public void Commit_DeletedStateCombination()
{
SecurableClassDefinition orderClass = _testHelper.CreateOrderClassDefinition();
using (_testHelper.Transaction.CreateSubTransaction().EnterDiscardingScope())
{
orderClass.EnsureDataAvailable();
Assert.That(orderClass.State, Is.EqualTo(StateType.Unchanged));
using (ClientTransaction.Current.CreateSubTransaction().EnterDiscardingScope())
{
StateCombination combination = _testHelper.CreateStateCombination(orderClass, ClientTransaction.Current);
combination.AccessControlList.AccessControlEntries.Add(AccessControlEntry.NewObject());
using (ClientTransaction.Current.CreateSubTransaction().EnterDiscardingScope())
{
orderClass.EnsureDataAvailable();
Assert.That(orderClass.State, Is.EqualTo(StateType.Unchanged));
combination.AccessControlList.Delete();
Assert.That(combination.Class, Is.Null);
Assert.That(orderClass.State, Is.EqualTo(StateType.Changed));
ClientTransaction.Current.Commit();
}
ClientTransaction.Current.Commit();
}
Assert.That(orderClass.State, Is.EqualTo(StateType.Changed));
}
}
public void Validate_IsValid()
{
AccessControlEntry ace = AccessControlEntry.NewObject();
AccessControlEntryValidationResult result = ace.Validate();
Assert.That(result.IsValid, Is.True);
}
public void TokenWithNullPrincipal_NotMatches()
{
AccessControlEntry entry = AccessControlEntry.NewObject();
SecurityTokenMatcher matcher = new SecurityTokenMatcher(entry);
SecurityToken token = TestHelper.CreateTokenWithNullPrincipal();
Assert.That(matcher.MatchesToken(token), Is.False);
}
public AccessControlEntry CreateAceWithNoMatchingRestrictions()
{
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
return(entry);
}
}
protected AccessControlEntry CreateAceForStateless()
{
var ace = AccessControlEntry.NewObject();
ace.AccessControlList = StatelessAccessControlList.NewObject();
return(ace);
}
public void EmptyAce_Matches()
{
AccessControlEntry entry = AccessControlEntry.NewObject();
SecurityTokenMatcher matcher = new SecurityTokenMatcher(entry);
SecurityToken token = TestHelper.CreateTokenWithoutUser();
Assert.That(matcher.MatchesToken(token), Is.True);
}
private AccessControlEntry CreateAceForStateful()
{
var ace = AccessControlEntry.NewObject();
ace.AccessControlList = StatefulAccessControlList.NewObject();
return(ace);
}
public void TokenWithAbstractRole_Matches()
{
AccessControlEntry entry = AccessControlEntry.NewObject();
SecurityTokenMatcher matcher = new SecurityTokenMatcher(entry);
SecurityToken token = TestHelper.CreateTokenWithAbstractRole(TestHelper.CreateTestAbstractRole());
Assert.That(matcher.MatchesToken(token), Is.True);
}
public void GetAccessTypes_WithMultipleMatchingAces()
{
AbstractRoleDefinition role1 = AbstractRoleDefinition.NewObject(Guid.NewGuid(), "QualityManager", 0);
AccessControlEntry ace1 = AccessControlEntry.NewObject();
ace1.SpecificAbstractRole = role1;
AccessTypeDefinition readAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Read", 0);
AccessTypeDefinition copyAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Copy", 1);
AccessTypeDefinition indexAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Index", 2);
AccessTypeDefinition moveAccessType = _testHelper.CreateAccessTypeForAce(ace1, false, Guid.NewGuid(), "Move", 3);
AccessTypeDefinition appendAccessType = _testHelper.CreateAccessTypeForAce(ace1, false, Guid.NewGuid(), "Append", 4);
AccessTypeDefinition renameAccessType = _testHelper.CreateAccessTypeForAce(ace1, false, Guid.NewGuid(), "Rename", 5);
AccessTypeDefinition writeAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Write", 6);
AccessTypeDefinition deleteAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Delete", 7);
AccessTypeDefinition findAccessType = _testHelper.CreateAccessTypeForAce(ace1, null, Guid.NewGuid(), "Find", 8);
AbstractRoleDefinition role2 = AbstractRoleDefinition.NewObject(Guid.NewGuid(), "SoftwareDeveloper", 1);
AccessControlEntry ace2 = AccessControlEntry.NewObject();
ace2.SpecificAbstractRole = role2;
_testHelper.AttachAccessType(ace2, readAccessType, true);
_testHelper.AttachAccessType(ace2, copyAccessType, false);
_testHelper.AttachAccessType(ace2, indexAccessType, null);
_testHelper.AttachAccessType(ace2, moveAccessType, true);
_testHelper.AttachAccessType(ace2, appendAccessType, false);
_testHelper.AttachAccessType(ace2, renameAccessType, null);
_testHelper.AttachAccessType(ace2, writeAccessType, true);
_testHelper.AttachAccessType(ace2, deleteAccessType, false);
_testHelper.AttachAccessType(ace2, findAccessType, null);
AccessControlList acl = _testHelper.CreateStatefulAcl(ace1, ace2);
SecurityToken token = _testHelper.CreateTokenWithAbstractRole(role1, role2);
AccessInformation accessInformation = acl.GetAccessTypes(token);
//read y y y
//copy y n n
//index y - y
//move n y n
//append n n n
//rename n - n
//write - y y
//delete - n n
//find - - -
Assert.That(
accessInformation.AllowedAccessTypes,
Is.EquivalentTo(new[] { readAccessType, indexAccessType, writeAccessType }));
Assert.That(
accessInformation.DeniedAccessTypes,
Is.EquivalentTo(new[] { copyAccessType, moveAccessType, appendAccessType, renameAccessType, deleteAccessType }));
}
public AccessControlEntry CreateAceWithoutGroupCondition()
{
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.GroupCondition = GroupCondition.None;
return(entry);
}
}
public AccessControlEntry CreateAceWithAbstractRole()
{
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.SpecificAbstractRole = CreateTestAbstractRole();
return(entry);
}
}
public AccessControlEntry CreateAceWithOwningUser()
{
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.UserCondition = UserCondition.Owner;
return(entry);
}
}
public AccessControlEntry CreateAceWithPosition(Position position)
{
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.UserCondition = UserCondition.SpecificPosition;
entry.SpecificPosition = position;
return(entry);
}
}
public override void SetUp()
{
base.SetUp();
_aceClass = BindableObjectProviderTestHelper.GetBindableObjectClass(typeof(AccessControlEntry));
_testHelper = new AccessControlTestHelper();
_testHelper.Transaction.EnterNonDiscardingScope();
_ace = AccessControlEntry.NewObject();
}
public void FindMatchingEntries_WithMatchingAce()
{
AccessControlEntry entry = AccessControlEntry.NewObject();
AccessControlList acl = _testHelper.CreateStatefulAcl(entry);
SecurityToken token = _testHelper.CreateTokenWithoutUser();
AccessControlEntry[] foundEntries = acl.FindMatchingEntries(token);
Assert.That(foundEntries.Length, Is.EqualTo(1));
Assert.That(foundEntries, Has.Member(entry));
}
public AccessControlEntry CreateAceWithOwningTenant()
{
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.TenantCondition = TenantCondition.OwningTenant;
entry.TenantHierarchyCondition = TenantHierarchyCondition.This;
return(entry);
}
}
public AccessControlEntry CreateAceWithSpecificUser(User user)
{
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.UserCondition = UserCondition.SpecificUser;
entry.SpecificUser = user;
return(entry);
}
}
public AccessControlEntry CreateAceWithSpecificGroupType(GroupType groupType)
{
ArgumentUtility.CheckNotNull("groupType", groupType);
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.GroupCondition = GroupCondition.AnyGroupWithSpecificGroupType;
entry.SpecificGroupType = groupType;
return(entry);
}
}
public AccessControlEntry CreateAceWithSpecificGroup(Group group)
{
ArgumentUtility.CheckNotNull("group", group);
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.GroupCondition = GroupCondition.SpecificGroup;
entry.SpecificGroup = group;
entry.GroupHierarchyCondition = GroupHierarchyCondition.This;
return(entry);
}
}
public AccessControlEntry CreateAceWithSpecificTenant(Tenant tenant)
{
ArgumentUtility.CheckNotNull("tenant", tenant);
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.TenantCondition = TenantCondition.SpecificTenant;
entry.SpecificTenant = tenant;
entry.TenantHierarchyCondition = TenantHierarchyCondition.This;
return(entry);
}
}
public AccessControlEntry CreateAceWithPositionAndGroupCondition(Position position, GroupCondition groupCondition)
{
using (_transaction.EnterNonDiscardingScope())
{
AccessControlEntry entry = AccessControlEntry.NewObject();
entry.UserCondition = UserCondition.SpecificPosition;
entry.SpecificPosition = position;
entry.GroupCondition = groupCondition;
if (groupCondition == GroupCondition.OwningGroup)
{
entry.GroupHierarchyCondition = GroupHierarchyCondition.ThisAndParent;
}
return(entry);
}
}
public void GetAccessTypes_WithMatchingAce()
{
AccessControlEntry ace = AccessControlEntry.NewObject();
AccessTypeDefinition readAccessType = _testHelper.CreateReadAccessTypeAndAttachToAce(ace, true);
_testHelper.CreateWriteAccessTypeAndAttachToAce(ace, null);
AccessTypeDefinition deleteAccessType = _testHelper.CreateDeleteAccessTypeAndAttachToAce(ace, false);
AccessTypeDefinition copyAccessType = _testHelper.CreateAccessTypeForAce(ace, true, Guid.NewGuid(), "Copy", 3);
AccessTypeDefinition moveAccessType = _testHelper.CreateAccessTypeForAce(ace, false, Guid.NewGuid(), "Move", 4);
AccessControlList acl = _testHelper.CreateStatefulAcl(ace);
SecurityToken token = _testHelper.CreateTokenWithoutUser();
AccessInformation accessInformation = acl.GetAccessTypes(token);
Assert.That(accessInformation.AllowedAccessTypes, Is.EquivalentTo(new[] { readAccessType, copyAccessType }));
Assert.That(accessInformation.DeniedAccessTypes, Is.EquivalentTo(new[] { deleteAccessType, moveAccessType }));
}
public void ValidateDuringCommit_ByTouchOnClassForChangedStateUsagesCollection()
{
SecurableClassDefinition orderClass = _testHelper.CreateOrderClassDefinition();
StatePropertyDefinition paymentProperty = _testHelper.CreatePaymentStateProperty(orderClass);
StateDefinition paidState = paymentProperty[EnumWrapper.Get(PaymentState.Paid).Name];
StateDefinition notPaidState = paymentProperty[EnumWrapper.Get(PaymentState.None).Name];
StateCombination combination1 = _testHelper.CreateStateCombination(orderClass, paidState);
StateCombination combination2 = _testHelper.CreateStateCombination(orderClass, notPaidState);
StateCombination combination3 = _testHelper.CreateStateCombination(orderClass);
combination1.AccessControlList.AccessControlEntries.Add(AccessControlEntry.NewObject());
combination2.AccessControlList.AccessControlEntries.Add(AccessControlEntry.NewObject());
combination3.AccessControlList.AccessControlEntries.Add(AccessControlEntry.NewObject());
var dupicateStateCombination = orderClass.CreateStatefulAccessControlList().StateCombinations[0];
using (_testHelper.Transaction.CreateSubTransaction().EnterDiscardingScope())
{
dupicateStateCombination.AttachState(paidState);
ClientTransaction.Current.Commit();
}
}
public void DomainObjectsAreSerializable()
{
CheckDomainObjectSerializability(delegate { return(AccessControlEntry.NewObject()); });
CheckDomainObjectSerializability(delegate { return(StatefulAccessControlList.NewObject()); });
CheckDomainObjectSerializability(delegate { return(Permission.NewObject()); });
CheckDomainObjectSerializability(delegate { return(StateCombination.NewObject()); });
CheckDomainObjectSerializability(delegate { return(StateUsage.NewObject()); });
CheckDomainObjectSerializability(delegate { return(AbstractRoleDefinition.NewObject()); });
CheckDomainObjectSerializability(delegate { return(AccessTypeDefinition.NewObject()); });
CheckDomainObjectSerializability(delegate { return(AccessTypeReference.NewObject()); });
CheckDomainObjectSerializability(delegate { return(Culture.NewObject("DE-DE")); });
CheckDomainObjectSerializability(delegate { return(LocalizedName.NewObject("foo", Culture.NewObject("DE-DE"), SecurableClassDefinition.NewObject())); });
CheckDomainObjectSerializability(delegate { return(SecurableClassDefinition.NewObject()); });
CheckDomainObjectSerializability(delegate { return(StateDefinition.NewObject()); });
CheckDomainObjectSerializability(delegate { return(StatePropertyDefinition.NewObject()); });
CheckDomainObjectSerializability(delegate { return(StatePropertyReference.NewObject()); });
CheckDomainObjectSerializability(delegate { return((Group)LifetimeService.NewObject(ClientTransaction.Current, typeof(Group), ParamList.Empty)); });
CheckDomainObjectSerializability(delegate { return((GroupType)LifetimeService.NewObject(ClientTransaction.Current, typeof(GroupType), ParamList.Empty)); });
CheckDomainObjectSerializability(delegate { return(GroupTypePosition.NewObject()); });
CheckDomainObjectSerializability(delegate { return((Position)LifetimeService.NewObject(ClientTransaction.Current, typeof(Position), ParamList.Empty)); });
CheckDomainObjectSerializability(delegate { return(Role.NewObject()); });
CheckDomainObjectSerializability(delegate { return((Tenant)LifetimeService.NewObject(ClientTransaction.Current, typeof(Tenant), ParamList.Empty)); });
CheckDomainObjectSerializability(delegate { return((User)LifetimeService.NewObject(ClientTransaction.Current, typeof(User), ParamList.Empty)); });
}
public void FindMatchingEntries_WithMultipleMatchingAces()
{
AccessControlEntry ace1 = AccessControlEntry.NewObject();
AccessTypeDefinition readAccessType = _testHelper.CreateReadAccessTypeAndAttachToAce(ace1, true);
AccessTypeDefinition writeAccessType = _testHelper.CreateWriteAccessTypeAndAttachToAce(ace1, null);
AccessTypeDefinition deleteAccessType = _testHelper.CreateDeleteAccessTypeAndAttachToAce(ace1, null);
AbstractRoleDefinition role2 = AbstractRoleDefinition.NewObject(Guid.NewGuid(), "SoftwareDeveloper", 1);
AccessControlEntry ace2 = AccessControlEntry.NewObject();
ace2.SpecificAbstractRole = role2;
_testHelper.AttachAccessType(ace2, readAccessType, null);
_testHelper.AttachAccessType(ace2, writeAccessType, true);
_testHelper.AttachAccessType(ace2, deleteAccessType, null);
AccessControlList acl = _testHelper.CreateStatefulAcl(ace1, ace2);
SecurityToken token = _testHelper.CreateTokenWithAbstractRole(role2);
AccessControlEntry[] entries = acl.FindMatchingEntries(token);
Assert.That(entries.Length, Is.EqualTo(2));
Assert.That(entries, Has.Member(ace2));
Assert.That(entries, Has.Member(ace1));
}