public void DeniedPermissionOnRoleOnlyTest()
{
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
OrganizationTypeObject department = new OrganizationTypeObject { Name = "department", Domain = "Department", Description = "department-desc" };
organizationApi.Save(department);
createdOrganizationTypeIds.Add(department.OrganizationTypeId);
RoleObject powerAdministrators = new RoleObject { RoleName = "powerAdministrators", Description = "powerAdministrators-desc", Domain = "Department", Predefined = true };
roleApi.Save(powerAdministrators);
createdRoleIds.Add(powerAdministrators.RoleId);
permissionApi.SetRolePermissions(powerAdministrators.RoleId, new string[] { "p1", "p1.Create", "p1.Update", "p2", "p1.Create.Denied" });
var collection = permissionApi.FindRolePermissions(powerAdministrators.RoleId);
Assert.AreEqual(4, collection.Count());
Assert.IsFalse(collection.Contains(new PermissionObject("p1.Create")), "The role should not have the permission p1.Create");
permissionApi.SetRolePermissions(powerAdministrators.RoleId, new string[] { "p1", "p1.Create", "p1.Update", "p2", "p1.Denied" });
collection = permissionApi.FindRolePermissions(powerAdministrators.RoleId);
Assert.AreEqual(2, collection.Count());
bool hasP1Denied = collection.Contains(new PermissionObject("p1.Denied"));
bool hasP2 = collection.Contains(new PermissionObject("p2"));
Assert.IsTrue(hasP1Denied && hasP2, "The role should only have the permission p1.Denied and p2.");
}
public void BasicCRUDTest()
{
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
OrganizationTypeObject department = new OrganizationTypeObject { Name = "department", Domain = "Department", Description = "department-desc" };
organizationApi.Save(department);
createdOrganizationTypeIds.Add(department.OrganizationTypeId);
OrganizationTypeObject customer = new OrganizationTypeObject { Name = "customer", Domain = "Customer", Description = "customer-desc" };
organizationApi.Save(customer);
createdOrganizationTypeIds.Add(customer.OrganizationTypeId);
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
RoleObject powerAdministrators = new RoleObject { RoleName = "powerAdministrators", Description = "powerAdministrators-desc", Domain = "Department", Predefined = true };
RoleObject business = new RoleObject { RoleName = "business", Description = "business-desc", Domain = "Department" };
RoleObject customers = new RoleObject { RoleName = "customers", Description = "customers-desc", Domain = "Customer" };
roleApi.Save(powerAdministrators);
roleApi.Save(business);
roleApi.Save(customers);
createdRoleIds.AddRange(new Guid[] { powerAdministrators.RoleId, business.RoleId, customers.RoleId });
powerAdministrators = roleApi.Get(powerAdministrators.RoleId);
Assert.AreEqual("powerAdministrators", powerAdministrators.RoleName);
Assert.AreEqual("powerAdministrators-desc", powerAdministrators.Description);
Assert.IsTrue(powerAdministrators.Predefined);
Assert.AreEqual("Department", powerAdministrators.Domain);
business = roleApi.Get(business.RoleId);
Assert.AreEqual("business", business.RoleName);
Assert.AreEqual("business-desc", business.Description);
Assert.IsFalse(business.Predefined);
Assert.AreEqual("Department", business.Domain);
powerAdministrators.RoleName = "admins";
powerAdministrators.Description = "admins-desc";
roleApi.Save(powerAdministrators);
powerAdministrators = roleApi.Get(powerAdministrators.RoleId);
Assert.AreEqual("admins", powerAdministrators.RoleName);
Assert.AreEqual("admins-desc", powerAdministrators.Description);
Assert.IsTrue(powerAdministrators.Predefined);
Assert.AreEqual(3, roleApi.FindByDomain("Department").Count());
Assert.AreEqual(1, roleApi.FindByDomain("Customer").Count());
roleApi.HardDelete(business.RoleId);
business = roleApi.Get(business.RoleId);
Assert.IsNull(business);
Assert.AreEqual(2, roleApi.FindByDomain("Department").Count());
}
public void TestUpdate()
{
RoleDetailPanel page = new RoleDetailPanel();
DetailPanelPageProxy proxy = new DetailPanelPageProxy(page);
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
IMembershipApi membershipApi = SpringContext.Current.GetObject<IMembershipApi>();
IPermissionApi permissionApi = SpringContext.Current.GetObject<IPermissionApi>();
using (var httpEnv = new HttpEnvironment())
{
httpEnv.SetRequestUrl(@"/RoleDetailPanel/DynamicPage.svc?Domain=Department");
UserObject current = membershipApi.Get("admin");
httpEnv.SetSessionParaemeter("CurrentUser", current);
#region Create Data
Guid guid = Guid.NewGuid();
string surfix = guid.ToString().Substring(0, 5);
OrganizationTypeObject obj = new OrganizationTypeObject()
{
Name = "OrganizationTypeTest" + surfix,
Description = "OrganizationTypeTest" + surfix,
Predefined = false,
Domain = "Department",
DeleteStatus = DeleteStatus.NotDeleted
};
organizationApi.Save(obj);
OrganizationTypeObjectIds.Add(obj.OrganizationTypeId);
RoleObject roleObj = new RoleObject()
{
Domain = "Department",
RoleName = "superRole" + surfix,
Predefined = false
};
roleApi.Save(roleObj);
RoleIds.Add(roleObj.RoleId);
#endregion
#region Bind Web Control
TextBox TextBoxName = new TextBox();
TextBoxName.Text = "SuperRole" + surfix;
proxy.Set("TextBoxName", TextBoxName);
TextBox TextBoxDescription = new TextBox();
TextBoxDescription.Text = "SuperRoleUpdate" + surfix;
proxy.Set("TextBoxDescription", TextBoxDescription);
PermissionTreeView permissionTreeView = new PermissionTreeView();
proxy.Set("PermissionTreeView", permissionTreeView);
Type _type = typeof(PermissionTreeView);
_type.GetMethod("OnInit", BindingFlags.NonPublic | BindingFlags.Instance).Invoke(permissionTreeView, new object[] { new EventArgs() });
IList<string> values = new List<string>();
IList<PermissionConfig> permissions = permissionApi.FindPermissionConfig(current.UserId).ToList<PermissionConfig>();
for (int i = 0; i < permissions.Count; i++)
{
if ((permissions[i].Value == null) || (permissions[i].Value.Equals(String.Empty)))
values.Add("P" + i);
else
values.Add(permissions[i].Value);
}
permissionTreeView.CheckedValues = values;
#endregion
proxy.Update(roleObj.RoleId.ToString());
Assert.AreEqual(roleApi.Get(roleObj.RoleId).Description, "SuperRoleUpdate" + surfix);
}
}
public void UserPositivePermissionOverrideRoleDeniedPermissionTest()
{
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
IMembershipApi membershipApi = SpringContext.Current.GetObject<IMembershipApi>();
// create organization type
OrganizationTypeObject department = new OrganizationTypeObject { Name = "department", Domain = "Department", Description = "department-desc" };
organizationApi.Save(department);
createdOrganizationTypeIds.Add(department.OrganizationTypeId);
// create role
RoleObject powerAdministrators = new RoleObject { RoleName = "powerAdministrators", Description = "powerAdministrators-desc", Domain = "Department", Predefined = true };
roleApi.Save(powerAdministrators);
createdRoleIds.Add(powerAdministrators.RoleId);
// set permissions on the role
permissionApi.SetRolePermissions(powerAdministrators.RoleId, new string[] { "p1", "p1.Create", "p1.Update", "p1.Create.Denied", "p2" });
// create user
Guid eungeId = this.CreateUser(membershipApi);
// set permission on the user
SetUserPermissions(eungeId, new string[] { "p1.Create" });
// set the users as adminstrators
roleApi.SetUserToRoles(eungeId, new Guid[] { powerAdministrators.RoleId });
Assert.IsTrue(permissionApi.HasPermission(eungeId, "p1"));
Assert.IsTrue(permissionApi.HasPermission(eungeId, "p1.Create"));
Assert.IsTrue(permissionApi.HasPermission(eungeId, "p1.Update"));
Assert.IsTrue(permissionApi.HasPermission(eungeId, "p2"));
// set the users without any roles
roleApi.SetUserToRoles(eungeId, new Guid[] { });
Assert.IsTrue(permissionApi.HasPermission(eungeId, "p1.Create"));
}
public void PermissionOnRoleOnlyTest()
{
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
OrganizationTypeObject department = new OrganizationTypeObject { Name = "department", Domain = "Department", Description = "department-desc" };
organizationApi.Save(department);
createdOrganizationTypeIds.Add(department.OrganizationTypeId);
RoleObject powerAdministrators = new RoleObject { RoleName = "powerAdministrators", Description = "powerAdministrators-desc", Domain = "Department", Predefined = true };
roleApi.Save(powerAdministrators);
createdRoleIds.Add(powerAdministrators.RoleId);
permissionApi.SetRolePermissions(powerAdministrators.RoleId, new string[] { "p1", "p2", "p3" });
var collection = permissionApi.FindRolePermissions(powerAdministrators.RoleId);
Assert.AreEqual(3, collection.Count());
permissionApi.SetRolePermissions(powerAdministrators.RoleId, new string[] { "p1", "p2", "p3", "p4", "p5" });
collection = permissionApi.FindRolePermissions(powerAdministrators.RoleId);
Assert.AreEqual(5, collection.Count());
}
public void ImplicitPermissionTest()
{
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
IMembershipApi membershipApi = SpringContext.Current.GetObject<IMembershipApi>();
// create organization type
OrganizationTypeObject department = new OrganizationTypeObject { Name = "department", Domain = "Department", Description = "department-desc" };
organizationApi.Save(department);
createdOrganizationTypeIds.Add(department.OrganizationTypeId);
// create role
RoleObject powerAdministrators = new RoleObject { RoleName = "powerAdministrators", Description = "powerAdministrators-desc", Domain = "Department", Predefined = true };
roleApi.Save(powerAdministrators);
createdRoleIds.Add(powerAdministrators.RoleId);
// set permissions on the role
permissionApi.SetRolePermissions(powerAdministrators.RoleId, new string[] { "PermissionWithImplicitPermissions" });
IEnumerable<PermissionObject> rolePermissions = permissionApi.FindRolePermissions(powerAdministrators.RoleId);
Assert.AreEqual(3, rolePermissions.Count());
Assert.IsTrue(rolePermissions.Contains(new PermissionObject("PermissionWithImplicitPermissions")));
Assert.IsTrue(rolePermissions.Contains(new PermissionObject("ImplicitPermission1")));
Assert.IsTrue(rolePermissions.Contains(new PermissionObject("ImplicitPermission2")));
// create user
Guid eungeId = this.CreateUser(membershipApi);
// set permission on the user
SetUserPermissions(eungeId, new string[] { "PX" });
// set the users as adminstrators
roleApi.SetUserToRoles(eungeId, new Guid[] { powerAdministrators.RoleId });
// asserts
Assert.IsTrue(permissionApi.HasPermission(eungeId, "PX"));
Assert.IsTrue(permissionApi.HasPermission(eungeId, "PermissionWithImplicitPermissions"));
Assert.IsTrue(permissionApi.HasPermission(eungeId, "ImplicitPermission1"));
Assert.IsTrue(permissionApi.HasPermission(eungeId, "ImplicitPermission2"));
}
public void TestQuery()
{
RoleManagement page = new RoleManagement();
DynamicPageProxy proxy = new DynamicPageProxy(page);
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
IMembershipApi membershipApi = SpringContext.Current.GetObject<IMembershipApi>();
IPermissionApi permissionApi = SpringContext.Current.GetObject<IPermissionApi>();
using (var httpEnv = new HttpEnvironment())
{
httpEnv.SetRequestUrl(@"/RoleManagement/DynamicPage.svc?Domain=Department");
#region Create Data
Guid guid = Guid.NewGuid();
string surfix = guid.ToString().Substring(0, 5);
OrganizationTypeObject obj = new OrganizationTypeObject()
{
Name = "OrganizationTypeTest" + surfix,
Description = "OrganizationTypeTest" + surfix,
Predefined = false,
Domain = "Department",
DeleteStatus = DeleteStatus.NotDeleted
};
organizationApi.Save(obj);
OrganizationTypeObjectIds.Add(obj.OrganizationTypeId);
RoleObject roleObj = new RoleObject()
{
Domain = "Department",
RoleName = "superRole" + surfix,
Predefined = false
};
roleApi.Save(roleObj);
RoleIds.Add(roleObj.RoleId);
#endregion
#region bind query varibles
QueryParameterExpression expression = new QueryParameterExpression("RoleName", QueryFieldOperators.Equal, "superRole" + surfix);
SortExpression sort = new SortExpression("RoleName");
QueryParameter parameters = new QueryParameter()
{
//Expressions = express,
PageIndex = 0,
PageSize = 10,
SortExpression = sort
};
parameters.Expressions.Add(expression);
QueryResults results = proxy.Query(parameters);
foreach (var result in results.Results)
{
Assert.AreEqual(DataBinder.Eval(result, "RoleName"), "superRole" + surfix);
}
#endregion
}
}
public void UsersAndRolesTest()
{
IPlatformConfiguration platformConfiguration = SpringContext.Current.GetObject<IPlatformConfiguration>();
IMembershipApi membershipApi = SpringContext.Current.GetObject<IMembershipApi>();
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
UserObject eunge = new UserObject
{
OrganizationId = platformConfiguration.Organization.OrganizationId,
UserName = "******",
DisplayName = "Eunge",
Email = "*****@*****.**",
Comment = "The author of RapidWebDev.",
IsApproved = true
};
membershipApi.Save(eunge, "password1", null);
createdUserIds.Add(eunge.UserId);
OrganizationTypeObject department = new OrganizationTypeObject { Name = "department", Domain = "Department", Description = "department-desc" };
organizationApi.Save(department);
createdOrganizationTypeIds.Add(department.OrganizationTypeId);
RoleObject powerAdministrators = new RoleObject { RoleName = "powerAdministrators", Description = "powerAdministrators-desc", Domain = "Department" };
RoleObject business = new RoleObject { RoleName = "business", Description = "business-desc", Domain = "Department" };
roleApi.Save(powerAdministrators);
roleApi.Save(business);
createdRoleIds.AddRange(new Guid[] { powerAdministrators.RoleId, business.RoleId });
roleApi.SetUserToRoles(eunge.UserId, new Guid[] { powerAdministrators.RoleId });
Assert.AreEqual(1, roleApi.FindByUserId(eunge.UserId).Count());
Assert.IsTrue(roleApi.IsUserInRole(eunge.UserId, powerAdministrators.RoleId));
Assert.IsTrue(roleApi.IsUserInRole(eunge.UserId, "powerAdministrators"));
roleApi.SetUserToRoles(eunge.UserId, new Guid[] { powerAdministrators.RoleId, business.RoleId });
Assert.AreEqual(2, roleApi.FindByUserId(eunge.UserId).Count());
Assert.IsTrue(roleApi.IsUserInRole(eunge.UserId, powerAdministrators.RoleId));
Assert.IsTrue(roleApi.IsUserInRole(eunge.UserId, "powerAdministrators"));
Assert.IsTrue(roleApi.IsUserInRole(eunge.UserId, business.RoleId));
Assert.IsTrue(roleApi.IsUserInRole(eunge.UserId, "business"));
}
public void UpdateRoleWithDuplicateNameTest()
{
IOrganizationApi organizationApi = SpringContext.Current.GetObject<IOrganizationApi>();
OrganizationTypeObject department = new OrganizationTypeObject { Name = "department", Domain = "Department", Description = "department-desc" };
organizationApi.Save(department);
createdOrganizationTypeIds.Add(department.OrganizationTypeId);
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
RoleObject administrators = new RoleObject { RoleName = "administrators", Description = "administrators-desc", Domain = "Department" };
RoleObject business = new RoleObject { RoleName = "business", Description = "business-desc", Domain = "Department" };
roleApi.Save(administrators);
roleApi.Save(business);
createdRoleIds.AddRange(new Guid[] { administrators.RoleId, business.RoleId });
business.RoleName = "administrators";
roleApi.Save(business);
}
public void FindRolesTest()
{
IRoleApi roleApi = SpringContext.Current.GetObject<IRoleApi>();
RoleObject powerAdministrators = new RoleObject { RoleName = "powerAdministrators", Description = "powerAdministrators-desc", Domain = "Department", Predefined = true };
RoleObject business = new RoleObject { RoleName = "business", Description = "business-desc", Domain = "Department", Predefined = true };
RoleObject customers = new RoleObject { RoleName = "customers", Description = "customers-desc", Domain = "Customer"};
roleApi.Save(powerAdministrators);
roleApi.Save(business);
roleApi.Save(customers);
createdRoleIds.AddRange(new Guid[] { powerAdministrators.RoleId, business.RoleId, customers.RoleId });
LinqPredicate linqPredicate = new LinqPredicate("Predefined=@0 And RoleName=@1", true, "business");
int recordCount;
IEnumerable<RoleObject> roles = roleApi.FindRoles(linqPredicate, null, 0, 10, out recordCount);
Assert.AreEqual(1, recordCount);
Assert.AreEqual("business", roles.First().RoleName);
Assert.AreEqual("business-desc", roles.First().Description);
}
