public void ShouldGrantAccessToDataSource()
{
const int dataSourceId = 234;
const int userId = 5323;
const string dataSourceName = "Test";
const long projectId = 123;
_dataSourceAuthorityNameBuilder
.Setup(_ => _.GetDataSourceAuthorityName(dataSourceName))
.Returns("read_datasource_Test");
_userAuthorityValidator.Setup(
_ => _.GetProjects(
userId,
new[]
{
"read_datasource_Test"
})).Returns(
new[]
{
projectId
});
_tableRepository
.Setup(_ => _.GetAvailable(dataSourceId))
.Returns(
new[]
{
new Tables
{
Type = (int)DataSourceType.User,
Name = dataSourceName
}
}.AsQueryable());
var result = _target.CanReadSource(dataSourceId, userId);
_userAuthorityValidator.Verify(
_ => _.GetProjects(
userId,
new[]
{
"read_datasource_Test"
}),
Times.Once);
result.Should().BeTrue();
}
public void Validate(DslDataQuery query, long?projectId, bool isSystem)
{
if (query == null)
{
throw new ArgumentNullException(nameof(query));
}
if ((projectId == null) && isSystem)
{
return;
}
var tableDataSource = _dataSourceInfoProvider.Get(query.QueryEntityName, _userPrincipal.Info.Id);
var isDataSourceFromTable = tableDataSource != null;
if (!isDataSourceFromTable)
{
return;
}
if (!_dataSourceAccessValidator.CanReadSource(tableDataSource.Id, _userPrincipal.Info.Id))
{
throw new UnauthorizedAccessException();
}
}
public bool IsAccessible(string value, string dataSourceName, long userId, out DataSourceFieldInfo fieldInfo)
{
fieldInfo = null;
var exprValues = GetSeparatedValues(value);
var currentDataSourceName = dataSourceName;
var lastSimpleValue = exprValues.LastOrDefault(_ => _queryVariableNameBuilder.IsSimpleValue(_));
if (string.IsNullOrEmpty(lastSimpleValue))
{
return(true);
}
foreach (var exprValue in exprValues)
{
var isSipleValue = _queryVariableNameBuilder.IsSimpleValue(exprValue);
if (!isSipleValue)
{
continue;
}
if (exprValue == lastSimpleValue)
{
break;
}
var entityName = _queryEntityNamePropertyTypeNameResolver.ResolvePropertyTypeName(
currentDataSourceName,
exprValue);
var isCanReadCurrentDataSource = _dataSourceAccessValidator.CanReadSource(entityName, userId);
if (!isCanReadCurrentDataSource)
{
return(false);
}
currentDataSourceName = exprValue;
}
if (!string.IsNullOrEmpty(lastSimpleValue))
{
fieldInfo = _dataSourceFieldInfoProvider.TryGet(currentDataSourceName, lastSimpleValue, userId);
}
return(true);
}
public DataSourceInfo Get(string dataSourceName, long userId)
{
if (string.IsNullOrEmpty(nameof(dataSourceName)))
{
throw new ArgumentNullException(nameof(dataSourceName));
}
var dataSource = _tableRepository.Get(dataSourceName).SingleOrDefault();
if (dataSource == null)
{
throw new DataSourceDoesNotExistsException(dataSourceName);
}
var canReadSource = _dataSourceAccessValidator.CanReadSource(dataSourceName, userId);
if (!canReadSource)
{
throw new UnauthorizedAccessException();
}
return(dataSource.ToDto());
}
public bool CanReadSourceField([NotNull] TableColumns column, long userId)
{
if (column == null)
{
throw new ArgumentNullException(nameof(column));
}
var canReadDataSource = _dataSourceAccessValidator.CanReadSource(column.TableId, userId);
if (!canReadDataSource)
{
return(false);
}
return(column.FieldType != (int)DataSourceFieldType.Closed);
}