Exemple #1
0
        public void CreateAclExpansionEntryTest()
        {
            var userRoleAclAce     = new UserRoleAclAceCombination(Role, Ace);
            var allowedAccessTypes = new[] { WriteAccessType, DeleteAccessType };
            var deniedAccessTypes  = new[] { ReadAccessType };
            AccessInformation accessInformation = new AccessInformation(allowedAccessTypes, deniedAccessTypes);

            var mocks = new MockRepository();
            var aclExpansionEntryCreatorMock = mocks.PartialMock <AclExpansionEntryCreator> ();
            var aclProbe = AclProbe.CreateAclProbe(User, Role, Ace);
            var accessTypeStatisticsMock = mocks.StrictMock <AccessTypeStatistics>();

            accessTypeStatisticsMock.Expect(x => x.IsInAccessTypesContributingAces(userRoleAclAce.Ace)).Return(true);

            aclExpansionEntryCreatorMock.Expect(x => x.GetAccessTypes(userRoleAclAce)).
            Return(new AclExpansionEntryCreator_GetAccessTypesResult(accessInformation, aclProbe, accessTypeStatisticsMock));

            aclExpansionEntryCreatorMock.Replay();
            accessTypeStatisticsMock.Replay();

            var aclExpansionEntry = aclExpansionEntryCreatorMock.CreateAclExpansionEntry(userRoleAclAce);

            aclExpansionEntryCreatorMock.VerifyAllExpectations();
            accessTypeStatisticsMock.VerifyAllExpectations();

            Assert.That(aclExpansionEntry.User, Is.EqualTo(userRoleAclAce.User));
            Assert.That(aclExpansionEntry.Role, Is.EqualTo(userRoleAclAce.Role));
            Assert.That(aclExpansionEntry.AccessControlList, Is.EqualTo(userRoleAclAce.Acl));
            Assert.That(aclExpansionEntry.AccessConditions, Is.EqualTo(aclProbe.AccessConditions));
            Assert.That(aclExpansionEntry.AllowedAccessTypes, Is.EqualTo(allowedAccessTypes));
            Assert.That(aclExpansionEntry.DeniedAccessTypes, Is.EqualTo(deniedAccessTypes));
        }
Exemple #2
0
        public void CreateAclProbe_Role_Test()
        {
            AccessControlEntry ace = TestHelper.CreateAceWithAbstractRole();

            FleshOutAccessControlEntryForTest(ace);
            AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);

            Assert.That(aclProbe.SecurityToken.Principal.Roles, Is.EquivalentTo(new[] { Role }).Using(PrincipalRoleComparer.Instance));
        }
Exemple #3
0
        public void CreateAclProbe_Tenant_Test()
        {
            AccessControlEntry ace = TestHelper.CreateAceWithAbstractRole();

            FleshOutAccessControlEntryForTest(ace);
            AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);

            Assert.That(aclProbe.SecurityToken.Principal.Tenant.ObjectID, Is.EqualTo(User.Tenant.ID));
        }
Exemple #4
0
        public void CreateAclProbe_GroupSelectionAll_Test()
        {
            AccessControlEntry ace = TestHelper.CreateAceWithoutGroupCondition();

            FleshOutAccessControlEntryForTest(ace);
            AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);

            Assert.That(aclProbe.SecurityToken.OwningGroup, Is.Null);

            var accessConditionsExpected = new AclExpansionAccessConditions();

            Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
        }
Exemple #5
0
        public void CreateAclProbe_SpecificTenant_Test()
        {
            AccessControlEntry ace = TestHelper.CreateAceWithSpecificTenant(Tenant);

            FleshOutAccessControlEntryForTest(ace);
            AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);

            Assert.That(aclProbe.SecurityToken.OwningTenant, Is.Null);

            var accessConditionsExpected = new AclExpansionAccessConditions();

            Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
        }
Exemple #6
0
        public void CreateAclProbe_SpecificAbstractRole_Test()
        {
            AccessControlEntry ace = TestHelper.CreateAceWithAbstractRole();

            FleshOutAccessControlEntryForTest(ace);
            Assert.That(ace.SpecificAbstractRole, Is.Not.Null);
            AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);

            Assert.That(aclProbe.SecurityToken.AbstractRoles, Has.Member(ace.SpecificAbstractRole).Using(DomainObjectHandleComparer.Instance));

            var accessConditionsExpected = new AclExpansionAccessConditions();

            accessConditionsExpected.AbstractRole = ace.SpecificAbstractRole;
            Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
        }
Exemple #7
0
        public void CreateAclProbe_OwningGroup_Test()
        {
            AccessControlEntry ace = TestHelper.CreateAceWithOwningGroup();

            FleshOutAccessControlEntryForTest(ace);
            AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);

            Assert.That(aclProbe.SecurityToken.OwningGroup, Is.EqualTo(Role.Group).Using(DomainObjectHandleComparer.Instance));

            var accessConditionsExpected = new AclExpansionAccessConditions
            {
                OwningGroup             = Group,
                GroupHierarchyCondition = GroupHierarchyCondition.ThisAndChildren
            };

            Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
        }
Exemple #8
0
        public void CreateAclProbe_OwningTenant_Test()
        {
            AccessControlEntry ace = TestHelper.CreateAceWithOwningTenant();

            FleshOutAccessControlEntryForTest(ace);
            AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);

            Assert.That(aclProbe.SecurityToken.OwningTenant, Is.EqualTo(User.Tenant).Using(DomainObjectHandleComparer.Instance));

            var accessConditionsExpected = new AclExpansionAccessConditions
            {
                OwningTenant             = Tenant,
                TenantHierarchyCondition = TenantHierarchyCondition.This
            };

            Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
        }