public void Test_CheckAccess_SecurityBypassContext() { EntityRef[] entityIds; IDictionary <long, bool> result; UserAccount userAccount; EntityAccessControlChecker entityAccessControlChecker; MockRepository mockRepository; entityIds = new EntityRef[] { 1, 2, 3 }; mockRepository = new MockRepository(MockBehavior.Strict); entityAccessControlChecker = new EntityAccessControlChecker( mockRepository.Create <IUserRoleRepository>().Object, mockRepository.Create <IQueryRepository>().Object, mockRepository.Create <IEntityTypeRepository>().Object ); userAccount = Entity.Create <UserAccount>(); userAccount.Save(); using (new SecurityBypassContext()) { result = entityAccessControlChecker.CheckAccess(entityIds, new[] { Permissions.Read }, userAccount); } Assert.That(result, Has.Count.EqualTo(entityIds.Count())); Assert.That(result, Has.All.Property("Value").True); mockRepository.VerifyAll(); }
public void Test_CheckAccess_NoEntities() { MockRepository mockRepository; EntityAccessControlChecker entityAccessControlChecker; Mock <IUserRoleRepository> roleRepository; Mock <IQueryRepository> queryRepository; Mock <IEntityTypeRepository> entityTypeRepository; IDictionary <long, bool> result; UserAccount userAccount; userAccount = Entity.Get <UserAccount>(RequestContext.GetContext().Identity.Id); mockRepository = new MockRepository(MockBehavior.Strict); roleRepository = mockRepository.Create <IUserRoleRepository>(); queryRepository = mockRepository.Create <IQueryRepository>(); entityTypeRepository = mockRepository.Create <IEntityTypeRepository>(); entityAccessControlChecker = new EntityAccessControlChecker(roleRepository.Object, queryRepository.Object, entityTypeRepository.Object); result = entityAccessControlChecker.CheckAccess(new Collection <EntityRef>(), new[] { Permissions.Read }, userAccount); mockRepository.VerifyAll(); Assert.That(result, Is.Empty); }
public void Test_CheckAccess_Mocked_TypelessEntity() { MockRepository mockRepository; EntityAccessControlChecker entityAccessControlChecker; Mock <IUserRoleRepository> roleRepository; Mock <IQueryRepository> queryRepository; Mock <IEntityTypeRepository> entityTypeRepository; IDictionary <long, bool> result; UserAccount userAccount; EntityRef[] entitiesToTest; long testId = EntityId.Max; userAccount = Entity.Get <UserAccount>(RequestContext.GetContext().Identity.Id); mockRepository = new MockRepository(MockBehavior.Strict); roleRepository = mockRepository.Create <IUserRoleRepository>(); roleRepository.Setup(rr => rr.GetUserRoles(userAccount.Id)).Returns(() => new HashSet <long>()); queryRepository = mockRepository.Create <IQueryRepository>(); entitiesToTest = new [] { new EntityRef(testId) }; entityTypeRepository = mockRepository.Create <IEntityTypeRepository>(); entityTypeRepository.Setup(etr => etr.GetEntityTypes(entitiesToTest)) .Returns(() => new Dictionary <long, ISet <EntityRef> > { { EntityTypeRepository.TypelessId, new HashSet <EntityRef> { new EntityRef(testId) } } }); entityAccessControlChecker = new EntityAccessControlChecker(roleRepository.Object, queryRepository.Object, entityTypeRepository.Object); result = entityAccessControlChecker.CheckAccess(entitiesToTest, new[] { Permissions.Read }, userAccount); mockRepository.VerifyAll(); Assert.That(result, Has.Count.EqualTo(1)); Assert.That(result[testId], Is.True); }
public void Test_CheckAccess_NoPermissions() { MockRepository mockRepository; EntityAccessControlChecker entityAccessControlChecker; Mock <IUserRoleRepository> roleRepository; Mock <IQueryRepository> queryRepository; Mock <IEntityTypeRepository> entityTypeRepository; IDictionary <long, bool> result; EntityRef testEntity; UserAccount userAccount; userAccount = Entity.Get <UserAccount>(RequestContext.GetContext().Identity.Id); testEntity = new EntityRef(1); mockRepository = new MockRepository(MockBehavior.Strict); roleRepository = mockRepository.Create <IUserRoleRepository>(); roleRepository.Setup(rr => rr.GetUserRoles(userAccount.Id)).Returns(() => new HashSet <long>()); queryRepository = mockRepository.Create <IQueryRepository>(); entityTypeRepository = mockRepository.Create <IEntityTypeRepository>(); entityAccessControlChecker = new EntityAccessControlChecker(roleRepository.Object, queryRepository.Object, entityTypeRepository.Object); result = entityAccessControlChecker.CheckAccess(new[] { testEntity }, new Collection <EntityRef>(), userAccount); mockRepository.VerifyAll(); Assert.That(result, Has.Exactly(1).Property("Key").EqualTo(testEntity.Id).And.Property("Value").EqualTo(false)); Assert.That(result, Has.Count.EqualTo(1)); }