public void CreateAclExpansionEntryTest()
{
var userRoleAclAce = new UserRoleAclAceCombination(Role, Ace);
var allowedAccessTypes = new[] { WriteAccessType, DeleteAccessType };
var deniedAccessTypes = new[] { ReadAccessType };
AccessInformation accessInformation = new AccessInformation(allowedAccessTypes, deniedAccessTypes);
var mocks = new MockRepository();
var aclExpansionEntryCreatorMock = mocks.PartialMock <AclExpansionEntryCreator> ();
var aclProbe = AclProbe.CreateAclProbe(User, Role, Ace);
var accessTypeStatisticsMock = mocks.StrictMock <AccessTypeStatistics>();
accessTypeStatisticsMock.Expect(x => x.IsInAccessTypesContributingAces(userRoleAclAce.Ace)).Return(true);
aclExpansionEntryCreatorMock.Expect(x => x.GetAccessTypes(userRoleAclAce)).
Return(new AclExpansionEntryCreator_GetAccessTypesResult(accessInformation, aclProbe, accessTypeStatisticsMock));
aclExpansionEntryCreatorMock.Replay();
accessTypeStatisticsMock.Replay();
var aclExpansionEntry = aclExpansionEntryCreatorMock.CreateAclExpansionEntry(userRoleAclAce);
aclExpansionEntryCreatorMock.VerifyAllExpectations();
accessTypeStatisticsMock.VerifyAllExpectations();
Assert.That(aclExpansionEntry.User, Is.EqualTo(userRoleAclAce.User));
Assert.That(aclExpansionEntry.Role, Is.EqualTo(userRoleAclAce.Role));
Assert.That(aclExpansionEntry.AccessControlList, Is.EqualTo(userRoleAclAce.Acl));
Assert.That(aclExpansionEntry.AccessConditions, Is.EqualTo(aclProbe.AccessConditions));
Assert.That(aclExpansionEntry.AllowedAccessTypes, Is.EqualTo(allowedAccessTypes));
Assert.That(aclExpansionEntry.DeniedAccessTypes, Is.EqualTo(deniedAccessTypes));
}
public void GetAccessTypes_WithMultipleMatchingAces()
{
AbstractRoleDefinition role1 = AbstractRoleDefinition.NewObject(Guid.NewGuid(), "QualityManager", 0);
AccessControlEntry ace1 = AccessControlEntry.NewObject();
ace1.SpecificAbstractRole = role1;
AccessTypeDefinition readAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Read", 0);
AccessTypeDefinition copyAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Copy", 1);
AccessTypeDefinition indexAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Index", 2);
AccessTypeDefinition moveAccessType = _testHelper.CreateAccessTypeForAce(ace1, false, Guid.NewGuid(), "Move", 3);
AccessTypeDefinition appendAccessType = _testHelper.CreateAccessTypeForAce(ace1, false, Guid.NewGuid(), "Append", 4);
AccessTypeDefinition renameAccessType = _testHelper.CreateAccessTypeForAce(ace1, false, Guid.NewGuid(), "Rename", 5);
AccessTypeDefinition writeAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Write", 6);
AccessTypeDefinition deleteAccessType = _testHelper.CreateAccessTypeForAce(ace1, true, Guid.NewGuid(), "Delete", 7);
AccessTypeDefinition findAccessType = _testHelper.CreateAccessTypeForAce(ace1, null, Guid.NewGuid(), "Find", 8);
AbstractRoleDefinition role2 = AbstractRoleDefinition.NewObject(Guid.NewGuid(), "SoftwareDeveloper", 1);
AccessControlEntry ace2 = AccessControlEntry.NewObject();
ace2.SpecificAbstractRole = role2;
_testHelper.AttachAccessType(ace2, readAccessType, true);
_testHelper.AttachAccessType(ace2, copyAccessType, false);
_testHelper.AttachAccessType(ace2, indexAccessType, null);
_testHelper.AttachAccessType(ace2, moveAccessType, true);
_testHelper.AttachAccessType(ace2, appendAccessType, false);
_testHelper.AttachAccessType(ace2, renameAccessType, null);
_testHelper.AttachAccessType(ace2, writeAccessType, true);
_testHelper.AttachAccessType(ace2, deleteAccessType, false);
_testHelper.AttachAccessType(ace2, findAccessType, null);
AccessControlList acl = _testHelper.CreateStatefulAcl(ace1, ace2);
SecurityToken token = _testHelper.CreateTokenWithAbstractRole(role1, role2);
AccessInformation accessInformation = acl.GetAccessTypes(token);
//read y y y
//copy y n n
//index y - y
//move n y n
//append n n n
//rename n - n
//write - y y
//delete - n n
//find - - -
Assert.That(
accessInformation.AllowedAccessTypes,
Is.EquivalentTo(new[] { readAccessType, indexAccessType, writeAccessType }));
Assert.That(
accessInformation.DeniedAccessTypes,
Is.EquivalentTo(new[] { copyAccessType, moveAccessType, appendAccessType, renameAccessType, deleteAccessType }));
}
public void GetAccessTypes_WithoutMatchingAce()
{
AccessControlEntry ace = _testHelper.CreateAceWithAbstractRole();
_testHelper.CreateReadAccessTypeAndAttachToAce(ace, true);
_testHelper.CreateWriteAccessTypeAndAttachToAce(ace, null);
_testHelper.CreateDeleteAccessTypeAndAttachToAce(ace, false);
AccessControlList acl = _testHelper.CreateStatefulAcl(ace);
SecurityToken token = _testHelper.CreateTokenWithoutUser();
AccessInformation accessInformation = acl.GetAccessTypes(token);
Assert.That(accessInformation.AllowedAccessTypes, Is.Empty);
Assert.That(accessInformation.DeniedAccessTypes, Is.Empty);
}
public void AccessControlList_GetAccessTypes2()
{
var user = User3;
var acl = TestHelper.CreateStatefulAcl(Ace3);
Assert.That(Ace3.Validate().IsValid);
Principal principal = PrincipalTestHelper.Create(user.Tenant, user, user.Roles);
SecurityToken securityToken = SecurityToken.Create(
principal,
user.Tenant,
null,
null,
Enumerable.Empty <IDomainObjectHandle <AbstractRoleDefinition> >());
AccessInformation accessInformation = acl.GetAccessTypes(securityToken);
Assert.That(accessInformation.AllowedAccessTypes, Is.EquivalentTo(new[] { ReadAccessType, WriteAccessType }));
}
public void GetAccessTypes_WithMatchingAce()
{
AccessControlEntry ace = AccessControlEntry.NewObject();
AccessTypeDefinition readAccessType = _testHelper.CreateReadAccessTypeAndAttachToAce(ace, true);
_testHelper.CreateWriteAccessTypeAndAttachToAce(ace, null);
AccessTypeDefinition deleteAccessType = _testHelper.CreateDeleteAccessTypeAndAttachToAce(ace, false);
AccessTypeDefinition copyAccessType = _testHelper.CreateAccessTypeForAce(ace, true, Guid.NewGuid(), "Copy", 3);
AccessTypeDefinition moveAccessType = _testHelper.CreateAccessTypeForAce(ace, false, Guid.NewGuid(), "Move", 4);
AccessControlList acl = _testHelper.CreateStatefulAcl(ace);
SecurityToken token = _testHelper.CreateTokenWithoutUser();
AccessInformation accessInformation = acl.GetAccessTypes(token);
Assert.That(accessInformation.AllowedAccessTypes, Is.EquivalentTo(new[] { readAccessType, copyAccessType }));
Assert.That(accessInformation.DeniedAccessTypes, Is.EquivalentTo(new[] { deleteAccessType, moveAccessType }));
}
public void AccessControlList_GetAccessTypes_AceWithPosition_GroupSelectionAll()
{
var ace = TestHelper.CreateAceWithPositionAndGroupCondition(Position, GroupCondition.None);
AttachAccessTypeReadWriteDelete(ace, true, null, true);
Assert.That(ace.Validate().IsValid);
var acl = TestHelper.CreateStatefulAcl(ace);
Principal principal = PrincipalTestHelper.Create(User.Tenant, User, User.Roles);
SecurityToken securityToken = SecurityToken.Create(
principal,
User.Tenant,
null,
null,
Enumerable.Empty <IDomainObjectHandle <AbstractRoleDefinition> >());
AccessInformation accessInformation = acl.GetAccessTypes(securityToken);
Assert.That(accessInformation.AllowedAccessTypes, Is.EquivalentTo(new[] { ReadAccessType, DeleteAccessType }));
}
/// <summary>
/// Here we are selecting data from several tables and making a new table
/// which is then used to export to Excel.
/// </summary>
/// <returns></returns>
private bool MakeTempTableAccess()
{
bool success = false;
AccessInformation info = new AccessInformation();
info.TryDropTable(msAccessFileName, TempTableName);
string MakeTableQuery =
"SELECT Titles.Title, " +
"Publishers.Name, Authors.Author, " +
"Titles.[Year Published], Titles.ISBN, " +
"Titles.Subject INTO TempSample1 " +
"FROM Publishers INNER JOIN (Authors INNER JOIN (Titles " +
"INNER JOIN TitleAuthor ON Titles.ISBN = TitleAuthor.ISBN) " +
"ON Authors.Au_ID = TitleAuthor.Au_ID) ON Publishers.PubID = Titles.PubID " +
"WHERE (((Publishers.Name) In ('ARTECH','CAMBRIDGE UNIV','WROX','DELMAR','IDG')) " +
"AND ((Titles.[Year Published])>=1995)) ORDER BY Publishers.Name;";
using (OleDbConnection cn = new OleDbConnection {
ConnectionString = msAccessFileName.BuildConnectionString()
})
{
using (OleDbCommand cmd = new OleDbCommand {
Connection = cn, CommandText = MakeTableQuery
})
{
cn.Open();
try
{
success = cmd.ExecuteNonQuery() > 0;
}
catch (Exception ex)
{
HasErrors = true;
ExeptionMessage = ex.Message;
}
}
}
return(success);
}
public virtual AclExpansionEntryCreator_GetAccessTypesResult GetAccessTypes(UserRoleAclAceCombination userRoleAclAce)
{
if (ClientTransaction.Current == null)
{
throw new InvalidOperationException("No ClientTransaction has been associated with the current thread.");
}
var aclProbe = AclProbe.CreateAclProbe(userRoleAclAce.User, userRoleAclAce.Role, userRoleAclAce.Ace);
// Note: The aclProbe created above will NOT always match the ACE it was designed to probe; the reason for this
// is that its SecurityToken created by the AclProbe is only designed to match the non-decideable access conditions
// (e.g. abstract role, owning tenant, owning group, etc) of the ACE. If this were not the case, then the AclProbe would need
// to reproduce code from the SecurityManager, to be able to decide beforehand, whether decideable access condtions
// (e.g. specific tenant, specific user) will match or not.
//
// The "non-decideable" here refers to the information context of the AclExpander, which is lacking some information
// available during normal SecurityManager access rights querying.
// For decideable access conditons (e.g. specific tenant or specific group), the created SecurityToken
// is not guaranteed to match, therefore the AccessTypeStatistics returned by Acl.GetAccessTypes are used to filter out these cases.
//
// One could also try to remove these entries by removing all AclExpansionEntry|s which are identical to another AclExpansionEntry,
// apart from having more restrictive AccessConditions; note however that such "double" entries can also come from ACEs which are
// being shadowed by a 2nd, less restrictive ACE.
//
// Note also that it does not suffice to get the access types for the current ACE only, since these rights might be denied
// by another matching ACE in the current ACL (deny rights always win).
var accessTypeStatistics = new AccessTypeStatistics();
var roles = aclProbe.SecurityToken.Principal.Roles;
Assertion.IsTrue(roles.Count == 1);
Assertion.IsTrue(object.ReferenceEquals(roles[0].Position.GetObjectReference(), userRoleAclAce.Role.Position));
Assertion.IsTrue(object.ReferenceEquals(roles[0].Group.GetObjectReference(), userRoleAclAce.Role.Group));
AccessInformation accessInformation = userRoleAclAce.Acl.GetAccessTypes(aclProbe.SecurityToken, accessTypeStatistics);
return(new AclExpansionEntryCreator_GetAccessTypesResult(accessInformation, aclProbe, accessTypeStatistics));
}
static void Main(string[] args)
{
using (AccessInformation accessInformation = new AccessInformation())
{
string url = "http://prd.int.web.pharmerica.net/extranet";
string username = "******";
string password = "******";
List <RxInformation> listRxInformation = new List <RxInformation>();
RxInformation rxInformation = new RxInformation();
rxInformation = new RxInformation();
rxInformation.RxNumber = "5116039.05";
rxInformation.PharmacyCode = "0001";
listRxInformation.Add(rxInformation);
//rxInformation = new RxInformation();
//rxInformation.RxNumber = "7767348.06";
//rxInformation.PharmacyCode = "7109";
//listRxInformation.Add(rxInformation);
//rxInformation = new RxInformation();
//rxInformation.RxNumber = "7758893.05";
//rxInformation.PharmacyCode = "7109";
//listRxInformation.Add(rxInformation);
string remainingQty = string.Empty;
bool qtyFlag = true;
accessInformation.OpenUrl(url, SeleniumConstants.BrowserType.Chrome);
//entering username
accessInformation.SetText("PageBody_txtLogin", username, FindElement.ById);
//entering password
accessInformation.SetText("PageBody_txtPassword", password, FindElement.ById);
//clicking the login button
accessInformation.Click("PageBody_btnLogin", FindElement.ById);
foreach (RxInformation _rxInformation in listRxInformation)
{
//clicking the VMRX home link
accessInformation.Click("HomeLink", FindElement.ById);
//Clicking the VMRX administrator link
accessInformation.Click("ViewMasteRxAdministrationLINK", FindElement.ById);
//clicking the user search link
accessInformation.Click("UserSearchLINK", FindElement.ById);
//Setting the user name
accessInformation.SetText("PageBody_txtSearch", username, FindElement.ById);
//clicking the search button
accessInformation.Click("PageBody_btnSearch", FindElement.ById);
//editing the user
accessInformation.Click("PageBody_UserSearchGrid1_grdUsers_cmdEdit_0", FindElement.ById);
//selecting the pharmacy
accessInformation.Select("PageBody_CPF_PharmacyList", _rxInformation.PharmacyCode, FindElement.ById, SelectBy.Value);
//selecting the facility
accessInformation.Select("PageBody_CPF_FacilityList", "1", FindElement.ById, SelectBy.Index);
//click save button
accessInformation.Click("PageBody_cmdSave", FindElement.ById);
//clicking the VMRX home link
accessInformation.Click("HomeLink", FindElement.ById);
//clicking the return link
accessInformation.Click("PharmacyReturnsServicesLINK", FindElement.ById);
//clicking the pharamcy return link
accessInformation.Click("PharmacyReturnsServicesLINK", FindElement.ById);
qtyFlag = true;
for (int qtyCounter = 0; qtyCounter < 2; qtyCounter++)
{
//entering the Rx information
accessInformation.SetText("PageBody_CaptureRx1_txtScannedRx", _rxInformation.RxNumber, FindElement.ById);
//click the search button
accessInformation.Click("PageBody_CaptureRx1_btnSearchRx", FindElement.ById);
//getting the remaining dispence quantity
remainingQty = accessInformation.GetText("PageBody_CaptureRx1_lblRemainingQuantity", FindElement.ById);
//entering the return quantity
if (qtyFlag)
{
accessInformation.SetText("PageBody_CaptureRx1_txtReturnQuantity", (Convert.ToInt32(Convert.ToDecimal((remainingQty))) - 1).ToString(), FindElement.ById);
}
else
{
accessInformation.SetText("PageBody_CaptureRx1_txtReturnQuantity", remainingQty, FindElement.ById);
}
//clicking the return eligibility
accessInformation.Click("PageBody_CaptureRx1_btnCheckReturnEligibility", FindElement.ById);
//Setting the text to the Note
accessInformation.SetText("PageBody_CaptureRx1_txtReturnReasonNotes", "test", FindElement.ById);
TakeScreenCapture(_rxInformation.RxNumber, qtyFlag);
qtyFlag = false;
//click the reset button
accessInformation.Click("PageBody_CaptureRx1_btnSearchRx", FindElement.ById);
}
}
//click the logg off
accessInformation.Click("A1", FindElement.ById);
}
}
internal FileShareUploader(
FabricEvents.ExtensionsEvents traceSource,
string logSourceId,
bool runningOnBehalfOfApplication,
string folderName,
string destinationPath,
AccessInformation accessInfo,
string workFolder,
TimeSpan uploadInterval,
TimeSpan fileSyncInterval,
TimeSpan fileDeletionAge,
bool destinationIsLocalAppFolder,
string fabricNodeId)
: base(
traceSource,
logSourceId,
folderName,
destinationPath,
workFolder,
uploadInterval,
fileSyncInterval)
{
// Initialization
this.destinationPath = destinationPath;
this.accessInfo = accessInfo;
var impersonationRequiredForAppStoreAccess = Utility.IsImpersonationRequiredForAppDiagnosticStoreAccess();
if (runningOnBehalfOfApplication &&
(false == destinationIsLocalAppFolder) &&
impersonationRequiredForAppStoreAccess &&
(FileShareAccessAccountType.None == this.accessInfo.AccountType))
{
const string Message =
"Impersonation is required to access the file share, but credentials for impersonation have not been provided.";
this.TraceSource.WriteError(
this.LogSourceId,
Message);
throw new InvalidOperationException(Message);
}
// Create the staging folder where we copy the files temporarily before impersonating
// and copying it to the final destination.
try
{
Utility.PerformIOWithRetries(
() =>
{
if (IsStagingFolderNeededForCopy(folderName))
{
CreateStagingFolderForCopy(workFolder);
}
});
}
catch (Exception e)
{
throw new IOException(string.Format("Unable to create staging directory for work directory {0}.", workFolder), e);
}
// Check that the destination folder exists or can be created.
try
{
Utility.PerformIOWithRetries(
() =>
this.PerformDestinationOperation(
ctx =>
{
var destPath = (string)ctx;
if (FabricDirectory.Exists(destPath))
{
return true;
}
FabricDirectory.CreateDirectory(destPath);
return true;
},
this.destinationPath));
}
catch (Exception e)
{
throw new IOException(string.Format("Unable to create destination directory {0}.", this.destinationPath), e);
}
this.perfHelper = new FileSharePerformance(this.TraceSource, this.LogSourceId);
// File copy is done one at a time, so the concurrency count is 1.
this.perfHelper.ExternalOperationInitialize(
ExternalOperationTime.ExternalOperationType.FileShareCopy,
1);
// Check if a trimmer already exists to delete old files from this destination
lock (Trimmers)
{
if (Trimmers.ContainsKey(this.destinationPath))
{
// Trimmer already exists. Increment its reference count.
TrimmerInfo trimmerInfo = Trimmers[this.destinationPath];
trimmerInfo.RefCount++;
}
else
{
// Trimmer does not exist. Create it.
FileShareTrimmer trimmer = new FileShareTrimmer(
folderName,
this.destinationPath,
this.PerformDestinationOperation,
LocalMapFolderPath,
fileDeletionAge);
TrimmerInfo trimmerInfo = new TrimmerInfo
{
RefCount = 1,
Trimmer = trimmer
};
Trimmers[this.destinationPath] = trimmerInfo;
}
}
}
public AclExpansionEntryCreator_GetAccessTypesResult(AccessInformation accessInformation, AclProbe aclProbe, AccessTypeStatistics accessTypeStatistics)
{
AclProbe = aclProbe;
AccessTypeStatistics = accessTypeStatistics;
AccessInformation = accessInformation;
}
