Esempio n. 1
0
        public void A_RulePolicy_can_be_properly_serialized_to_json()
        {
            var adminRoleRule = new ClaimRule {
                ClaimType = "role", ClaimValue = "admin"
            };
            var powerUserRoleRule = new ClaimRule {
                ClaimType = "role", ClaimValue = "power user"
            };
            var salesDepartmentRule = new ClaimRule {
                ClaimType = "department", ClaimValue = "sales"
            };
            var nameDynauthorizerRule = new ClaimRule {
                ClaimType = "name", ClaimValue = "Dynauthorizer"
            };

            var salesPowerUserRuleSet = new RuleSet(new[] { powerUserRoleRule, salesDepartmentRule }, RuleSetOperator.And);
            var rootRuleSet           = new RuleSet(new IRule[] { adminRoleRule, nameDynauthorizerRule, salesPowerUserRuleSet }, RuleSetOperator.Or);

            var policy = new RulePolicy {
                Name = "MyPolicy", RootRule = rootRuleSet
            };

            var jsonString = JsonConvert.SerializeObject(policy, Formatting.Indented);

            var expectedString = @"{
  ""name"": ""MyPolicy"",
  ""rootRule"": {
    ""rules"": [
      {
        ""claimType"": ""role"",
        ""claimValue"": ""admin""
      },
      {
        ""claimType"": ""name"",
        ""claimValue"": ""Dynauthorizer""
      },
      {
        ""rules"": [
          {
            ""claimType"": ""role"",
            ""claimValue"": ""power user""
          },
          {
            ""claimType"": ""department"",
            ""claimValue"": ""sales""
          }
        ],
        ""operator"": ""And""
      }
    ],
    ""operator"": ""Or""
  }
}";

            Assert.Equal(expectedString, jsonString);
        }
Esempio n. 2
0
        public void Rule_with_matching_principal_returns_true()
        {
            var rule = new ClaimRule {
                ClaimType = "testclaim", ClaimValue = "testvalue"
            };
            var principal = new ClaimsPrincipalBuilder().WithClaim("testclaim", "testvalue").Build();

            var isOk = rule.IsSatisfiedBy(principal);

            Assert.True(isOk);
        }
Esempio n. 3
0
        public void Rule_without_ClaimValue_only_checks_ClaimType()
        {
            var rule = new ClaimRule {
                ClaimType = "testclaim", ClaimValue = null
            };
            var principal = new ClaimsPrincipalBuilder().WithClaim("testclaim", "whatever").Build();

            var isOk = rule.IsSatisfiedBy(principal);

            Assert.True(isOk);
        }
Esempio n. 4
0
        public void Rule_without_matching_principal_returns_false()
        {
            var rule = new ClaimRule {
                ClaimType = "testclaim", ClaimValue = "testvalue"
            };
            var principal = new ClaimsPrincipalBuilder().Build(); // empty, no claims

            var isOk = rule.IsSatisfiedBy(principal);

            Assert.False(isOk);
        }
        public void Both_claims_must_be_satisified_in_RuleSet_with_2_rules_and_operator_And()
        {
            var rule1 = new ClaimRule {
                ClaimType = "testclaim1", ClaimValue = "testvalue1"
            };
            var rule2 = new ClaimRule {
                ClaimType = "testclaim2", ClaimValue = "testvalue2"
            };
            var ruleSet = new RuleSet(new [] { rule1, rule2 }, RuleSetOperator.And);
            var principalWithBothClaims   = new ClaimsPrincipalBuilder().WithClaim("testclaim1", "testvalue1").WithClaim("testclaim2", "testvalue2").Build();
            var principalWithOnlyOneClaim = new ClaimsPrincipalBuilder().WithClaim("testclaim1", "textvalue1").Build();

            Assert.True(ruleSet.IsSatisfiedBy(principalWithBothClaims));
            Assert.False(ruleSet.IsSatisfiedBy(principalWithOnlyOneClaim));
        }
        public void Composite_RuleSet_with_one_Rule_and_a_nested_RuleSet_and_operator_or_can_be_satisfied_with_a_principal_that_matches_the_Rule_but_also_with_a_principal_that_matches_the_nested_ruleset()
        {
            var adminRoleRule = new ClaimRule {
                ClaimType = "role", ClaimValue = "admin"
            };
            var powerUserRoleRule = new ClaimRule {
                ClaimType = "role", ClaimValue = "power users"
            };
            var salesDepartmentRule = new ClaimRule {
                ClaimType = "department", ClaimValue = "sales"
            };
            var salesPowerUsersRuleSet  = new RuleSet(new [] { powerUserRoleRule, salesDepartmentRule }, RuleSetOperator.And);
            var compositeRuleSet        = new RuleSet(new IRule[] { adminRoleRule, salesPowerUsersRuleSet }, RuleSetOperator.Or);
            var adminPrincipal          = new ClaimsPrincipalBuilder().WithClaim("role", "admin").Build();
            var salesPowerUserPrincipal = new ClaimsPrincipalBuilder().WithClaim("role", "power users").WithClaim("department", "sales").Build();
            var regularSalesUser        = new ClaimsPrincipalBuilder().WithClaim("role", "users").WithClaim("department", "sales").Build();

            Assert.True(compositeRuleSet.IsSatisfiedBy(adminPrincipal));
            Assert.True(compositeRuleSet.IsSatisfiedBy(salesPowerUserPrincipal));
            Assert.False(compositeRuleSet.IsSatisfiedBy(regularSalesUser));
        }