public void CanAuthorizeAgainstAType()
{
UserPermission user = new UserPermission();
Create createAction = new Create();
createAction.AddSubject(typeof(AddressModel));
user.AddAuthorization(createAction);
Assert.IsTrue(createAction.AppliesTo(typeof(AddressModel)));
bool? canCreate = user.Can(Actions.Create, typeof(AddressModel));
Assert.IsTrue(canCreate == true);
}
public void AuthorizingAgainstTheTypeGivesAuthorityForAllInstances()
{
UserPermission user = new UserPermission();
Update updateAction = new Update();
AddressModel address = new AddressModel();
updateAction.AddSubject(typeof(AddressModel));
user.AddAuthorization(updateAction);
Assert.IsTrue(updateAction.AppliesTo(address));
bool? canUpdate = user.Can(Actions.Update, address);
Assert.IsTrue(canUpdate == true);
}
public void CanAuthorizedAgainstAnInstance()
{
UserPermission user = new UserPermission();
AddressModel address = new AddressModel();
Update updateAction = new Update(address);
user.AddAuthorization(updateAction);
bool? canUpdate = user.Can(Actions.Update, address);
Assert.IsTrue(canUpdate == true);
AddressModel differentAddress = new AddressModel();
canUpdate = user.Can(Actions.Update, differentAddress);
Assert.IsTrue(canUpdate == false);
canUpdate = user.Can(Actions.Update, typeof(AddressModel));
Assert.IsTrue(canUpdate == false);
}
public void CanAuthorizedAgainstAnInstanceButNotAgainstAnotherInstance()
{
UserPermission user = new UserPermission();
AddressModel address = new AddressModel();
Create createAction = new Create();
createAction.AddSubject(address);
user.AddAuthorization(createAction);
bool? canUpdate = user.Can(Actions.Create, address);
Assert.IsTrue(canUpdate == true);
AddressModel secondAddress = new AddressModel();
canUpdate = user.Can(Actions.Create, secondAddress);
Assert.IsTrue(canUpdate == false);
}
public void UncertainWithoutAnyIndication()
{
UserPermission user = new UserPermission();
bool? canCreate = user.Can(Actions.Create, typeof(AddressModel));
Assert.IsNull(canCreate);
}
public void UnauthorizedAgainstTheTypePreventsAuthorizationForAllInstances()
{
// If we are unauthorized against a type,
// then even if we authorize against an instance
// we are not authorized
UserPermission user = new UserPermission();
Update updateAction = new Update(typeof(AddressModel));
AddressModel address = new AddressModel();
user.AddUnauthorization(updateAction);
Assert.IsTrue(updateAction.AppliesTo(address));
bool? canUpdate = user.Can(Actions.Update, address);
Assert.IsTrue(canUpdate == false);
// now authorize against an instance
Update authorizeInstanceUpdateAction = new Update();
authorizeInstanceUpdateAction.AddSubject(address);
user.AddAuthorization(authorizeInstanceUpdateAction);
canUpdate = user.Can(Actions.Update, address);
Assert.IsTrue(canUpdate == false);
}
public void UnauthorizedDominatesOverAuthorized()
{
UserPermission user = new UserPermission();
user.AddUnauthorization(Actions.Create);
user.AddAuthorization(Actions.Create);
bool? canCreate = user.Can(Actions.Create, typeof(AddressModel));
Assert.IsTrue(canCreate == false);
}
public void TestUserCanDoAnything()
{
UserPermission user = new UserPermission();
user.AddAuthorization(Actions.Manage);
bool? canCreate = user.Can(Actions.Create, typeof(AddressModel));
Assert.IsTrue(canCreate == true);
canCreate = user.Can(Actions.Delete, typeof(AddressModel));
Assert.IsTrue(canCreate == true);
}
public void TestNotCertainIfCanCreate()
{
UserPermission user = new UserPermission();
bool? canCreate = user.Can(Actions.Create, typeof(AddressModel));
Assert.IsTrue(canCreate == null);
}
public void TestCannotCreateAnything()
{
UserPermission user = new UserPermission();
user.AddUnauthorization(Actions.Create);
bool? canCreate = user.Can(Actions.Create, typeof(AddressModel));
Assert.IsTrue(canCreate == false);
}
public void ManagingActionIsUnionOfAllActions()
{
// When we have a Manage Action,
// we can do all actions
UserPermission user = new UserPermission();
Manage manageAction = new Manage();
AddressModel address = new AddressModel();
user.AddAuthorization(manageAction);
Assert.IsTrue(manageAction.AppliesTo(address));
bool? canUpdate = user.Can(Actions.Update, address);
Assert.IsTrue(canUpdate == true);
}
public void GetAuthorizationsForPersistance()
{
UserPermission user = new UserPermission();
Create createAction = new Create(typeof(AddressModel));
user.AddAuthorization(createAction);
JsonSerializerSettings settings = new JsonSerializerSettings
{
TypeNameHandling = TypeNameHandling.All,
Formatting = Formatting.Indented
};
string serialized = JsonConvert.SerializeObject(user, settings);
UserPermission deserializedUser = JsonConvert.DeserializeObject<UserPermission>(serialized, settings);
// Now make sure deserialized object has same behaviour
Assert.IsTrue(user.Can(Actions.Create, typeof(AddressModel)) == true);
Assert.IsTrue(deserializedUser.Can(Actions.Create, typeof(AddressModel)) == true);
}
