public void Should_load_lazy_policy_with_cache_key_exactly_twice_during_execution_with_caching_on()
{
// Arrange
var callsToContainer = 0;
var policy = new LazyLoadedPolicyWithCacheKey();
FakeIoC.GetAllInstancesProvider = () =>
{
callsToContainer++;
return(new List <object> {
policy
});
};
SecurityConfigurator.Configure(configuration =>
{
configuration.GetAuthenticationStatusFrom(TestDataFactory.ValidIsAuthenticatedFunction);
configuration.ResolveServicesUsing(FakeIoC.GetAllInstances);
configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.PerHttpRequest);
});
var context = new MockSecurityContext();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy <LazyLoadedPolicyWithCacheKey>();
// Act
policyContainer.EnforcePolicies(context);
policyContainer.EnforcePolicies(context);
// Assert
Assert.That(callsToContainer, Is.EqualTo(2));
Assert.That(policy.CacheKeyCallCount, Is.EqualTo(2), "Did not get the custom cache key the expected amount of times");
Assert.That(policy.EnforceCallCount, Is.EqualTo(1), "Did not call enforce the expected amount of times");
}
public void Should_throw_when_no_policy_was_loaded()
{
// Arrange
var lazySecurityPolicy = new LazySecurityPolicy <PolicyWithConstructorArguments>();
var context = new MockSecurityContext();
// Act & assert
var exception = Assert.Throws <InvalidOperationException>(() => lazySecurityPolicy.Enforce(context));
Assert.That(exception.Message, Is.EqualTo("A policy of type FluentSecurity.Specification.Policy.PolicyWithConstructorArguments could not be loaded! Make sure the policy has an empty constructor or is registered in your IoC-container."));
}
public void Should_throw_when_context_can_not_be_created_or_resolved()
{
// Arrange
SecurityConfigurator.Configure(configuration => {});
var policy = new Policy <ContextWithConstructorArgs>();
var context = new MockSecurityContext();
// Act & assert
var exception = Assert.Throws <ArgumentException>(() => policy.Enforce(context));
Assert.That(exception.Message, Is.EqualTo("The generic argument ContextWithConstructorArgs could not be created or resolved from the container."));
}
public void Should_load_and_enforce_policy_with_failed_result()
{
// Arrange
var lazySecurityPolicy = new LazySecurityPolicy <PolicyWithEmptyConstructor>();
var context = new MockSecurityContext(isAuthenticated: false);
// Act
var result = lazySecurityPolicy.Enforce(context);
// Assert
Assert.That(result.PolicyType, Is.EqualTo(typeof(PolicyWithEmptyConstructor)));
Assert.That(result.ViolationOccured, Is.True);
}
public void Should_have_route_values_from_Data_RouteValues_property()
{
// Arrange
ISecurityContext innerSecurityContext = new MockSecurityContext();
innerSecurityContext.Data.RouteValues = new RouteValueDictionary();
// Act
var context = new MvcSecurityContext(innerSecurityContext);
// Assert
Assert.That(context.RouteValues, Is.EqualTo(innerSecurityContext.Data.RouteValues));
}
public void SetUp()
{
_securityContext = new MockSecurityContext();
FakeIoC.GetAllInstancesProvider = () => new List <object>
{
_securityContext
};
SecurityConfigurator.Configure(configuration =>
{
configuration.GetAuthenticationStatusFrom(StaticHelper.IsAuthenticatedReturnsTrue);
configuration.ResolveServicesUsing(FakeIoC.GetAllInstances);
});
}
public void Should_create_context_with_security_context_as_the_only_contructor_argument()
{
// Arrange
FakeIoC.GetAllInstancesProvider = () => new List <ISecurityContext>();
SecurityConfigurator.Configure(configuration => configuration.ResolveServicesUsing(FakeIoC.GetAllInstances));
var policy = new Policy <ContextWithContextConstructor>();
var context = new MockSecurityContext();
// Act
policy.Enforce(context);
// Assert
Assert.That(policy.WasCalledWithCustomContext, Is.True);
}
public void Should_load_and_enforce_policy_with_success_result()
{
// Arrange
SecurityConfigurator.Configure(configuraiton => {});
var lazySecurityPolicy = new LazySecurityPolicy <PolicyWithBaseClass>();
var context = new MockSecurityContext(isAuthenticated: true);
// Act
var result = lazySecurityPolicy.Enforce(context);
// Assert
Assert.That(result.PolicyType, Is.EqualTo(typeof(PolicyWithBaseClass)));
Assert.That(result.ViolationOccured, Is.False);
}
public void Should_create_MvcSecurityContext_with_security_context_as_the_only_constructor_argument()
{
// Arrange
SecurityConfigurator.Configure(configuration => {});
var policy = new Policy <MvcSecurityContext>();
var expectedRouteValues = new RouteValueDictionary();
var context = new MockSecurityContext(routeValues: expectedRouteValues);
// Act
policy.Enforce(context);
// Assert
Assert.That(policy.WasCalledWithCustomContext, Is.True);
Assert.That(policy.CustomContext.RouteValues, Is.EqualTo(expectedRouteValues));
}
public void Should_get_context_from_external_service_locator()
{
// Arrange
FakeIoC.GetAllInstancesProvider = () => new List <ISecurityContext>
{
new ContextFromContainer()
};
SecurityConfigurator.Configure(configuration => configuration.ResolveServicesUsing(FakeIoC.GetAllInstances));
var policy = new Policy <ContextFromContainer>();
var context = new MockSecurityContext();
// Act
policy.Enforce(context);
// Assert
Assert.That(policy.WasCalledWithCustomContext, Is.True);
}
public void SetUp()
{
SecurityConfigurator.Reset();
FakeIoC.Reset();
_context = new MockSecurityContext();
}
