private void SetupResultSecurityProviderGetAccessForPosition(Delegation delegation, ISecurityPrincipal principal, params Enum[] returnedAccessTypeEnums)
{
Type classType = typeof(Position);
string owner = string.Empty;
string owningGroup = string.Empty;
string owningTenant = string.Empty;
Dictionary <string, Enum> states = new Dictionary <string, Enum>();
states.Add("Delegation", delegation);
List <Enum> abstractRoles = new List <Enum>();
SecurityContext securityContext = SecurityContext.Create(classType, owner, owningGroup, owningTenant, states, abstractRoles);
AccessType[] returnedAccessTypes = Array.ConvertAll(returnedAccessTypeEnums, AccessType.Get);
SetupResult.For(_mockSecurityProvider.GetAccess(securityContext, principal)).Return(returnedAccessTypes);
}
public AccessType[] GetAccess(ISecurityContext context, ISecurityPrincipal principal)
{
ArgumentUtility.CheckNotNull("context", context);
ArgumentUtility.CheckNotNull("principal", principal);
var accessTypeCache = _securityContextCache.Items.GetOrCreateValue(principal, key => new AccessTypeCache(_userRevisionProvider, key.User));
return(accessTypeCache.Items.GetOrCreateValue(context, key => _innerSecurityProvider.GetAccess(key, principal)));
}
private AccessType[] GetAccessTypes(ISecurityProvider securityProvider, ISecurityPrincipal principal)
{
// Explicit null-check since the public method does not perform this check in release-code
ArgumentUtility.CheckNotNull("securityProvider", securityProvider);
var context = CreateSecurityContext();
var accessTypes = securityProvider.GetAccess(context, principal);
Assertion.IsNotNull(accessTypes, "GetAccess evaluated and returned null.");
return(accessTypes);
}
protected void EvaluateSecurity_Click(object sender, EventArgs e)
{
ISecurityProvider provider = SafeServiceLocator.Current.GetInstance <ISecurityProvider>();
SecurityContext context =
SecurityContext.Create(
typeof(File),
"1A",
"{00000004-1000-0000-0000-000000000007}",
string.Empty,
new Dictionary <string, Enum>(),
new Enum[] { DomainAbstractRoles.Creator });
ISecurityPrincipal user = new SecurityPrincipal("1A", null, null, null);
AccessType[] accessTypes = provider.GetAccess(context, user);
}
public bool HasAccess(Type type, ISecurityProvider securityProvider, ISecurityPrincipal principal, IReadOnlyList <AccessType> requiredAccessTypes)
{
ArgumentUtility.CheckNotNullAndTypeIsAssignableFrom("type", type, typeof(ISecurableObject));
ArgumentUtility.CheckNotNull("securityProvider", securityProvider);
ArgumentUtility.CheckNotNull("principal", principal);
ArgumentUtility.CheckNotNull("requiredAccessTypes", requiredAccessTypes);
// Performance critical argument check. Can be refactored to ArgumentUtility.CheckNotNullOrEmpty once typed collection checks are supported.
if (requiredAccessTypes.Count == 0)
{
throw ArgumentUtility.CreateArgumentEmptyException("requiredAccessTypes");
}
var context = SecurityContext.CreateStateless(type);
var allowedAccessTypes = securityProvider.GetAccess(context, principal);
Assertion.IsNotNull(allowedAccessTypes, "GetAccess evaluated and returned null.");
return(requiredAccessTypes.IsSubsetOf(allowedAccessTypes));
}
public void GetAccess_ReturnsEmptyList()
{
AccessType[] accessTypes = _securityProvider.GetAccess(null, null);
Assert.That(accessTypes, Is.Not.Null);
Assert.That(accessTypes.Length, Is.EqualTo(0));
}
public void ExpectSecurityProviderGetAccess(SecurityContext context, params Enum[] returnedAccessTypes)
{
Expect.Call(_mockSecurityProvider.GetAccess(context, _stubUser))
.WhenCalled(mi => CheckTransaction())
.Return(Array.ConvertAll(returnedAccessTypes, AccessType.Get));
}
