public void Test_ManySide_RecursiveSecurity_ChecksAccessOnNestedCall()
{
SecurableObject securableObject = _testHelper.CreateSecurableObject();
SecurableObject otherObject = _testHelper.CreateSecurableObject();
_testHelper.Transaction.ExecuteInScope(() => securableObject.OtherChildren.Add(_testHelper.CreateSecurableObject()));
var setMethodInformation = MethodInfoAdapter.Create(typeof(SecurableObject).GetProperty("Children").GetGetMethod());
var securableEndPointDefintion = securableObject.ID.ClassDefinition.GetRelationEndPointDefinition(typeof(SecurableObject).FullName + ".Children");
_testHelper.ExpectPermissionReflectorGetRequiredMethodPermissions(setMethodInformation, TestAccessTypes.First);
_testHelper.ExpectPermissionReflectorGetRequiredMethodPermissions(setMethodInformation, TestAccessTypes.First);
HasAccessDelegate hasAccess = delegate
{
_extension.RelationReading(_testHelper.Transaction, otherObject, securableEndPointDefintion, ValueAccess.Current);
return(true);
};
_testHelper.ExpectObjectSecurityStrategyHasAccess(securableObject, TestAccessTypes.First, hasAccess);
_testHelper.ExpectObjectSecurityStrategyHasAccess(otherObject, TestAccessTypes.First, true);
_testHelper.ReplayAll();
_extension.RelationReading(_testHelper.Transaction, securableObject, securableEndPointDefintion, ValueAccess.Current);
_testHelper.VerifyAll();
}
public void Test_RecursiveSecurity_ChecksAccessOnNestedCall()
{
SecurableObject allowedObject = _testHelper.CreateSecurableObject();
SecurableObject deniedObject = _testHelper.CreateSecurableObject();
IQuery nestedQuery = _testHelper.CreateSecurableObjectQuery();
var nestedQueryResult = new QueryResult <DomainObject> (nestedQuery, new DomainObject[] { allowedObject, deniedObject });
HasAccessDelegate hasAccess = delegate
{
var filteredResult = _extension.FilterQueryResult(_testHelper.Transaction, nestedQueryResult);
Assert.That(filteredResult.ToArray(), Is.EqualTo(new[] { allowedObject }));
return(true);
};
_testHelper.ExpectObjectSecurityStrategyHasAccess(allowedObject, GeneralAccessTypes.Find, true);
_testHelper.ExpectObjectSecurityStrategyHasAccess(deniedObject, GeneralAccessTypes.Find, false);
SecurableObject securableObject = _testHelper.CreateSecurableObject();
IQuery query = _testHelper.CreateSecurableObjectQuery();
var queryResult = new QueryResult <DomainObject> (query, new DomainObject[] { securableObject });
_testHelper.ExpectObjectSecurityStrategyHasAccess(securableObject, GeneralAccessTypes.Find, hasAccess);
_testHelper.ReplayAll();
var finalResult = _extension.FilterQueryResult(_testHelper.Transaction, queryResult);
_testHelper.VerifyAll();
Assert.That(finalResult.ToArray(), Is.EqualTo(new[] { securableObject }));
}
public void Test_RecursiveSecurity_ChecksAccessOnNestedCall()
{
SecurableObject securableObject = _testHelper.CreateSecurableObject();
SecurableObject otherObject = _testHelper.CreateSecurableObject();
_testHelper.Transaction.Commit();
HasAccessDelegate hasAccess = delegate
{
_extension.ObjectDeleting(_testHelper.Transaction, otherObject);
return(true);
};
_testHelper.ExpectObjectSecurityStrategyHasAccess(securableObject, GeneralAccessTypes.Delete, hasAccess);
_testHelper.ExpectObjectSecurityStrategyHasAccess(otherObject, GeneralAccessTypes.Delete, true);
_testHelper.ReplayAll();
_extension.ObjectDeleting(_testHelper.Transaction, securableObject);
_testHelper.VerifyAll();
}
public void Test_RecursiveSecurity_ChecksAccessOnNestedCall()
{
SecurableObject securableObject = _testHelper.CreateSecurableObject();
SecurableObject otherObject = _testHelper.CreateSecurableObject();
_testHelper.ExpectPermissionReflectorGetRequiredMethodPermissions(_getMethodInformation, TestAccessTypes.First);
_testHelper.ExpectPermissionReflectorGetRequiredMethodPermissions(_getMethodInformation, TestAccessTypes.First);
HasAccessDelegate hasAccess = delegate
{
_extension.PropertyValueReading(_testHelper.Transaction, otherObject, _stringPropertyDefinition, ValueAccess.Current);
return(true);
};
_testHelper.ExpectObjectSecurityStrategyHasAccess(securableObject, TestAccessTypes.First, hasAccess);
_testHelper.ExpectObjectSecurityStrategyHasAccess(otherObject, TestAccessTypes.First, true);
_testHelper.ReplayAll();
_extension.PropertyValueReading(_testHelper.Transaction, securableObject, _stringPropertyDefinition, ValueAccess.Current);
_testHelper.VerifyAll();
}
public void Test_OneSide_RecursiveSecurity_ChecksAccessOnNestedCall()
{
SecurableObject securableObject = _testHelper.CreateSecurableObject();
SecurableObject newObject = _testHelper.CreateSecurableObject();
_testHelper.Transaction.ExecuteInScope(() => securableObject.OtherParent = _testHelper.CreateSecurableObject());
_testHelper.ExpectPermissionReflectorGetRequiredMethodPermissions(_setMethodInformation, TestAccessTypes.First);
var endPointDefinition = securableObject.ID.ClassDefinition.GetRelationEndPointDefinition(typeof(SecurableObject).FullName + ".Parent");
HasAccessDelegate hasAccess = delegate
{
securableObject.OtherParent = newObject;
return(true);
};
_testHelper.ExpectObjectSecurityStrategyHasAccess(securableObject, TestAccessTypes.First, hasAccess);
_testHelper.ReplayAll();
_extension.RelationChanging(_testHelper.Transaction, securableObject, endPointDefinition, null, null);
_testHelper.VerifyAll();
}
public void ExpectObjectSecurityStrategyHasAccess(SecurableObject securableObject, Enum accessTypeEnum, HasAccessDelegate doDelegate)
{
IObjectSecurityStrategy objectSecurityStrategy = securableObject.GetSecurityStrategy();
Expect.Call(
objectSecurityStrategy.HasAccess(
Arg.Is(_mockSecurityProvider),
Arg.Is(_stubUser),
Arg <IReadOnlyList <AccessType> > .List.Equal(new[] { AccessType.Get(accessTypeEnum) })))
.WhenCalled(mi => CheckTransaction())
.Do(doDelegate);
}