public async Task Evaluate_NonCompliantPackage_CreatesErrorResult(Package nonCompliantPackage)
{
// Arrange
var subscription = new MicrosoftTeamSubscription();
var policyHandler = new RequirePackageMetadataCompliancePolicy();
var nugetUser = new User("NuGet");
var newPackageRegistration = new PackageRegistration {
Id = "NewPackageId", Owners = new List <User> {
nugetUser
}
};
var context = CreateTestContext(
true,
subscription.Policies,
nonCompliantPackage,
packageRegistrationAlreadyExists: false,
sourceAccount: nugetUser,
targetAccount: nugetUser);
// Act
var result = await policyHandler.EvaluateAsync(context);
// Assert
Assert.False(result.Success);
Assert.Null(newPackageRegistration.Owners.SingleOrDefault(u => u.Username == MicrosoftTeamSubscription.MicrosoftUsername));
Assert.False(newPackageRegistration.IsVerified);
}
public async Task Evaluate_CompliantPackage_AddsRequiredCoOwner()
{
// Arrange
var subscription = new MicrosoftTeamSubscription();
var policyHandler = new RequirePackageMetadataCompliancePolicy();
var nugetUser = new User("NuGet");
var newPackageRegistration = new PackageRegistration {
Id = "NewPackageId", Owners = new List <User> {
nugetUser
}
};
var newMicrosoftCompliantPackage = Fakes.CreateCompliantPackage("1.0", newPackageRegistration);
var packageOwnershipManagementService = new Mock <IPackageOwnershipManagementService>();
packageOwnershipManagementService.Setup(m => m.AddPackageOwnerAsync(newPackageRegistration, It.IsAny <User>(), false)).Returns(Task.CompletedTask);
var context = CreateTestContext(
true,
subscription.Policies,
newMicrosoftCompliantPackage,
packageRegistrationAlreadyExists: false,
packageOwnershipManagementService: packageOwnershipManagementService.Object,
sourceAccount: nugetUser,
targetAccount: nugetUser);
// Act
var result = await policyHandler.EvaluateAsync(context);
// Assert
Assert.True(result.Success);
packageOwnershipManagementService.Verify(s => s.AddPackageOwnerAsync(newPackageRegistration, Fakes.RequiredCoOwner, false), Times.Once);
}
public SecurityPolicyService(
IEntitiesContext entitiesContext,
IAuditingService auditing,
IDiagnosticsService diagnostics,
IAppConfiguration configuration,
Lazy <IUserService> userService,
Lazy <IPackageOwnershipManagementService> packageOwnershipManagementService,
ITelemetryService telemetryService,
MicrosoftTeamSubscription microsoftTeamSubscription = null)
{
EntitiesContext = entitiesContext ?? throw new ArgumentNullException(nameof(entitiesContext));
Auditing = auditing ?? throw new ArgumentNullException(nameof(auditing));
if (diagnostics == null)
{
throw new ArgumentNullException(nameof(diagnostics));
}
Diagnostics = diagnostics.SafeGetSource(nameof(SecurityPolicyService));
Configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
DefaultSubscription = new DefaultSubscription();
MicrosoftTeamSubscription = microsoftTeamSubscription;
_packageOwnershipManagementService = packageOwnershipManagementService ?? throw new ArgumentNullException(nameof(packageOwnershipManagementService));
_userService = userService ?? throw new ArgumentNullException(nameof(userService));
_telemetryService = telemetryService ?? throw new ArgumentNullException(nameof(telemetryService));
}
public async Task Evaluate_SilentlySucceedsWhenRequiredCoOwnerDoesNotExist()
{
// Arrange
var subscription = new MicrosoftTeamSubscription();
var policyHandler = new RequirePackageMetadataCompliancePolicy();
var fakes = new Fakes();
var context = CreateTestContext(false, subscription.Policies, fakes.NewPackageVersion, packageRegistrationAlreadyExists: false);
// Act
var result = await policyHandler.EvaluateAsync(context);
// Assert
Assert.Equal(SecurityPolicyResult.SuccessResult, result);
}
private TestSecurityPolicyService CreateSecurityPolicyService()
{
var auditing = new Mock <IAuditingService>();
auditing.Setup(s => s.SaveAuditRecordAsync(It.IsAny <AuditRecord>())).Returns(Task.CompletedTask).Verifiable();
var subscription = new MicrosoftTeamSubscription();
var service = new TestSecurityPolicyService(
mockAuditing: auditing,
userSubscriptions: new[] { subscription },
organizationSubscriptions: new[] { subscription });
return(service);
}
public async Task Evaluate_DoesNotCommitChangesToEntityContext()
{
// Arrange
var subscription = new MicrosoftTeamSubscription();
var policyHandler = new RequirePackageMetadataCompliancePolicy();
var nugetUser = new User("NuGet");
var newPackageRegistration = new PackageRegistration {
Id = "NewPackageId", Owners = new List <User> {
nugetUser
}
};
var newMicrosoftCompliantPackage = Fakes.CreateCompliantPackage("1.0", newPackageRegistration);
var packageOwnershipManagementService = new Mock <IPackageOwnershipManagementService>(MockBehavior.Strict);
packageOwnershipManagementService
.Setup(m => m.AddPackageOwnerAsync(newPackageRegistration, It.IsAny <User>(), false /* commitChanges: false */))
.Returns(Task.CompletedTask)
.Verifiable();
var userService = new Mock <IUserService>(MockBehavior.Strict);
userService
.Setup(m => m.FindByUsername(MicrosoftTeamSubscription.MicrosoftUsername, It.IsAny <bool>()))
.Returns(Fakes.RequiredCoOwner)
.Verifiable();
var telemetryService = new Mock <ITelemetryService>().Object;
var context = new PackageSecurityPolicyEvaluationContext(
userService.Object,
packageOwnershipManagementService.Object,
telemetryService,
subscription.Policies,
newMicrosoftCompliantPackage,
sourceAccount: nugetUser,
targetAccount: nugetUser,
httpContext: It.IsAny <HttpContextBase>());
// Act
var result = await policyHandler.EvaluateAsync(context);
// Assert
packageOwnershipManagementService.VerifyAll();
userService.VerifyAll();
}
public async Task Evaluate_CompliantPackage_CreatesWarningResultWhenPrefixReservationForNewIdIsMissing()
{
// Arrange
var subscription = new MicrosoftTeamSubscription();
var policyHandler = new RequirePackageMetadataCompliancePolicy();
var nugetUser = new User("NuGet");
var newPackageRegistration = new PackageRegistration {
Id = "NewPackageId", Owners = new List <User> {
nugetUser
}
};
var newMicrosoftCompliantPackage = Fakes.CreateCompliantPackage("1.0", newPackageRegistration);
var packageOwnershipManagementService = new Mock <IPackageOwnershipManagementService>();
packageOwnershipManagementService.Setup(m => m.AddPackageOwnerAsync(newPackageRegistration, It.IsAny <User>(), false)).Returns(Task.CompletedTask);
var context = CreateTestContext(
true,
subscription.Policies,
newMicrosoftCompliantPackage,
packageRegistrationAlreadyExists: false,
packageOwnershipManagementService: packageOwnershipManagementService.Object,
sourceAccount: nugetUser,
targetAccount: nugetUser);
// Act
var result = await policyHandler.EvaluateAsync(context);
// Assert
Assert.True(result.Success);
Assert.Null(result.ErrorMessage);
Assert.True(result.HasWarnings);
Assert.NotEmpty(result.WarningMessages);
Assert.Contains(Strings.SecurityPolicy_RequirePackagePrefixReserved, result.WarningMessages);
Assert.False(newPackageRegistration.IsVerified);
packageOwnershipManagementService.Verify(s => s.AddPackageOwnerAsync(newPackageRegistration, Fakes.RequiredCoOwner, false), Times.Once);
}