public void AddDuplicate()
        {
            AuthorizationRuleCollection col  = new AuthorizationRuleCollection();
            AuthorizationRule           rule = new AuthorizationRule(AuthorizationRuleAction.Deny);

            rule.Users.Add("toshok");
            rule.Verbs.Add("GET");

            col.Add(rule);
            col.Add(rule);

            Assert.AreEqual(2, col.Count, "A1");
            Assert.AreEqual("toshok", col[0].Users.ToString(), "A2");
        }
        private void AddAuthorizationRules(string siteName, PropertyBag authBag)
        {
            PermissionsFlags            permissions = (PermissionsFlags)authBag[3];
            string                      str         = (string)authBag[1];
            string                      str2        = (string)authBag[2];
            AuthorizationRuleCollection authorizationRuleCollection = this.GetAuthorizationRuleCollection(siteName);

            if (!string.IsNullOrEmpty(str))
            {
                authorizationRuleCollection.Add(AuthorizationRuleAccessType.Allow, str, string.Empty, permissions);
            }
            if (!string.IsNullOrEmpty(str2))
            {
                authorizationRuleCollection.Add(AuthorizationRuleAccessType.Allow, string.Empty, str2, permissions);
            }
        }
Esempio n. 3
0
        public void when_checking_authorization_for_a_matching_resource_and_user_with_both_allow_and_deny_rules()
        {
            var currentIdentities = new string[] { "L1:DOMAIN1\\User1", "L1:DOMAIN1\\Group1", "Role1" };
            var resourceName      = "Form1";
            var resources         = new string[] { resourceName };
            var resourceType      = ResourceTypes.Form;
            var allowedIdentities = new string[] { "L1:DOMAIN1\\UserA", "L1:DOMAIN1\\User1" };
            var deniedIdentities  = new string[] { "L1:DOMAIN1\\GroupA", "L1:DOMAIN1\\Group1" };

            var rules     = new AuthorizationRuleCollection();
            var allowRule = new AuthorizationRule(resources, resourceType, PermissionType.Allow, allowedIdentities);

            rules.Add(allowRule);
            var denyRule = new AuthorizationRule(resources, resourceType, PermissionType.Deny, deniedIdentities);

            rules.Add(denyRule);

            Assert.IsFalse(rules.IsAuthorized(resourceName, resourceType, currentIdentities), "it should not be authorized");
        }
        public void AddDuplicate2()
        {
            AuthorizationRuleCollection col   = new AuthorizationRuleCollection();
            AuthorizationRule           rule1 = new AuthorizationRule(AuthorizationRuleAction.Deny);
            AuthorizationRule           rule2 = new AuthorizationRule(AuthorizationRuleAction.Allow);

            rule1.Users.Add("toshok");
            rule1.Verbs.Add("GET");

            rule2.Users.Add("toshok");
            rule2.Verbs.Add("GET");

            col.Add(rule1);
            col.Add(rule2);

            Assert.AreEqual(2, col.Count, "A1");
            Assert.AreEqual("toshok", col[0].Users.ToString(), "A2");
            Assert.AreEqual(AuthorizationRuleAction.Deny, col[0].Action, "A3");
            Assert.AreEqual(AuthorizationRuleAction.Allow, col[1].Action, "A4");
        }
        /// <summary>
        /// Creates virtual directory under site with given name and sets authorization rules.
        /// </summary>
        /// <param name="siteName">Site name.</param>
        /// <param name="account">Account information.</param>
        public void CreateFtpAccount(string siteName, FtpAccount account)
        {
            Site site = this.GetIisSite(siteName);

            if (site != null)
            {
                Application application = site.Applications["/"];
                if (application != null)
                {
                    // Convert FTP account name to virtual directory format
                    var ftpVirtualDir = String.Format("/{0}", account.Name);
                    //
                    VirtualDirectory accountDirectory = application.VirtualDirectories[ftpVirtualDir];
                    //
                    if (accountDirectory != null)
                    {
                        application.VirtualDirectories.Remove(accountDirectory);
                    }
                    VirtualDirectory createdVirtualDirectory = application.VirtualDirectories.Add(ftpVirtualDir, account.Folder);


                    AuthorizationRuleCollection authRulesCollection = this.GetAuthorizationRuleCollection(String.Format("{0}/{1}", siteName, account.Name));
                    List <AuthorizationRule>    rulesToRemove       = new List <AuthorizationRule>();
                    foreach (AuthorizationRule rule in authRulesCollection)
                    {
                        if (rule.AccessType == AuthorizationRuleAccessType.Allow && (rule.Users == "?" || rule.Users == "*"))
                        {
                            rulesToRemove.Add(rule);
                        }
                    }

                    foreach (AuthorizationRule rule in rulesToRemove)
                    {
                        authRulesCollection.Remove(rule);
                    }

                    PermissionsFlags permissions = 0;
                    if (account.CanRead)
                    {
                        permissions |= PermissionsFlags.Read;
                    }
                    if (account.CanWrite)
                    {
                        permissions |= PermissionsFlags.Write;
                    }
                    if (account.CanRead || account.CanWrite)
                    {
                        authRulesCollection.Add(AuthorizationRuleAccessType.Allow, account.Name, String.Empty, permissions);
                    }
                }
            }
            this.CommitChanges();
        }
        /// <summary>
        /// Recupera todas as regras cadastradas.
        /// </summary>
        /// <returns></returns>
        public override AuthorizationRuleCollection GetAllRules()
        {
            var collection = new AuthorizationRuleCollection();

            foreach (var i in Navigate(Root))
            {
                foreach (var j in i.GetRules())
                {
                    collection.Add(j);
                }
            }
            return(collection);
        }
Esempio n. 7
0
        public void when_checking_authorization_for_a_matching_resource_and_a_matching_identity()
        {
            var currentIdentities = new string[] { "L1:DOMAIN1\\User1", "L1:DOMAIN1\\Group1", "Role1" };
            var resourceName      = "Form1";
            var resources         = new string[] { resourceName };
            var resourceType      = ResourceTypes.Form;
            var allowedIdentities = new string[] { "L1:DOMAIN1\\User1", "L1:DOMAIN1\\User2" };
            var rules             = new AuthorizationRuleCollection();
            var allowRule         = new AuthorizationRule(resources, resourceType, PermissionType.Allow, allowedIdentities);

            rules.Add(allowRule);

            Assert.IsTrue(rules.IsAuthorized(resourceName, resourceType, currentIdentities), "it should be authorized");
        }
        public void GetElementKey()
        {
            MethodInfo minfo = typeof(AuthorizationRuleCollection).GetMethod("GetElementKey", BindingFlags.Instance | BindingFlags.NonPublic);
            AuthorizationRuleCollection col = new AuthorizationRuleCollection();

            AuthorizationRule rule = new AuthorizationRule(AuthorizationRuleAction.Deny);

            rule.Users.Add("toshok");
            rule.Verbs.Add("GET");

            col.Add(rule);

            object[] args = new object[1];
            args[0] = rule;
            string key = (string)minfo.Invoke(col, args);

            Assert.AreEqual("Deny", key, "A1");
        }
        public override AuthorizationRuleCollection GetAllRulesByPath(string path)
        {
            string loc                     = FormatVirtualPath(path);
            var    validPathsQueue         = new Queue <XmlAuthorizationPath>();
            XmlAuthorizationPath validPath = null;
            var queuePaths                 = new Queue <XmlAuthorizationPath>();

            queuePaths.Enqueue(Root);
            while (queuePaths.Count > 0)
            {
                var p1 = queuePaths.Dequeue();
                foreach (var i in p1.Children.ToArray())
                {
                    if (i == null)
                    {
                        continue;
                    }
                    if ((i.Complex != null && i.Complex.Match(loc).Success) || (loc.Length >= i.FullUrl.Length && loc.IndexOf(i.FullUrl, 0, i.FullUrl.Length, StringComparison.InvariantCultureIgnoreCase) == 0 && (validPath == null || i.FullUrl.Length > validPath.FullUrl.Length)))
                    {
                        validPathsQueue.Enqueue(i);
                        validPath = i;
                        queuePaths.Enqueue(i);
                    }
                }
                if (p1 == null)
                {
                    break;
                }
            }
            var result = new AuthorizationRuleCollection();

            foreach (var i in validPathsQueue)
            {
                foreach (var j in i.GetRules())
                {
                    result.Add(j);
                }
            }
            return(result);
        }
Esempio n. 10
0
        /// <summary>
        /// Creates ftp site.
        /// </summary>
        /// <param name="site">Ftp site to be created.</param>
        /// <returns>Created site id.</returns>
        /// <exception cref="ArgumentNullException">Is thrown in case supplied argument is null.</exception>
        /// <exception cref="ArgumentException">
        /// Is thrown in case site id or its name is null or empty or if site id is not equal to default ftp site name.
        /// </exception>
        public string CreateSite(FtpSite site)
        {
            if (site == null)
            {
                throw new ArgumentNullException("site");
            }

            if (String.IsNullOrEmpty(site.SiteId) || String.IsNullOrEmpty(site.Name))
            {
                throw new ArgumentException("Site id or name is null or empty.");
            }

            this.CheckFtpServerBindings(site);

            PropertyBag siteBag = this.ftpSitesService.GetSiteDefaults();

            // Set site name
            siteBag[FtpSiteGlobals.Site_Name] = site.Name;
            // Set site physical path
            siteBag[FtpSiteGlobals.VirtualDirectory_PhysicalPath] = site.ContentPath;
            PropertyBag ftpBinding = new PropertyBag();

            // Set site binding protocol
            ftpBinding[FtpSiteGlobals.BindingProtocol] = "ftp";
            // fill binding summary info
            ftpBinding[FtpSiteGlobals.BindingInformation] = site.Bindings[0].ToString();

            // Set site binding
            siteBag[FtpSiteGlobals.Site_SingleBinding] = ftpBinding;

            // Auto-start
            siteBag[FtpSiteGlobals.FtpSite_AutoStart] = true;

            // Set anonumous authentication
            siteBag[FtpSiteGlobals.Authentication_AnonymousEnabled] = true;
            siteBag[FtpSiteGlobals.Authentication_BasicEnabled]     = true;

            this.ftpSitesService.AddSite(siteBag);

            AuthorizationRuleCollection rules = this.ftpSitesService.GetAuthorizationRuleCollection(site.Name);

            rules.Add(AuthorizationRuleAccessType.Allow, "*", String.Empty, PermissionsFlags.Read);

            IisFtpSite iisFtpSite = this.ftpSitesService.GetIisFtpSite(site.Name);

            iisFtpSite.UserIsolation.Mode = Mode.StartInUsersDirectory;
            iisFtpSite.Security.Ssl.ControlChannelPolicy = ControlChannelPolicy.SslAllow;
            iisFtpSite.Security.Ssl.DataChannelPolicy    = DataChannelPolicy.SslAllow;

            this.FillIisFromFtpSite(site);

            this.ftpSitesService.CommitChanges();

            // Do not start the site because it is started during creation.
            try
            {
                this.ChangeSiteState(site.Name, ServerState.Started);
            }
            catch
            {
                // Ignore the error if happened.
            }
            return(site.Name);
        }