public void GetAzManagerObjectAcl() { AzManager azMan = new AzManager(Domain.RoleProvider, Domain.PermissionProvider); AzManager.AzManagerAcl acl = null; var c1 = new Class1(1); var c2 = new Class1(2); var sop = new Class1SecurityProvider(); var c1Id = new SecurityObjectId(c1.Id, typeof(Class1)); var c2Id = new SecurityObjectId(c2.Id, typeof(Class1)); Domain.PermissionProvider.SetObjectAcesInheritance(c1Id, false); Domain.PermissionProvider.SetObjectAcesInheritance(c2Id, false); Domain.PermissionProvider.AddAce(Constants.Owner, Domain.actionAddUser, c1Id, AceType.Allow); acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c1Id, sop); Assert.IsTrue(acl.IsAllow); acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop); Assert.IsFalse(acl.IsAllow); acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c1Id, sop); Assert.IsFalse(acl.IsAllow); acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c2Id, sop); Assert.IsFalse(acl.IsAllow); Domain.PermissionProvider.SetObjectAcesInheritance(c2Id, true); acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop); Assert.IsTrue(acl.IsAllow); acl = azMan.GetAzManagerAcl(Domain.accountAnton, Domain.actionAddUser, c1Id, sop); Assert.IsFalse(acl.IsAllow); Domain.PermissionProvider.SetObjectAcesInheritance(c1Id, true); acl = azMan.GetAzManagerAcl(Domain.accountNik, Domain.actionAddUser, c2Id, sop); Assert.IsTrue(acl.IsAllow); acl = azMan.GetAzManagerAcl(Domain.accountLev, Domain.actionAddUser, c2Id, sop); Assert.IsFalse(acl.IsAllow); }