private static void SecuritySetUp()
        {
            using (PermissionProviderContext context = new PermissionProviderContext()) {
                SecurityUser user = new SecurityUser()
                {
                    Name = "John", Password = "******"
                };
                SecurityUser admin = new SecurityUser()
                {
                    Name = "Admin", Password = "******"
                };

                SecurityRole roleForUser = new SecurityRole();
                // "Address" member of contacts "Ezra" will be denied
                roleForUser.AddMemberPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, "Address", (db, obj) => obj.Name == "Ezra");
                // Contact "Kevin" will be denied
                roleForUser.AddObjectPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Address == "California");

                admin.AddRole(new SecurityRole());
                user.AddRole(roleForUser);

                context.Add(user);
                context.Add(admin);
                context.SaveChanges();
            }
        }
 public void CreateUserAndRole()
 {
     using (TestDbContextWithUsers context = new TestDbContextWithUsers()) {
         SecurityUser user     = new SecurityUser();
         SecurityRole role     = new SecurityRole();
         UserRole     userRole = new UserRole {
             Role = role, User = user
         };
         context.Add(userRole);
         user.Name     = "Admin";
         user.Password = "******";
         role.Name     = "AdminRole";
         role.AddMemberPermission <TestDbContextWithUsers, Company>(SecurityOperation.Read, OperationState.Deny, "Description", (s, t) => t.Description == "1");
         Company cmopany = new Company()
         {
             CompanyName = "1", Description = "1"
         };
         context.Add(cmopany);
         context.SaveChanges();
     }
     using (TestDbContextWithUsers context = new TestDbContextWithUsers()) {
         var company = context.Company.First();
         Assert.AreEqual("1", company.CompanyName);
         Assert.AreEqual("1", company.Description);
     }
     using (TestDbContextWithUsers context = new TestDbContextWithUsers()) {
         context.Logon("Admin", "1");
         var company = context.Company.First();
         Assert.AreEqual("1", company.CompanyName);
         Assert.IsNull(company.Description);
     }
 }
 private static void TaskSecuritySetUp(SecurityRole roleForUser)
 {
     // "Note" member of task "TopManagement", "Write" and "Draw" will be denied
     roleForUser.AddMemberPermission <EFCoreDemoDbContext, DemoTask>(SecurityOperation.Read, OperationState.Deny, "Note", (db, obj) => obj.PercentCompleted < 50);
     // Task "Hardcode" will be denied
     roleForUser.AddObjectPermission <EFCoreDemoDbContext, DemoTask>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.ContactTasks.Any(p => p.Contact.Name == "John"));
 }
 private static void ContactSecuritySetUp(SecurityRole roleForUser)
 {
     // "Address" member of contacts "Jack", "Barry" and "Mike" will be denied
     roleForUser.AddMemberPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, "Address", (db, obj) => obj.Department != null && obj.Department.Office == "Texas");
     // Contacts "Zack", "Marina", "Kate" will be denied
     roleForUser.AddObjectPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Department != null && obj.Department.Title == "Sales");
     // Contact "Ezra" will be denied
     roleForUser.AddObjectPermission <EFCoreDemoDbContext, Contact>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.ContactTasks.Any(p => p.Task.Description == "Draw"));
 }
 private static void DepartmentSecuritySetUp(SecurityRole roleForUser)
 {
     // Department "Sales" will be denied
     roleForUser.AddMemberPermission <EFCoreDemoDbContext, Department>(SecurityOperation.Read, OperationState.Deny, "Office", (db, obj) => obj.Title == "Sales");
     roleForUser.AddObjectPermission <EFCoreDemoDbContext, Department>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Contacts.Any(c => c.Name == "Barry"));
 }