions =
{
new client::Raven.Bundles.
Authorization.Model.
DocumentPermission
{
Allow = true,
Operation = "Library/View",
User = "******"
},
new client::Raven.Bundles.
Authorization.Model.
DocumentPermission
{
Allow = true,
Operation =
"Library/Manage",
Role = "Administrators"
}
}
};
client::Raven.Client.Authorization.AuthorizationClientExtensions.SetAuthorizationFor(session, library,
documentAuthorization);
session.SaveChanges();
}
using (IDocumentSession session = store.OpenSession(DatabaseName))
{
var paolo = session.Load<client::Raven.Bundles.Authorization.Model.AuthorizationUser>("paolo");
//Paolo is a Users
Assert.True(paolo.Roles.Exists(mc => mc.Equals("Users")));
//Paolo is not an Administrators
Assert.True(!paolo.Roles.Exists(mc => mc.Equals("Administrators")));
client::Raven.Bundles.Authorization.OperationAllowedResult paoloCanView =
client::Raven.Client.Authorization.AuthorizationClientExtensions.IsOperationAllowedOnDocument(session.Advanced,
"paolo",
"Library/View",
"library/andrea-lib");
//Paolo cannot View
Assert.True(!paoloCanView.IsAllowed);
client::Raven.Bundles.Authorization.OperationAllowedResult paoloCanMange =
client::Raven.Client.Authorization.AuthorizationClientExtensions.IsOperationAllowedOnDocument(session.Advanced,
"paolo",
"Library/Manage",
"library/andrea-lib");
//Paolo cannot Manage
Assert.True(!paoloCanMange.IsAllowed);
}
}
public void Create_Library_And_Set_Permission_For_Roles_Administrators_And_For_User_Andrea()
{
using (IDocumentSession session = store.OpenSession(DatabaseName))
{
SetupRoles(session);
SetupUsers(session);
}
using (IDocumentSession session = store.OpenSession(DatabaseName))
{
var library = new Library {
Id = "library/andrea-lib"
};
session.Store(library);
var documentAuthorization = new client::Raven.Bundles.
Authorization.Model.
DocumentAuthorization
{
Permissions =
{
new client::Raven.Bundles.
Authorization.Model.
DocumentPermission
{
Allow = true,
Operation = "Library/View",
User = "******"
},
new client::Raven.Bundles.
Authorization.Model.
DocumentPermission
{
Allow = true,
Operation =
"Library/Manage",
Role = "Administrators"
}
}
};
client::Raven.Client.Authorization.AuthorizationClientExtensions.SetAuthorizationFor(session, library,
documentAuthorization);
session.SaveChanges();
}
using (IDocumentSession session = store.OpenSession(DatabaseName))
{
var paolo = session.Load <client::Raven.Bundles.Authorization.Model.AuthorizationUser>("paolo");
//Paolo is a Users
Assert.True(paolo.Roles.Exists(mc => mc.Equals("Users")));
//Paolo is not an Administrators
Assert.True(!paolo.Roles.Exists(mc => mc.Equals("Administrators")));
client::Raven.Bundles.Authorization.OperationAllowedResult paoloCanView =
client::Raven.Client.Authorization.AuthorizationClientExtensions.IsOperationAllowedOnDocument(session.Advanced,
"paolo",
"Library/View",
"library/andrea-lib");
//Paolo cannot View
Assert.True(!paoloCanView.IsAllowed);
client::Raven.Bundles.Authorization.OperationAllowedResult paoloCanMange =
client::Raven.Client.Authorization.AuthorizationClientExtensions.IsOperationAllowedOnDocument(session.Advanced,
"paolo",
"Library/Manage",
"library/andrea-lib");
//Paolo cannot Manage
Assert.True(!paoloCanMange.IsAllowed);
}
}
