public void TestEnforceExApi() { var e = new Enforcer(_testModelFixture.GetBasicTestModel()); TestEnforceEx(e, "alice", "data1", "read", new List <string> { "alice", "data1", "read" }); TestEnforceEx(e, "alice", "data1", "write", new List <string>()); TestEnforceEx(e, "alice", "data2", "read", new List <string>()); TestEnforceEx(e, "alice", "data2", "write", new List <string>()); TestEnforceEx(e, "bob", "data1", "read", new List <string>()); TestEnforceEx(e, "bob", "data1", "write", new List <string>()); TestEnforceEx(e, "bob", "data2", "read", new List <string>()); TestEnforceEx(e, "bob", "data2", "write", new List <string> { "bob", "data2", "write" }); e = new Enforcer(_testModelFixture.GetNewRbacTestModel()); TestEnforceEx(e, "alice", "data1", "read", new List <string> { "alice", "data1", "read" }); TestEnforceEx(e, "alice", "data1", "write", new List <string>()); TestEnforceEx(e, "alice", "data2", "read", new List <string> { "data2_admin", "data2", "read" }); TestEnforceEx(e, "alice", "data2", "write", new List <string> { "data2_admin", "data2", "write" }); TestEnforceEx(e, "bob", "data1", "read", new List <string>()); TestEnforceEx(e, "bob", "data1", "write", new List <string>()); TestEnforceEx(e, "bob", "data2", "read", new List <string>()); TestEnforceEx(e, "bob", "data2", "write", new List <string> { "bob", "data2", "write" }); e = new Enforcer(_testModelFixture.GetNewPriorityTestModel()); e.BuildRoleLinks(); TestEnforceEx(e, "alice", "data1", "read", new List <string> { "alice", "data1", "read", "allow" }); TestEnforceEx(e, "alice", "data1", "write", new List <string> { "data1_deny_group", "data1", "write", "deny" }); TestEnforceEx(e, "alice", "data2", "read", new List <string>()); TestEnforceEx(e, "alice", "data2", "write", new List <string>()); TestEnforceEx(e, "bob", "data1", "write", new List <string>()); TestEnforceEx(e, "bob", "data2", "read", new List <string> { "data2_allow_group", "data2", "read", "allow" }); TestEnforceEx(e, "bob", "data2", "write", new List <string> { "bob", "data2", "write", "deny" }); }
public void TestRbacModel() { var e = new Enforcer(_testModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); TestEnforce(e, "alice", "data1", "read", true); TestEnforce(e, "alice", "data1", "write", false); TestEnforce(e, "alice", "data2", "read", true); TestEnforce(e, "alice", "data2", "write", true); TestEnforce(e, "bob", "data1", "read", false); TestEnforce(e, "bob", "data1", "write", false); TestEnforce(e, "bob", "data2", "read", false); TestEnforce(e, "bob", "data2", "write", true); }
public void TestGetPolicyApi() { var e = new Enforcer(_testModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); TestGetPolicy(e, AsList( AsList("alice", "data1", "read"), AsList("bob", "data2", "write"), AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write"))); TestGetFilteredPolicy(e, 0, AsList(AsList("alice", "data1", "read")), "alice"); TestGetFilteredPolicy(e, 0, AsList(AsList("bob", "data2", "write")), "bob"); TestGetFilteredPolicy(e, 0, AsList(AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")), "data2_admin"); TestGetFilteredPolicy(e, 1, AsList(AsList("alice", "data1", "read")), "data1"); TestGetFilteredPolicy(e, 1, AsList(AsList("bob", "data2", "write"), AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")), "data2"); TestGetFilteredPolicy(e, 2, AsList(AsList("alice", "data1", "read"), AsList("data2_admin", "data2", "read")), "read"); TestGetFilteredPolicy(e, 2, AsList(AsList("bob", "data2", "write"), AsList("data2_admin", "data2", "write")), "write"); TestGetFilteredPolicy(e, 0, AsList(AsList("data2_admin", "data2", "read"), AsList("data2_admin", "data2", "write")), "data2_admin", "data2"); // Note: "" (empty string) in fieldValues means matching all values. TestGetFilteredPolicy(e, 0, AsList(AsList("data2_admin", "data2", "read")), "data2_admin", "", "read"); TestGetFilteredPolicy(e, 1, AsList(AsList("bob", "data2", "write"), AsList("data2_admin", "data2", "write")), "data2", "write"); TestHasPolicy(e, AsList("alice", "data1", "read"), true); TestHasPolicy(e, AsList("bob", "data2", "write"), true); TestHasPolicy(e, AsList("alice", "data2", "read"), false); TestHasPolicy(e, AsList("bob", "data3", "write"), false); TestGetGroupingPolicy(e, AsList(AsList("alice", "data2_admin"))); TestGetFilteredGroupingPolicy(e, 0, AsList(AsList("alice", "data2_admin")), "alice"); TestGetFilteredGroupingPolicy(e, 0, new List <List <string> >(), "bob"); TestGetFilteredGroupingPolicy(e, 1, new List <List <string> >(), "data1_admin"); TestGetFilteredGroupingPolicy(e, 1, AsList(AsList("alice", "data2_admin")), "data2_admin"); // Note: "" (empty string) in fieldValues means matching all values. TestGetFilteredGroupingPolicy(e, 0, AsList(AsList("alice", "data2_admin")), "", "data2_admin"); TestHasGroupingPolicy(e, AsList("alice", "data2_admin"), true); TestHasGroupingPolicy(e, AsList("bob", "data2_admin"), false); }
public void ShouldUpdate() { var sampleWatcher = new SampleWatcher(); Assert.False(sampleWatcher.Called); var enforcer = new Enforcer(_testModelFixture.GetNewRbacTestModel(), new DefaultFileAdapter(TestModelFixture.GetTestFile("rbac_policy_for_watcher_test.csv"))); enforcer.SetWatcher(sampleWatcher, false); enforcer.SavePolicy(); Assert.True(sampleWatcher.Called); }
public void TestRoleApi() { var e = new Enforcer(_testModelFixture.GetNewRbacTestModel()); e.BuildRoleLinks(); TestGetRoles(e, "alice", AsList("data2_admin")); TestGetRoles(e, "bob", AsList()); TestGetRoles(e, "data2_admin", AsList()); TestGetRoles(e, "non_exist", AsList()); TestHasRole(e, "alice", "data1_admin", false); TestHasRole(e, "alice", "data2_admin", true); e.AddRoleForUser("alice", "data1_admin"); TestGetRoles(e, "alice", AsList("data1_admin", "data2_admin")); TestGetRoles(e, "bob", AsList()); TestGetRoles(e, "data2_admin", AsList()); e.DeleteRoleForUser("alice", "data1_admin"); TestGetRoles(e, "alice", AsList("data2_admin")); TestGetRoles(e, "bob", AsList()); TestGetRoles(e, "data2_admin", AsList()); e.DeleteRolesForUser("alice"); TestGetRoles(e, "alice", AsList()); TestGetRoles(e, "bob", AsList()); TestGetRoles(e, "data2_admin", AsList()); e.AddRoleForUser("alice", "data1_admin"); e.DeleteUser("alice"); TestGetRoles(e, "alice", AsList()); TestGetRoles(e, "bob", AsList()); TestGetRoles(e, "data2_admin", AsList()); e.AddRoleForUser("alice", "data2_admin"); TestEnforce(e, "alice", "data1", "read", false); TestEnforce(e, "alice", "data1", "write", false); TestEnforce(e, "alice", "data2", "read", true); TestEnforce(e, "alice", "data2", "write", true); TestEnforce(e, "bob", "data1", "read", false); TestEnforce(e, "bob", "data1", "write", false); TestEnforce(e, "bob", "data2", "read", false); TestEnforce(e, "bob", "data2", "write", true); e.DeleteRole("data2_admin"); TestEnforce(e, "alice", "data1", "read", false); TestEnforce(e, "alice", "data1", "write", false); TestEnforce(e, "alice", "data2", "read", false); TestEnforce(e, "alice", "data2", "write", false); TestEnforce(e, "bob", "data1", "read", false); TestEnforce(e, "bob", "data1", "write", false); TestEnforce(e, "bob", "data2", "read", false); TestEnforce(e, "bob", "data2", "write", true); }