public void Test_CollateAccess_TwoEntitiesTwoOperations(bool entity1Read, bool entity2Read, bool entity1Modify, bool entity2Write, bool expectedEntity1CombinedAccess, bool expectedEntity2CombinedAccess) { IDictionary <long, bool> result; Dictionary <long, IDictionary <long, bool> > operationToAccess; EntityRef readPermission; EntityRef modifyPermission; const int entity1Id = 1; const int entity2Id = 2; readPermission = Permissions.Read; modifyPermission = Permissions.Modify; operationToAccess = new Dictionary <long, IDictionary <long, bool> >(); operationToAccess[readPermission.Id] = new Dictionary <long, bool>(); operationToAccess[readPermission.Id][entity1Id] = entity1Read; operationToAccess[readPermission.Id][entity2Id] = entity2Read; operationToAccess[modifyPermission.Id] = new Dictionary <long, bool>(); operationToAccess[modifyPermission.Id][entity1Id] = entity1Modify; operationToAccess[modifyPermission.Id][entity2Id] = entity2Write; result = new EntityAccessControlChecker().CollateAccess(new[] { new EntityRef(entity1Id), new EntityRef(entity2Id) }, operationToAccess); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity1Id).And.Property("Value").EqualTo(expectedEntity1CombinedAccess)); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity2Id).And.Property("Value").EqualTo(expectedEntity2CombinedAccess)); }
public void Test_CollateAccess_EmptyOperationsToAccess() { IDictionary <long, bool> result; result = new EntityAccessControlChecker().CollateAccess(new EntityRef[] { 1 }, new Dictionary <long, IDictionary <long, bool> >()); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(1).And.Property("Value").False); }
private void Do_AddAllowXXXQuery_AllowMultiple(Action <Subject, SecurableEntity> addAccess, ICollection <EntityRef> operations) { EntityType securableEntityType; const int numEntities = 5; Entity[] entities; Subject subject; IDictionary <long, bool> result; using (DatabaseContext.GetContext(true)) { securableEntityType = Entity.Create <EntityType>(); securableEntityType.Inherits.Add(Entity.Get <EntityType>("core:resource")); securableEntityType.Save(); entities = new Entity[numEntities]; for (int i = 0; i < numEntities; i++) { entities[i] = Entity.Create(new EntityRef(securableEntityType.Id)).As <Entity>(); entities[i].Save(); } subject = Entity.Create <UserAccount>().As <Subject>(); subject.Save(); addAccess(subject, securableEntityType.As <SecurableEntity>()); result = new EntityAccessControlChecker().CheckAccess(entities.Select(x => (EntityRef)x).ToList(), operations.ToList(), subject); for (int i = 0; i < numEntities; i++) { Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entities[i].Id).And.Property("Value").True); } } }
public void Test_CheckAccess_SecurityBypassContext() { EntityRef[] entityIds; IDictionary <long, bool> result; UserAccount userAccount; EntityAccessControlChecker entityAccessControlChecker; MockRepository mockRepository; entityIds = new EntityRef[] { 1, 2, 3 }; mockRepository = new MockRepository(MockBehavior.Strict); entityAccessControlChecker = new EntityAccessControlChecker( mockRepository.Create <IUserRoleRepository>().Object, mockRepository.Create <IQueryRepository>().Object, mockRepository.Create <IEntityTypeRepository>().Object ); userAccount = Entity.Create <UserAccount>(); userAccount.Save(); using (new SecurityBypassContext()) { result = entityAccessControlChecker.CheckAccess(entityIds, new[] { Permissions.Read }, userAccount); } Assert.That(result, Has.Count.EqualTo(entityIds.Count())); Assert.That(result, Has.All.Property("Value").True); mockRepository.VerifyAll(); }
public void Test_AddAllowReadQuery_NameQuery() { using (DatabaseContext.GetContext(true)) { EntityType securableEntityType1; IEntity entity1A; IEntity entity1Z; Subject subject; Report report; IDictionary <long, bool> result; securableEntityType1 = Entity.Create <EntityType>(); securableEntityType1.Inherits.Add(Entity.Get <EntityType>("core:resource")); securableEntityType1.Save(); entity1A = Entity.Create(new EntityRef(securableEntityType1.Id)); entity1A.SetField("core:name", "A"); entity1A.Save(); entity1Z = Entity.Create(new EntityRef(securableEntityType1.Id)); entity1Z.SetField("core:name", "Z"); entity1Z.Save(); subject = Entity.Create <UserAccount>().As <Subject>(); subject.Save(); report = TestQueries.EntitiesWithNameA().ToReport(); new AccessRuleFactory().AddAllowReadQuery(subject, securableEntityType1.As <SecurableEntity>(), report); result = new EntityAccessControlChecker().CheckAccess( new[] { new EntityRef(entity1A.Id), new EntityRef(entity1Z.Id) }, new[] { Permissions.Read }, subject); Assert.That(result, Has.Property("Count").EqualTo(2)); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity1A.Id).And.Property("Value").True); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity1Z.Id).And.Property("Value").False); } }
public void Test_AddAllowCreate_AllowMultipleCreate() { EntityType[] securableEntityTypes; const int numTypes = 5; Subject subject; IDictionary <long, bool> result; IEntity[] entities; subject = Entity.Create <UserAccount>().As <Subject>(); subject.Save(); securableEntityTypes = new EntityType[numTypes]; for (int i = 0; i < numTypes; i++) { securableEntityTypes[i] = Entity.Create <EntityType>(); securableEntityTypes[i].Inherits.Add(Entity.Get <EntityType>("core:resource")); securableEntityTypes[i].Save(); new AccessRuleFactory().AddAllowCreate(subject, securableEntityTypes[i].As <SecurableEntity>()); } entities = new IEntity[numTypes]; for (int i = 0; i < numTypes; i++) { entities[i] = Entity.Create(securableEntityTypes[i]); } result = new EntityAccessControlChecker().CheckAccess(entities.Select(x => new EntityRef(x)).ToList(), new[] { Permissions.Create }, subject); Assert.That(result, Has.Count.EqualTo(numTypes)); Assert.That(result.Keys, Is.EquivalentTo(entities.Select(x => x.Id))); Assert.That(result.Values, Has.All.True); }
public void Test_CheckAccess_NoEntities() { MockRepository mockRepository; EntityAccessControlChecker entityAccessControlChecker; Mock <IUserRoleRepository> roleRepository; Mock <IQueryRepository> queryRepository; Mock <IEntityTypeRepository> entityTypeRepository; IDictionary <long, bool> result; UserAccount userAccount; userAccount = Entity.Get <UserAccount>(RequestContext.GetContext().Identity.Id); mockRepository = new MockRepository(MockBehavior.Strict); roleRepository = mockRepository.Create <IUserRoleRepository>(); queryRepository = mockRepository.Create <IQueryRepository>(); entityTypeRepository = mockRepository.Create <IEntityTypeRepository>(); entityAccessControlChecker = new EntityAccessControlChecker(roleRepository.Object, queryRepository.Object, entityTypeRepository.Object); result = entityAccessControlChecker.CheckAccess(new Collection <EntityRef>(), new[] { Permissions.Read }, userAccount); mockRepository.VerifyAll(); Assert.That(result, Is.Empty); }
public void Test_SkipCheck_Fail() { EntityRef user; user = new EntityRef(1); Assert.That(EntityAccessControlChecker.SkipCheck(user), Is.False); }
public void Test_SkipCheck_GlobalUser() { EntityRef user; user = new EntityRef(0); // 0 = Global tenant Assert.That(EntityAccessControlChecker.SkipCheck(user), Is.True); }
public void Security_CheckInstancesSecurity(bool grant) { IEntityXmlExporter exporter = Factory.EntityXmlExporter; IEntityXmlImporter importer = Factory.EntityXmlImporter; string xml; Definition type = new Definition( ); type.Inherits.Add(UserResource.UserResource_Type); type.Name = Guid.NewGuid( ).ToString( ); type.Save( ); Resource instance = Entity.Create(type.Id).As <Resource>( ); instance.Name = "Mordor"; instance.Save( ); // Generate the XML as admin using (RunAsImportExportRole( )) { xml = exporter.GenerateXml(instance.Id, EntityXmlExportSettings.Default); } // Create a user that can create the types, but not modify the instance var user = Entity.Create <UserAccount>( ); user.Name = "Frodo"; user.UserHasRole.Add(Entity.Get <Role>("core:importExportRole")); user.Save( ); new AccessRuleFactory( ).AddAllowCreate(user.As <Subject>( ), type.As <SecurableEntity>( )).Save( ); if (grant) { new AccessRuleFactory( ).AddAllowByQuery(user.As <Subject>( ), type.As <SecurableEntity>( ), new[] { Permissions.Read, Permissions.Modify }, TestQueries.Entities(new EntityRef(type.Id)).ToReport( )).Save( ); } var res = new EntityAccessControlChecker( ).CheckTypeAccess(new[] { type.As <EntityType>() }, Permissions.Create, user); // Try to reimport as non-priv user using (new SetUser(user)) { Action run = () => importer.ImportXml(xml, EntityXmlImportSettings.Default); if (grant) { run( ); } else { Assert.That(Assert.Throws <PlatformSecurityException>(() => run( )).Message, Is.StringStarting("Frodo does not have edit access to Mordor")); } } }
public void Test_Creation() { EntityAccessControlChecker entityAccessControlChecker; entityAccessControlChecker = null; Assert.That(() => entityAccessControlChecker = new EntityAccessControlChecker(), Throws.Nothing); Assert.That(entityAccessControlChecker, Has.Property("RoleRepository").Not.Null); Assert.That(entityAccessControlChecker, Has.Property("QueryRepository").Not.Null); Assert.That(entityAccessControlChecker, Has.Property("EntityTypeRepository").Not.Null); }
public void Test_SetAll_Entities() { long[] entities = { 1, 2 }; IDictionary <long, bool> result; result = new EntityAccessControlChecker().SetAll(entities, false); Assert.That(result.Keys, Is.EquivalentTo(entities)); Assert.That(result.Values, Has.All.False); }
public void Test_SkipCheck_Bypass() { EntityRef user; user = new EntityRef(1); using (new SecurityBypassContext()) { Assert.That(EntityAccessControlChecker.SkipCheck(user), Is.True); } }
public void Test_CheckAccess_TypelessEntity() { IDictionary <long, bool> result; long testId = EntityId.Max; result = new EntityAccessControlChecker().CheckAccess(new[] { new EntityRef(testId) }, new[] { Permissions.Read }, Entity.Get <UserAccount>(RequestContext.GetContext().Identity.Id)); Assert.That(result, Has.Count.EqualTo(1)); Assert.That(result[testId], Is.True); }
public void Test_AddMultiplePermissions() { EntityType securableEntityType1; EntityType securableEntityType2; Entity entity1; Entity entity2; Subject subject; IDictionary <long, bool> result; using (DatabaseContext.GetContext(true)) { securableEntityType1 = Entity.Create <EntityType>(); securableEntityType1.Inherits.Add(Entity.Get <EntityType>("core:resource")); securableEntityType1.Save(); securableEntityType2 = Entity.Create <EntityType>(); securableEntityType2.Inherits.Add(Entity.Get <EntityType>("core:resource")); securableEntityType2.Save(); entity1 = Entity.Create(securableEntityType1).As <Entity>(); entity1.SetField("core:alias", "entity1__test"); entity1.Save(); entity2 = Entity.Create(securableEntityType2).As <Entity>(); entity2.SetField("core:alias", "entity2__test"); entity2.Save(); subject = Entity.Create <UserAccount>().As <Subject>(); subject.Save(); new AccessRuleFactory().AddAllowReadQuery(subject, securableEntityType1.As <SecurableEntity>(), TestQueries.Entities().ToReport()); new AccessRuleFactory().AddAllowReadQuery(subject, securableEntityType2.As <SecurableEntity>(), TestQueries.Entities().ToReport()); new AccessRuleFactory().AddAllowModifyQuery(subject, securableEntityType2.As <SecurableEntity>(), TestQueries.Entities().ToReport()); result = new EntityAccessControlChecker().CheckAccess(new EntityRef[] { entity1, entity2 }, new[] { Permissions.Read }, subject); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity1.Id).And.Property("Value").True, "Allow read"); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity2.Id).And.Property("Value").True, "Allow read"); result = new EntityAccessControlChecker().CheckAccess(new EntityRef[] { entity1, entity2 }, new[] { Permissions.Modify }, subject); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity1.Id).And.Property("Value").False, "Allow modify"); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity2.Id).And.Property("Value").True, "Allow modify"); result = new EntityAccessControlChecker().CheckAccess(new EntityRef[] { entity1, entity2 }, new[] { Permissions.Read, Permissions.Modify }, subject); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity1.Id).And.Property("Value").False, "Allow read and modify"); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entity2.Id).And.Property("Value").True, "Allow read and modify"); } }
public void Test_Creation() { EntityAccessControlService entityAccessControlService; IEntityAccessControlChecker entityAccessControlChecker; entityAccessControlChecker = new EntityAccessControlChecker(); entityAccessControlService = new EntityAccessControlService(entityAccessControlChecker); Assert.That(entityAccessControlService, Has.Property("EntityAccessControlChecker").EqualTo(entityAccessControlChecker)); Assert.That(entityAccessControlService, Has.Property("TraceLevelFactory").EqualTo((Func <int>)entityAccessControlService.GetTraceLevelSetting)); Assert.That(entityAccessControlService, Has.Property("TraceLevel").Not.Null); }
public void Test_CollateAccess_EmptyEntities() { IDictionary <long, bool> result; Dictionary <EntityRef, IDictionary <long, bool> > operationToAccess; EntityRef allowRead; allowRead = Permissions.Read; operationToAccess = new Dictionary <EntityRef, IDictionary <long, bool> >(); operationToAccess[allowRead] = new Dictionary <long, bool>(); operationToAccess[allowRead][1] = false; result = new EntityAccessControlChecker().CollateAccess(new EntityRef[0], new Dictionary <long, IDictionary <long, bool> >()); Assert.That(result, Is.Empty); }
public void Test_AllowAccessToInvalidIds_NoTypelessEntities() { IDictionary <long, ISet <EntityRef> > entityTypes; Dictionary <long, bool> mapping; IDictionary <long, bool> result; mapping = new Dictionary <long, bool>(); mapping[1] = false; entityTypes = new Dictionary <long, ISet <EntityRef> >(); result = new EntityAccessControlChecker().AllowAccessToTypelessIds(mapping, entityTypes); Assert.That(result, Has.Count.EqualTo(mapping.Count)); Assert.That(result[1], Is.False); }
public void Test_CollateAccess_SingleEntityNotAllowed() { IDictionary <long, bool> result; Dictionary <long, IDictionary <long, bool> > operationToAccess; EntityRef readPermission; const int entityId = 1; readPermission = Permissions.Read; operationToAccess = new Dictionary <long, IDictionary <long, bool> >(); operationToAccess[readPermission.Id] = new Dictionary <long, bool>(); operationToAccess[readPermission.Id][entityId] = false; result = new EntityAccessControlChecker().CollateAccess(new[] { new EntityRef(entityId) }, new Dictionary <long, IDictionary <long, bool> >()); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(entityId).And.Property("Value").False); }
public void Test_AllowAccessToInvalidIds_EmptyMapping() { IDictionary <long, ISet <EntityRef> > entityTypes; Dictionary <long, bool> mapping; IDictionary <long, bool> result; mapping = new Dictionary <long, bool>(); entityTypes = new Dictionary <long, ISet <EntityRef> >(); entityTypes.Add(1, new HashSet <EntityRef> { new EntityRef(1) }); result = new EntityAccessControlChecker().AllowAccessToTypelessIds(mapping, entityTypes); Assert.That(result, Has.Count.EqualTo(mapping.Count)); }
public void Test_BasicSecurity() { UserAccount userAccount = null; EntityType entityType = null; IEntity entity1 = null; IEntity entity2 = null; userAccount = Entity.Create <UserAccount>(); userAccount.Name = "GetEntitiesOfType test user " + Guid.NewGuid().ToString(); userAccount.Save(); entityType = new EntityType(); entityType.Inherits.Add(UserResource.UserResource_Type); entityType.Save(); entity1 = Entity.Create(new EntityRef(entityType)); entity1.SetField("core:name", "A"); entity1.Save(); entity2 = Entity.Create(new EntityRef(entityType)); entity2.SetField("core:name", "B"); entity2.Save(); new AccessRuleFactory().AddAllowReadQuery(userAccount.As <Subject>(), entityType.As <SecurableEntity>(), TestQueries.EntitiesWithNameA().ToReport()); // Sanity Check. Check directly to avoid any caching or side effect issue. IDictionary <long, bool> results = new EntityAccessControlChecker().CheckAccess( new[] { new EntityRef(entity1), new EntityRef(entity2) }, new[] { Permissions.Read }, new EntityRef(userAccount)); Assert.That(results, Has.Exactly(1).Property("Key").EqualTo(entity1.Id).And.Property("Value").True, "EntityAccessControlChecker.CheckAccess: No access to Entity ID 1"); Assert.That(results, Has.Exactly(1).Property("Key").EqualTo(entity2.Id).And.Property("Value").False, "EntityAccessControlChecker.CheckAccess: Access to Entity ID 2"); using (new SetUser(userAccount)) { IEnumerable <IEntity> entities = Entity.GetInstancesOfType(entityType, true, "name"); Assert.That(entities.Count(), Is.EqualTo(1), "Entity.GetInstancesOfType: Incorrect count"); Assert.That(entities, Has.Exactly(1).Property("Id").EqualTo(entity1.Id), "Entity.GetInstancesOfType: Incorrect Id"); } }
public void Test_CheckAccess_AccessByQueryOnly() { UserAccount userAccount; SecurableEntity securableEntity; IDictionary <long, bool> result; AccessRule accessRule; Report authReport; // Test: // // Folder Instance // ^ // | // | // UserAccount ----> AccessRule -----> FolderType // // (no PermissionAccess relationship) // using (DatabaseContext.GetContext(true)) { securableEntity = Entity.Create <SecurableEntity>(); securableEntity.Save(); authReport = Entity.Create <Report>(); authReport.Save(); accessRule = Entity.Create <AccessRule>(); accessRule.AccessRuleEnabled = true; accessRule.AccessRuleReport = authReport; accessRule.ControlAccess = securableEntity; // Do not set accessRule.PermissionAccess accessRule.Save(); userAccount = Entity.Create <UserAccount>(); userAccount.AllowAccess.Add(accessRule.As <AccessRule>()); userAccount.Save(); result = new EntityAccessControlChecker().CheckAccess(new[] { new EntityRef(securableEntity.Id) }, new[] { Permissions.Read }, new EntityRef(userAccount.Id)); Assert.That(result[securableEntity.Id], Is.False); } }
public void Test_CheckAccess_Mocked_TypelessEntity() { MockRepository mockRepository; EntityAccessControlChecker entityAccessControlChecker; Mock <IUserRoleRepository> roleRepository; Mock <IQueryRepository> queryRepository; Mock <IEntityTypeRepository> entityTypeRepository; IDictionary <long, bool> result; UserAccount userAccount; EntityRef[] entitiesToTest; long testId = EntityId.Max; userAccount = Entity.Get <UserAccount>(RequestContext.GetContext().Identity.Id); mockRepository = new MockRepository(MockBehavior.Strict); roleRepository = mockRepository.Create <IUserRoleRepository>(); roleRepository.Setup(rr => rr.GetUserRoles(userAccount.Id)).Returns(() => new HashSet <long>()); queryRepository = mockRepository.Create <IQueryRepository>(); entitiesToTest = new [] { new EntityRef(testId) }; entityTypeRepository = mockRepository.Create <IEntityTypeRepository>(); entityTypeRepository.Setup(etr => etr.GetEntityTypes(entitiesToTest)) .Returns(() => new Dictionary <long, ISet <EntityRef> > { { EntityTypeRepository.TypelessId, new HashSet <EntityRef> { new EntityRef(testId) } } }); entityAccessControlChecker = new EntityAccessControlChecker(roleRepository.Object, queryRepository.Object, entityTypeRepository.Object); result = entityAccessControlChecker.CheckAccess(entitiesToTest, new[] { Permissions.Read }, userAccount); mockRepository.VerifyAll(); Assert.That(result, Has.Count.EqualTo(1)); Assert.That(result[testId], Is.True); }
public void Test_AllowAccessToInvalidIds_SingleTypelessEntity() { IDictionary <long, ISet <EntityRef> > entityTypes; Dictionary <long, bool> mapping; IDictionary <long, bool> result; const long testEntityId = 1; mapping = new Dictionary <long, bool>(); mapping[testEntityId] = false; entityTypes = new Dictionary <long, ISet <EntityRef> >(); entityTypes.Add(EntityTypeRepository.TypelessId, new HashSet <EntityRef> { new EntityRef(testEntityId) }); result = new EntityAccessControlChecker().AllowAccessToTypelessIds(mapping, entityTypes); Assert.That(result, Has.Count.EqualTo(mapping.Count)); Assert.That(result[testEntityId], Is.True); }
public void Test_CheckAccess_UserNoRelationships() { UserAccount userAccount; IEntity folder; IDictionary <long, bool> result; using (DatabaseContext.GetContext(true)) { userAccount = Entity.Create <UserAccount>(); userAccount.Save(); folder = Entity.Create <Folder>(); folder.Save(); result = new EntityAccessControlChecker().CheckAccess(new[] { new EntityRef(folder.Id) }, new[] { Permissions.Read }, new EntityRef(userAccount.Id)); Assert.That(result[folder.Id], Is.False); } }
public void Test_CheckAccess_AccessRuleOnly() { UserAccount userAccount; SecurableEntity securableEntity; IDictionary <long, bool> result; AccessRule accessRule; // Test: // // Instance // ^ // | // | // UserAccount ------- AccessByQuery -----> SecurableEntity // // (no PermissionAccess relationship to Create) // using (DatabaseContext.GetContext(true)) { securableEntity = Entity.Create <SecurableEntity>(); securableEntity.Save(); accessRule = Entity.Create <AccessRule>(); accessRule.AccessRuleEnabled = true; accessRule.ControlAccess = securableEntity; accessRule.Save(); userAccount = Entity.Create <UserAccount>(); userAccount.AllowAccess.Add(accessRule); userAccount.Save(); result = new EntityAccessControlChecker().CheckAccess(new[] { new EntityRef(securableEntity.Id) }, new[] { Permissions.Create }, new EntityRef(userAccount.Id)); Assert.That(result[securableEntity.Id], Is.False); } }
public void CheckAutomaticAccess_GrantType(string permissionEntityRef, string testEntityRef, bool expectedResult) { Permission permission; Dictionary <long, IDictionary <long, bool> > permissionToAccess; IDictionary <long, ISet <EntityRef> > entityTypes; EntityRef testType; EntityAccessControlChecker entityAccessControlChecker; permission = Entity.Get <Permission>(permissionEntityRef); Assert.That(permission, Is.Not.Null, "Unknown permission."); permissionToAccess = new Dictionary <long, IDictionary <long, bool> >(); permissionToAccess[permission.Id] = new Dictionary <long, bool>(); testType = new EntityRef(testEntityRef); entityTypes = new EntityTypeRepository().GetEntityTypes(new [] { testType }); entityAccessControlChecker = new EntityAccessControlChecker(); foreach (KeyValuePair <long, ISet <EntityRef> > entityType in entityTypes) { entityAccessControlChecker.CheckAutomaticAccess( permission, entityType, permissionToAccess); } if (expectedResult) { Assert.That( permissionToAccess[permission.Id], Has.Some.Property("Key").EqualTo(testType.Id) .And.Property("Value").EqualTo(expectedResult)); } else { Assert.That( permissionToAccess[permission.Id], Has.None.Property("Key").EqualTo(testType.Id)); } }
public void Test_CheckAccess_NoPermissions() { MockRepository mockRepository; EntityAccessControlChecker entityAccessControlChecker; Mock <IUserRoleRepository> roleRepository; Mock <IQueryRepository> queryRepository; Mock <IEntityTypeRepository> entityTypeRepository; IDictionary <long, bool> result; EntityRef testEntity; UserAccount userAccount; userAccount = Entity.Get <UserAccount>(RequestContext.GetContext().Identity.Id); testEntity = new EntityRef(1); mockRepository = new MockRepository(MockBehavior.Strict); roleRepository = mockRepository.Create <IUserRoleRepository>(); roleRepository.Setup(rr => rr.GetUserRoles(userAccount.Id)).Returns(() => new HashSet <long>()); queryRepository = mockRepository.Create <IQueryRepository>(); entityTypeRepository = mockRepository.Create <IEntityTypeRepository>(); entityAccessControlChecker = new EntityAccessControlChecker(roleRepository.Object, queryRepository.Object, entityTypeRepository.Object); result = entityAccessControlChecker.CheckAccess(new[] { testEntity }, new Collection <EntityRef>(), userAccount); mockRepository.VerifyAll(); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(testEntity.Id).And.Property("Value").EqualTo(false)); Assert.That(result, Has.Count.EqualTo(1)); }
public void Test_SkipCheck_NullUser() { Assert.That(() => EntityAccessControlChecker.SkipCheck(null), Throws.TypeOf <ArgumentNullException>().And.Property("ParamName").EqualTo("user")); }