public void AuthorizationAttribute_Custom_Method_Custom_Attribute_Null_Entity_Throws() { IPrincipal user = this.CreateIPrincipal("user1"); // Instantiate a new DomainService to use for a custom method via a Submit using (AuthorizationTestDomainService testDomainService = new AuthorizationTestDomainService()) { // Note: Submit context enforces null entity test testDomainService.Initialize(new DomainServiceContext(new MockDataService(user), DomainOperationType.Submit)); DomainServiceDescription description = DomainServiceDescription.GetDescription(typeof(AuthorizationTestDomainService)); DomainOperationEntry entry = description.DomainOperationEntries.SingleOrDefault(p => p.Name == "CustomUpdate"); Assert.IsNotNull(entry, "Did not find CustomUpdate entry"); // The null entity here should raise ArgNull because the context is Submit AuthorizationTestEntity entity = null; ExceptionHelper.ExpectArgumentNullExceptionStandard(() => testDomainService.IsAuthorized(entry, entity), "entity"); } }
protected override AuthorizationResult IsAuthorized(IPrincipal principal, AuthorizationContext authorizationContext) { Assert.IsNotNull(principal, "Principal was null when custom authorization attribute was called"); Assert.IsNotNull(authorizationContext, "AuthorizationContext was null when custom authorization attribute was called"); Assert.IsFalse(string.IsNullOrEmpty(authorizationContext.Operation), "Operation was blank when custom authorization attribute was called"); Assert.IsFalse(string.IsNullOrEmpty(authorizationContext.OperationType), "OperationType was blank when custom authorization attribute was called"); if (!string.IsNullOrEmpty(this.ExpectedOperation)) { Assert.AreEqual(this.ExpectedOperation, authorizationContext.Operation, "AuthContext.Operation was not correct when attribute was evaluated"); } if (!string.IsNullOrEmpty(this.ExpectedOperationType)) { Assert.AreEqual(this.ExpectedOperationType, authorizationContext.OperationType, "AuthContext.OperationType was not correct when attribute was evaluated"); } bool isInvoke = authorizationContext.OperationType.Equals("Invoke"); AuthorizationTestEntity entity = authorizationContext.Instance as AuthorizationTestEntity; object instanceType = null; bool haveType = authorizationContext.Items.TryGetValue(typeof(Type), out instanceType); Assert.IsTrue(haveType, "Did not find entity type element in Items for " + authorizationContext.Operation); // Invokes don't guarantee the Type in the dictionary Assert.IsTrue(isInvoke || instanceType != null, "Entity type was null in Items diction for an Invoke"); bool deny = ((!string.IsNullOrEmpty(this.DenyOperation) && this.DenyOperation.Equals(authorizationContext.Operation)) || (!string.IsNullOrEmpty(this.DenyOperationType) && this.DenyOperationType.Equals(authorizationContext.OperationType)) || (!string.IsNullOrEmpty(this.DenyInstanceValue) && entity != null && this.DenyInstanceValue.Equals(entity.TheValue))); return(deny ? string.IsNullOrEmpty(this.DenyMessage) ? new AuthorizationResult(this.FormatErrorMessage(authorizationContext.Operation)) : new AuthorizationResult(this.DenyMessage) : AuthorizationResult.Allowed); }
public void AuthorizationAttribute_Custom_Method_Custom_Attribute_Metadata_Context() { IPrincipal user = this.CreateIPrincipal("user1"); // Instantiate a new DomainService to use for a custom method via a Submit using (AuthorizationTestDomainService testDomainService = new AuthorizationTestDomainService()) { // Note: Metadata context testDomainService.Initialize(new DomainServiceContext(new MockDataService(user), DomainOperationType.Metadata)); DomainServiceDescription description = DomainServiceDescription.GetDescription(typeof(AuthorizationTestDomainService)); DomainOperationEntry entry = description.DomainOperationEntries.SingleOrDefault(p => p.Name == "CustomUpdate"); Assert.IsNotNull(entry, "Did not find CustomUpdate entry"); AuthorizationTestEntity entity = null; AuthorizationResult result = testDomainService.IsAuthorized(entry, entity); if (result != AuthorizationResult.Allowed) { Assert.Fail("Expected custom method to be approved during metadata use: " + result.ErrorMessage); } } }
public void AuthorizationAttribute_Custom_Method_Custom_Attribute() { IPrincipal user = this.CreateIPrincipal("user1"); // Instantiate a new DomainService to use for a custom method via a Submit using (AuthorizationTestDomainService testDomainService = new AuthorizationTestDomainService()) { testDomainService.Initialize(new DomainServiceContext(new MockDataService(user), DomainOperationType.Submit)); // Get a DomainServiceDescription for that same domain service DomainServiceDescription description = DomainServiceDescription.GetDescription(typeof(AuthorizationTestDomainService)); // Locate the custom method. It has an attribute that will deny only entities whose value is "Fred" DomainOperationEntry entry = description.DomainOperationEntries.SingleOrDefault(p => p.Name == "CustomUpdate"); Assert.IsNotNull(entry, "Did not find CustomUpdate entry"); Assert.AreEqual("Update", entry.OperationType, "Custom op entry should show op type Update"); // Ask the domain service to perform authorization. // The principal will be located via the mock data service created above. AuthorizationTestEntity entity = new AuthorizationTestEntity() { TheValue = "Bob" }; AuthorizationResult result = testDomainService.IsAuthorized(entry, entity); if (result != AuthorizationResult.Allowed) { Assert.Fail("Expected custom method to be approved: " + result.ErrorMessage); } // Now set it to an illegal value and verify deny entity.TheValue = "Fred"; result = testDomainService.IsAuthorized(entry, entity); Assert.AreNotSame(AuthorizationResult.Allowed, result, "Expected custom method to be denied"); Assert.AreEqual("uhuh", result.ErrorMessage, "Expected denial to return explicit message from code"); } }
public void CustomUpdate(AuthorizationTestEntity entity) { }
public void AuthorizationAttribute_Custom_Method_Custom_Attribute() { IPrincipal user = this.CreateIPrincipal("user1"); // Instantiate a new DomainService to use for a custom method via a Submit using (AuthorizationTestDomainService testDomainService = new AuthorizationTestDomainService()) { testDomainService.Initialize(new DomainServiceContext(new MockDataService(user), DomainOperationType.Submit)); // Get a DomainServiceDescription for that same domain service DomainServiceDescription description = DomainServiceDescription.GetDescription(typeof(AuthorizationTestDomainService)); // Locate the custom method. It has an attribute that will deny only entities whose value is "Fred" DomainOperationEntry entry = description.DomainOperationEntries.SingleOrDefault(p => p.Name == "CustomUpdate"); Assert.IsNotNull(entry, "Did not find CustomUpdate entry"); Assert.AreEqual("Update", entry.OperationType, "Custom op entry should show op type Update"); // Ask the domain service to perform authorization. // The principal will be located via the mock data service created above. AuthorizationTestEntity entity = new AuthorizationTestEntity() { TheValue = "Bob" }; AuthorizationResult result = testDomainService.IsAuthorized(entry, entity); if (result != AuthorizationResult.Allowed) Assert.Fail("Expected custom method to be approved: " + result.ErrorMessage); // Now set it to an illegal value and verify deny entity.TheValue = "Fred"; result = testDomainService.IsAuthorized(entry, entity); Assert.AreNotSame(AuthorizationResult.Allowed, result, "Expected custom method to be denied"); Assert.AreEqual("uhuh", result.ErrorMessage, "Expected denial to return explicit message from code"); } }