public void Test_InvalidateEntries_AccessRule()
{
AccessRule accessRule;
Subject subject;
ICache <SubjectPermissionTypesTuple, IEnumerable <AccessRuleQuery> > dictionaryCache;
SecurityQueryCacheInvalidator securityQueryCacheInvalidator;
subject = new Subject();
subject.Save();
accessRule = new AccessRule();
accessRule.AllowAccessBy = subject;
accessRule.Save();
dictionaryCache = new DictionaryCache <SubjectPermissionTypesTuple, IEnumerable <AccessRuleQuery> >
{
{ new SubjectPermissionTypesTuple(subject.Id, 2, new long[0]), new AccessRuleQuery[0] },
{ new SubjectPermissionTypesTuple(subject.Id, 3, new long[0]), new AccessRuleQuery[0] },
{ new SubjectPermissionTypesTuple(subject.Id + 1, 3, new long[0]), new AccessRuleQuery[0] },
{ new SubjectPermissionTypesTuple(subject.Id + 2, 3, new long[0]), new AccessRuleQuery[0] }
};
securityQueryCacheInvalidator = new SecurityQueryCacheInvalidator(dictionaryCache);
securityQueryCacheInvalidator.InvalidateCacheEntries(new []
{
new SubjectPermissionTypesTuple(subject.Id, 2, new long[0]),
new SubjectPermissionTypesTuple(subject.Id, 3, new long[0]),
}, () => "test");
Assert.That(dictionaryCache, Has.None.Property("Key").Property("SubjectId").EqualTo(subject.Id));
}
public void HideCoreEveryoneRoles()
{
IList <AccessRule> accessRules;
Solution consoleSolution;
using (DatabaseContext databaseContext = DatabaseContext.GetContext(true))
using (new SecurityBypassContext())
{
consoleSolution = Entity.Get <Solution>("core:consoleSolution");
accessRules = Entity.GetInstancesOfType <AccessRule>(false, "accessRuleHidden, allowAccess.{alias}, inSolution.{name}, controlAccess.{name}")
.ToList();
foreach (AccessRule accessRule in accessRules)
{
if (accessRule.AllowAccessBy.Alias == "core:everyoneRole" &&
accessRule.InSolution != null && accessRule.InSolution.Name == "ReadiNow Core Data")
{
AccessRule writeableAccessRule = accessRule.AsWritable <AccessRule>();
writeableAccessRule.AccessRuleHidden = true;
if (writeableAccessRule.InSolution == consoleSolution)
{
writeableAccessRule.InSolution = null;
}
Console.Out.WriteLine("Making access rule on type {0} hidden", writeableAccessRule.ControlAccess.Name);
writeableAccessRule.Save();
}
}
databaseContext.CommitTransaction();
}
}
public void TestOnChangeAccessRulePermissions()
{
bool success = true;
string subjectName = "Role" + Guid.NewGuid();
string typeName = "Type" + Guid.NewGuid();
string reportName = "Report" + Guid.NewGuid();
var read = Entity.Get <Permission>("read");
var delete = Entity.Get <Permission>("delete");
ISet <string> oldPerm = new SortedSet <string> {
read.Name
};
ISet <string> newPerm = new SortedSet <string> {
read.Name, delete.Name
};
var mockAuditLog = new Mock <IAuditLog>(MockBehavior.Strict);
mockAuditLog.Setup(al => al.OnChangeAccessRulePermissions(success, subjectName, typeName, reportName, It.Is <ISet <string> >(p => oldPerm.SetEquals(p)), It.Is <ISet <string> >(p => newPerm.SetEquals(p))));
var eventTarget = new AuditLogAccessRuleEventTarget(mockAuditLog.Object);
var subject = new Role {
Name = subjectName
};
var type = new EntityType {
Name = typeName
};
var report = new Report {
Name = reportName
};
var accessRule = new AccessRule {
AllowAccessBy = subject.As <Subject>(), ControlAccess = type.As <SecurableEntity>(), AccessRuleReport = report
};
accessRule.PermissionAccess.Add(read);
accessRule.Save();
// Change permissions
accessRule.PermissionAccess.Add(delete);
IDictionary <string, object> state = new Dictionary <string, object>();
eventTarget.GatherAuditLogEntityDetailsForSave(accessRule, state);
eventTarget.WriteSaveAuditLogEntries(success, accessRule.Id, state);
mockAuditLog.VerifyAll();
}
public void TestOnChangeAccessRuleQuery()
{
bool success = true;
string subjectName = "Role" + Guid.NewGuid();
string typeName = "Type" + Guid.NewGuid();
string reportName = "Report" + Guid.NewGuid();
string newReportName = "Report" + Guid.NewGuid();
var mockAuditLog = new Mock <IAuditLog>(MockBehavior.Strict);
mockAuditLog.Setup(al => al.OnChangeAccessRuleQuery(success, subjectName, typeName, newReportName));
var eventTarget = new AuditLogAccessRuleEventTarget(mockAuditLog.Object);
var subject = new Role {
Name = subjectName
};
var type = new EntityType {
Name = typeName
};
var report = new Report {
Name = reportName
};
var newReport = new Report {
Name = newReportName
};
var accessRule = new AccessRule {
AllowAccessBy = subject.As <Subject>(), ControlAccess = type.As <SecurableEntity>(), AccessRuleReport = report
};
accessRule.Save();
// Change the report
accessRule.AccessRuleReport = newReport;
IDictionary <string, object> state = new Dictionary <string, object>();
eventTarget.GatherAuditLogEntityDetailsForSave(accessRule, state);
eventTarget.WriteSaveAuditLogEntries(success, accessRule.Id, state);
mockAuditLog.VerifyAll();
}
