public void Test_WithPermissionDeniedOnUser()
{
User substitutingUser = CreateUser();
Substitution substitution1 = Substitution.NewObject();
substitution1.SubstitutingUser = substitutingUser;
substitution1.SubstitutedUser = CreateUser();
ISecurityProvider securityProviderStub = MockRepository.GenerateStub <ISecurityProvider> ();
securityProviderStub
.Stub(stub => stub.GetAccess(Arg <SecurityContext> .Is.Anything, Arg <ISecurityPrincipal> .Is.Anything))
.Return(new AccessType[0]);
var serviceLocator = DefaultServiceLocator.Create();
serviceLocator.RegisterSingle(() => securityProviderStub);
serviceLocator.RegisterSingle <IPrincipalProvider> (() => new NullPrincipalProvider());
using (new ServiceLocatorScope(serviceLocator))
{
using (ClientTransaction.Current.CreateSubTransaction().EnterDiscardingScope())
{
ClientTransaction.Current.Extensions.Add(new SecurityClientTransactionExtension());
Assert.That(substitutingUser.GetActiveSubstitutions(), Is.Empty);
}
}
}
public void SearchSubstitutedRoles()
{
var searchServiceStub = MockRepository.GenerateStub <ISearchAvailableObjectsService> ();
var args = MockRepository.GenerateStub <ISearchAvailableObjectsArguments> ();
BusinessObjectProvider.SetProvider(typeof(BindableDomainObjectProviderAttribute), null);
BusinessObjectProvider.GetProvider <BindableDomainObjectProviderAttribute> ().AddService(
typeof(SubstitutionPropertiesSearchService), searchServiceStub);
var substitutionClass = BindableObjectProviderTestHelper.GetBindableObjectClass(typeof(Substitution));
var substitutedRoleProperty = (IBusinessObjectReferenceProperty)substitutionClass.GetPropertyDefinition("SubstitutedRole");
Assert.That(substitutedRoleProperty, Is.Not.Null);
Substitution substitution = Substitution.NewObject();
var expected = new[] { MockRepository.GenerateStub <IBusinessObject> () };
searchServiceStub.Stub(stub => stub.SupportsProperty(substitutedRoleProperty)).Return(true);
searchServiceStub.Stub(stub => stub.Search(substitution, substitutedRoleProperty, args)).Return(expected);
Assert.That(substitutedRoleProperty.SupportsSearchAvailableObjects, Is.True);
var actual = substitutedRoleProperty.SearchAvailableObjects(substitution, args);
Assert.That(actual, Is.SameAs(expected));
}
public void GetDisplayName_WithoutSubstitutedUser()
{
Substitution substitution = Substitution.NewObject();
substitution.SubstitutedUser = null;
Assert.That(substitution.DisplayName, Is.EqualTo("?"));
}
public void Initialize()
{
Substitution substitution = Substitution.NewObject();
Assert.That(substitution.IsEnabled, Is.True);
Assert.That(substitution.BeginDate, Is.Null);
Assert.That(substitution.EndDate, Is.Null);
}
public void GetDisplayName_WithSubstitutedUser()
{
User user = TestHelper.CreateUser("user", "Firstname", "Lastname", "Title", null, null);
Substitution substitution = Substitution.NewObject();
substitution.SubstitutedUser = user;
Assert.That(substitution.DisplayName, Is.EqualTo("Lastname Firstname, Title"));
}
public void Search_WithSubstitutionHasNoSubstitutedUser()
{
Substitution substitution = Substitution.NewObject();
substitution.SubstitutingUser = _user;
IBusinessObject[] actualRoles = _searchService.Search(substitution, _substitutedRoleProperty, new DefaultSearchArguments(null));
Assert.That(actualRoles, Is.Empty);
}
public void CascadeToSubstitution_FromSubstitutedUser()
{
User substitutedUser = TestHelper.CreateUser("user", null, "Lastname", null, null, null);
Substitution substitution = Substitution.NewObject();
substitution.SubstitutedUser = substitutedUser;
substitutedUser.Delete();
Assert.That(substitution.State, Is.EqualTo(StateType.Invalid));
}
private Substitution CreateSubstitution()
{
var tenant = _testHelper.CreateTenant("TheTenant", "UID");
var group = _testHelper.CreateGroup("TheGroup", null, tenant);
var user = _testHelper.CreateUser("UserName", "FN", "LN", null, group, tenant);
var substituton = Substitution.NewObject();
substituton.SubstitutedUser = user;
substituton.SubstitutingUser = _testHelper.CreateUser("SubstitutingUser", "SFN", "SLN", null, group, tenant);
return(substituton);
}
public void GetDisplayName_WithoutSubstitutedUserAndWithSubstitutedRole()
{
Group roleGroup = TestHelper.CreateGroup("RoleGroup", Guid.NewGuid().ToString(), null, null);
User user = TestHelper.CreateUser("user", "Firstname", "Lastname", "Title", null, null);
Position position = TestHelper.CreatePosition("Position");
Role role = TestHelper.CreateRole(user, roleGroup, position);
Substitution substitution = Substitution.NewObject();
substitution.SubstitutedRole = role;
Assert.That(substitution.DisplayName, Is.EqualTo("? (Position / RoleGroup)"));
}
public void Search()
{
DomainObjectCollection expectedRoles = _user.Roles;
Assert.That(expectedRoles, Is.Not.Empty);
Substitution substitution = Substitution.NewObject();
substitution.SubstitutedUser = _user;
IBusinessObject[] actualRoles = _searchService.Search(substitution, _substitutedRoleProperty, new DefaultSearchArguments(null));
Assert.That(actualRoles, Is.EquivalentTo(expectedRoles));
}
public override void SetUp()
{
base.SetUp();
var tenant = TestHelper.CreateTenant("TestTenant", "UID: testTenant");
var userGroup = TestHelper.CreateGroup("UserGroup", Guid.NewGuid().ToString(), null, tenant);
_substitutedUser = TestHelper.CreateUser("user", "Firstname", "Lastname", "Title", userGroup, tenant);
var substitutingUser = TestHelper.CreateUser("substitutingUser", "Firstname", "Lastname", "Title", userGroup, tenant);
_substitution = Substitution.NewObject();
_substitution.SubstitutedUser = _substitutedUser;
_substitution.SubstitutingUser = substitutingUser;
ClientTransaction.Current.CreateSubTransaction().EnterDiscardingScope();
}
public void CascadeToSubstitution()
{
Tenant tenant = TestHelper.CreateTenant("TestTenant", "UID: testTenant");
Group userGroup = TestHelper.CreateGroup("UserGroup", Guid.NewGuid().ToString(), null, tenant);
Group roleGroup = TestHelper.CreateGroup("RoleGroup", Guid.NewGuid().ToString(), null, tenant);
User user = TestHelper.CreateUser("user", "Firstname", "Lastname", "Title", userGroup, tenant);
Position position = TestHelper.CreatePosition("Position");
Role role = TestHelper.CreateRole(user, roleGroup, position);
Substitution substitution = Substitution.NewObject();
substitution.SubstitutedRole = role;
role.Delete();
Assert.That(substitution.State, Is.EqualTo(StateType.Invalid));
}
public void Test()
{
User substitutingUser = CreateUser();
Substitution enabledSubstitution1 = Substitution.NewObject();
enabledSubstitution1.SubstitutingUser = substitutingUser;
enabledSubstitution1.SubstitutedUser = CreateUser();
Substitution disabledFromFlagSubstitution = Substitution.NewObject();
disabledFromFlagSubstitution.SubstitutingUser = substitutingUser;
disabledFromFlagSubstitution.SubstitutedUser = CreateUser();
disabledFromFlagSubstitution.IsEnabled = false;
Substitution disabledFromDateSubstitution = Substitution.NewObject();
disabledFromDateSubstitution.SubstitutingUser = substitutingUser;
disabledFromDateSubstitution.SubstitutedUser = CreateUser();
disabledFromDateSubstitution.BeginDate = DateTime.Today.AddDays(1);
Substitution changedSubstitution = Substitution.NewObject();
changedSubstitution.SubstitutedUser = CreateUser();
changedSubstitution.IsEnabled = true;
Substitution enabledSubstitution2 = Substitution.NewObject();
enabledSubstitution2.SubstitutingUser = substitutingUser;
enabledSubstitution2.SubstitutedUser = CreateUser();
using (ClientTransaction.Current.CreateSubTransaction().EnterDiscardingScope())
{
changedSubstitution.SubstitutingUser = substitutingUser;
Assert.That(substitutingUser.GetActiveSubstitutions(), Is.EquivalentTo(new[] { enabledSubstitution1, enabledSubstitution2 }));
}
}
/// <summary>
/// Inits security manager database with users, groups, roles, group types, position, etc for 2 tenants.
/// Use to catch sideffect due to incorrect tenant domain seperation.
/// Caution: DB setup is performance critical. Avoid if possible.
/// </summary>
/// <returns>The tenant to use in the test.</returns>
public Tenant CreateAndCommitOrganizationalStructureWithTwoTenants(ClientTransaction transaction)
{
CreateEmptyDomain();
using (transaction.EnterNonDiscardingScope())
{
AbstractRoleDefinition qualityManagerRole = AbstractRoleDefinition.NewObject(
Guid.NewGuid(),
"QualityManager|Remotion.SecurityManager.UnitTests.TestDomain.ProjectRoles, Remotion.SecurityManager.UnitTests",
0);
qualityManagerRole.Index = 1;
AbstractRoleDefinition developerRole = AbstractRoleDefinition.NewObject(
Guid.NewGuid(),
"Developer|Remotion.SecurityManager.UnitTests.TestDomain.ProjectRoles, Remotion.SecurityManager.UnitTests",
1);
developerRole.Index = 0;
Position globalPosition = CreatePosition("Global");
globalPosition.Delegation = Delegation.Enabled;
globalPosition.UniqueIdentifier = "UID: Global";
Position officialPosition = CreatePosition("Official");
officialPosition.UniqueIdentifier = "UID: Official";
officialPosition.Delegation = Delegation.Enabled;
Position managerPosition = CreatePosition("Manager");
managerPosition.Delegation = Delegation.Disabled;
managerPosition.UniqueIdentifier = "UID: Manager";
GroupType groupType1 = CreateGroupType("groupType 1");
GroupType groupType2 = CreateGroupType("groupType 2");
GroupTypePosition groupType1_managerPosition = GroupTypePosition.NewObject();
groupType1_managerPosition.GroupType = groupType1;
groupType1_managerPosition.Position = managerPosition;
GroupTypePosition groupType1_officialPosition = GroupTypePosition.NewObject();
groupType1_officialPosition.GroupType = groupType1;
groupType1_officialPosition.Position = officialPosition;
GroupTypePosition groupType2_officialPosition = GroupTypePosition.NewObject();
groupType2_officialPosition.GroupType = groupType2;
groupType2_officialPosition.Position = officialPosition;
Tenant tenant1 = CreateTenant("TestTenant");
tenant1.UniqueIdentifier = "UID: testTenant";
Group rootGroup = CreateGroup("rootGroup", "RG", "UID: rootGroup", null, tenant1);
for (int i = 0; i < 2; i++)
{
Group parentGroup = CreateGroup(
string.Format("parentGroup{0}", i),
string.Format("PG{0}", i),
string.Format("UID: parentGroup{0}", i),
rootGroup,
tenant1);
parentGroup.GroupType = groupType1;
Group group = CreateGroup(
string.Format("group{0}", i),
string.Format("G{0}", i),
string.Format("UID: group{0}", i),
parentGroup,
tenant1);
group.GroupType = groupType2;
User user1 = CreateUser(string.Format("group{0}/user1", i), string.Empty, "user1", string.Empty, group, tenant1);
User user2 = CreateUser(string.Format("group{0}/user2", i), string.Empty, "user2", string.Empty, group, tenant1);
CreateRole(user1, parentGroup, managerPosition);
CreateRole(user2, parentGroup, officialPosition);
}
Group testRootGroup = CreateGroup("testRootGroup", null, "UID: testRootGroup", null, tenant1);
Group testParentOfOwningGroup = CreateGroup("testParentOfOwningGroup", null, "UID: testParentOfOwningGroup", testRootGroup, tenant1);
Group testOwningGroup = CreateGroup("testOwningGroup", null, "UID: testOwningGroup", testParentOfOwningGroup, tenant1);
Group testGroup = CreateGroup("testGroup", null, "UID: testGroup", null, tenant1);
User testUser = CreateUser("test.user", "test", "user", "Dipl.Ing.(FH)", testOwningGroup, tenant1);
Role officialRole = CreateRole(testUser, testGroup, officialPosition);
Role managerRole = CreateRole(testUser, testGroup, managerPosition);
CreateRole(testUser, testOwningGroup, managerPosition);
CreateRole(testUser, testRootGroup, officialPosition);
User substitutingUser = CreateUser("substituting.user", null, "substitute", null, testRootGroup, tenant1);
CreateRole(substitutingUser, testOwningGroup, managerPosition);
CreateRole(substitutingUser, testRootGroup, officialPosition);
Substitution enabledUserSubstitution = Substitution.NewObject();
enabledUserSubstitution.SubstitutingUser = substitutingUser;
enabledUserSubstitution.SubstitutedUser = testUser;
Substitution enabledRoleSubstitution = Substitution.NewObject();
enabledRoleSubstitution.SubstitutingUser = substitutingUser;
enabledRoleSubstitution.SubstitutedUser = testUser;
enabledRoleSubstitution.SubstitutedRole = officialRole;
Substitution disabledRoleSubstitution = Substitution.NewObject();
disabledRoleSubstitution.SubstitutingUser = substitutingUser;
disabledRoleSubstitution.SubstitutedUser = testUser;
disabledRoleSubstitution.SubstitutedRole = managerRole;
disabledRoleSubstitution.IsEnabled = false;
Tenant tenant2 = CreateTenant("Tenant 2");
Group groupTenant2 = CreateGroup("Group Tenant 2", "GT2", "UID: group Tenant 2", null, tenant2);
User userTenant2 = CreateUser("User.Tenant2", "User", "Tenant 2", string.Empty, groupTenant2, tenant2);
Substitution userTenant2Substitution = Substitution.NewObject();
userTenant2Substitution.SubstitutingUser = userTenant2;
userTenant2Substitution.SubstitutedUser = testUser;
ClientTransactionScope.CurrentTransaction.Commit();
return(tenant1);
}
}
public override void SetUp()
{
base.SetUp();
_substitution = Substitution.NewObject();
}
public void DoesNotImplementISecurableObject()
{
Substitution substitution = Substitution.NewObject();
Assert.That(substitution, Is.Not.InstanceOf <ISecurableObject>());
}