public void AuthorizationAttribute_Custom_Method_Custom_Attribute_Null_Entity_Throws()
{
IPrincipal user = this.CreateIPrincipal("user1");
// Instantiate a new DomainService to use for a custom method via a Submit
using (AuthorizationTestDomainService testDomainService = new AuthorizationTestDomainService())
{
// Note: Submit context enforces null entity test
testDomainService.Initialize(new DomainServiceContext(new MockDataService(user), DomainOperationType.Submit));
DomainServiceDescription description = DomainServiceDescription.GetDescription(typeof(AuthorizationTestDomainService));
DomainOperationEntry entry = description.DomainOperationEntries.SingleOrDefault(p => p.Name == "CustomUpdate");
Assert.IsNotNull(entry, "Did not find CustomUpdate entry");
// The null entity here should raise ArgNull because the context is Submit
AuthorizationTestEntity entity = null;
ExceptionHelper.ExpectArgumentNullExceptionStandard(() => testDomainService.IsAuthorized(entry, entity), "entity");
}
}
protected override AuthorizationResult IsAuthorized(IPrincipal principal, AuthorizationContext authorizationContext)
{
Assert.IsNotNull(principal, "Principal was null when custom authorization attribute was called");
Assert.IsNotNull(authorizationContext, "AuthorizationContext was null when custom authorization attribute was called");
Assert.IsFalse(string.IsNullOrEmpty(authorizationContext.Operation), "Operation was blank when custom authorization attribute was called");
Assert.IsFalse(string.IsNullOrEmpty(authorizationContext.OperationType), "OperationType was blank when custom authorization attribute was called");
if (!string.IsNullOrEmpty(this.ExpectedOperation))
{
Assert.AreEqual(this.ExpectedOperation, authorizationContext.Operation, "AuthContext.Operation was not correct when attribute was evaluated");
}
if (!string.IsNullOrEmpty(this.ExpectedOperationType))
{
Assert.AreEqual(this.ExpectedOperationType, authorizationContext.OperationType, "AuthContext.OperationType was not correct when attribute was evaluated");
}
bool isInvoke = authorizationContext.OperationType.Equals("Invoke");
AuthorizationTestEntity entity = authorizationContext.Instance as AuthorizationTestEntity;
object instanceType = null;
bool haveType = authorizationContext.Items.TryGetValue(typeof(Type), out instanceType);
Assert.IsTrue(haveType, "Did not find entity type element in Items for " + authorizationContext.Operation);
// Invokes don't guarantee the Type in the dictionary
Assert.IsTrue(isInvoke || instanceType != null, "Entity type was null in Items diction for an Invoke");
bool deny = ((!string.IsNullOrEmpty(this.DenyOperation) && this.DenyOperation.Equals(authorizationContext.Operation)) ||
(!string.IsNullOrEmpty(this.DenyOperationType) && this.DenyOperationType.Equals(authorizationContext.OperationType)) ||
(!string.IsNullOrEmpty(this.DenyInstanceValue) && entity != null && this.DenyInstanceValue.Equals(entity.TheValue)));
return(deny
? string.IsNullOrEmpty(this.DenyMessage)
? new AuthorizationResult(this.FormatErrorMessage(authorizationContext.Operation))
: new AuthorizationResult(this.DenyMessage)
: AuthorizationResult.Allowed);
}
public void AuthorizationAttribute_Custom_Method_Custom_Attribute_Metadata_Context()
{
IPrincipal user = this.CreateIPrincipal("user1");
// Instantiate a new DomainService to use for a custom method via a Submit
using (AuthorizationTestDomainService testDomainService = new AuthorizationTestDomainService())
{
// Note: Metadata context
testDomainService.Initialize(new DomainServiceContext(new MockDataService(user), DomainOperationType.Metadata));
DomainServiceDescription description = DomainServiceDescription.GetDescription(typeof(AuthorizationTestDomainService));
DomainOperationEntry entry = description.DomainOperationEntries.SingleOrDefault(p => p.Name == "CustomUpdate");
Assert.IsNotNull(entry, "Did not find CustomUpdate entry");
AuthorizationTestEntity entity = null;
AuthorizationResult result = testDomainService.IsAuthorized(entry, entity);
if (result != AuthorizationResult.Allowed)
{
Assert.Fail("Expected custom method to be approved during metadata use: " + result.ErrorMessage);
}
}
}
public void AuthorizationAttribute_Custom_Method_Custom_Attribute()
{
IPrincipal user = this.CreateIPrincipal("user1");
// Instantiate a new DomainService to use for a custom method via a Submit
using (AuthorizationTestDomainService testDomainService = new AuthorizationTestDomainService())
{
testDomainService.Initialize(new DomainServiceContext(new MockDataService(user), DomainOperationType.Submit));
// Get a DomainServiceDescription for that same domain service
DomainServiceDescription description = DomainServiceDescription.GetDescription(typeof(AuthorizationTestDomainService));
// Locate the custom method. It has an attribute that will deny only entities whose value is "Fred"
DomainOperationEntry entry = description.DomainOperationEntries.SingleOrDefault(p => p.Name == "CustomUpdate");
Assert.IsNotNull(entry, "Did not find CustomUpdate entry");
Assert.AreEqual("Update", entry.OperationType, "Custom op entry should show op type Update");
// Ask the domain service to perform authorization.
// The principal will be located via the mock data service created above.
AuthorizationTestEntity entity = new AuthorizationTestEntity()
{
TheValue = "Bob"
};
AuthorizationResult result = testDomainService.IsAuthorized(entry, entity);
if (result != AuthorizationResult.Allowed)
{
Assert.Fail("Expected custom method to be approved: " + result.ErrorMessage);
}
// Now set it to an illegal value and verify deny
entity.TheValue = "Fred";
result = testDomainService.IsAuthorized(entry, entity);
Assert.AreNotSame(AuthorizationResult.Allowed, result, "Expected custom method to be denied");
Assert.AreEqual("uhuh", result.ErrorMessage, "Expected denial to return explicit message from code");
}
}
public void CustomUpdate(AuthorizationTestEntity entity) { }
public void AuthorizationAttribute_Custom_Method_Custom_Attribute()
{
IPrincipal user = this.CreateIPrincipal("user1");
// Instantiate a new DomainService to use for a custom method via a Submit
using (AuthorizationTestDomainService testDomainService = new AuthorizationTestDomainService())
{
testDomainService.Initialize(new DomainServiceContext(new MockDataService(user), DomainOperationType.Submit));
// Get a DomainServiceDescription for that same domain service
DomainServiceDescription description = DomainServiceDescription.GetDescription(typeof(AuthorizationTestDomainService));
// Locate the custom method. It has an attribute that will deny only entities whose value is "Fred"
DomainOperationEntry entry = description.DomainOperationEntries.SingleOrDefault(p => p.Name == "CustomUpdate");
Assert.IsNotNull(entry, "Did not find CustomUpdate entry");
Assert.AreEqual("Update", entry.OperationType, "Custom op entry should show op type Update");
// Ask the domain service to perform authorization.
// The principal will be located via the mock data service created above.
AuthorizationTestEntity entity = new AuthorizationTestEntity() { TheValue = "Bob" };
AuthorizationResult result = testDomainService.IsAuthorized(entry, entity);
if (result != AuthorizationResult.Allowed)
Assert.Fail("Expected custom method to be approved: " + result.ErrorMessage);
// Now set it to an illegal value and verify deny
entity.TheValue = "Fred";
result = testDomainService.IsAuthorized(entry, entity);
Assert.AreNotSame(AuthorizationResult.Allowed, result, "Expected custom method to be denied");
Assert.AreEqual("uhuh", result.ErrorMessage, "Expected denial to return explicit message from code");
}
}
public void CustomUpdate(AuthorizationTestEntity entity)
{
}
