public void Get_User_Implicit_Permissions() { // Arrange UserGroup userGroup = CreateTestUserGroup(); Template template = TemplateBuilder.CreateTextPageTemplate(); FileService.SaveTemplate(template); ContentType contentType = ContentTypeBuilder.CreateSimpleContentType(defaultTemplateId: template.Id); ContentTypeService.Save(contentType); Content parent = ContentBuilder.CreateSimpleContent(contentType); ContentService.Save(parent); Content child1 = ContentBuilder.CreateSimpleContent(contentType, "child1", parent.Id); ContentService.Save(child1); Content child2 = ContentBuilder.CreateSimpleContent(contentType, "child2", child1.Id); ContentService.Save(child2); ContentService.SetPermission(parent, ActionBrowse.ActionLetter, new int[] { userGroup.Id }); ContentService.SetPermission(parent, ActionDelete.ActionLetter, new int[] { userGroup.Id }); ContentService.SetPermission(parent, ActionMove.ActionLetter, new int[] { userGroup.Id }); ContentService.SetPermission(parent, ActionBrowse.ActionLetter, new int[] { userGroup.Id }); ContentService.SetPermission(parent, ActionDelete.ActionLetter, new int[] { userGroup.Id }); // Act EntityPermissionSet permissions = UserService.GetPermissionsForPath(userGroup, child2.Path); // Assert string[] allPermissions = permissions.GetAllPermissions().ToArray(); Assert.AreEqual(3, allPermissions.Length); }
private bool CheckPermissionsPath(string?path, IUser user, IReadOnlyList <char>?permissionsToCheck = null) { if (permissionsToCheck == null) { permissionsToCheck = Array.Empty <char>(); } // get the implicit/inherited permissions for the user for this path, // if there is no content item for this id, than just use the id as the path (i.e. -1 or -20) EntityPermissionSet permission = _userService.GetPermissionsForPath(user, path); var allowed = true; foreach (var p in permissionsToCheck) { if (permission == null || permission.GetAllPermissions().Contains(p.ToString(CultureInfo.InvariantCulture)) == false) { allowed = false; } } return(allowed); }
public void Calculate_Permissions_For_User_For_Path() { // see: http://issues.umbraco.org/issue/U4-10075#comment=67-40085 // for an overview of what this is testing const string path = "-1,1,2,3,4"; int[] pathIds = path.GetIdsFromPathReversed(); const int groupA = 7; const int groupB = 8; const int groupC = 9; var userGroups = new Dictionary <int, string[]> { { groupA, new[] { "S", "D", "F" } }, { groupB, new[] { "S", "D", "G", "K" } }, { groupC, new[] { "F", "G" } } }; EntityPermission[] permissions = new[] { new EntityPermission(groupA, 1, userGroups[groupA], isDefaultPermissions: true), new EntityPermission(groupA, 2, userGroups[groupA], isDefaultPermissions: true), new EntityPermission(groupA, 3, userGroups[groupA], isDefaultPermissions: true), new EntityPermission(groupA, 4, userGroups[groupA], isDefaultPermissions: true), new EntityPermission(groupB, 1, userGroups[groupB], isDefaultPermissions: true), new EntityPermission(groupB, 2, new[] { "F", "R" }, isDefaultPermissions: false), new EntityPermission(groupB, 3, userGroups[groupB], isDefaultPermissions: true), new EntityPermission(groupB, 4, userGroups[groupB], isDefaultPermissions: true), new EntityPermission(groupC, 1, userGroups[groupC], isDefaultPermissions: true), new EntityPermission(groupC, 2, userGroups[groupC], isDefaultPermissions: true), new EntityPermission(groupC, 3, new[] { "Q", "Z" }, isDefaultPermissions: false), new EntityPermission(groupC, 4, userGroups[groupC], isDefaultPermissions: true), }; // Permissions for Id 4 EntityPermissionSet result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds); Assert.AreEqual(4, result.EntityId); string[] allPermissions = result.GetAllPermissions().ToArray(); Assert.AreEqual(6, allPermissions.Length, string.Join(",", allPermissions)); Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "R", "Q", "Z" })); // Permissions for Id 3 result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(1).ToArray()); Assert.AreEqual(3, result.EntityId); allPermissions = result.GetAllPermissions().ToArray(); Assert.AreEqual(6, allPermissions.Length, string.Join(",", allPermissions)); Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "R", "Q", "Z" })); // Permissions for Id 2 result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(2).ToArray()); Assert.AreEqual(2, result.EntityId); allPermissions = result.GetAllPermissions().ToArray(); Assert.AreEqual(5, allPermissions.Length, string.Join(",", allPermissions)); Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "G", "R" })); // Permissions for Id 1 result = UserService.CalculatePermissionsForPathForUser(permissions, pathIds.Skip(3).ToArray()); Assert.AreEqual(1, result.EntityId); allPermissions = result.GetAllPermissions().ToArray(); Assert.AreEqual(5, allPermissions.Length, string.Join(",", allPermissions)); Assert.IsTrue(allPermissions.ContainsAll(new[] { "S", "D", "F", "G", "K" })); }