public void AuditRulesTests_RestrictedColumn(string assemblyName, string dataSourceName) { var dataSource = DataSource(dataSourceName); try { var key = dataSource.Insert(EmployeeTableName, new Employee() { FirstName = "A", MiddleName = "B", LastName = "C" }).ToInt32().Execute(); var goodUser = new UserToken(true); var badUser = new UserToken(false); ExceptWhenPredicate isAdminCheck = user => ((UserToken)user).IsAdmin; var dsReadCheck = dataSource.WithRules(new RestrictColumn("MiddleName", OperationTypes.Select, isAdminCheck)); var dsWriteCheck = dataSource.WithRules(new RestrictColumn("MiddleName", OperationTypes.Update, isAdminCheck)); //SELECT { var shouldBeSet = dsReadCheck.WithUser(goodUser).GetByKey(EmployeeTableName, key).ToObject <Employee>().Execute(); Assert.Equal("B", shouldBeSet.MiddleName, "MiddleName was to be set"); } { var shouldBeMissing = dsReadCheck.WithUser(badUser).GetByKey(EmployeeTableName, key).ToObject <Employee>().Execute(); Assert.IsNull(shouldBeMissing.MiddleName, "MiddleName was supposed to be clear"); } //UPDATE { var shouldNotBeChanged = dsWriteCheck.WithUser(badUser).Update(EmployeeTableName, new { FirstName = "AA", MiddleName = "Z", EmployeeKey = key }).ToObject <Employee>().Execute(); Assert.Equal("B", shouldNotBeChanged.MiddleName, "MiddleName was not supposed to be changed"); } { var shouldBeChanged = dsWriteCheck.WithUser(goodUser).Update(EmployeeTableName, new { FirstName = "BB", MiddleName = "X", EmployeeKey = key }).ToObject <Employee>().Execute(); Assert.Equal("X", shouldBeChanged.MiddleName, "MiddleName was supposed to be changed"); } //SELECT after UPDATE { var shouldBeSet = dsReadCheck.WithUser(goodUser).Update(EmployeeTableName, new { FirstName = "AA", MiddleName = "B", EmployeeKey = key }).ToObject <Employee>().Execute(); Assert.Equal("B", shouldBeSet.MiddleName, "MiddleName was to be set"); } { var shouldBeMissing = dsReadCheck.WithUser(badUser).Update(EmployeeTableName, new { FirstName = "BB", MiddleName = "X", EmployeeKey = key }).ToObject <Employee>().Execute(); Assert.IsNull(shouldBeMissing.MiddleName, "MiddleName was supposed to be clear"); } } finally { Release(dataSource); } }
/// <summary> /// Initializes a new instance of the <see cref="RestrictColumn"/> class. /// </summary> /// <param name="columnName">Name of the column.</param> /// <param name="appliesWhen">While operations are being restricted.</param> /// <param name="exceptWhen">This function will return true if the rule doesn't apply to this user..</param> public RestrictColumn(string columnName, OperationTypes appliesWhen, ExceptWhenPredicate exceptWhen) : base(appliesWhen) { ColumnName = columnName; ExceptWhen = exceptWhen; }