public async Task ITAdministrator_OpeningServerRoomDoor_ShouldBePermitted()
{
string subjectId = "bob";
string[] roles = new[] { "employee", "ITAdmin" };
string resourceType = "door";
string resourceAction = "open";
string resourceName = "serverRoomDoor";
Time timeOfDay = new Time(20, 00, 00);
DateTime timeNow = DateTime.Now;
var request = new DynamicAttributeValueProvider();
request
.AddString(Rsk.Enforcer.Oasis.Attributes.Subject.Role, roles)
.AddString(Rsk.Enforcer.Oasis.Attributes.Subject.Identifier, subjectId)
.AddString(Rsk.Enforcer.Oasis.Attributes.ResourceType, resourceType)
.AddString(Rsk.Enforcer.Oasis.Attributes.Action, resourceAction)
.AddString(Rsk.Enforcer.Oasis.Attributes.Resource, resourceName)
.AddTime(Rsk.Enforcer.Oasis.Attributes.CurrentTime, timeOfDay)
.AddDateTime(Rsk.Enforcer.Oasis.Attributes.CurrentDateTime, timeNow);
var sut = CreateSystemUnderTest();
var outcome = await sut.Evaluate(request);
outcome.Outcome.Should().Be(PolicyOutcome.Permit);
}
public async Task Employee_OpeningMainDoorDuringOfficeHours_ShouldBePermitted()
{
string subjectId = "alice";
string role = "employee";
string resourceType = "door";
string resourceAction = "open";
string resourceName = "mainDoor";
Time timeOfDay = new Time(10, 00, 00);
DateTime timeNow = DateTime.Now;
var request = new DynamicAttributeValueProvider();
request
.AddString(Rsk.Enforcer.Oasis.Attributes.Subject.Role, role)
.AddString(Rsk.Enforcer.Oasis.Attributes.Subject.Identifier, subjectId)
.AddString(Rsk.Enforcer.Oasis.Attributes.ResourceType, resourceType)
.AddString(Rsk.Enforcer.Oasis.Attributes.Action, resourceAction)
.AddString(Rsk.Enforcer.Oasis.Attributes.Resource, resourceName)
.AddTime(Rsk.Enforcer.Oasis.Attributes.CurrentTime, timeOfDay)
.AddDateTime(Rsk.Enforcer.Oasis.Attributes.CurrentDateTime, timeNow);
var sut = CreateSystemUnderTest();
var outcome = await sut.Evaluate(request);
outcome.Outcome.Should().Be(PolicyOutcome.Permit);
}
public async Task Employee_OpeningMainDoor_ShouldPermitAndCaptureAuditTrail()
{
string subjectId = "alice";
string role = "employee";
string resourceType = "door";
string resourceAction = "open";
string resourceName = "mainDoor";
Time timeOfDay = new Time(15, 00, 00);
DateTime timeNow = DateTime.Now;
var request = new DynamicAttributeValueProvider();
request
.AddString(Rsk.Enforcer.Oasis.Attributes.Subject.Role, role)
.AddString(Rsk.Enforcer.Oasis.Attributes.Subject.Identifier, subjectId)
.AddString(Rsk.Enforcer.Oasis.Attributes.ResourceType, resourceType)
.AddString(Rsk.Enforcer.Oasis.Attributes.Action, resourceAction)
.AddString(Rsk.Enforcer.Oasis.Attributes.Resource, resourceName)
.AddTime(Rsk.Enforcer.Oasis.Attributes.CurrentTime, timeOfDay)
.AddDateTime(Rsk.Enforcer.Oasis.Attributes.CurrentDateTime, timeNow);
var sut = CreateSystemUnderTest();
var outcome = await sut.Evaluate(request);
outcome.Outcome.Should().Be(PolicyOutcome.Permit);
var auditLogs = obligationHandler.Invocations.ToArray();
auditLogs.Length.Should().Be(1);
auditLogs[0].Subject.Should().Be(subjectId);
auditLogs[0].When.Should().Be(timeNow);
}