public void GivenOrganisation_WhenCurrentUserIsContactForOrganisation_ThenCustomerPermissionsAreGranted()
{
var internalOrganisation = new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation");
var organisation = new OrganisationBuilder(this.DatabaseSession).WithName("organisation").Build();
var customer = new PersonBuilder(this.DatabaseSession).WithLastName("Customer").WithUserName("customer").Build();
new CustomerRelationshipBuilder(this.DatabaseSession).WithCustomer(organisation).WithInternalOrganisation(internalOrganisation).Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(customer).WithOrganisation(organisation).WithFromDate(DateTime.UtcNow).Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customer", "Forms"), new string[0]);
var acl = new AccessControlList(organisation, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanRead(Organisations.Meta.Name));
Assert.IsTrue(acl.CanWrite(Organisations.Meta.Name));
Assert.IsTrue(acl.CanRead(Organisations.Meta.LegalForm));
Assert.IsTrue(acl.CanWrite(Organisations.Meta.LegalForm));
Assert.IsTrue(acl.CanRead(Organisations.Meta.LogoImage));
Assert.IsTrue(acl.CanWrite(Organisations.Meta.LogoImage));
Assert.IsTrue(acl.CanRead(Organisations.Meta.Locale));
Assert.IsTrue(acl.CanWrite(Organisations.Meta.Locale));
Assert.IsFalse(acl.CanRead(Organisations.Meta.OwnerSecurityToken));
Assert.IsFalse(acl.CanWrite(Organisations.Meta.OwnerSecurityToken));
}
public void TestInvoices()
{
var departmentA = new DepartmentBuilder(this.Session).Build();
var departmentB = new DepartmentBuilder(this.Session).Build();
var accountantA = new PersonBuilder(this.Session).WithFirstName("Accountant").WithLastName("A").Build();
var accountantB = new PersonBuilder(this.Session).WithFirstName("Accountant").WithLastName("B").Build();
departmentA.AddAccountant(accountantA);
departmentB.AddAccountant(accountantB);
var invoiceA = new InvoiceBuilder(this.Session).Build();
var invoiceB = new InvoiceBuilder(this.Session).Build();
departmentA.AddInvoice(invoiceA);
departmentB.AddInvoice(invoiceB);
this.Session.Derive();
// Accountant A
var aclAccountatAInvoiceA = new AccessControlList(invoiceA, accountantA);
var aclAccountatAInvoiceB = new AccessControlList(invoiceB, accountantA);
aclAccountatAInvoiceA.CanWrite(Invoice.Meta.Total).ShouldBeTrue();
aclAccountatAInvoiceB.CanWrite(Invoice.Meta.Total).ShouldBeFalse();
// Accountant B
var aclAccountatBInvoiceA = new AccessControlList(invoiceA, accountantB);
var aclAccountatBInvoiceB = new AccessControlList(invoiceB, accountantB);
aclAccountatBInvoiceA.CanWrite(Invoice.Meta.Total).ShouldBeFalse();
aclAccountatBInvoiceB.CanWrite(Invoice.Meta.Total).ShouldBeTrue();
}
public void TestEmployeesCanRead()
{
var employeeRole = new Roles(this.Session).Employee;
var employees = new UserGroupBuilder(this.Session)
.WithName("Employees")
.Build();
var john = new PersonBuilder(this.Session).WithFirstName("John").WithLastName("Doe").Build();
employees.AddMember(john);
var invoice = new InvoiceBuilder(this.Session).Build();
var singleton = Singleton.Instance(this.Session);
var defaultSecurityToken = singleton.DefaultSecurityToken;
var accessControl = new AccessControlBuilder(this.Session)
.WithRole(employeeRole)
.WithObject(defaultSecurityToken)
.WithSubjectGroup(employees)
.Build();
var acl = new AccessControlList(invoice, john);
acl.CanRead(Invoice.Meta.Total).ShouldBeTrue();
}
public void GivenOrderItem_WhenObjectStateIsCompleted_ThenItemMayNotBeCancelledOrRejectedOrDeleted()
{
var administrator = new PersonBuilder(this.Session).WithFirstName("Koen").WithUserName("admin").Build();
var administrators = new UserGroups(this.Session).Administrators;
administrators.AddMember(administrator);
this.Session.Derive();
this.Session.Commit();
this.InstantiateObjects(this.Session);
this.SetIdentity("admin");
var item = new PurchaseOrderItemBuilder(this.Session)
.WithPart(this.finishedGood)
.WithQuantityOrdered(3)
.WithActualUnitPrice(5)
.Build();
this.order.AddPurchaseOrderItem(item);
this.order.Confirm();
this.Session.Derive();
var shipment = new PurchaseShipmentBuilder(this.Session).WithShipFromParty(this.supplier).WithShipmentMethod(new ShipmentMethods(this.Session).Ground).Build();
var shipmentItem = new ShipmentItemBuilder(this.Session).WithPart(this.finishedGood).Build();
shipment.AddShipmentItem(shipmentItem);
new ShipmentReceiptBuilder(this.Session)
.WithQuantityAccepted(3)
.WithShipmentItem(shipmentItem)
.WithOrderItem(item)
.Build();
this.Session.Derive();
shipment.AppsComplete();
this.Session.Derive();
Assert.Equal(new PurchaseOrderItemStates(this.Session).Completed, item.PurchaseOrderItemState);
var acl = new AccessControlList(item, this.Session.GetUser());
Assert.False(acl.CanExecute(M.PurchaseOrderItem.Cancel));
Assert.False(acl.CanExecute(M.PurchaseOrderItem.Reject));
Assert.False(acl.CanExecute(M.PurchaseOrderItem.Delete));
}
public void GivenPickList_WhenObjectStateIsCreated_ThenCheckTransitions()
{
var store = this.Session.Extent <Store>().First;
store.IsImmediatelyPicked = false;
this.SetIdentity("orderProcessor");
var pickList = new PickListBuilder(this.Session).Build();
this.Session.Derive();
var acl = new AccessControlList(pickList, this.Session.GetUser());
Assert.True(acl.CanExecute(M.PickList.Cancel));
}
public void GivenSalesOrderCreatedBySalesRep_WhenCurrentUserInSameSalesRepUserGroup_ThenAccessIsGranted()
{
var customer = new PersonBuilder(this.DatabaseSession).WithLastName("customer").WithUserName("customer").Build();
var internalOrganisation = Singleton.Instance(this.DatabaseSession).DefaultInternalOrganisation;
new CustomerRelationshipBuilder(this.DatabaseSession).WithFromDate(DateTime.UtcNow).WithCustomer(customer).WithInternalOrganisation(internalOrganisation).Build();
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var salesrep2 = new PersonBuilder(this.DatabaseSession).WithLastName("salesRep2").WithUserName("salesRep2").Build();
new EmploymentBuilder(this.DatabaseSession)
.WithFromDate(DateTime.UtcNow)
.WithEmployee(salesrep2)
.WithEmployer(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.Build();
new SalesRepRelationshipBuilder(this.DatabaseSession)
.WithFromDate(DateTime.UtcNow)
.WithCustomer(customer)
.WithSalesRepresentative(salesrep2)
.Build();
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("salesRep", "Forms"), new string[0]);
var order = new SalesOrderBuilder(this.DatabaseSession)
.WithBillToCustomer(customer)
.WithShipToCustomer(customer)
.WithShipToAddress(new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build())
.Build();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(SalesOrders.Meta.Confirm));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("salesRep2", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(SalesOrders.Meta.Confirm));
}
public void GivenPickListCreatedByOrderProcessor_WhenCurrentUserInAnotherOrderProcessorUserGroup_ThenAccessIsDenied()
{
var belgium = new Countries(this.DatabaseSession).CountryByIsoCode["BE"];
var euro = belgium.Currency;
var bank = new BankBuilder(this.DatabaseSession).WithCountry(belgium).WithName("ING België").WithBic("BBRUBEBB").Build();
var ownBankAccount = new OwnBankAccountBuilder(this.DatabaseSession)
.WithDescription("own account")
.WithBankAccount(new BankAccountBuilder(this.DatabaseSession).WithBank(bank).WithCurrency(euro).WithIban("BE23 3300 6167 6391").WithNameOnAccount("Koen").Build())
.Build();
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var address1 = new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build();
var billingAddress = new PartyContactMechanismBuilder(this.DatabaseSession)
.WithContactMechanism(address1)
.WithContactPurpose(new ContactMechanismPurposes(this.DatabaseSession).BillingAddress)
.WithUseAsDefault(true)
.Build();
var orderProcessor2 = new PersonBuilder(this.DatabaseSession).WithLastName("orderProcessor2").WithUserName("orderProcessor2").Build();
var internalOrganisation = new InternalOrganisationBuilder(this.DatabaseSession)
.WithName("employer2")
.WithLocale(new Locales(this.DatabaseSession).EnglishGreatBritain)
.WithEmployeeRole(new Roles(this.DatabaseSession).Administrator)
.WithEmployeeRole(new Roles(this.DatabaseSession).Operations)
.WithDefaultPaymentMethod(ownBankAccount)
.WithPreferredCurrency(euro)
.WithPartyContactMechanism(billingAddress)
.Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
var usergroups = internalOrganisation.UserGroupsWhereParty;
usergroups.Filter.AddEquals(UserGroups.Meta.Parent, new Roles(this.DatabaseSession).Operations.UserGroupWhereRole);
var orderProcessorUserGroup = usergroups.First;
new EmploymentBuilder(this.DatabaseSession)
.WithFromDate(DateTime.UtcNow)
.WithEmployee(orderProcessor2)
.WithEmployer(internalOrganisation)
.Build();
orderProcessorUserGroup.AddMember(orderProcessor2);
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor", "Forms"), new string[0]);
var pickList = new PickListBuilder(this.DatabaseSession).Build();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(pickList, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(PickLists.Meta.Picker));
Assert.IsTrue(acl.CanRead(PickLists.Meta.Picker));
Assert.IsTrue(acl.CanExecute(PickLists.Meta.Cancel));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor2", "Forms"), new string[0]);
acl = new AccessControlList(pickList, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
}
public void GivenSalesInvoiceCreatedBySalesRep_WhenCurrentUserIsSupplier_ThenAccessIsDenied()
{
var customer = new Organisations(this.DatabaseSession).FindBy(Organisations.Meta.Name, "customer");
var contactMechanism = new PostalAddressBuilder(this.DatabaseSession)
.WithAddress1("Haverwerf 15")
.WithPostalBoundary(new PostalBoundaryBuilder(this.DatabaseSession)
.WithLocality("Mechelen")
.WithCountry(new Countries(this.DatabaseSession).FindBy(Countries.Meta.IsoCode, "BE"))
.Build())
.Build();
var supplierContact = new PersonBuilder(this.DatabaseSession).WithUserName("suppliercontact").WithLastName("suppliercontact").Build();
var supplier = new OrganisationBuilder(this.DatabaseSession).WithName("supplier").Build();
new SupplierRelationshipBuilder(this.DatabaseSession)
.WithSupplier(supplier)
.WithInternalOrganisation(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithFromDate(DateTime.UtcNow)
.Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(supplierContact).WithOrganisation(supplier).WithFromDate(DateTime.UtcNow).Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("salesRep", "Forms"), new string[0]);
var invoice = new SalesInvoiceBuilder(this.DatabaseSession)
.WithBilledFromInternalOrganisation(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithBillToCustomer(customer)
.WithBillToContactMechanism(contactMechanism)
.Build();
new CustomerRelationshipBuilder(this.DatabaseSession).WithFromDate(DateTime.UtcNow).WithCustomer(customer).WithInternalOrganisation(Singleton.Instance(this.DatabaseSession).DefaultInternalOrganisation).Build();
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("suppliercontact", "Forms"), new string[0]);
var acl = new AccessControlList(invoice, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
}
public void GivenSalesOrderCreatedByCustomer_WhenCurrentUserIsSalesRepOfOrganisationThatTakesTheOrder_ThenAccessIsGranted()
{
var customer = new Organisations(this.DatabaseSession).FindBy(Organisations.Meta.Name, "customer");
var internalOrganisation = Singleton.Instance(this.DatabaseSession).DefaultInternalOrganisation;
new CustomerRelationshipBuilder(this.DatabaseSession).WithFromDate(DateTime.UtcNow).WithCustomer(customer).WithInternalOrganisation(internalOrganisation).Build();
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var customerContact = new PersonBuilder(this.DatabaseSession).WithFirstName("Koen").WithUserName("customerContact").Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession)
.WithContact(customerContact)
.WithOrganisation(new Organisations(this.DatabaseSession).FindBy(Organisations.Meta.Name, "customer"))
.Build();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customerContact", "Forms"), new string[0]);
var order = new SalesOrderBuilder(this.DatabaseSession)
.WithTakenByInternalOrganisation(internalOrganisation)
.WithBillToCustomer(customer)
.WithShipToCustomer(customer)
.WithShipToAddress(new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build())
.Build();
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("salesRep", "Forms"), new string[0]);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(SalesOrders.Meta.Confirm));
}
public void GivenOrderItem_WhenObjectStateIsPartiallyReceived_ThenProductChangeIsNotAllowed()
{
var administrator = new PersonBuilder(this.DatabaseSession).WithFirstName("Koen").WithUserName("admin").Build();
var administrators = new UserGroups(this.DatabaseSession).Administrators;
administrators.AddMember(administrator);
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
this.InstantiateObjects(this.DatabaseSession);
var good = new GoodBuilder(this.DatabaseSession)
.WithSku("10101")
.WithName("good")
.WithUnitOfMeasure(new UnitsOfMeasure(this.DatabaseSession).Piece)
.WithInventoryItemKind(new InventoryItemKinds(this.DatabaseSession).NonSerialized)
.WithVatRate(new VatRates(this.DatabaseSession).FindBy(VatRates.Meta.Rate,21))
.Build();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("admin", "Forms"), new string[0]);
var item = new PurchaseOrderItemBuilder(this.DatabaseSession)
.WithProduct(good)
.WithQuantityOrdered(3)
.WithActualUnitPrice(5)
.Build();
this.order.AddPurchaseOrderItem(item);
this.order.Confirm();
this.DatabaseSession.Derive(true);
var shipment = new PurchaseShipmentBuilder(this.DatabaseSession).WithShipFromParty(this.supplier).Build();
var shipmentItem = new ShipmentItemBuilder(this.DatabaseSession).WithGood(good).Build();
shipment.AddShipmentItem(shipmentItem);
new ShipmentReceiptBuilder(this.DatabaseSession)
.WithQuantityAccepted(1)
.WithShipmentItem(shipmentItem)
.WithOrderItem(item)
.Build();
shipment.AppsComplete();
this.DatabaseSession.Derive(true);
Assert.AreEqual(new PurchaseOrderItemObjectStates(this.DatabaseSession).PartiallyReceived, item.CurrentObjectState);
var acl = new AccessControlList(item, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanWrite(PurchaseOrderItems.Meta.Product));
}
public void GivenOrderItem_WhenObjectStateIsPartiallyShipped_ThenProductChangeIsNotAllowed()
{
var administrator = new PersonBuilder(this.DatabaseSession).WithFirstName("Koen").WithUserName("admin").Build();
var administrators = new UserGroups(this.DatabaseSession).Administrators;
administrators.AddMember(administrator);
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
this.InstantiateObjects(this.DatabaseSession);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("admin", "Forms"), new string[0]);
var inventoryItem = (NonSerializedInventoryItem)this.part.InventoryItemsWherePart[0];
inventoryItem.AddInventoryItemVariance(new InventoryItemVarianceBuilder(this.DatabaseSession).WithQuantity(1).WithReason(new VarianceReasons(this.DatabaseSession).Unknown).Build());
this.DatabaseSession.Derive(true);
var item = new SalesOrderItemBuilder(this.DatabaseSession)
.WithProduct(this.good)
.WithQuantityOrdered(3)
.WithActualUnitPrice(5)
.Build();
this.order.AddSalesOrderItem(item);
this.DatabaseSession.Derive(true);
this.order.Confirm();
this.DatabaseSession.Derive(true);
var shipment = (CustomerShipment)this.order.ShipToAddress.ShipmentsWhereShipToAddress[0];
var pickList = shipment.ShipmentItems[0].ItemIssuancesWhereShipmentItem[0].PickListItem.PickListWherePickListItem;
pickList.Picker = new Persons(this.DatabaseSession).FindBy(Persons.Meta.LastName, "orderProcessor");
pickList.SetPicked();
this.DatabaseSession.Derive(true);
var package = new ShipmentPackageBuilder(this.DatabaseSession).Build();
shipment.AddShipmentPackage(package);
foreach (ShipmentItem shipmentItem in shipment.ShipmentItems)
{
package.AddPackagingContent(new PackagingContentBuilder(this.DatabaseSession).WithShipmentItem(shipmentItem).WithQuantity(shipmentItem.Quantity).Build());
}
this.DatabaseSession.Derive(true);
shipment.Ship();
this.DatabaseSession.Derive(true);
Assert.AreEqual(new SalesOrderItemObjectStates(this.DatabaseSession).PartiallyShipped, item.CurrentObjectState);
var acl = new AccessControlList(item, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanWrite(SalesOrderItems.Meta.Product));
}
public void GivenPurchaseOrderCreatedByProcurementLevel1Role_WhenCurrentUserIsCustomer_ThenAccessIsDenied()
{
new PersonBuilder(this.DatabaseSession).WithUserName("customer").WithLastName("customer").Build();
var supplierContact = new PersonBuilder(this.DatabaseSession).WithUserName("suppliercontact").WithLastName("suppliercontact").Build();
var supplier = new OrganisationBuilder(this.DatabaseSession).WithName("supplier").Build();
new SupplierRelationshipBuilder(this.DatabaseSession)
.WithSupplier(supplier)
.WithInternalOrganisation(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithFromDate(DateTime.UtcNow)
.Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(supplierContact).WithOrganisation(supplier).WithFromDate(DateTime.UtcNow).Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("purchaser", "Forms"), new string[0]);
var order = new PurchaseOrderBuilder(this.DatabaseSession).WithTakenViaSupplier(supplier).Build();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customer", "Forms"), new string[0]);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
}
public void GivenPurchaseOrder_WhenTakenViaSupplierChangesValue_ThenAccessPreviousSupplierIsDenied()
{
var supplierContact = new PersonBuilder(this.DatabaseSession).WithUserName("suppliercontact").WithLastName("suppliercontact").Build();
var supplierContact2 = new PersonBuilder(this.DatabaseSession).WithUserName("suppliercontact2").WithLastName("suppliercontact2").Build();
var supplier = new OrganisationBuilder(this.DatabaseSession).WithName("supplier").Build();
var supplier2 = new OrganisationBuilder(this.DatabaseSession).WithName("supplier2").Build();
new SupplierRelationshipBuilder(this.DatabaseSession)
.WithSupplier(supplier)
.WithInternalOrganisation(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithFromDate(DateTime.UtcNow)
.Build();
new SupplierRelationshipBuilder(this.DatabaseSession)
.WithSupplier(supplier2)
.WithInternalOrganisation(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithFromDate(DateTime.UtcNow)
.Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(supplierContact).WithOrganisation(supplier).WithFromDate(DateTime.UtcNow).Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(supplierContact2).WithOrganisation(supplier2).WithFromDate(DateTime.UtcNow).Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("purchaser", "Forms"), new string[0]);
var order = new PurchaseOrderBuilder(this.DatabaseSession)
.WithTakenViaSupplier(supplier)
.Build();
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("suppliercontact", "Forms"), new string[0]);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanWrite(PurchaseOrders.Meta.OrderDate));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.OrderDate));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.OrderNumber));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.TotalExVat));
Assert.IsFalse(acl.CanExecute(PurchaseOrders.Meta.Confirm));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("suppliercontact2", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
order.TakenViaSupplier = supplier2;
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("suppliercontact", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("suppliercontact2", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanWrite(PurchaseOrders.Meta.OrderDate));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.OrderDate));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.OrderNumber));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.TotalExVat));
Assert.IsFalse(acl.CanExecute(PurchaseOrders.Meta.Confirm));
}
public void GivenSalesInvoice_WhenBillToCustomerChangesValue_ThenAccessPreviousCustomerIsDenied()
{
var customer = new Organisations(this.DatabaseSession).FindBy(Organisations.Meta.Name, "customer");
var customer2 = new OrganisationBuilder(this.DatabaseSession).WithName("customer2").Build();
var customerContact = new PersonBuilder(this.DatabaseSession).WithUserName("customercontact").WithLastName("customercontact").Build();
var customerContact2 = new PersonBuilder(this.DatabaseSession).WithUserName("customercontact2").WithLastName("customercontact2").Build();
var contactMechanism = new PostalAddressBuilder(this.DatabaseSession)
.WithAddress1("Haverwerf 15")
.WithPostalBoundary(new PostalBoundaryBuilder(this.DatabaseSession)
.WithLocality("Mechelen")
.WithCountry(new Countries(this.DatabaseSession).FindBy(Countries.Meta.IsoCode, "BE"))
.Build())
.Build();
new CustomerRelationshipBuilder(this.DatabaseSession)
.WithCustomer(customer2)
.WithInternalOrganisation(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithFromDate(DateTime.UtcNow.Date)
.Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(customerContact).WithOrganisation(customer).WithFromDate(DateTime.UtcNow).Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(customerContact2).WithOrganisation(customer2).WithFromDate(DateTime.UtcNow).Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("salesRep", "Forms"), new string[0]);
var invoice = new SalesInvoiceBuilder(this.DatabaseSession)
.WithBillToCustomer(customer)
.WithBillToContactMechanism(contactMechanism)
.WithBilledFromInternalOrganisation(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.Build();
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact", "Forms"), new string[0]);
var acl = new AccessControlList(invoice, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanWrite(SalesInvoices.Meta.InvoiceDate));
Assert.IsTrue(acl.CanRead(SalesInvoices.Meta.InvoiceDate));
Assert.IsTrue(acl.CanRead(SalesInvoices.Meta.InvoiceNumber));
Assert.IsTrue(acl.CanRead(SalesInvoices.Meta.TotalExVat));
Assert.IsFalse(acl.CanExecute(SalesInvoices.Meta.Send));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact2", "Forms"), new string[0]);
acl = new AccessControlList(invoice, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
invoice.BillToCustomer = customer2;
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact", "Forms"), new string[0]);
acl = new AccessControlList(invoice, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact2", "Forms"), new string[0]);
acl = new AccessControlList(invoice, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanWrite(SalesInvoices.Meta.InvoiceDate));
Assert.IsTrue(acl.CanRead(SalesInvoices.Meta.InvoiceDate));
Assert.IsTrue(acl.CanRead(SalesInvoices.Meta.InvoiceNumber));
Assert.IsTrue(acl.CanRead(SalesInvoices.Meta.TotalExVat));
Assert.IsFalse(acl.CanExecute(SalesInvoices.Meta.Send));
}
public void GivenPurchaseOrderCreatedByProcurementLevel1Role_WhenCurrentUserInAnotherProcurementLevel1RoleUserGroup_ThenAccessIsDenied()
{
var belgium = new Countries(this.DatabaseSession).CountryByIsoCode["BE"];
var euro = belgium.Currency;
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var mechelenAddress = new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build();
var billToMechelen = new PartyContactMechanismBuilder(this.DatabaseSession)
.WithContactMechanism(mechelenAddress)
.WithContactPurpose(new ContactMechanismPurposes(this.DatabaseSession).BillingAddress)
.WithUseAsDefault(true)
.Build();
var bank = new BankBuilder(this.DatabaseSession).WithCountry(belgium).WithName("ING België").WithBic("BBRUBEBB").Build();
var ownBankAccount = new OwnBankAccountBuilder(this.DatabaseSession)
.WithDescription("BE23 3300 6167 6391")
.WithBankAccount(new BankAccountBuilder(this.DatabaseSession).WithBank(bank).WithCurrency(euro).WithIban("BE23 3300 6167 6391").WithNameOnAccount("Koen").Build())
.Build();
var purchaser2 = new PersonBuilder(this.DatabaseSession).WithLastName("purchaser2").WithUserName("purchaser2").Build();
var internalOrganisation = new InternalOrganisationBuilder(this.DatabaseSession)
.WithName("new internalOrganisation")
.WithLocale(Singleton.Instance(this.DatabaseSession).DefaultLocale)
.WithEmployeeRole(new Roles(this.DatabaseSession).Administrator)
.WithDefaultPaymentMethod(ownBankAccount)
.WithPreferredCurrency(euro)
.WithPartyContactMechanism(billToMechelen)
.Build();
var supplier = new OrganisationBuilder(this.DatabaseSession).WithName("supplier").Build();
new SupplierRelationshipBuilder(this.DatabaseSession).WithSupplier(supplier).WithInternalOrganisation(internalOrganisation).Build();
new EmploymentBuilder(this.DatabaseSession)
.WithFromDate(DateTime.UtcNow)
.WithEmployee(purchaser2)
.WithEmployer(internalOrganisation)
.Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("purchaser", "Forms"), new string[0]);
var order = new PurchaseOrderBuilder(this.DatabaseSession).WithTakenViaSupplier(supplier).WithShipToBuyer(internalOrganisation).Build();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(PurchaseOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(PurchaseOrders.Meta.Confirm));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("purchaser2", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
}
private object[][] GetRoles(IObject obj)
{
var composite = (Composite)obj.Strategy.Class;
IList<RoleType> roleTypes;
if (composite.RoleTypesByGroup.TryGetValue(@group, out roleTypes))
{
if (roleTypes.Count > 0)
{
AccessControlList acl = null;
if (obj is AccessControlledObject)
{
acl = new AccessControlList(obj, this.user);
}
var roles = new List<object[]>();
foreach (var roleType in roleTypes)
{
var propertyName = roleType.SingularPropertyName;
var canRead = acl == null || acl.CanRead(roleType);
var canWrite = acl != null && acl.CanWrite(roleType);
var access = ((canRead ? "r" : string.Empty) + (canWrite ? "w" : string.Empty));
if (canRead)
{
if (roleType.ObjectType.IsUnit)
{
var role = obj.Strategy.GetUnitRole(roleType);
if (role != null)
{
roles.Add(new[] { propertyName, access, role });
}
}
else
{
if (roleType.IsOne)
{
var role = obj.Strategy.GetCompositeRole(roleType);
if (role != null)
{
roles.Add(new object[] { propertyName, access, role.Id.ToString() });
}
}
else
{
var role = obj.Strategy.GetCompositeRoles(roleType);
if (role.Count != 0)
{
var ids = role.Cast<IObject>().Select(roleObject => roleObject.Id.ToString()).ToList();
roles.Add(new object[] { propertyName, access, ids });
}
}
}
}
else
{
roles.Add(new object[] { propertyName, access });
}
}
return roles.ToArray();
}
}
return EmptyRoles;
}
public void GivenCustomerShipmentCreatedByOrderProcessor_WhenCurrentUserIsCustomerContact_ThenReadAccessIsGranted()
{
var customerContact = new PersonBuilder(this.DatabaseSession).WithUserName("customercontact").WithLastName("customercontact").Build();
var employee = new PersonBuilder(this.DatabaseSession).WithUserName("employee").WithLastName("employee").Build();
var customer = new OrganisationBuilder(this.DatabaseSession).WithName("customer").Build();
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var shipToAddress = new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build();
new CustomerRelationshipBuilder(this.DatabaseSession)
.WithCustomer(customer)
.WithInternalOrganisation(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithFromDate(DateTime.UtcNow)
.Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(customerContact).WithOrganisation(customer).WithFromDate(DateTime.UtcNow).Build();
new EmploymentBuilder(this.DatabaseSession)
.WithEmployee(employee)
.WithEmployer(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithFromDate(DateTime.UtcNow)
.Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor", "Forms"), new string[0]);
var shipment = new CustomerShipmentBuilder(this.DatabaseSession)
.WithShipToParty(customer)
.WithShipToAddress(shipToAddress)
.WithShipmentMethod(new ShipmentMethods(this.DatabaseSession).Boat)
.Build();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(shipment, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(CustomerShipments.Meta.ShipToParty));
Assert.IsTrue(acl.CanRead(CustomerShipments.Meta.ShipToParty));
Assert.IsTrue(acl.CanExecute(CustomerShipments.Meta.Cancel));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact", "Forms"), new string[0]);
acl = new AccessControlList(shipment, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanWrite(CustomerShipments.Meta.ShipToParty));
Assert.IsTrue(acl.CanRead(CustomerShipments.Meta.ShipToParty));
Assert.IsFalse(acl.CanExecute(CustomerShipments.Meta.Cancel));
}
public void GivenCustomerShipmentCreatedByOrderProcessor_WhenCurrentUserInSameOrderProcessorUserGroup_ThenAccessIsGranted()
{
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var orderProcessor2 = new PersonBuilder(this.DatabaseSession).WithLastName("orderProcessor2").WithUserName("orderProcessor2").Build();
var internalOrganisation = new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation");
var shipToAddress = new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build();
var usergroups = internalOrganisation.UserGroupsWhereParty;
var orderProcessorUserGroup = usergroups.First;
new EmploymentBuilder(this.DatabaseSession)
.WithFromDate(DateTime.UtcNow)
.WithEmployee(orderProcessor2)
.WithEmployer(internalOrganisation)
.Build();
orderProcessorUserGroup.AddMember(orderProcessor2);
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor", "Forms"), new string[0]);
var customer = new PersonBuilder(this.DatabaseSession).WithLastName("customer").Build();
var shipment = new CustomerShipmentBuilder(this.DatabaseSession)
.WithShipToParty(customer)
.WithShipToAddress(shipToAddress)
.WithShipmentMethod(new ShipmentMethods(this.DatabaseSession).Boat)
.Build();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(shipment, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(CustomerShipments.Meta.ShipToParty));
Assert.IsTrue(acl.CanRead(CustomerShipments.Meta.ShipToParty));
Assert.IsTrue(acl.CanExecute(CustomerShipments.Meta.Cancel));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor2", "Forms"), new string[0]);
acl = new AccessControlList(shipment, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(CustomerShipments.Meta.ShipToParty));
Assert.IsTrue(acl.CanRead(CustomerShipments.Meta.ShipToParty));
Assert.IsTrue(acl.CanExecute(CustomerShipments.Meta.Cancel));
}
public void GivenCustomerShipment_WhenObjectStateIsShipped_ThenCheckTransitions()
{
var assessable = new VatRegimes(this.DatabaseSession).Assessable;
var vatRate21 = new VatRateBuilder(this.DatabaseSession).WithRate(0).Build();
assessable.VatRate = vatRate21;
var good1 = new GoodBuilder(this.DatabaseSession)
.WithSku("10101")
.WithVatRate(vatRate21)
.WithName("good1")
.WithInventoryItemKind(new InventoryItemKinds(this.DatabaseSession).NonSerialized)
.WithUnitOfMeasure(new UnitsOfMeasure(this.DatabaseSession).Piece)
.Build();
var inventoryItem = new NonSerializedInventoryItemBuilder(this.DatabaseSession).WithGood(good1).Build();
inventoryItem.AddInventoryItemVariance(new InventoryItemVarianceBuilder(this.DatabaseSession).WithQuantity(100).WithReason(new VarianceReasons(this.DatabaseSession).Ruined).Build());
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var mechelenAddress = new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build();
var shipToMechelen = new PartyContactMechanismBuilder(this.DatabaseSession)
.WithContactMechanism(mechelenAddress)
.WithContactPurpose(new ContactMechanismPurposes(this.DatabaseSession).ShippingAddress)
.WithUseAsDefault(true)
.Build();
var billToMechelen = new PartyContactMechanismBuilder(this.DatabaseSession)
.WithContactMechanism(mechelenAddress)
.WithContactPurpose(new ContactMechanismPurposes(this.DatabaseSession).BillingAddress)
.WithUseAsDefault(true)
.Build();
var customer = new PersonBuilder(this.DatabaseSession).WithLastName("customer").WithPartyContactMechanism(shipToMechelen).WithPartyContactMechanism(billToMechelen).Build();
var internalOrganisation = new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation");
new CustomerRelationshipBuilder(this.DatabaseSession).WithFromDate(DateTime.UtcNow).WithCustomer(customer).WithInternalOrganisation(internalOrganisation).Build();
this.DatabaseSession.Derive(true);
var order = new SalesOrderBuilder(this.DatabaseSession)
.WithBillToCustomer(customer)
.WithShipToCustomer(customer)
.WithVatRegime(assessable)
.Build();
var item1 = new SalesOrderItemBuilder(this.DatabaseSession).WithProduct(good1).WithQuantityOrdered(1).WithActualUnitPrice(15).Build();
order.AddSalesOrderItem(item1);
this.DatabaseSession.Derive(true);
order.Confirm();
this.DatabaseSession.Derive(true);
var shipment = (CustomerShipment)item1.OrderShipmentsWhereSalesOrderItem[0].ShipmentItem.ShipmentWhereShipmentItem;
var pickList = shipment.ShipmentItems[0].ItemIssuancesWhereShipmentItem[0].PickListItem.PickListWherePickListItem;
pickList.Picker = new Persons(this.DatabaseSession).FindBy(Persons.Meta.LastName, "orderProcessor");
pickList.SetPicked();
var package = new ShipmentPackageBuilder(this.DatabaseSession).Build();
shipment.AddShipmentPackage(package);
foreach (ShipmentItem shipmentItem in shipment.ShipmentItems)
{
package.AddPackagingContent(new PackagingContentBuilder(this.DatabaseSession).WithShipmentItem(shipmentItem).WithQuantity(shipmentItem.Quantity).Build());
}
this.DatabaseSession.Derive(true);
shipment.Ship();
var acl = new AccessControlList(shipment, new Users(this.DatabaseSession).GetCurrentUser());
Assert.AreEqual(new CustomerShipmentObjectStates(this.DatabaseSession).Shipped, shipment.CurrentObjectState);
Assert.IsFalse(acl.CanExecute(CustomerShipments.Meta.Cancel));
Assert.IsFalse(acl.CanWrite(CustomerShipments.Meta.HandlingInstruction));
}
public void GivenCustomerShipment_WhenObjectStateIsCreated_ThenCheckTransitions()
{
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var shipToAddress = new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor", "Forms"), new string[0]);
var customer = new PersonBuilder(this.DatabaseSession).WithLastName("customer").Build();
var shipment = new CustomerShipmentBuilder(this.DatabaseSession)
.WithShipToParty(customer)
.WithShipToAddress(shipToAddress)
.WithShipmentMethod(new ShipmentMethods(this.DatabaseSession).Ground)
.Build();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(shipment, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanExecute(CustomerShipments.Meta.Cancel));
}
public void GivenPurchaseOrderCreatedByProcurementLevel1Role_WhenCurrentUserInAdministratorRole_ThenAccessIsGranted()
{
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("purchaser", "Forms"), new string[0]);
var order = new PurchaseOrderBuilder(this.DatabaseSession).Build();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("administrator", "Forms"), new string[0]);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(PurchaseOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(PurchaseOrders.Meta.Confirm));
}
public void GivenPickListCreatedByOrderProcessor_WhenCurrentUserInSameOrderProcessorUserGroup_ThenAccessIsGranted()
{
var orderProcessor2 = new PersonBuilder(this.DatabaseSession).WithLastName("orderProcessor2").WithUserName("orderProcessor2").Build();
var internalOrganisation = new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation");
var usergroups = internalOrganisation.UserGroupsWhereParty;
usergroups.Filter.AddEquals(UserGroups.Meta.Parent, new Roles(this.DatabaseSession).Operations.UserGroupWhereRole);
var orderProcessorUserGroup = usergroups.First;
new EmploymentBuilder(this.DatabaseSession)
.WithFromDate(DateTime.UtcNow)
.WithEmployee(orderProcessor2)
.WithEmployer(internalOrganisation)
.Build();
orderProcessorUserGroup.AddMember(orderProcessor2);
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor", "Forms"), new string[0]);
var pickList = new PickListBuilder(this.DatabaseSession).Build();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(pickList, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(PickLists.Meta.Picker));
Assert.IsTrue(acl.CanRead(PickLists.Meta.Picker));
Assert.IsTrue(acl.CanExecute(PickLists.Meta.Cancel));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor2", "Forms"), new string[0]);
acl = new AccessControlList(pickList, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(PickLists.Meta.Picker));
Assert.IsTrue(acl.CanRead(PickLists.Meta.Picker));
Assert.IsTrue(acl.CanExecute(PickLists.Meta.Cancel));
}
public void GivenPurchaseOrderCreatedByProcurementLevel1Role_WhenCurrentUserInSameProcurementLevel1RoleUserGroup_ThenAccessIsGranted()
{
var supplier = new OrganisationBuilder(this.DatabaseSession).WithName("supplier").Build();
var internalOrganisation = new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation");
new SupplierRelationshipBuilder(this.DatabaseSession).WithSupplier(supplier).WithInternalOrganisation(internalOrganisation).Build();
var purchaser2 = new PersonBuilder(this.DatabaseSession).WithLastName("purchaser2").WithUserName("purchaser2").Build();
new EmploymentBuilder(this.DatabaseSession)
.WithFromDate(DateTime.UtcNow)
.WithEmployee(purchaser2)
.WithEmployer(internalOrganisation)
.Build();
var usergroups = internalOrganisation.UserGroupsWhereParty;
var userGroup = usergroups.First;
userGroup.AddMember(purchaser2);
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("purchaser", "Forms"), new string[0]);
var order = new PurchaseOrderBuilder(this.DatabaseSession).WithTakenViaSupplier(supplier).Build();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(PurchaseOrders.Meta.Confirm));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("purchaser2", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(PurchaseOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(PurchaseOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(PurchaseOrders.Meta.Confirm));
}
public void GivenPickList_WhenObjectStateIsPicked_ThenCheckTransitions()
{
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor", "Forms"), new string[0]);
var pickList = new PickListBuilder(this.DatabaseSession).Build();
this.DatabaseSession.Derive(true);
pickList.SetPicked();
this.DatabaseSession.Derive(true);
var acl = new AccessControlList(pickList, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanExecute(PickLists.Meta.Cancel));
Assert.IsFalse(acl.CanExecute(PickLists.Meta.SetPicked));
}
public void GivenPurchaseOrder_WhenObjectStateIsOnHold_ThenCheckTransitions()
{
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("orderProcessor", "Forms"), new string[0]);
var supplier = new OrganisationBuilder(this.DatabaseSession).WithName("supplier").Build();
var internalOrganisation = new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation");
new SupplierRelationshipBuilder(this.DatabaseSession).WithSupplier(supplier).WithInternalOrganisation(internalOrganisation).Build();
var order = new PurchaseOrderBuilder(this.DatabaseSession)
.WithTakenViaSupplier(supplier)
.WithBillToPurchaser(internalOrganisation)
.Build();
order.Confirm();
this.DatabaseSession.Derive(true);
order.Hold();
this.DatabaseSession.Derive(true);
Assert.AreEqual(new PurchaseOrderObjectStates(this.DatabaseSession).OnHold, order.CurrentObjectState);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanExecute(PurchaseOrders.Meta.Cancel));
Assert.IsTrue(acl.CanExecute(PurchaseOrders.Meta.Continue));
Assert.IsFalse(acl.CanExecute(PurchaseOrders.Meta.Confirm));
Assert.IsFalse(acl.CanExecute(PurchaseOrders.Meta.Reject));
Assert.IsFalse(acl.CanExecute(PurchaseOrders.Meta.Approve));
Assert.IsFalse(acl.CanExecute(PurchaseOrders.Meta.Hold));
}
public void GivenSalesOrder_WhenCustomerChangesValue_ThenAccessPreviousCustomerIsDenied()
{
var internalOrganisation = Singleton.Instance(this.DatabaseSession).DefaultInternalOrganisation;
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var customerContact1 = new PersonBuilder(this.DatabaseSession).WithUserName("customercontact1").WithLastName("customercontact1").Build();
var customerContact2 = new PersonBuilder(this.DatabaseSession).WithUserName("customercontact2").WithLastName("customercontact2").Build();
var employee = new PersonBuilder(this.DatabaseSession).WithUserName("employee").WithLastName("employee").Build();
var customer1 = new OrganisationBuilder(this.DatabaseSession).WithName("customer1").Build();
var customer2 = new OrganisationBuilder(this.DatabaseSession).WithName("customer2").Build();
new CustomerRelationshipBuilder(this.DatabaseSession)
.WithCustomer(customer1)
.WithInternalOrganisation(internalOrganisation)
.WithFromDate(DateTime.UtcNow)
.Build();
new CustomerRelationshipBuilder(this.DatabaseSession)
.WithCustomer(customer2)
.WithInternalOrganisation(internalOrganisation)
.WithFromDate(DateTime.UtcNow)
.Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(customerContact1).WithOrganisation(customer1).WithFromDate(DateTime.UtcNow).Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(customerContact2).WithOrganisation(customer2).WithFromDate(DateTime.UtcNow).Build();
new EmploymentBuilder(this.DatabaseSession)
.WithEmployee(employee)
.WithEmployer(new InternalOrganisations(this.DatabaseSession).FindBy(InternalOrganisations.Meta.Name, "internalOrganisation"))
.WithFromDate(DateTime.UtcNow)
.Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("employee", "Forms"), new string[0]);
var order = new SalesOrderBuilder(this.DatabaseSession)
.WithTakenByInternalOrganisation(internalOrganisation)
.WithShipToCustomer(customer1)
.WithBillToCustomer(customer1)
.WithShipToAddress(new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build())
.Build();
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact1", "Forms"), new string[0]);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(SalesOrders.Meta.Confirm));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact2", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
order.BillToCustomer = customer2;
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact1", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(SalesOrders.Meta.Confirm));
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact2", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(SalesOrders.Meta.Confirm));
order.ShipToCustomer = customer2;
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact1", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customercontact2", "Forms"), new string[0]);
acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(SalesOrders.Meta.Confirm));
}
public SaveResponse Build()
{
if (this.saveRequest.Objects == null || this.saveRequest.Objects.Length == 0)
{
return new SaveResponse { HasErrors = false };
}
// bulk load all objects
var objectIds = saveRequest.Objects.Select(v => v.I).ToArray();
this.session.Instantiate(objectIds);
var accessErrorRoleTypesByObject = new Dictionary<IObject, IList<RoleType>>();
foreach (var saveRequestObject in saveRequest.Objects)
{
var obj = this.session.Instantiate(saveRequestObject.I);
var composite = (Composite)obj.Strategy.Class;
var roleTypes = composite.RoleTypesByGroup[@group];
var acl = new AccessControlList(obj, this.user);
foreach (var saveRequestRole in saveRequestObject.Roles)
{
var roleTypeName = saveRequestRole.T;
var roleType = roleTypes.FirstOrDefault(v => v.SingularPropertyName.Equals(roleTypeName));
if (roleType != null)
{
if (acl.CanWrite(roleType))
{
if (roleType.ObjectType.IsUnit)
{
var role = saveRequestRole.S;
obj.Strategy.SetUnitRole(roleType, role);
}
else
{
if (roleType.IsOne)
{
var roleId = (string)saveRequestRole.S;
if (string.IsNullOrEmpty(roleId))
{
obj.Strategy.RemoveCompositeRole(roleType);
}
else
{
var role = this.session.Instantiate(roleId);
// TODO: log error if role is null
obj.Strategy.SetCompositeRole(roleType, role);
}
}
else
{
// Set
if (saveRequestRole.S!=null)
{
var roleIds = (string[])saveRequestRole.S;
if (roleIds.Length == 0)
{
obj.Strategy.RemoveCompositeRole(roleType);
}
else
{
var roles = this.session.Instantiate(roleIds);
// TODO: log error if roles are missing
obj.Strategy.SetCompositeRoles(roleType, roles);
}
}
// Add
if (saveRequestRole.A != null)
{
var roleIds = saveRequestRole.A;
if (roleIds.Length != 0)
{
var roles = this.session.Instantiate(roleIds);
// TODO: log error if roles are missing
foreach (var role in roles)
{
obj.Strategy.AddCompositeRole(roleType, role);
}
}
}
// Remove
if (saveRequestRole.R != null)
{
var roleIds = saveRequestRole.R;
if (roleIds.Length != 0)
{
var roles = this.session.Instantiate(roleIds);
// TODO: log error if roles are missing
foreach (var role in roles)
{
obj.Strategy.RemoveCompositeRole(roleType, role);
}
}
}
}
}
}
else
{
IList<RoleType> accessErrorRoleTypes;
if (!accessErrorRoleTypesByObject.TryGetValue(obj, out accessErrorRoleTypes))
{
accessErrorRoleTypes = new List<RoleType>();
accessErrorRoleTypesByObject.Add(obj, accessErrorRoleTypes);
}
accessErrorRoleTypes.Add(roleType);
}
}
}
}
var derivationLog = this.session.Derive();
var saveResponse = new SaveResponse
{
Errors = GetObjects(derivationLog, accessErrorRoleTypesByObject)
};
saveResponse.HasErrors = saveResponse.Errors.Count > 0;
if (!saveResponse.HasErrors)
{
this.session.Commit();
}
return saveResponse;
}
public void GivenSalesOrder_WhenObjectStateIsRejected_ThenCheckTransitions()
{
var customer = new PersonBuilder(this.DatabaseSession).WithFirstName("Koen").WithUserName("customer").Build();
var internalOrganisation = Singleton.Instance(this.DatabaseSession).DefaultInternalOrganisation;
new CustomerRelationshipBuilder(this.DatabaseSession).WithFromDate(DateTime.UtcNow).WithCustomer(customer).WithInternalOrganisation(internalOrganisation).Build();
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customer", "Forms"), new string[0]);
var order = new SalesOrderBuilder(this.DatabaseSession)
.WithBillToCustomer(customer)
.WithShipToCustomer(customer)
.WithShipToAddress(new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build())
.Build();
this.DatabaseSession.Derive(true);
order.Reject();
this.DatabaseSession.Derive(true);
Assert.AreEqual(new SalesOrderObjectStates(this.DatabaseSession).Rejected, order.CurrentObjectState);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanExecute(SalesOrders.Meta.Confirm));
Assert.IsFalse(acl.CanExecute(SalesOrders.Meta.Cancel));
Assert.IsFalse(acl.CanExecute(SalesOrders.Meta.Reject));
Assert.IsFalse(acl.CanExecute(SalesOrders.Meta.Approve));
Assert.IsFalse(acl.CanExecute(SalesOrders.Meta.Continue));
Assert.IsFalse(acl.CanExecute(SalesOrders.Meta.Hold));
}
public void GivenOrderItem_WhenObjectStateIsRejected_ThenItemMayNotBeCancelledOrRejectedOrDeleted()
{
var administrator = new PersonBuilder(this.DatabaseSession).WithFirstName("Koen").WithUserName("admin").Build();
var administrators = new UserGroups(this.DatabaseSession).Administrators;
administrators.AddMember(administrator);
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
this.InstantiateObjects(this.DatabaseSession);
var good = new GoodBuilder(this.DatabaseSession)
.WithSku("10101")
.WithName("good")
.WithUnitOfMeasure(new UnitsOfMeasure(this.DatabaseSession).Piece)
.WithInventoryItemKind(new InventoryItemKinds(this.DatabaseSession).NonSerialized)
.WithVatRate(new VatRates(this.DatabaseSession).FindBy(VatRates.Meta.Rate,21))
.Build();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("admin", "Forms"), new string[0]);
var item = new PurchaseOrderItemBuilder(this.DatabaseSession)
.WithProduct(good)
.WithQuantityOrdered(3)
.WithActualUnitPrice(5)
.Build();
this.order.AddPurchaseOrderItem(item);
this.DatabaseSession.Derive(true);
item.Reject();
this.DatabaseSession.Derive(true);
Assert.AreEqual(new PurchaseOrderItemObjectStates(this.DatabaseSession).Rejected, item.CurrentObjectState);
var acl = new AccessControlList(item, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanExecute(PurchaseOrderItems.Meta.Cancel));
Assert.IsFalse(acl.CanExecute(PurchaseOrderItems.Meta.Reject));
Assert.IsFalse(acl.CanExecute(PurchaseOrderItems.Meta.Delete));
}
public void GivenSalesOrderCreatedByCustomer_WhenCurrentUserInAdministratorRole_ThenAccessIsGranted()
{
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var customer = new PersonBuilder(this.DatabaseSession).WithLastName("customer").WithUserName("customer").Build();
var internalOrganisation = Singleton.Instance(this.DatabaseSession).DefaultInternalOrganisation;
new CustomerRelationshipBuilder(this.DatabaseSession).WithFromDate(DateTime.UtcNow).WithCustomer(customer).WithInternalOrganisation(internalOrganisation).Build();
var administrator = new PersonBuilder(this.DatabaseSession).WithFirstName("Koen").WithUserName("admin").Build();
var administrators = new UserGroups(this.DatabaseSession).Administrators;
administrators.AddMember(administrator);
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customer", "Forms"), new string[0]);
var order = new SalesOrderBuilder(this.DatabaseSession)
.WithBillToCustomer(customer)
.WithShipToCustomer(customer)
.WithShipToAddress(new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build())
.Build();
this.DatabaseSession.Derive(true);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("admin", "Forms"), new string[0]);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsTrue(acl.CanWrite(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanRead(SalesOrders.Meta.Comment));
Assert.IsTrue(acl.CanExecute(SalesOrders.Meta.Confirm));
}
public void GivenOrderItem_WhenObjectStateIsRejected_ThenItemMayNotBeCancelledOrRejectedOrDeleted()
{
var administrator = new PersonBuilder(this.DatabaseSession).WithFirstName("Koen").WithUserName("admin").Build();
var administrators = new UserGroups(this.DatabaseSession).Administrators;
administrators.AddMember(administrator);
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
this.InstantiateObjects(this.DatabaseSession);
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("admin", "Forms"), new string[0]);
var item = new SalesOrderItemBuilder(this.DatabaseSession)
.WithProduct(this.good)
.WithQuantityOrdered(3)
.WithActualUnitPrice(5)
.Build();
this.order.AddSalesOrderItem(item);
this.DatabaseSession.Derive(true);
item.Reject();
this.DatabaseSession.Derive(true);
Assert.AreEqual(new SalesOrderItemObjectStates(this.DatabaseSession).Rejected, item.CurrentObjectState);
var acl = new AccessControlList(item, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.CanExecute(SalesOrderItems.Meta.Cancel));
Assert.IsFalse(acl.CanExecute(SalesOrderItems.Meta.Reject));
}
public void GivenSalesOrderCreatedByCustomer_WhenCurrentUserInSupplierRole_ThenAccessIsDenied()
{
var customer = new PersonBuilder(this.DatabaseSession).WithLastName("customer").WithUserName("customer").Build();
var internalOrganisation = Singleton.Instance(this.DatabaseSession).DefaultInternalOrganisation;
new CustomerRelationshipBuilder(this.DatabaseSession).WithFromDate(DateTime.UtcNow).WithCustomer(customer).WithInternalOrganisation(internalOrganisation).Build();
var mechelen = new CityBuilder(this.DatabaseSession).WithName("Mechelen").Build();
var supplierContact = new PersonBuilder(this.DatabaseSession).WithLastName("suppliercontact").WithUserName("suppliercontact").Build();
var supplier = new OrganisationBuilder(this.DatabaseSession).WithName("supplier").Build();
new SupplierRelationshipBuilder(this.DatabaseSession)
.WithSupplier(supplier)
.WithInternalOrganisation(internalOrganisation)
.WithFromDate(DateTime.UtcNow)
.Build();
new OrganisationContactRelationshipBuilder(this.DatabaseSession).WithContact(supplierContact).WithOrganisation(supplier).WithFromDate(DateTime.UtcNow).Build();
this.DatabaseSession.Derive(true);
this.DatabaseSession.Commit();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("customer", "Forms"), new string[0]);
var order = new SalesOrderBuilder(this.DatabaseSession)
.WithBillToCustomer(customer)
.WithShipToCustomer(customer)
.WithShipToAddress(new PostalAddressBuilder(this.DatabaseSession).WithGeographicBoundary(mechelen).WithAddress1("Haverwerf 15").Build())
.Build();
Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity("suppliercontact", "Forms"), new string[0]);
var acl = new AccessControlList(order, new Users(this.DatabaseSession).GetCurrentUser());
Assert.IsFalse(acl.HasReadOperation);
}
