public void GetAzManagerObjectAcl()
{
AzManager azMan = new AzManager(Domain.RoleProvider, Domain.PermissionProvider);
AzManager.AzManagerAcl acl = null;
var c1 = new Class1(1);
var c2 = new Class1(2);
var sop = new Class1SecurityProvider();
var c1Id = new SecurityObjectId(c1.Id, typeof(Class1));
var c2Id = new SecurityObjectId(c2.Id, typeof(Class1));
Domain.PermissionProvider.SetObjectAcesInheritance(c1Id, false);
Domain.PermissionProvider.SetObjectAcesInheritance(c2Id, false);
Domain.PermissionProvider.AddAce(Constants.Owner, Domain.actionAddUser, c1Id, AceType.Allow);
acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c1Id, sop);
Assert.IsTrue(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop);
Assert.IsFalse(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c1Id, sop);
Assert.IsFalse(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c2Id, sop);
Assert.IsFalse(acl.IsAllow);
Domain.PermissionProvider.SetObjectAcesInheritance(c2Id, true);
acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop);
Assert.IsTrue(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c1Id, sop);
Assert.IsFalse(acl.IsAllow);
Domain.PermissionProvider.SetObjectAcesInheritance(c1Id, true);
acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop);
Assert.IsTrue(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountLev, Domain.actionAddUser, c2Id, sop);
Assert.IsFalse(acl.IsAllow);
}
public void GetAzManagerObjectAcl()
{
AzManager azMan = new AzManager(Domain.RoleProvider, Domain.PermissionProvider);
AzManager.AzManagerAcl acl = null;
var c1 = new Class1(1);
var c2 = new Class1(2);
var sop = new Class1SecurityProvider();
var c1Id = new SecurityObjectId(c1.Id, typeof(Class1));
var c2Id = new SecurityObjectId(c2.Id, typeof(Class1));
Domain.PermissionProvider.SetObjectAcesInheritance(c1Id, false);
Domain.PermissionProvider.SetObjectAcesInheritance(c2Id, false);
Domain.PermissionProvider.AddAce(Constants.Owner, Domain.actionAddUser, c1Id, AceType.Allow);
acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c1Id, sop);
Assert.IsTrue(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop);
Assert.IsFalse(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c1Id, sop);
Assert.IsFalse(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c2Id, sop);
Assert.IsFalse(acl.IsAllow);
Domain.PermissionProvider.SetObjectAcesInheritance(c2Id, true);
acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop);
Assert.IsTrue(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c1Id, sop);
Assert.IsFalse(acl.IsAllow);
Domain.PermissionProvider.SetObjectAcesInheritance(c1Id, true);
acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop);
Assert.IsTrue(acl.IsAllow);
acl = azMan.GetAzManagerAcl(Domain.accountLev, Domain.actionAddUser, c2Id, sop);
Assert.IsFalse(acl.IsAllow);
}
