public void Should_return_the_same_results()
        {
            // Arrange
            var context         = TestDataFactory.CreateSecurityContext(false);
            var firstPolicy     = new IgnorePolicy();
            var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());

            policyContainer.SecurityConfigurationProvider = () => TestDataFactory.CreateValidSecurityConfiguration(configuration => configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.PerHttpSession));
            policyContainer.AddPolicy(firstPolicy);

            // Act
            var results1 = policyContainer.EnforcePolicies(context);
            var results2 = policyContainer.EnforcePolicies(context);

            SecurityCache.ClearCache(Lifecycle.HybridHttpSession);;

            var results3 = policyContainer.EnforcePolicies(context);
            var results4 = policyContainer.EnforcePolicies(context);

            // Assert
            Assert.That(results1.Single(), Is.EqualTo(results2.Single()));
            Assert.That(results3.Single(), Is.EqualTo(results4.Single()));

            Assert.That(results1.Single(), Is.Not.EqualTo(results3.Single()), "Results should not be equal across sessions.");
        }
Exemple #2
0
        public void Should_return_first_handler_returned_by_convention()
        {
            var expectedHandler = new ExceptionPolicyViolationHandler();
            var convention1     = new MockConvention(null);
            var convention2     = new MockConvention(expectedHandler);
            var convention3     = new MockConvention(null);
            var conventions     = new List <IPolicyViolationHandlerConvention>
            {
                convention1,
                convention2,
                convention3
            };

            var policy       = new IgnorePolicy();
            var policyResult = PolicyResult.CreateFailureResult(policy, "Access denied");
            var exception    = new PolicyViolationException(policyResult);
            var selector     = new PolicyViolationHandlerSelector(conventions);

            // Act
            var handler = selector.FindHandlerFor(exception);

            // Assert
            Assert.That(handler, Is.EqualTo(expectedHandler));
            Assert.That(convention1.WasCalled, Is.True);
            Assert.That(convention2.WasCalled, Is.True);
            Assert.That(convention3.WasCalled, Is.False);
        }
        public void Should_use_cache_lifecycle_specified_when_adding_a_policy()
        {
            // Arrange
            const Cache defaultCacheLifecycle   = Cache.PerHttpSession;
            const Cache specifiedCacheLifecycle = Cache.PerHttpRequest;

            var context         = TestDataFactory.CreateSecurityContext(false);
            var securityPolicy  = new IgnorePolicy();
            var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());

            policyContainer.SecurityConfigurationProvider = () => TestDataFactory.CreateValidSecurityConfiguration(configuration => configuration.Advanced.SetDefaultResultsCacheLifecycle(defaultCacheLifecycle));
            policyContainer.AddPolicy(securityPolicy).Cache <IgnorePolicy>(specifiedCacheLifecycle);

            // Act
            var results1 = policyContainer.EnforcePolicies(context);
            var results2 = policyContainer.EnforcePolicies(context);

            SecurityCache.ClearCache(Lifecycle.HybridHttpContext);;

            var results3 = policyContainer.EnforcePolicies(context);
            var results4 = policyContainer.EnforcePolicies(context);

            // Assert
            Assert.That(results1.Single(), Is.EqualTo(results2.Single()));
            Assert.That(results3.Single(), Is.EqualTo(results4.Single()));

            Assert.That(results1.Single(), Is.Not.EqualTo(results3.Single()), "Results should not be equal across requests.");
        }
        public void Should_retun_the_type_of_normal_policies()
        {
            // Arrange
            ISecurityPolicy policy = new IgnorePolicy();

            // Act & assert
            Assert.That(policy.GetPolicyType(), Is.EqualTo(typeof(IgnorePolicy)));
        }
Exemple #5
0
        public void Should_throw_when_null_is_passed()
        {
            var          validPolicy  = new IgnorePolicy();
            const string validMessage = "Some message";

            // Act & assert
            Assert.Throws <ArgumentNullException>(() => PolicyResult.CreateFailureResult(null, validMessage));
            Assert.Throws <ArgumentNullException>(() => PolicyResult.CreateFailureResult(validPolicy, null));
        }
 protected override void Context()
 {
     // Arrange
     _denyAnonymousAccessPolicy = new DenyAnonymousAccessPolicy();
     _ignorePolicy = new IgnorePolicy();
     Policies      = new List <ISecurityPolicy>
     {
         _denyAnonymousAccessPolicy
     };
 }
Exemple #7
0
        public override void SetUp()
        {
            base.SetUp();

            // Arrange
            _denyAnonymousAccessPolicy = new DenyAnonymousAccessPolicy();
            _ignorePolicy = new IgnorePolicy();
            _policies     = new List <ISecurityPolicy>
            {
                _denyAnonymousAccessPolicy
            };
        }
        public void Should_not_be_match_for_normal_policy()
        {
            // Arrange
            var expectation = new DoesNotHaveTypeExpectation <DenyAnonymousAccessPolicy>();
            var policy      = new IgnorePolicy();

            // Act
            var isMatch = expectation.IsMatch(policy);

            // Assert
            Assert.That(isMatch, Is.False);
        }
        public void Should_be_match_for_normal_policy()
        {
            // Arrange
            var expectation = new DoesNotHaveTypeExpectation <IgnorePolicy>();
            var policy      = new IgnorePolicy();

            // Act
            var isMatch = expectation.IsMatch(policy);

            // Assert
            Assert.That(isMatch, Is.True);
        }
Exemple #10
0
        public void Should_add_policy_to_inner_configuration()
        {
            // Arrange
            var expectedPolicy = new IgnorePolicy();

            // Act
            _wrapper.AddPolicy(expectedPolicy);
            _wrapper.AddPolicy <IgnorePolicy>();

            // Assert
            _inner.Verify(x => x.AddPolicy(expectedPolicy), Times.Exactly(1));
            _inner.Verify(x => x.AddPolicy <IgnorePolicy>(), Times.Exactly(1));
        }
        public void Should_be_successful_when_roles_is_empty()
        {
            // Arrange
            var        policy        = new IgnorePolicy();
            const bool authenticated = true;
            var        roles         = new object[0];
            var        context       = TestDataFactory.CreateSecurityContext(authenticated, roles);

            // Act
            var result = policy.Enforce(context);

            // Assert
            Assert.That(result.ViolationOccured, Is.False);
        }
        public void Should_be_successful_when_isAuthenticated_is_false()
        {
            // Arrange
            var        policy                = new IgnorePolicy();
            const bool authenticated         = false;
            const IEnumerable <object> roles = null;
            var context = TestDataFactory.CreateSecurityContext(authenticated, roles);

            // Act
            var result = policy.Enforce(context);

            // Assert
            Assert.That(result.ViolationOccured, Is.False);
        }
        public void Should_be_successful_when_roles_are_passed()
        {
            // Arrange
            var        policy = new IgnorePolicy();
            const bool authenticated = true;
            var        roles = new List <object> {
                "Administrator", "Editor", "Reader"
            }.ToArray();
            var context = TestDataFactory.CreateSecurityContext(authenticated, roles);

            // Act
            var result = policy.Enforce(context);

            // Assert
            Assert.That(result.ViolationOccured, Is.False);
        }
        public void Should_return_unique_results()
        {
            // Arrange
            var firstPolicy     = new IgnorePolicy();
            var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());

            policyContainer.SecurityConfigurationProvider = () => TestDataFactory.CreateValidSecurityConfiguration(configuration => configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.DoNotCache));
            policyContainer.AddPolicy(firstPolicy);

            // Act
            var context  = TestDataFactory.CreateSecurityContext(false);
            var results1 = policyContainer.EnforcePolicies(context);
            var results2 = policyContainer.EnforcePolicies(context);

            // Assert
            Assert.That(results1.Single(), Is.Not.EqualTo(results2.Single()));
        }
Exemple #15
0
        public void Should_return_null_when_no_convention_returns_handler()
        {
            var convention1 = new MockConvention(null);
            var convention2 = new MockConvention(null);
            var conventions = new List <IPolicyViolationHandlerConvention>
            {
                convention1,
                convention2
            };

            var policy       = new IgnorePolicy();
            var policyResult = PolicyResult.CreateFailureResult(policy, "Access denied");
            var exception    = TestDataFactory.CreatePolicyViolationException(policyResult);
            var selector     = new PolicyViolationHandlerSelector(conventions);

            // Act
            var handler = selector.FindHandlerFor(exception);

            // Assert
            Assert.That(handler, Is.Null);
            Assert.That(convention1.WasCalled, Is.True);
            Assert.That(convention2.WasCalled, Is.True);
        }