public void Get_User_Implicit_Permissions()
{
// Arrange
UserGroup userGroup = CreateTestUserGroup();
Template template = TemplateBuilder.CreateTextPageTemplate();
FileService.SaveTemplate(template);
ContentType contentType = ContentTypeBuilder.CreateSimpleContentType(defaultTemplateId: template.Id);
ContentTypeService.Save(contentType);
Content parent = ContentBuilder.CreateSimpleContent(contentType);
ContentService.Save(parent);
Content child1 = ContentBuilder.CreateSimpleContent(contentType, "child1", parent.Id);
ContentService.Save(child1);
Content child2 = ContentBuilder.CreateSimpleContent(contentType, "child2", child1.Id);
ContentService.Save(child2);
ContentService.SetPermission(parent, ActionBrowse.ActionLetter, new int[] { userGroup.Id });
ContentService.SetPermission(parent, ActionDelete.ActionLetter, new int[] { userGroup.Id });
ContentService.SetPermission(parent, ActionMove.ActionLetter, new int[] { userGroup.Id });
ContentService.SetPermission(parent, ActionBrowse.ActionLetter, new int[] { userGroup.Id });
ContentService.SetPermission(parent, ActionDelete.ActionLetter, new int[] { userGroup.Id });
// Act
EntityPermissionSet permissions = UserService.GetPermissionsForPath(userGroup, child2.Path);
// Assert
string[] allPermissions = permissions.GetAllPermissions().ToArray();
Assert.AreEqual(3, allPermissions.Length);
}
private bool CheckPermissionsPath(string?path, IUser user, IReadOnlyList <char>?permissionsToCheck = null)
{
if (permissionsToCheck == null)
{
permissionsToCheck = Array.Empty <char>();
}
// get the implicit/inherited permissions for the user for this path,
// if there is no content item for this id, than just use the id as the path (i.e. -1 or -20)
EntityPermissionSet permission = _userService.GetPermissionsForPath(user, path);
var allowed = true;
foreach (var p in permissionsToCheck)
{
if (permission == null ||
permission.GetAllPermissions().Contains(p.ToString(CultureInfo.InvariantCulture)) == false)
{
allowed = false;
}
}
return(allowed);
}
public void Calculate_Permissions_For_User_For_Path()
{
// see: http://issues.umbraco.org/issue/U4-10075#comment=67-40085
// for an overview of what this is testing
const string path = "-1,1,2,3,4";
int[] pathIds = path.GetIdsFromPathReversed();
const int groupA = 7;
const int groupB = 8;
const int groupC = 9;
var userGroups = new Dictionary <int, string[]>
{
{ groupA, new[] { "S", "D", "F" } },
{ groupB, new[] { "S", "D", "G", "K" } },
{ groupC, new[] { "F", "G" } }
};
EntityPermission[] permissions = new[]
{
new EntityPermission(groupA, 1, userGroups[groupA], isDefaultPermissions: true),
new EntityPermission(groupA, 2, userGroups[groupA], isDefaultPermissions: true),
new EntityPermission(groupA, 3, userGroups[groupA], isDefaultPermissions: true),
new EntityPermission(groupA, 4, userGroups[groupA], isDefaultPermissions: true),
new EntityPermission(groupB, 1, userGroups[groupB], isDefaultPermissions: true),
new EntityPermission(groupB, 2, new[] { "F", "R" }, isDefaultPermissions: false),
new EntityPermission(groupB, 3, userGroups[groupB], isDefaultPermissions: true),
new EntityPermission(groupB, 4, userGroups[groupB], isDefaultPermissions: true),
new EntityPermission(groupC, 1, userGroups[groupC], isDefaultPermissions: true),
new EntityPermission(groupC, 2, userGroups[groupC], isDefaultPermissions: true),
new EntityPermission(groupC, 3, new[] { "Q", "Z" }, isDefaultPermissions: false),
new EntityPermission(groupC, 4, userGroups[groupC], isDefaultPermissions: true),
};
// Permissions for Id 4
EntityPermissionSet result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds);
Assert.AreEqual(4, result.EntityId);
string[] allPermissions = result.GetAllPermissions().ToArray();
Assert.AreEqual(6, allPermissions.Length, string.Join(",", allPermissions));
Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "R", "Q", "Z" }));
// Permissions for Id 3
result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(1).ToArray());
Assert.AreEqual(3, result.EntityId);
allPermissions = result.GetAllPermissions().ToArray();
Assert.AreEqual(6, allPermissions.Length, string.Join(",", allPermissions));
Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "R", "Q", "Z" }));
// Permissions for Id 2
result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(2).ToArray());
Assert.AreEqual(2, result.EntityId);
allPermissions = result.GetAllPermissions().ToArray();
Assert.AreEqual(5, allPermissions.Length, string.Join(",", allPermissions));
Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "G", "R" }));
// Permissions for Id 1
result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(3).ToArray());
Assert.AreEqual(1, result.EntityId);
allPermissions = result.GetAllPermissions().ToArray();
Assert.AreEqual(5, allPermissions.Length, string.Join(",", allPermissions));
Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "G", "K" }));
}
