public void Test_RelationshipInstance(string action, string fromPerms, string toPerms, Direction direction, bool saveBothEnds, bool haveFieldChanges, bool expectAllow)
{
if (fromPerms == "modify")
{
fromPerms = "read,modify";
}
if (toPerms == "modify")
{
toPerms = "read,modify";
}
// Create schema
EntityType fromType = new EntityType();
fromType.Inherits.Add(UserResource.UserResource_Type);
fromType.Name = Guid.NewGuid().ToString();
fromType.Save();
EntityType toType = new EntityType();
toType.Inherits.Add(UserResource.UserResource_Type);
toType.Name = Guid.NewGuid().ToString();
toType.Save();
Relationship rel = new Relationship();
rel.Name = Guid.NewGuid().ToString();
rel.FromType = fromType;
rel.ToType = toType;
rel.Cardinality_Enum = CardinalityEnum_Enumeration.ManyToMany;
rel.Save();
// Create data
IEntity toInst = new Entity(toType);
toInst.Save();
IEntity fromInst = new Entity(fromType);
if (action != "Create")
{
fromInst.SetRelationships(rel, new EntityRelationshipCollection <IEntity> {
toInst
});
}
fromInst.Save();
// Create test user
UserAccount userAccount = Entity.Create <UserAccount>();
userAccount.Name = Guid.NewGuid().ToString();
userAccount.Save();
// Grant access
if (!string.IsNullOrEmpty(fromPerms))
{
new AccessRuleFactory().AddAllowByQuery(
userAccount.As <Subject>(),
fromType.As <SecurableEntity>(),
fromPerms.Split(',').Select(pa => new EntityRef(pa)),
TestQueries.Entities().ToReport());
}
if (!string.IsNullOrEmpty(toPerms))
{
new AccessRuleFactory().AddAllowByQuery(
userAccount.As <Subject>(),
toType.As <SecurableEntity>(),
toPerms.Split(',').Select(pa => new EntityRef(pa)),
TestQueries.Entities().ToReport());
}
// Test
bool allowed = false;
try
{
using (new SetUser(userAccount))
{
IEntity source = Entity.Get(direction == Direction.Forward ? fromInst.Id : toInst.Id);
if (action != "Read")
{
source = source.AsWritable();
}
Func <IEntity> target = () => Entity.Get(direction == Direction.Forward ? toInst.Id : fromInst.Id);
IEntityRelationshipCollection <IEntity> relCol = null;
switch (action)
{
case "Read":
relCol = source.GetRelationships(rel.Id, direction);
IEntity entity = relCol.FirstOrDefault();
allowed = entity != null;
break;
case "Create":
relCol = new EntityRelationshipCollection <IEntity> {
target()
};
source.SetRelationships(rel, relCol);
if (haveFieldChanges)
{
source.SetField("core:name", Guid.NewGuid().ToString());
}
if (saveBothEnds)
{
Entity.Save(new[] { source, target() });
}
else
{
source.Save();
}
allowed = true;
break;
case "Remove":
relCol = source.GetRelationships(rel.Id, direction);
relCol.Remove(target());
source.SetRelationships(rel, relCol);
if (haveFieldChanges)
{
source.SetField("core:name", Guid.NewGuid().ToString());
}
if (saveBothEnds)
{
Entity.Save(new[] { source, target() });
}
else
{
source.Save();
}
allowed = true;
break;
case "Clear":
relCol = source.GetRelationships(rel.Id, direction);
relCol.Clear();
source.SetRelationships(rel, relCol);
if (haveFieldChanges)
{
source.SetField("core:name", Guid.NewGuid().ToString());
}
if (saveBothEnds)
{
Entity.Save(new[] { source, target() });
}
else
{
source.Save();
}
allowed = true;
break;
default:
throw new InvalidOperationException("Unknown " + action);
}
}
Assert.That(allowed, Is.EqualTo(expectAllow));
}
catch (PlatformSecurityException)
{
Assert.That(false, Is.EqualTo(expectAllow));
}
}
