public async Task SaveAuditRecord_ReturnsUriForAuditFile()
{
using (var testDirectory = TestDirectory.Create())
{
var service = new FileSystemAuditingService(
auditingPath: testDirectory.FullPath,
getOnBehalfOf: GetOnBehalfOf);
var record = new PackageAuditRecord(
new Package()
{
Hash = "a",
PackageRegistration = new PackageRegistration()
{
Id = "b"
},
Version = "1.0.0"
},
AuditedPackageAction.Create);
await service.SaveAuditRecordAsync(record);
var files = Directory.GetFiles(testDirectory.FullPath, "*", SearchOption.AllDirectories);
var actualFilePath = files.Single();
var expectedFilePathPattern = new Regex(@"package\\b\\1.0.0\\[0-9a-f]{32}-create.audit.v1.json$");
Assert.True(expectedFilePathPattern.IsMatch(actualFilePath));
}
}
public void Constructor_SetsProperties()
{
var record = new PackageAuditRecord(
new Package()
{
Hash = "a",
PackageRegistration = new PackageRegistration()
{
Id = "b"
},
Version = "1.0.0"
},
AuditedPackageAction.Create,
reason: "c");
Assert.Equal("b", record.Id);
Assert.Equal("1.0.0", record.Version);
Assert.Equal("a", record.Hash);
Assert.NotNull(record.PackageRecord);
Assert.Equal("a", record.PackageRecord.Hash);
Assert.Equal("1.0.0", record.PackageRecord.Version);
Assert.NotNull(record.RegistrationRecord);
Assert.Equal("b", record.RegistrationRecord.Id);
Assert.Equal("c", record.Reason);
Assert.Equal(AuditedPackageAction.Create, record.Action);
}
public void GetPath_ReturnsNormalizedPackageIdAndVersion()
{
var record = new PackageAuditRecord(
new Package()
{
Hash = "a",
PackageRegistration = new PackageRegistration()
{
Id = "B"
},
Version = "1.0.0+c"
},
AuditedPackageAction.Create,
reason: "d");
var actualResult = record.GetPath();
Assert.Equal("b/1.0.0", actualResult);
}
public void CloudAuditServiceObfuscateAuditRecord()
{
// Arrange
CloudBlobContainer nullBlobContainer = null;
var service = new CloudAuditingService(nullBlobContainer, AuditActor.GetCurrentMachineActorAsync);
AuditActor onBehalfOf = new AuditActor("machineName", "3.3.3.3", "userName1", "NoAuthentication", "someKey", DateTime.Now, null);
AuditActor auditActor = new AuditActor("machineName", "2.2.2.2", "userName1", "NoAuthentication", "someKey", DateTime.Now, onBehalfOf);
Package p = new Package()
{
User = new User("userName"),
UserKey = 1,
PackageRegistration = new PackageRegistration()
{
Id = "regId"
}
};
PackageAuditRecord packageAuditRecord = new PackageAuditRecord(p, AuditedPackageAction.Create);
// Act
var auditEntry = service.RenderAuditEntry(new AuditEntry(packageAuditRecord, auditActor));
// Assert
var entry = (JObject)JsonConvert.DeserializeObject(auditEntry);
var record = entry["Record"];
var actor = entry["Actor"];
Assert.Equal("-1", record["PackageRecord"]["UserKey"].ToString());
Assert.Equal(string.Empty, record["PackageRecord"]["FlattenedAuthors"].ToString());
Assert.Equal("ObfuscatedUserName", actor["UserName"].ToString());
Assert.Equal("2.2.2.0", actor["MachineIP"].ToString());
Assert.Equal("ObfuscatedUserName", actor["OnBehalfOf"]["UserName"].ToString());
Assert.Equal("3.3.3.0", actor["OnBehalfOf"]["MachineIP"].ToString());
}
public async Task SaveAuditRecord_CreatesAuditFile()
{
using (var testDirectory = TestDirectory.Create())
{
var service = new FileSystemAuditingService(
auditingPath: testDirectory.FullPath,
getOnBehalfOf: GetOnBehalfOf);
var record = new PackageAuditRecord(
new Package()
{
Hash = "a",
PackageRegistration = new PackageRegistration()
{
Id = "b"
},
Version = "1.0.0"
},
AuditedPackageAction.Create);
await service.SaveAuditRecordAsync(record);
var files = Directory.GetFiles(testDirectory.FullPath, "*", SearchOption.AllDirectories);
var json = JObject.Parse(File.ReadAllText(files.Single()));
Assert.NotNull(json["Record"]);
Assert.NotNull(json["Record"]["Id"]);
Assert.Equal("b", json["Record"]["Id"].Value <string>());
Assert.NotNull(json["Record"]["Version"]);
Assert.Equal("1.0.0", json["Record"]["Version"].Value <string>());
Assert.NotNull(json["Record"]["Hash"]);
Assert.Equal("a", json["Record"]["Hash"].Value <string>());
Assert.NotNull(json["Record"]["PackageRecord"]);
Assert.NotNull(json["Record"]["PackageRecord"]["Hash"]);
Assert.Equal("a", json["Record"]["PackageRecord"]["Hash"].Value <string>());
Assert.NotNull(json["Record"]["PackageRecord"]["Version"]);
Assert.Equal("1.0.0", json["Record"]["PackageRecord"]["Version"].Value <string>());
Assert.NotNull(json["Record"]["RegistrationRecord"]);
Assert.NotNull(json["Record"]["RegistrationRecord"]["Id"]);
Assert.Equal("b", json["Record"]["RegistrationRecord"]["Id"].Value <string>());
Assert.NotNull(json["Record"]["Action"]);
Assert.Equal("Create", json["Record"]["Action"].Value <string>());
Assert.NotNull(json["Actor"]);
Assert.NotNull(json["Actor"]["MachineName"]);
Assert.Equal(Environment.MachineName, json["Actor"]["MachineName"].Value <string>());
Assert.NotNull(json["Actor"]["MachineIP"]);
Assert.True(IsValidMachineIpValue(json["Actor"]["MachineIP"].Value <string>()));
Assert.NotNull(json["Actor"]["UserName"]);
Assert.Equal($@"{Environment.UserDomainName}\{Environment.UserName}", json["Actor"]["UserName"].Value <string>());
Assert.NotNull(json["Actor"]["AuthenticationType"]);
Assert.Equal("MachineUser", json["Actor"]["AuthenticationType"].Value <string>());
Assert.NotNull(json["Actor"]["TimestampUtc"]);
Assert.InRange(DateTime.Parse(json["Actor"]["TimestampUtc"].Value <string>(), CultureInfo.InvariantCulture), DateTime.UtcNow.AddMinutes(-1), DateTime.UtcNow.AddMinutes(1));
Assert.NotNull(json["Actor"]["OnBehalfOf"]);
Assert.NotNull(json["Actor"]["OnBehalfOf"]["MachineName"]);
Assert.Equal("a", json["Actor"]["OnBehalfOf"]["MachineName"].Value <string>());
Assert.NotNull(json["Actor"]["OnBehalfOf"]["MachineIP"]);
Assert.Equal("b", json["Actor"]["OnBehalfOf"]["MachineIP"].Value <string>());
Assert.NotNull(json["Actor"]["OnBehalfOf"]["UserName"]);
Assert.Equal("c", json["Actor"]["OnBehalfOf"]["UserName"].Value <string>());
Assert.NotNull(json["Actor"]["OnBehalfOf"]["AuthenticationType"]);
Assert.Equal("d", json["Actor"]["OnBehalfOf"]["AuthenticationType"].Value <string>());
Assert.NotNull(json["Actor"]["OnBehalfOf"]["TimestampUtc"]);
Assert.Equal(DateTime.MinValue, DateTime.Parse(json["Actor"]["OnBehalfOf"]["TimestampUtc"].Value <string>(), CultureInfo.InvariantCulture));
Assert.Equal(JTokenType.Null, json["Actor"]["OnBehalfOf"]["OnBehalfOf"].Type);
}
}
public async Task SaveAuditRecordAsync_PackageAuditRecord()
{
var package = new Package()
{
Copyright = "a",
Created = DateTime.Now,
#pragma warning disable CS0612 // Type or member is obsolete
Deleted = true,
#pragma warning restore CS0612 // Type or member is obsolete
Description = "b",
DownloadCount = 1,
#pragma warning disable CS0612 // Type or member is obsolete
ExternalPackageUrl = "c",
#pragma warning restore CS0612 // Type or member is obsolete
FlattenedAuthors = "d",
FlattenedDependencies = "e",
Hash = "f",
HashAlgorithm = "g",
HideLicenseReport = true,
IconUrl = "h",
IsLatest = true,
IsLatestStable = true,
IsPrerelease = true,
Key = 2,
Language = "i",
LastEdited = DateTime.Now.AddMinutes(1),
LastUpdated = DateTime.Now.AddMinutes(2),
LicenseNames = "j",
LicenseReportUrl = "k",
LicenseUrl = "l",
Listed = true,
MinClientVersion = "m",
NormalizedVersion = "n",
PackageFileSize = 3,
PackageRegistration = new PackageRegistration()
{
Id = "o"
},
PackageRegistrationKey = 4,
PackageStatusKey = PackageStatus.Deleted,
ProjectUrl = "p",
Published = DateTime.Now.AddMinutes(3),
ReleaseNotes = "q",
RequiresLicenseAcceptance = true,
DevelopmentDependency = true,
Summary = "r",
Tags = "s",
Title = "t",
UserKey = 5,
Version = "u"
};
var auditRecord = new PackageAuditRecord(package, AuditedPackageAction.Create, reason: "v");
var service = new TestAuditingService(async(string auditData, string resourceType, string filePath, string action, DateTime timestamp) =>
{
Assert.Equal("Package", resourceType);
Assert.Equal("o/u", filePath);
Assert.Equal("create", action);
Assert.InRange(timestamp, DateTime.UtcNow.AddMinutes(-1), DateTime.UtcNow.AddMinutes(1));
var jObject = JObject.Parse(auditData);
var record = jObject["Record"];
Assert.Equal("o", record["Id"].Value <string>());
Assert.Equal("u", record["Version"].Value <string>());
Assert.Equal("f", record["Hash"].Value <string>());
var packageRecord = record["PackageRecord"];
Assert.Equal(4, packageRecord["PackageRegistrationKey"].Value <int>());
Assert.Equal("a", packageRecord["Copyright"].Value <string>());
Assert.Equal(package.Created.ToUniversalTime(), packageRecord["Created"].Value <DateTime>());
Assert.Equal("b", packageRecord["Description"].Value <string>());
Assert.Equal("q", packageRecord["ReleaseNotes"].Value <string>());
Assert.Equal(1, packageRecord["DownloadCount"].Value <int>());
Assert.Equal(JTokenType.Null, packageRecord["ExternalPackageUrl"].Type);
Assert.Equal("g", packageRecord["HashAlgorithm"].Value <string>());
Assert.Equal("f", packageRecord["Hash"].Value <string>());
Assert.Equal("h", packageRecord["IconUrl"].Value <string>());
Assert.True(packageRecord["IsLatest"].Value <bool>());
Assert.True(packageRecord["IsLatestStable"].Value <bool>());
Assert.Equal(package.LastUpdated.ToUniversalTime(), packageRecord["LastUpdated"].Value <DateTime>());
Assert.Equal(package.LastEdited.Value.ToUniversalTime(), packageRecord["LastEdited"].Value <DateTime>());
Assert.Equal("l", packageRecord["LicenseUrl"].Value <string>());
Assert.True(packageRecord["HideLicenseReport"].Value <bool>());
Assert.Equal("i", packageRecord["Language"].Value <string>());
Assert.Equal(package.Published.ToUniversalTime(), packageRecord["Published"].Value <DateTime>());
Assert.Equal(3, packageRecord["PackageFileSize"].Value <int>());
Assert.Equal("p", packageRecord["ProjectUrl"].Value <string>());
Assert.True(packageRecord["RequiresLicenseAcceptance"].Value <bool>());
Assert.True(packageRecord["DevelopmentDependency"].Value <bool>());
Assert.Equal("r", packageRecord["Summary"].Value <string>());
Assert.Equal("s", packageRecord["Tags"].Value <string>());
Assert.Equal("t", packageRecord["Title"].Value <string>());
Assert.Equal("u", packageRecord["Version"].Value <string>());
Assert.Equal("n", packageRecord["NormalizedVersion"].Value <string>());
Assert.Equal("j", packageRecord["LicenseNames"].Value <string>());
Assert.Equal("k", packageRecord["LicenseReportUrl"].Value <string>());
Assert.True(packageRecord["Listed"].Value <bool>());
Assert.True(packageRecord["IsPrerelease"].Value <bool>());
Assert.Equal("d", packageRecord["FlattenedAuthors"].Value <string>());
Assert.Equal("e", packageRecord["FlattenedDependencies"].Value <string>());
Assert.Equal(2, packageRecord["Key"].Value <int>());
Assert.Equal("m", packageRecord["MinClientVersion"].Value <string>());
Assert.Equal(5, packageRecord["UserKey"].Value <int>());
Assert.True(packageRecord["Deleted"].Value <bool>());
Assert.Equal(1, packageRecord["PackageStatusKey"].Value <int>());
var registrationRecord = record["RegistrationRecord"];
Assert.Equal("o", registrationRecord["Id"].Value <string>());
Assert.Equal(0, registrationRecord["DownloadCount"].Value <int>());
Assert.Equal(0, registrationRecord["Key"].Value <int>());
Assert.Equal("v", record["Reason"].Value <string>());
Assert.Equal("Create", record["Action"].Value <string>());
await VerifyActor(jObject);
return(null);
});
await service.SaveAuditRecordAsync(auditRecord);
}
