public void LoginAdmin()
{
Assume.That(adminDataApiClient.IsAvailable());
var adminUserAuthenticationResult = adminDataApiClient.Login(ApiSetup.UnitTestAdminUsername, ApiSetup.UnitTestAdminPassword);
Assume.That(adminDataApiClient.LoginMethod, Is.EqualTo(LoginMethod.JsonWebToken));
if (!adminUserAuthenticationResult.IsAuthenticated)
{
throw new Exception("Could not log unit test admin in");
}
analystAuthenticationResult = UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out analystDataApiClient);
}
public void DataProducerCanGetId()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.DataProducer, adminDataApiClient, out var dataProducerApiClient);
var dataType = nameof(UnitTestDataObject1);
string id = null;
AssertStatusCode(
() => id = dataProducerApiClient.GetNewIdAsync(dataType).Result,
HttpStatusCode.OK);
Assert.That(id, Is.Not.Null);
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(id);
}
public async Task ViewQueryParametersAreApplied()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataApiClient);
// Generate data for test
var searchDataCount = 5;
var limit = 2; // This is our view parameter. If view parameters work as expected, only 2 of the 5 search objects are returned.
Assume.That(searchDataCount, Is.GreaterThan(limit));
var searchData = SearchDataGenerator.GenerateAndSubmitSearchData(searchDataCount, dataApiClient);
ViewInformation viewInformation = null;
try
{
// Setup
var viewQuery = $"SELECT Data.Id AS Id FROM {nameof(UnitTestSearchObject)} LIMIT {{limit}}";
var expires = DateTime.UtcNow.AddMinutes(3);
Assert.That(() => viewInformation = dataApiClient.CreateViewAsync(viewQuery, expires).Result, Throws.Nothing);
Assert.That(viewInformation, Is.Not.Null);
// Test 1: BadRequest response if no parameters provided
var resultFormat = ResultFormat.Json;
AssertStatusCode(
() => dataApiClient.GetViewAsync(viewInformation.ViewId, resultFormat).Wait(),
HttpStatusCode.BadRequest);
// Test 2: View is correctly generated when all parameters are provided and parameters are correctly applied
var viewParameters = new Dictionary <string, string> {
{ "limit", limit.ToString() }
};
Stream viewResult = null;
Assert.That(
async() => viewResult = await dataApiClient.GetViewAsync(viewInformation.ViewId, resultFormat, viewParameters),
Throws.Nothing);
var resultTable = await Client.Serialization.SeachResultStreamExtensions.ReadAllSearchResultsAsync(viewResult);
Assert.That(resultTable.Count, Is.EqualTo(limit));
}
finally
{
SearchDataGenerator.DeleteData(searchData, dataApiClient);
if (viewInformation != null)
{
dataApiClient.DeleteViewAsync(viewInformation.ViewId).Wait();
}
UserGenerator.DeleteUser(dataApiClient);
}
}
public void ManagerCannotAddRolesToThemself()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.UserManager, adminDataApiClient, out var managerDataApiClient);
try
{
AssertStatusCode(
() => managerDataApiClient.AddGlobalRoleToUser(managerDataApiClient.LoggedInUsername, Role.Admin),
HttpStatusCode.Unauthorized);
}
finally
{
UserGenerator.DeleteUser(managerDataApiClient);
}
}
public void NonManagerCannotSeeRoles()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
try
{
AssertStatusCode(
() => analystDataApiClient.GetGlobalRolesForUser(analyst2DataApiClient.LoggedInUsername).Wait(),
HttpStatusCode.Unauthorized);
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
}
}
public void CollectionPermissionsAreUsedForProtectedCollection()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataApiClient);
var dataType = nameof(UnitTestSearchObject);
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(dataType)
{
IsProtected = true
});
var submittedData = SearchDataGenerator.GenerateAndSubmitSearchData(1, adminDataApiClient);
try
{
// Make sure our user is not already permitted to access data from this collection
AssertStatusCode(
() => dataApiClient.GetManyAsync <UnitTestSearchObject>("").Wait(),
HttpStatusCode.Unauthorized, "Get many with user without roles");
adminDataApiClient.AddCollectionRoleToUser(dataApiClient.LoggedInUsername, Role.Analyst, dataType);
// Check that user has access
List <UnitTestSearchObject> searchObjects = null;
AssertStatusCode(
() => searchObjects = dataApiClient.GetManyAsync <UnitTestSearchObject>("").Result,
HttpStatusCode.OK, "Get many with user with added role");
Assert.That(searchObjects.Count, Is.EqualTo(1));
// Remove access
adminDataApiClient.RemoveCollectionRoleFromUser(dataApiClient.LoggedInUsername, Role.Analyst, dataType);
// Check that user no longer has access
AssertStatusCode(
() => dataApiClient.GetManyAsync <UnitTestSearchObject>("").Wait(),
HttpStatusCode.Unauthorized, "Get many with user with removed role");
}
finally
{
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(dataType)
{
IsProtected = false
});
SearchDataGenerator.DeleteData(submittedData, adminDataApiClient);
UserGenerator.DeleteUser(dataApiClient);
}
}
public void NonManagerUserCannotDeleteOtherUsers()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
try
{
// User should not be able to add role to themself
AssertStatusCode(
() => analystDataApiClient.DeleteUser(analyst2DataApiClient.LoggedInUsername),
HttpStatusCode.Unauthorized);
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
}
}
public void NonManagerUserCannotChangePasswordOfOtherUser()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
try
{
var newPassword = UserGenerator.GeneratePassword();
AssertStatusCode(
() => analystDataApiClient.ChangePassword(analyst2DataApiClient.LoggedInUsername, newPassword),
HttpStatusCode.Unauthorized);
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
}
}
public void DeleteManyDeletesExpectedItems()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.DataProducer, adminDataApiClient, out var otherUserDataApiClient);
var testObject1 = new UnitTestDataObject1 {
Id = "DeleteManyTest_DeleteMe_1"
};
var testObject2 = new UnitTestDataObject1 {
Id = "DeleteManyTest_DeleteMe_2"
};
var testObject3 = new UnitTestDataObject1 {
Id = "DeleteManyTest_DoNotDelete"
};
var testObject4 = new UnitTestDataObject1 {
Id = "DeleteManyTest_DeleteMe_Otheruser"
};
analystDataApiClient.ReplaceAsync(testObject1, testObject1.Id);
analystDataApiClient.ReplaceAsync(testObject2, testObject2.Id);
analystDataApiClient.ReplaceAsync(testObject3, testObject3.Id);
otherUserDataApiClient.ReplaceAsync(testObject4, testObject4.Id);
Task.Delay(500).Wait(); // Work-around for test objects occasionaly not being available when query below is executed
try
{
List <DeleteResult> deleteResults = null;
AssertStatusCode(
() => deleteResults = analystDataApiClient.DeleteMany <UnitTestDataObject1>("Data.Id LIKE '%DeleteMe%'").Result,
HttpStatusCode.OK);
Assert.That(deleteResults.Count, Is.EqualTo(3));
Assert.That(deleteResults, Has.Exactly(2).Matches <DeleteResult>(x => x.IsDeleted));
Assert.That(deleteResults, Has.Exactly(1).Matches <DeleteResult>(x => !x.IsDeleted));
Assert.That(analystDataApiClient.ExistsAsync <UnitTestDataObject1>(testObject1.Id).Result, Is.False);
Assert.That(analystDataApiClient.ExistsAsync <UnitTestDataObject1>(testObject2.Id).Result, Is.False);
Assert.That(analystDataApiClient.ExistsAsync <UnitTestDataObject1>(testObject3.Id).Result, Is.True);
Assert.That(analystDataApiClient.ExistsAsync <UnitTestDataObject1>(testObject4.Id).Result, Is.True);
}
finally
{
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(testObject1.Id);
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(testObject2.Id);
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(testObject3.Id);
otherUserDataApiClient.DeleteAsync <UnitTestDataObject1>(testObject4.Id);
UserGenerator.DeleteUser(otherUserDataApiClient);
}
}
public void ValidatorRejectsNonMatchingObject()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataApiClient);
var validatorDefinition = new ValidatorDefinition(nameof(UnitTestDataObject2), ValidatorType.TextRules, "Number IS LESS THAN 150");
var testObject = new UnitTestDataObject2
{
Name = "Hello world!",
Number = 250
};
var objectId = "ValidatorRejectsNonMatchingObject";
try
{
AssertStatusCode(
() => dataApiClient.InsertAsync(testObject, objectId).Wait(),
HttpStatusCode.OK, "Submit data before validator");
AssertStatusCode(
() => dataApiClient.SubmitValidatorAsync(validatorDefinition).Wait(),
HttpStatusCode.OK, "Could not submit validator");
try
{
AssertStatusCode(
() => adminDataApiClient.ApproveValidatorAsync(validatorDefinition.Id).Wait(),
HttpStatusCode.OK, "Approve validator");
AssertStatusCode(
() => dataApiClient.ApplyValidatorAsync(testObject).Wait(),
HttpStatusCode.BadRequest, "Apply validator");
testObject.Number = 251;
AssertStatusCode(
() => dataApiClient.ReplaceAsync(testObject, objectId).Wait(),
HttpStatusCode.BadRequest, "Submit data after validator");
var retreivedObject = dataApiClient.GetAsync <UnitTestDataObject2>(objectId).Result;
Assert.That(retreivedObject.Number, Is.EqualTo(250));
}
finally
{
dataApiClient.DeleteValidatorAsync(validatorDefinition.Id).Wait();
}
}
finally
{
dataApiClient.DeleteAsync <UnitTestDataObject2>(objectId).Wait();
UserGenerator.DeleteUser(dataApiClient);
}
}
public void ManagerCanAddRoles()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.UserManager, adminDataApiClient, out var managerDataApiClient);
UserGenerator.RegisterAndLoginUserWithoutRoles(out var unpriviligedDataApiClient);
try
{
AssertStatusCode(
() => managerDataApiClient.AddGlobalRoleToUser(unpriviligedDataApiClient.LoggedInUsername, Role.Admin),
HttpStatusCode.OK);
}
finally
{
UserGenerator.DeleteUser(managerDataApiClient);
UserGenerator.DeleteUser(unpriviligedDataApiClient);
}
}
public void ViewerCanGetAllUserProfiles()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Viewer, adminDataApiClient, out var viewerDataApiClient);
try
{
List <UserProfile> userProfiles = null;
AssertStatusCode(
() => userProfiles = viewerDataApiClient.GetAllUserProfiles().Result,
HttpStatusCode.OK);
Assert.That(userProfiles, Is.Not.Null);
Assert.That(userProfiles, Has.One.Matches <UserProfile>(profile => profile.Username == viewerDataApiClient.LoggedInUsername));
}
finally
{
UserGenerator.DeleteUser(viewerDataApiClient);
}
}
public void DataFromOtherUserCanBeOverwrittenAndDeletedIfEnabled()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
var testObject = new UnitTestDataObject1();
string objectId = null;
Assert.That(() => objectId = analystDataApiClient.InsertAsync(testObject).Result, Throws.Nothing);
Assert.That(objectId, Is.Not.Null);
// Enable overwriting of data
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(nameof(UnitTestDataObject1))
{
NonAdminUsersCanOverwriteData = true
});
try
{
// Test 1: Delete
// NOTE: Order of tests is important, because overwriting data
// results in taking ownership of the object
// and then be able to delete it, but we also want to
// test that we can delete even if the object isn't ours.
AssertStatusCode(
() => analyst2DataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait(),
HttpStatusCode.OK, "Delete");
// Test 2: Overwrite
AssertStatusCode(
() => analyst2DataApiClient.ReplaceAsync(new UnitTestDataObject1(), objectId).Wait(),
HttpStatusCode.OK, "Replace");
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait();
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(nameof(UnitTestDataObject1))
{
NonAdminUsersCanOverwriteData = false
});
}
}
public void LoggedInUserCanCreateAccessAndDeleteOwnViews()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataApiClient);
var query = "SELECT * FROM Computers LIMIT 3";
var expires = DateTime.UtcNow.AddMinutes(3);
ViewInformation viewInformation = null;
try
{
Assert.That(() => viewInformation = dataApiClient.CreateViewAsync(query, expires).Result, Throws.Nothing);
Assert.That(viewInformation, Is.Not.Null);
Assert.That(() => dataApiClient.GetViewAsync(viewInformation.ViewId, ResultFormat.Json).Wait(), Throws.Nothing);
Assert.That(() => dataApiClient.DeleteViewAsync(viewInformation.ViewId).Wait(), Throws.Nothing);
}
finally
{
UserGenerator.DeleteUser(dataApiClient);
}
}
public void LoggedInUserCanSubmitAndDeleteValidator()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataApiClient);
try
{
var validatorDefinition = new ValidatorDefinition("MyClass", ValidatorType.TextRules, "Id EXISTS");
AssertStatusCode(
() => dataApiClient.SubmitValidatorAsync(validatorDefinition).Wait(),
HttpStatusCode.OK, "Could not submit validator");
AssertStatusCode(
() => dataApiClient.DeleteValidatorAsync(validatorDefinition.Id).Wait(),
HttpStatusCode.OK, "Could not delete validator");
}
finally
{
UserGenerator.DeleteUser(dataApiClient);
}
}
public void NonManagerUserCannotAddRoles()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
try
{
// User should not be able to add role to themself
AssertStatusCode(
() => analyst2DataApiClient.AddGlobalRoleToUser(analyst2DataApiClient.LoggedInUsername, Role.Admin),
HttpStatusCode.Unauthorized, "Add role to self");
// User should not be able to add role to other user
AssertStatusCode(
() => analystDataApiClient.AddGlobalRoleToUser(analyst2DataApiClient.LoggedInUsername, Role.Admin),
HttpStatusCode.Unauthorized, "Add role to other user");
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
}
}
public void OtherUserCannotSubmitObjectWithSameId()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataProducerApiClient);
var dataType = nameof(UnitTestDataObject1);
string id = null;
AssertStatusCode(
() => id = dataProducerApiClient.GetNewIdAsync(dataType).Result,
HttpStatusCode.OK);
Assert.That(id, Is.Not.Null);
var testObject = new UnitTestDataObject1 {
Id = id
};
AssertStatusCode(
() => analystDataApiClient.InsertAsync(testObject, id).Wait(),
HttpStatusCode.Conflict);
dataProducerApiClient.DeleteAsync <UnitTestDataObject1>(id);
}
public void ManagerCanDeleteUser()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.UserManager, adminDataApiClient, out var managerDataApiClient);
UserGenerator.RegisterAndLoginUserWithoutRoles(out var unprivilegedDataApiClient);
try
{
AssertStatusCode(
() => managerDataApiClient.DeleteUser(unprivilegedDataApiClient.LoggedInUsername),
HttpStatusCode.OK);
}
catch (AssertionException)
{
UserGenerator.DeleteUser(unprivilegedDataApiClient);
}
finally
{
UserGenerator.DeleteUser(managerDataApiClient);
}
}
public void UserCanSeeOwnRoles()
{
var userRole = Role.Analyst;
UserGenerator.RegisterAndLoginUserWithRole(userRole, adminDataApiClient, out var dataApiClient);
try
{
List <Role> roles = null;
AssertStatusCode(
() => roles = dataApiClient.GetGlobalRolesForUser(dataApiClient.LoggedInUsername).Result,
HttpStatusCode.OK);
Assert.That(roles, Is.Not.Null);
Assert.That(roles, Is.EquivalentTo(new[] { userRole }));
}
finally
{
UserGenerator.DeleteUser(dataApiClient);
}
}
public void UserCanChangeOwnPassword()
{
UserGenerator.RegisterAndLoginUserWithoutRoles(out var dataApiClient);
try
{
var newPassword = UserGenerator.GeneratePassword();
AssertStatusCode(
() => dataApiClient.ChangePassword(dataApiClient.LoggedInUsername, newPassword),
HttpStatusCode.OK, "Change password");
AuthenticationResult authenticationResult = null;
AssertStatusCode(
() => authenticationResult = dataApiClient.Login(dataApiClient.LoggedInUsername, newPassword),
HttpStatusCode.OK, "Login with new password");
Assert.That(authenticationResult.IsAuthenticated, Is.True);
}
finally
{
UserGenerator.DeleteUser(dataApiClient);
}
}
public void CanRegisterLoginAndDeleteUser()
{
Assume.That(adminDataApiClient.IsAvailable(), "API not available");
var dataApiClient = new DataApiClient(ApiSetup.ApiConfiguration);
var username = UserGenerator.GenerateUsername();
var password = UserGenerator.GeneratePassword();
var email = $"{username}@example.org";
var firstName = "Jamie";
var lastName = "Doe";
Assert.That(() => dataApiClient.Register(username, firstName, lastName, password, email), Throws.Nothing);
AuthenticationResult authenticationResult = null;
Assert.That(() => authenticationResult = dataApiClient.Login(username, password), Throws.Nothing);
Assert.That(authenticationResult.IsAuthenticated, Is.True);
Assert.That(() => dataApiClient.DeleteUser(username), Throws.Nothing);
dataApiClient.Logout();
Assert.That(() => authenticationResult = dataApiClient.Login(username, password), Throws.Nothing);
Assert.That(authenticationResult.IsAuthenticated, Is.False);
}
public void DataFromOtherUserCannotBeOverwrittenNorDeleted()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
// Make sure overwriting is disabled
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(nameof(UnitTestDataObject1))
{
NonAdminUsersCanOverwriteData = false
});
var testObject = new UnitTestDataObject1();
string objectId = null;
Assert.That(() => objectId = analystDataApiClient.InsertAsync(testObject).Result, Throws.Nothing);
Assert.That(objectId, Is.Not.Null);
try
{
// Test 1: Overwrite
var otherTestObject = new UnitTestDataObject1 {
Id = objectId
};
AssertStatusCode(
() => analyst2DataApiClient.ReplaceAsync(otherTestObject, otherTestObject.Id).Wait(),
HttpStatusCode.Unauthorized);
// Test 2: Delete
AssertStatusCode(
() => analyst2DataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait(),
HttpStatusCode.Unauthorized);
AssertStatusCode(
() => analystDataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait(),
HttpStatusCode.OK);
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
}
}
public void MeasureInputPerformance()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataApiClient);
var testObjects = Enumerable.Range(0, 1000).Select(idx => new UnitTestDataObject1()).ToList();
var stopWatch = Stopwatch.StartNew();
foreach (var testObject in testObjects)
{
dataApiClient.InsertAsync(testObject).Wait();
}
stopWatch.Stop();
var averageStorageTime = stopWatch.Elapsed.TotalMilliseconds / testObjects.Count;
Console.WriteLine($"It took {stopWatch.Elapsed.TotalSeconds:F3}s to store {testObjects.Count} objects (avg: {averageStorageTime:F0}ms)");
foreach (var testObject in testObjects)
{
dataApiClient.DeleteAsync <UnitTestDataObject1>(testObject.Id).Wait();
}
UserGenerator.DeleteUser(dataApiClient);
}
public void ViewQueriesWithPlaceholderInFromArgumentAreRejected()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataApiClient);
var query = "SELECT * FROM {placeholder} LIMIT 3";
var expires = DateTime.UtcNow.AddMinutes(3);
ViewInformation viewInformation = null;
try
{
AssertStatusCode(
() => viewInformation = dataApiClient.CreateViewAsync(query, expires).Result,
HttpStatusCode.BadRequest);
}
catch
{
// If test fails and view is created, delete it again
dataApiClient.DeleteViewAsync(viewInformation.ViewId).Wait();
}
finally
{
UserGenerator.DeleteUser(dataApiClient);
}
}
public void RolesCanBeSetMoreThanOnce()
{
// Sounds silly, but relates to bug-2835
UserGenerator.RegisterAndLoginUserWithRole(Role.UserManager, adminDataApiClient, out var managerDataApiClient);
UserGenerator.RegisterAndLoginUserWithoutRoles(out var unprivilegedDataApiClient);
var collectionName = nameof(UnitTestDataObject1);
MakeCollectionProtected(collectionName);
try
{
AssertStatusCode(
() => managerDataApiClient.SetCollectionRoleForUser(
unprivilegedDataApiClient.LoggedInUsername,
new [] { Role.Viewer },
collectionName),
HttpStatusCode.OK);
var collectionPermissions = unprivilegedDataApiClient.GetCollectionInformationAsync(collectionName).Result;
Assert.That(collectionPermissions.UserRoles.Count, Is.EqualTo(1));
Assert.That(collectionPermissions.UserRoles.Single(), Is.EqualTo(Role.Viewer));
AssertStatusCode(
() => managerDataApiClient.SetCollectionRoleForUser(
unprivilegedDataApiClient.LoggedInUsername,
new[] { Role.Viewer, Role.UserManager },
collectionName),
HttpStatusCode.OK);
collectionPermissions = unprivilegedDataApiClient.GetCollectionInformationAsync(collectionName).Result;
Assert.That(collectionPermissions.UserRoles, Is.EquivalentTo(new[] { Role.Viewer, Role.UserManager }));
}
finally
{
MakeCollectionUnprotected(collectionName);
UserGenerator.DeleteUser(unprivilegedDataApiClient);
UserGenerator.DeleteUser(managerDataApiClient);
}
}
public void CanViewCollectionPermissionsForProtectedCollection()
{
UserGenerator.RegisterAndLoginUserWithoutRoles(out var unpriviligedDataApiClient);
var collectionName = nameof(UnitTestDataObject1);
MakeCollectionProtected(collectionName);
adminDataApiClient.AddCollectionRoleToUser(unpriviligedDataApiClient.LoggedInUsername, Role.Analyst, collectionName);
try
{
List <CollectionUserPermissions> collectionPermissions = null;
AssertStatusCode(
() => collectionPermissions = adminDataApiClient.GetCollectionPermissions(collectionName).Result,
HttpStatusCode.OK);
Assert.That(collectionPermissions, Is.Not.Null);
Assert.That(collectionPermissions.Count(x => x.Username == unpriviligedDataApiClient.LoggedInUsername), Is.EqualTo(1));
Assert.That(collectionPermissions.Single(x => x.Username == unpriviligedDataApiClient.LoggedInUsername).Roles, Contains.Item(Role.Analyst));
}
finally
{
MakeCollectionUnprotected(collectionName);
UserGenerator.DeleteUser(unpriviligedDataApiClient);
}
}
public void GlobalPermissionsAreUsedForUnprotectedCollection()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataApiClient);
var dataType = nameof(UnitTestSearchObject);
// Make sure collection is not protected
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(dataType)
{
IsProtected = false
});
var submittedData = SearchDataGenerator.GenerateAndSubmitSearchData(1, adminDataApiClient);
try
{
// Check that user has access
List <UnitTestSearchObject> searchObjects = null;
AssertStatusCode(
() => searchObjects = dataApiClient.GetManyAsync <UnitTestSearchObject>("").Result,
HttpStatusCode.OK, "Get many with authorized user");
Assert.That(searchObjects.Count, Is.EqualTo(1));
// Remove role
adminDataApiClient.RemoveGlobalRoleFromUser(dataApiClient.LoggedInUsername, Role.Analyst);
AssertStatusCode(
() => dataApiClient.GetManyAsync <UnitTestSearchObject>("").Wait(),
HttpStatusCode.Unauthorized, "Get many with unauthorized user");
}
finally
{
SearchDataGenerator.DeleteData(submittedData, adminDataApiClient);
UserGenerator.DeleteUser(dataApiClient);
}
}
public void LogoutAdmin()
{
UserGenerator.DeleteUser(analystDataApiClient);
adminDataApiClient.Logout();
}