void SetupRules()
{
IRule accessRightsViolationRule = new Rule(Guid.NewGuid().ToString());
accessRightsViolationRule
.AddVariableScope(_componentVar)
.AddVariableScope(_eventNameVar)
.AddVariableScope(_isAdminVar, true)
.AddVariableScope(_accessRightsVar, true);
//Event-trigger condition
IBooleanBase componentCondition = EqualToExpression.New(_componentVar, new Literal(AUTHENTICATION_COMPONENT_NAME));
IBooleanBase eventCondition = EqualToExpression.New(_eventNameVar, new Literal(AUTHENTICATION_EVENT_NAME));
IBooleanBase matchingEventCondition = AndExpression.New(componentCondition, eventCondition);
//Parameter-trigger condition
IBooleanBase accessRightsCondition = EqualToExpression.New(_accessRightsVar, new Literal(Rights.Full));
IBooleanBase isAdministratorCondition = EqualToExpression.New(_isAdminVar, new Literal(true));
IBooleanBase notAllowedAccessRightsCondition = AndExpression.New(accessRightsCondition, NotExpression.New(isAdministratorCondition));
//Trigger condition
IBooleanBase triggerCondition = AndExpression.New(matchingEventCondition, notAllowedAccessRightsCondition);
accessRightsViolationRule.SetCondition(triggerCondition,
(resultContext, resultRule) =>
{
Console.WriteLine("Access rights violation alert!");
},
(resultContext, resultRule) =>
{
Console.WriteLine("All is well...");
});
RuleManager.GetInstance().AddRule(accessRightsViolationRule);
}
public void TestRuleValidation()
{
string errorMessage = "Rule validation not invoked";
ActivityManager.GetInstance().OnActivityEmit =
(systemName, applicationName, componentName, eventName, parameters) =>
{
IContext context = new Context();
context
.Assign(_componentVar.Name, componentName)
.Assign(_eventNameVar.Name, eventName);
((List <Tuple <string, object> >)parameters).ForEach(parameter =>
{
context.Assign(parameter.Item1, parameter.Item2);
});
RuleManager.GetInstance().InvokeMatchingRules(context,
(resultContext, resultRule) =>
{
errorMessage = "Non-administrator should have limited access rights!";
Console.WriteLine(errorMessage);
Console.WriteLine("Condition: {0}", resultRule.GetCondition().GetSyntax(resultContext));
},
(resultContext, resultRule) =>
{
errorMessage = "Rule validation was invoked but access-rights is a non-violation";
Console.WriteLine("Condition: {0}", resultRule.GetCondition().GetSyntax(resultContext));
});
};
Authentication auth = new Authentication()
{
//Violative rights, non-administrator w/full access?
AccessRights = Rights.Full,
AdministratorAccess = false
};
bool verified = auth.Verify(); //This will emit activity detail
Assert.IsFalse(verified);
Assert.AreEqual("Non-administrator should have limited access rights!", errorMessage);
}
