Esempio n. 1
0
        public void Test_CheckTypeAccess_SingleCached( )
        {
            CachingEntityAccessControlChecker checker;
            MockRepository mockRepository;
            Mock <IEntityAccessControlChecker> mockChecker;
            IList <EntityType> entityTypes;
            EntityRef          user;
            EntityRef          permission;

            entityTypes = new[] { new EntityType() };
            user        = new EntityRef(100);
            permission  = new EntityRef(101);

            mockRepository = new MockRepository(MockBehavior.Strict);
            mockChecker    = mockRepository.Create <IEntityAccessControlChecker>();

            checker = new CachingEntityAccessControlChecker(mockChecker.Object);
            checker.Cache.Add(new UserEntityPermissionTuple(user.Id, entityTypes.First().Id, new[] { permission.Id }), false);
            Assert.That(checker.CheckTypeAccess(entityTypes, permission, user), Is.EquivalentTo(entityTypes.ToDictionary(et => et.Id, et => false)));

            mockRepository.VerifyAll();
            Assert.That(checker.Cache.Count, Is.EqualTo(1), "Incorrect cache count");
            Assert.That(
                checker.Cache,
                Has.Exactly(1)
                .Property("Key").EqualTo(new UserEntityPermissionTuple(user.Id, entityTypes.First().Id, new[] { permission.Id }))
                .And.Property("Value").EqualTo(false), "Not cached");
        }
Esempio n. 2
0
        public void Test_CheckTypeAccess_SingleUncached( )
        {
            CachingEntityAccessControlChecker checker;
            MockRepository mockRepository;
            Mock <IEntityAccessControlChecker> mockChecker;
            IList <EntityType> entityTypes;
            EntityRef          user;
            EntityRef          permission;
            Expression <Func <IEntityAccessControlChecker, IDictionary <long, bool> > > canCreate;

            entityTypes = new[] { new EntityType() };
            user        = new EntityRef(100);
            permission  = new EntityRef(100);
            canCreate   = c => c.CheckTypeAccess(It.Is <IList <EntityType> >(ets => ets.SequenceEqual(entityTypes)), permission, user);

            mockRepository = new MockRepository(MockBehavior.Strict);
            mockChecker    = mockRepository.Create <IEntityAccessControlChecker>();
            mockChecker
            .Setup(canCreate)
            .Returns(entityTypes.ToDictionary(et => et.Id, et => true));

            checker = new CachingEntityAccessControlChecker(mockChecker.Object);
            Assert.That(checker.CheckTypeAccess(entityTypes, permission, user), Is.EquivalentTo(entityTypes.ToDictionary(et => et.Id, et => true)));

            mockRepository.VerifyAll();
            mockChecker.Verify(canCreate, Times.Once);
            Assert.That(checker.Cache.Count, Is.EqualTo(1), "Incorrect cache count");
            Assert.That(
                checker.Cache,
                Has.Exactly(1)
                .Property("Key").EqualTo(new UserEntityPermissionTuple(user.Id, entityTypes.First().Id, new[] { permission.Id }))
                .And.Property("Value").EqualTo(true), "Not cached");
        }
Esempio n. 3
0
        public void Test_CheckTypeAccess_SecurityBypass( )
        {
            CachingEntityAccessControlChecker checker;
            MockRepository mockRepository;
            Mock <IEntityAccessControlChecker> mockChecker;
            IList <EntityType> entityTypes;
            EntityRef          user;
            EntityRef          permission;
            Expression <Func <IEntityAccessControlChecker, IDictionary <long, bool> > > canCreate;
            IDictionary <long, bool> result;

            entityTypes = new[] { new EntityType(), new EntityType() };
            user        = new EntityRef(100);
            permission  = new EntityRef(101);
            canCreate   = c => c.CheckTypeAccess(It.Is <IList <EntityType> >(ets => ets.SequenceEqual(entityTypes)), permission, user);

            mockRepository = new MockRepository(MockBehavior.Strict);
            mockChecker    = mockRepository.Create <IEntityAccessControlChecker>();
            mockChecker.Setup(canCreate).Returns(entityTypes.ToDictionary(et => et.Id, et => true));

            checker = new CachingEntityAccessControlChecker(mockChecker.Object);
            checker.Cache.Add(new UserEntityPermissionTuple(user.Id, entityTypes[0].Id, new[] { permission.Id }), false);

            using (new SecurityBypassContext())
            {
                result = checker.CheckTypeAccess(entityTypes, permission, user);
            }
            Assert.That(result, Has.Count.EqualTo(2));
            Assert.That(result, Has.All.Property("Value").EqualTo(true));
            Assert.That(result.Keys, Is.EquivalentTo(entityTypes.Select(et => et.Id)));

            mockRepository.VerifyAll();
            mockChecker.Verify(canCreate, Times.Once);
            Assert.That(checker.Cache.Count, Is.EqualTo(1), "Cache contents changed");
            Assert.That(
                checker.Cache,
                Has.Exactly(1)
                .Property("Key").EqualTo(new UserEntityPermissionTuple(user.Id, entityTypes[0].Id, new[] { permission.Id }))
                .And.Property("Value").EqualTo(false), "Not cached");
        }