public SecurityStore(ISecurityEngine engine)
{
Engine = engine;
SecurityIdentities = new SecurityCollection <ISecurityIdentity>().RegisterCollectionNotifyChanged(SecurityIdentitiesChanged);
SecurityItems = new SecurityCollection <ISecurityItem>().RegisterCollectionNotifyChanged(SecurityItemsChanged);
Authorizations = new SecurityCollection <IAuthorization>().RegisterCollectionNotifyChanged(AuthorizationsChanged);
}
public void Operation_Deny_Direct_To_User()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
ISecurityItem operation1 = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation1");
ISecurityItem operation2 = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation2");
ISecurityItem task = engine.Store.AddSecurityItem().AddBagItem(Name, "Task");
task.Children.Add(operation1);
task.Children.Add(operation2);
ISecurityItem hasNoAccessFromUserOperation = engine.Store.AddSecurityItem().AddBagItem(Name, "HasNoAccessFromUserOperation");
ISecurityIdentity user = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user");
engine.Store.AccessAuthorize(user, task);
engine.Store.AccessAuthorize(user, operation1).Deny();
ICheckAccessResult operation1AccessResult = engine.CheckAccess(user, operation1);
ICheckAccessResult operation2AccessResult = engine.CheckAccess(user, operation2);
ICheckAccessResult taskAccessResult = engine.CheckAccess(user, task);
ICheckAccessResult hasNoAccessFromUserOperationAccessResult = engine.CheckAccess(user, hasNoAccessFromUserOperation);
Assert.False(operation1AccessResult.HasAccess());
Assert.True(operation2AccessResult.HasAccess());
Assert.True(taskAccessResult.HasAccess());
Assert.False(hasNoAccessFromUserOperationAccessResult.HasAccess());
}
public void Add_SecurityIdentity()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
TestSecurityStorage securityStorage = new TestSecurityStorage();
engine.Store.AttachToStorage(securityStorage);
engine.Store.AddSecurityIdentity("6B46E638-69B6-4C2B-A1D6-6B3A514FBFDE");
Assert.Contains("6B46E638-69B6-4C2B-A1D6-6B3A514FBFDE", securityStorage.StorageEntities.Keys);
}
public void Add_SecurityItem()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
TestSecurityStorage securityStorage = new TestSecurityStorage();
engine.Store.AttachToStorage(securityStorage);
engine.Store.AddSecurityItem("BD4335A8-D067-429F-B2EE-70DD5E3C214B");
Assert.Contains("BD4335A8-D067-429F-B2EE-70DD5E3C214B", securityStorage.StorageEntities.Keys);
}
public void Add_SecurityIdentity_Bag()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
TestSecurityStorage securityStorage = new TestSecurityStorage();
engine.Store.AttachToStorage(securityStorage);
ISecurityIdentity securityIdentity = engine.Store.AddSecurityIdentity("AC2ECB1E-AFE1-46EA-B9A7-F1593E2C92C6");
securityIdentity.Bag["Name"] = "Test";
Assert.Contains("AC2ECB1E-AFE1-46EA-B9A7-F1593E2C92C6", securityStorage.StorageEntities.Keys);
}
public void Add_SecurityItem_Bag()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
TestSecurityStorage securityStorage = new TestSecurityStorage();
engine.Store.AttachToStorage(securityStorage);
ISecurityItem securityItem = engine.Store.AddSecurityItem("07325155-574E-4D89-B680-C0F1B90569E5");
securityItem.Bag["Name"] = "Test";
Assert.Contains("07325155-574E-4D89-B680-C0F1B90569E5_Name", securityStorage.StorageEntities.Keys);
}
public void Add_SecurityIdentity_Relation()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
TestSecurityStorage securityStorage = new TestSecurityStorage();
engine.Store.AttachToStorage(securityStorage);
ISecurityIdentity parentSecurityIdentity = engine.Store.AddSecurityIdentity("77A018B1-EC20-41F1-951D-549193486D4B");
ISecurityIdentity childSecurityIdentity = engine.Store.AddSecurityIdentity("4B64042A-B5DE-4BDF-8A5D-60112F65275B");
parentSecurityIdentity.Children.Add(childSecurityIdentity);
Assert.Contains("77A018B1-EC20-41F1-951D-549193486D4B_4B64042A-B5DE-4BDF-8A5D-60112F65275B", securityStorage.StorageEntities.Keys);
}
public void Add_SecurityItem_Relation()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
TestSecurityStorage securityStorage = new TestSecurityStorage();
engine.Store.AttachToStorage(securityStorage);
ISecurityItem parentSecurityItem = engine.Store.AddSecurityItem("3F028123-7EDA-42F7-80B9-09A9DE954047");
ISecurityItem childSecurityItem = engine.Store.AddSecurityItem("13F1C233-90DC-4904-9EAA-C1A912D2B0A7");
parentSecurityItem.Children.Add(childSecurityItem);
Assert.Contains("3F028123-7EDA-42F7-80B9-09A9DE954047_13F1C233-90DC-4904-9EAA-C1A912D2B0A7", securityStorage.StorageEntities.Keys);
}
public void Operation_Access_Operation_Direct_To_User()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
ISecurityItem operation = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation");
ISecurityItem hasNoAccessFromUserOperation = engine.Store.AddSecurityItem().AddBagItem(Name, "HasNoAccessFromUserOperation");
ISecurityIdentity user = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user");
engine.Store.AccessAuthorize(user, operation);
ICheckAccessResult operationAccessResult = engine.CheckAccess(user, operation);
ICheckAccessResult hasNoAccessFromUserOperationAccessResult = engine.CheckAccess(user, hasNoAccessFromUserOperation);
Assert.True(operationAccessResult.HasAccess());
Assert.False(hasNoAccessFromUserOperationAccessResult.HasAccess());
}
public void Add_SecurityItem()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine firstEngine = factory.CreateEngine();
using (StorageProvider storageProvider = GetStorageProvider())
{
firstEngine.Store.AttachToStorage(storageProvider.Storage);
ISecurityItem addSecurityItem = firstEngine.Store.AddSecurityItem();
}
ISecurityEngine secondEngine = factory.CreateEngine();
using (StorageProvider storageProvider = GetStorageProvider())
{
secondEngine.Store.AttachToStorage(storageProvider.Storage);
}
}
public void Engine_Instantiate()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
ISecurityItem operation1 = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation1");
ISecurityItem operation2 = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation2");
ISecurityItem task = engine.Store.AddSecurityItem().AddBagItem(Name, "Task");
task.Children.Add(operation1);
task.Children.Add(operation2);
ISecurityIdentity user1 = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user1");
ISecurityIdentity user2 = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user2");
ISecurityIdentity group = engine.Store.AddSecurityIdentity().AddBagItem(Name, "group");
group.Children.Add(user1);
group.Children.Add(user2);
IAccessAuthorization user1ToOperationAccessAuthorization = engine.Store.AccessAuthorize(user1, operation1);
}
public void Operation_Access_To_Group()
{
EngineFactory factory = new EngineFactory();
ISecurityEngine engine = factory.CreateEngine();
ISecurityItem operation = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation");
ISecurityIdentity user1 = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user1");
ISecurityIdentity user2 = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user2");
ISecurityIdentity adminGroup = engine.Store.AddSecurityIdentity().AddBagItem(Name, "adminGroup");
adminGroup.Children.Add(user1);
engine.Store.AccessAuthorize(adminGroup, operation);
ICheckAccessResult user1AccessResult = engine.CheckAccess(user1, operation);
ICheckAccessResult user2AccessResult = engine.CheckAccess(user2, operation);
Assert.True(user1AccessResult.HasAccess());
Assert.False(user2AccessResult.HasAccess());
}
