private static void ACLExercise2(int id)
{
var name = "Writer-" + id;
var ctx = new SecurityContext(TestUser.User2);
var count = 0;
var permTypes = new[] { PermissionType.Custom01, PermissionType.Custom02 };
while (!_stopped)
{
Thread.Sleep(10);
if (0 == (count % 1000))
{
Console.WriteLine("Running time: {0}, errors: {1}. {2} {3}", DateTime.UtcNow - started, errors, name, count);
}
PermissionType perm1, perm2;
var i = count % 2;
perm1 = permTypes[i];
perm2 = permTypes[1 - i];
AclEditor.Create(ctx)
.Allow(5, TestUser.User1.Id, false, perm1)
.Allow(5, TestUser.User1.Id, false, perm2)
.Apply();
count++;
}
}
private static void RunACL(ProgramArguments arguments)
{
var entities = SystemStartTests.CreateTestEntities();
var groups = SystemStartTests.CreateTestGroups();
var memberships = Tools.CreateInMemoryMembershipTable(groups);
var aces = SystemStartTests.CreateTestAces();
var storage = new DatabaseStorage {
Aces = aces, Memberships = memberships, Entities = entities, Messages = new List <Tuple <int, DateTime, byte[]> >()
};
StartTheSystem(new MemoryDataProvider(storage));
var ctx = new SecurityContextForConcurrencyTests(TestUser.User2);
var ok = ctx.HasPermission(1, PermissionType.See);
AclEditor.Create(ctx)
.Allow(1, TestUser.User3.Id, false, PermissionType.Custom10)
.Allow(2, TestUser.User3.Id, false, PermissionType.Custom10)
.Allow(5, TestUser.User3.Id, false, PermissionType.Custom10)
.Allow(14, TestUser.User3.Id, false, PermissionType.Custom10)
.Allow(50, TestUser.User3.Id, false, PermissionType.Custom10)
.Allow(51, TestUser.User3.Id, false, PermissionType.Custom10)
.Allow(52, TestUser.User3.Id, false, PermissionType.Custom10)
.Apply();
ok = ctx.HasPermission(52, PermissionType.See);
started = DateTime.UtcNow;
Task.Run(() => ACLExercise1(0));
Enumerable.Range(1, arguments.Agents).Select(x => Task.Run(() => ACLExercise(x))).ToArray();
}
/// <summary>
/// Shortcut method for test. Example usage: aclEd.Allow("E2", "U1", false, "___________+___");
/// Bitmask accepts two kind of characters: '_' means active, any other means inactive.
/// </summary>
/// <returns></returns>
public static AclEditor Allow(this AclEditor aclEd, string entity, string identity, string bitMask, bool localOnly = false)
{
var perms = GetPermissionTypes(bitMask);
aclEd.Allow(Tools.GetId(entity), Tools.GetId(identity), localOnly, perms);
return(aclEd);
}
private static void SetPermission(AclEditor editor, int contentId, int identityId, bool localOnly,
PermissionType permissionType, object permissionValue, List <string> messages)
{
switch (permissionValue.ToString().ToLowerInvariant())
{
case "0":
case "u":
case "undefined":
// PermissionValue.Undefined;
editor.ClearPermission(contentId, identityId, localOnly, permissionType);
break;
case "1":
case "a":
case "allow":
// PermissionValue.Allowed;
editor.Allow(contentId, identityId, localOnly, permissionType);
break;
case "2":
case "d":
case "deny":
// PermissionValue.Denied;
editor.Deny(contentId, identityId, localOnly, permissionType);
break;
default:
messages.Add($"WARING: Unknown permissionValue: {permissionValue}");
break;
}
}
public void AclEditor_GettingWithoutVisibleModifiedBy()
{
var newUser = new User(User.Administrator.Parent)
{
Name = "UserFor_AclEditor_GettingWithoutVisibleModifiedBy",
Email = "*****@*****.**",
Enabled = true
};
newUser.Save();
newUser = Node.Load <User>(newUser.Id);
var content = Content.CreateNew("Car", TestRoot, Guid.NewGuid().ToString());
content.Save();
var contentId = content.Id;
new AclEditor(TestRoot)
.SetPermission(newUser.Id, true, PermissionType.Open, PermissionValue.Allow)
.SetPermission(newUser.Id, true, PermissionType.SetPermissions, PermissionValue.Allow)
.Apply();
new AclEditor(User.Administrator)
.SetPermission(newUser.Id, true, PermissionType.See, PermissionValue.Deny)
.Apply();
var origuser = User.Current;
User.Current = newUser;
content = Content.Load(contentId);
Assert.AreEqual(User.Somebody.Id, content.ContentHandler.CreatedBy.Id);
Assert.AreEqual(User.Somebody.Id, content.ContentHandler.ModifiedBy.Id);
Assert.AreEqual(User.Somebody.Id, content.ContentHandler.VersionCreatedBy.Id);
Assert.AreEqual(User.Somebody.Id, content.ContentHandler.VersionModifiedBy.Id);
var ok = false;
try
{
var ed = new AclEditor(Node.LoadNode(content.Id));
ok = true;
}
//catch (Exception e)
//{
// int q = 1;
//}
finally
{
User.Current = origuser;
}
Assert.AreEqual(true, ok);
}
private void DeleteAllExplicitSetting(AclEditor aclEditor, Content content)
{
var explicitEntries = content.ContentHandler.Security.GetExplicitEntries();
foreach (var explicitEntry in explicitEntries)
{
foreach (var permType in ActiveSchema.PermissionTypes)
{
var ident = (ISecurityMember)Node.LoadNode(explicitEntry.PrincipalId);
aclEditor.SetPermission(ident, explicitEntry.Propagates, permType, PermissionValue.NonDefined);
}
}
}
private static void SetPermissions(AclEditor aclEditor, int contentId, int identityId, bool localOnly,
Dictionary <string, object> permissions, List <string> messages)
{
foreach (var item in permissions)
{
var permissionType = PermissionType.GetByName(item.Key);
if (permissionType == null)
{
messages.Add($"WARING: Unknown permission: {item.Key}");
continue;
}
SetPermission(aclEditor, contentId, identityId, localOnly, permissionType, item.Value, messages);
}
}
public AclEditorAccessor(AclEditor editor) : base(editor)
{
}
public void UnbreakInheritance(TestEntity entity, bool normalize = false)
{
AclEditor.Create(this).UnbreakInheritance(entity.Id, normalize).Apply();
}
public void BreakInheritance(TestEntity entity, bool convertToExplicit = true)
{
AclEditor.Create(this).BreakInheritance(entity.Id, convertToExplicit).Apply();
}
