Inheritance: Dev2.Services.Security.AuthorizationServiceBase
        public void AuthorizationServiceBase_IsAuthorized_UserIsInServerRoleAndHasPermissions_True()
        {
            //------------Setup for test--------------------------
            var securityPermission = new WindowsGroupPermission {
                IsServer = true
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            foreach (AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                securityPermission.Permissions = context.ToPermissions();

                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, It.IsAny <string>());

                //------------Assert Results-------------------------
                Assert.AreEqual(context != AuthorizationContext.None, authorized);
            }
        }
        public void AuthorizationServiceBase_IsAuthorized_UserIsNotInRole_False()
        {
            //------------Setup for test--------------------------
            var securityPermissions = new List <WindowsGroupPermission>();

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(securityPermissions);

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(false);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            foreach (AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, It.IsAny <string>());

                //------------Assert Results-------------------------
                Assert.IsFalse(authorized);
            }
        }
        public void AuthorizationServiceBase_IsAuthorized_HasDefaultGuestPermissions_WithGivenPermission_True()
        {
            //------------Setup for test--------------------------
            var resource           = Guid.NewGuid();
            var securityPermission = WindowsGroupPermission.CreateGuests();

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(false);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            foreach (AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                securityPermission.Permissions = context.ToPermissions();

                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, resource.ToString());

                //------------Assert Results-------------------------
                Assert.AreEqual(context != AuthorizationContext.None, authorized);
            }
        }
        public void AuthorizationServiceBase_IsAuthorized_UserIsInResourceRoleAndDoesNotHavePermissions_False()
        {
            //------------Setup for test--------------------------
            var resource           = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission {
                IsServer = false, ResourceID = resource
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            foreach (AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                securityPermission.Permissions = ~context.ToPermissions();

                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, resource.ToString());

                //------------Assert Results-------------------------
                Assert.IsFalse(authorized);
            }
        }
Esempio n. 5
0
        public void AuthorizationServiceBase_IsAuthorized_UserIsInResourceRoleAndResourceToBeVerifiedIsNull_False()
        {
            //------------Setup for test--------------------------
            var securityPermission = new WindowsGroupPermission {
                IsServer = false, ResourceName = "Category\\Test1", ResourceID = Guid.NewGuid()
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            //------------Execute Test---------------------------
            var authorized = authorizationService.IsAuthorized(AuthorizationContext.Contribute, null);

            //------------Assert Results-------------------------
            Assert.IsFalse(authorized);
        }
Esempio n. 6
0
        public void AuthorizationServiceBase_IsAuthorizedToConnect_HasPermissionGivenInDefaultGuest_True()
        {
            var securityPermission = WindowsGroupPermission.CreateGuests();

            securityPermission.View = true;
            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(false);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            //------------Execute Test---------------------------
            var authorized = authorizationService.TestIsAuthorizedToConnect(user.Object);

            //------------Assert Results-------------------------
            Assert.IsTrue(authorized);
        }
Esempio n. 7
0
        public void AuthorizationServiceBase_IsAuthorizedToConnect_UserHasNoPermissions_False()
        {
            //------------Setup for test--------------------------
            var resource           = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission {
                IsServer = false, ResourceID = resource, Permissions = Permissions.View
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(false);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            //------------Execute Test---------------------------
            var authorized = authorizationService.TestIsAuthorizedToConnect(user.Object);

            //------------Assert Results-------------------------
            Assert.IsFalse(authorized);
        }
Esempio n. 8
0
        public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServerWithNullIdentityName_WithOnlyBuiltInAdminGroup_UserIsNotAuthorized()
        {
            //------------Setup for test--------------------------
            var resource           = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission {
                IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            //------------Execute Test---------------------------
            var authorized = authorizationService.TestIsAuthorizedToConnect(user.Object);

            //------------Assert Results-------------------------
            Assert.IsFalse(authorized);
        }
Esempio n. 9
0
        public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_AdministratorsMembersOfWarewolfGroup_WhenAdministratorsMembersOfTheGroup_ExpectTrue()
        {
            //------------Setup for test--------------------------

            // permissions setup
            var warewolfGroupOps = MoqInstallerActionFactory.CreateSecurityOperationsObject();

            // Delete warewolf if already a member...
            warewolfGroupOps.DeleteWarewolfGroup();
            warewolfGroupOps.AddWarewolfGroup();

            Console.WriteLine("BEFOREEntering AddAdministratorsGroupToWarewolf");
            try
            {
                warewolfGroupOps.AddAdministratorsGroupToWarewolf();
            }
            catch (COMException e)
            {
                //'The Server service is not started.' error is expected in containers. See: https://github.com/moby/moby/issues/26409#issuecomment-304978309
                if (e.Message != "The Server service is not started.\r\n")
                {
                    throw e;
                }
            }
            var result = warewolfGroupOps.IsAdminMemberOfWarewolf();

            Assert.IsTrue(result);

            // Setup rest of test ;)
            var resource           = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission {
                IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.Identity.Name).Returns("TestUser");

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            //------------Execute Test---------------------------
            var isMember = authorizationService.AreAdministratorsMembersOfWarewolfAdministrators();

            //------------Assert Results-------------------------
            Assert.IsTrue(isMember);
        }
        public void AuthorizationServiceBase_Constructor_PermissionsModifiedEventSubscribedTwice_OnlyOneEventIsWiredUp()
        {
            //------------Setup for test--------------------------
            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission>());

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object);
            authorizationService.PermissionsModified += (sender, args) => { };
            authorizationService.PermissionsModified += (sender, args) => { };
            //------------Execute Test---------------------------
            securityService.Raise(m => m.PermissionsModified += null, EventArgs.Empty, null);
            //------------Assert Results-------------------------
            Assert.AreEqual(1, authorizationService.RaisePermissionsModifiedHitCount);
        }
        public void AuthorizationServiceBase_Constructor_PermissionsChangedEvent_WiredUp()
        {
            //------------Setup for test--------------------------
            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission>());

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object);

            //------------Execute Test---------------------------
            securityService.Raise(m => m.PermissionsChanged += null, EventArgs.Empty);

            //------------Assert Results-------------------------
            Assert.AreEqual(1, authorizationService.RaisePermissionsChangedHitCount);
        }
        public void AuthorizationServiceBase_Constructor_PermissionsChangedEvent_WiredUp()
        {
            //------------Setup for test--------------------------
            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission>());

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object);

            //------------Execute Test---------------------------
            securityService.Raise(m => m.PermissionsChanged += null, EventArgs.Empty);

            //------------Assert Results-------------------------
            Assert.AreEqual(1, authorizationService.RaisePermissionsChangedHitCount);
        }
        public void AuthorizationServiceBase_Remove_InvokesSecurityService()
        {
            //------------Setup for test--------------------------
            var resourceID = Guid.NewGuid();

            var securityService = new Mock <ISecurityService>();

            securityService.Setup(p => p.Remove(resourceID)).Verifiable();
            var authorizationService = new TestAuthorizationServiceBase(securityService.Object);

            //------------Execute Test---------------------------
            authorizationService.Remove(resourceID);

            //------------Assert Results-------------------------
            securityService.Verify(p => p.Remove(resourceID));
        }
        public void AuthorizationServiceBase_Constructor_PermissionsModifiedEventSubscribedTwice_OnlyOneEventIsWiredUp()
        {
            //------------Setup for test--------------------------
            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission>());

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object);

            authorizationService.PermissionsModified += (sender, args) => { };
            authorizationService.PermissionsModified += (sender, args) => { };
            //------------Execute Test---------------------------
            securityService.Raise(m => m.PermissionsModified += null, EventArgs.Empty, null);
            //------------Assert Results-------------------------
            Assert.AreEqual(1, authorizationService.RaisePermissionsModifiedHitCount);
        }
Esempio n. 15
0
        public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_AdministratorsMembersOfWarewolfGroup_WhenAdministratorsAreNotMembersOfTheGroup_ExpectFalse()
        {
            //------------Setup for test--------------------------

            // permissions setup
            var warewolfGroupOps = MoqInstallerActionFactory.CreateSecurityOperationsObject();

            // Delete warewolf if already a member...
            warewolfGroupOps.DeleteWarewolfGroup();
            warewolfGroupOps.AddWarewolfGroup();

            var result = warewolfGroupOps.IsAdminMemberOfWarewolf();

            Assert.IsFalse(result);

            // Setup rest of test ;)
            var resource           = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission {
                IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.Identity.Name).Returns("TestUser");

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object, true, false, true)
            {
                User = user.Object
            };

            authorizationService.MemberOfAdminOverride = true;

            //------------Execute Test---------------------------
            var isMember = authorizationService.AreAdministratorsMembersOfWarewolfAdministrators();

            //------------Assert Results-------------------------
            Assert.IsFalse(isMember);
        }
        public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_WithBuiltInAdminstratorsOnlyWarewolfAdministratorsGroupMember_UserIsAuthorized()
        {
            //------------Setup for test--------------------------
            // Setup rest of test ;)
            var resource           = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission {
                IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns <string>(role =>
            {
                if (role == "Warewolf Administrators")
                {
                    return(false);
                }

                return(true);
            });

            user.Setup(u => u.Identity.Name).Returns("TestUser");

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            //------------Execute Test---------------------------
            var authorized = authorizationService.TestIsAuthorizedToConnect(user.Object);

            //------------Assert Results-------------------------
            Assert.IsTrue(authorized);
        }
        public void AuthorizationServiceBase_IsAuthorized_UserIsInTwoRolesAndOneRoleDeniesAccess_True()
        {
            //------------Setup for test--------------------------
            var resource        = Guid.NewGuid();
            var allowPermission = new WindowsGroupPermission {
                WindowsGroup = "AllowGroup", IsServer = true
            };
            var denyPermission = new WindowsGroupPermission {
                WindowsGroup = "DenyGroup", IsServer = true
            };

            var securityService = new Mock <ISecurityService>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                allowPermission, denyPermission
            });

            var user = new Mock <IPrincipal>();

            user.Setup(u => u.IsInRole(It.IsAny <string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
            {
                User = user.Object
            };

            foreach (AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                allowPermission.Permissions = context.ToPermissions();
                denyPermission.Permissions  = ~context.ToPermissions();

                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, resource.ToString());

                //------------Assert Results-------------------------
                Assert.AreEqual(context != AuthorizationContext.None, authorized);
            }
        }
Esempio n. 18
0
        public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_AdministratorsMembersOfWarewolfGroup_WhenMemberOfAdministrator_ExpectTrue()
        {
            //------------Setup for test--------------------------
            var getPassword = TestEnvironmentVariables.GetVar("dev2\\IntegrationTester");
            // permissions setup
            var warewolfGroupOps = MoqInstallerActionFactory.CreateSecurityOperationsObject();

            //Delete warewolf if already a member...
            warewolfGroupOps.DeleteWarewolfGroup();
            warewolfGroupOps.AddWarewolfGroup();

            var result = warewolfGroupOps.IsAdminMemberOfWarewolf();

            Assert.IsFalse(result);

            // Setup rest of test
            var resource           = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission {
                IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup
            };
            var securityService = new Mock <ISecurityService>();
            var user            = new Mock <IPrincipal>();
            var actualGChildren = new List <Mock <IDirectoryEntry> > {
                new Mock <IDirectoryEntry>()
            };
            var gChildren      = new Mock <IDirectoryEntries>();
            var actualChildren = new List <Mock <IDirectoryEntry> > {
                new Mock <IDirectoryEntry>()
            };
            var children = new Mock <IDirectoryEntries>();
            var dir      = new Mock <IDirectoryEntryFactory>();

            securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
                securityPermission
            });
            user.Setup(u => u.Identity.Name).Returns("TestUser");
            actualGChildren.ForEach(b => b.Setup(a => a.Name).Returns("Warewolf Administrators"));
            actualGChildren.ForEach(b => b.Setup(a => a.SchemaClassName).Returns("Computer"));

            gChildren.Setup(a => a.GetEnumerator()).Returns(actualGChildren.Select(a => a.Object).GetEnumerator());
            actualChildren.First().Setup(a => a.Children).Returns(gChildren.Object);
            children.Setup(a => a.GetEnumerator()).Returns(actualChildren.Select(a => a.Object).GetEnumerator());
            SchemaNameCollection filterList = new DirectoryEntry("LDAP://dev2.local", "IntegrationTester", getPassword).Children.SchemaFilter;

            children.Setup(a => a.SchemaFilter).Returns(filterList);
            var ss = "WinNT://" + Environment.MachineName + ",computer";

            dir.Setup(a => a.Create(ss)).Returns(new TestDirectoryEntry(ss));

            var authorizationService = new TestAuthorizationServiceBase(dir.Object, securityService.Object, true, true, false)
            {
                User = user.Object
            };

            authorizationService.MemberOfAdminOverride = true;
            //------------Execute Test---------------------------
            var isMember = authorizationService.AreAdministratorsMembersOfWarewolfAdministrators();

            //------------Assert Results-------------------------
            Assert.IsTrue(isMember);
        }
        public void AuthorizationServiceBase_IsAuthorized_UserIsNotInRole_False()
        {
            //------------Setup for test--------------------------
            var securityPermissions = new List<WindowsGroupPermission>();

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(securityPermissions);

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(false);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            foreach(AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, It.IsAny<string>());

                //------------Assert Results-------------------------
                Assert.IsFalse(authorized);
            }
        }
        public void AuthorizationServiceBase_IsAuthorized_UserIsInServerRoleAndHasPermissions_True()
        {
            //------------Setup for test--------------------------
            var securityPermission = new WindowsGroupPermission { IsServer = true };

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            foreach(AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                securityPermission.Permissions = context.ToPermissions();

                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, It.IsAny<string>());

                //------------Assert Results-------------------------
                Assert.AreEqual(context != AuthorizationContext.None, authorized);
            }
        }
        public void AuthorizationServiceBase_IsAuthorized_UserIsInResourceRoleAndDoesNotHavePermissions_False()
        {
            //------------Setup for test--------------------------
            var resource = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission { IsServer = false, ResourceID = resource };

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            foreach(AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                securityPermission.Permissions = ~context.ToPermissions();

                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, resource.ToString());

                //------------Assert Results-------------------------
                Assert.IsFalse(authorized);
            }
        }
        public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_WithBuiltInAdminstratorsOnlyWarewolfAdministratorsGroupMember_UserIsAuthorized()
        {
            //------------Setup for test--------------------------
            // Setup rest of test ;)
            var resource = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission { IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup };

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns<string>(role =>
            {
                if(role == "Warewolf Administrators")
                {
                    return false;
                }

                return true;
            });

            user.Setup(u => u.Identity.Name).Returns("TestUser");

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            //------------Execute Test---------------------------
            var authorized = authorizationService.TestIsAuthorizedToConnect(user.Object);

            //------------Assert Results-------------------------
            Assert.IsTrue(authorized);
        }
        public void AuthorizationServiceBase_IsAuthorized_UserIsInResourceRoleAndResourceToBeVerifiedIsNull_False()
        {
            //------------Setup for test--------------------------
            var securityPermission = new WindowsGroupPermission { IsServer = false, ResourceName = "Category\\Test1", ResourceID = Guid.NewGuid() };

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            //------------Execute Test---------------------------
            var authorized = authorizationService.IsAuthorized(AuthorizationContext.Contribute, null);

            //------------Assert Results-------------------------
            Assert.IsFalse(authorized);
        }
        public void AuthorizationServiceBase_IsAuthorized_UserIsInTwoRolesAndOneRoleDeniesAccess_True()
        {
            //------------Setup for test--------------------------
            var resource = Guid.NewGuid();
            var allowPermission = new WindowsGroupPermission { WindowsGroup = "AllowGroup", IsServer = true };
            var denyPermission = new WindowsGroupPermission { WindowsGroup = "DenyGroup", IsServer = true };

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { allowPermission, denyPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            foreach(AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                allowPermission.Permissions = context.ToPermissions();
                denyPermission.Permissions = ~context.ToPermissions();

                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, resource.ToString());

                //------------Assert Results-------------------------
                Assert.AreEqual(context != AuthorizationContext.None, authorized);
            }
        }
        public void AuthorizationServiceBase_Remove_InvokesSecurityService()
        {
            //------------Setup for test--------------------------
            var resourceID = Guid.NewGuid();

            var securityService = new Mock<ISecurityService>();
            securityService.Setup(p => p.Remove(resourceID)).Verifiable();
            var authorizationService = new TestAuthorizationServiceBase(securityService.Object);

            //------------Execute Test---------------------------
            authorizationService.Remove(resourceID);

            //------------Assert Results-------------------------
            securityService.Verify(p => p.Remove(resourceID));
        }
        public void AuthorizationServiceBase_IsAuthorizedToConnect_HasPermissionGivenInDefaultGuest_True()
        {
            var securityPermission = WindowsGroupPermission.CreateGuests();
            securityPermission.View = true;
            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(false);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            //------------Execute Test---------------------------
            var authorized = authorizationService.TestIsAuthorizedToConnect(user.Object);

            //------------Assert Results-------------------------
            Assert.IsTrue(authorized);
        }
        public void AuthorizationServiceBase_IsAuthorizedToConnect_UserHasNoPermissions_False()
        {
            //------------Setup for test--------------------------
            var resource = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission { IsServer = false, ResourceID = resource, Permissions = Permissions.View };

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(false);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            //------------Execute Test---------------------------
            var authorized = authorizationService.TestIsAuthorizedToConnect(user.Object);

            //------------Assert Results-------------------------
            Assert.IsFalse(authorized);
        }
        public void AuthorizationServiceBase_IsAuthorized_HasDefaultGuestPermissions_WithGivenPermission_True()
        {
            //------------Setup for test--------------------------
            var resource = Guid.NewGuid();
            var securityPermission = WindowsGroupPermission.CreateGuests();

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(false);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            foreach(AuthorizationContext context in Enum.GetValues(typeof(AuthorizationContext)))
            {
                securityPermission.Permissions = context.ToPermissions();

                //------------Execute Test---------------------------
                var authorized = authorizationService.IsAuthorized(context, resource.ToString());

                //------------Assert Results-------------------------
                Assert.AreEqual(context != AuthorizationContext.None, authorized);
            }
        }
        public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServerWithNullIdentityName_WithOnlyBuiltInAdminGroup_UserIsNotAuthorized()
        {
            //------------Setup for test--------------------------
            var resource = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission { IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup };

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.IsInRole(It.IsAny<string>())).Returns(true);

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object) { User = user.Object };

            //------------Execute Test---------------------------
            var authorized = authorizationService.TestIsAuthorizedToConnect(user.Object);

            //------------Assert Results-------------------------
            Assert.IsFalse(authorized);
        }
        public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_AdministratorsMembersOfWarewolfGroup_WhenAdministratorsAreNotMembersOfTheGroup_ExpectFalse()
        {
            //------------Setup for test--------------------------

            // permissions setup
            var warewolfGroupOps = MoqInstallerActionFactory.CreateSecurityOperationsObject();

            // Delete warewolf if already a member...
            warewolfGroupOps.DeleteWarewolfGroup();
            warewolfGroupOps.AddWarewolfGroup();

            var result = warewolfGroupOps.IsAdminMemberOfWarewolf();

            Assert.IsFalse(result);

            // Setup rest of test ;)
            var resource = Guid.NewGuid();
            var securityPermission = new WindowsGroupPermission { IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup };

            var securityService = new Mock<ISecurityService>();
            securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });

            var user = new Mock<IPrincipal>();
            user.Setup(u => u.Identity.Name).Returns("TestUser");

            var authorizationService = new TestAuthorizationServiceBase(securityService.Object, true, true, true) { User = user.Object };

            //------------Execute Test---------------------------
            var isMember = authorizationService.AreAdministratorsMembersOfWarewolfAdministrators();

            //------------Assert Results-------------------------
            Assert.IsFalse(isMember);
        }