public void DeferredSecurity()
{
var cachier = GetCachier();
ModelSecurityProvider.TimesWasUsed = 0;
var modelReader = Guid.NewGuid();
var modelWriter = Guid.NewGuid();
var elementReader = Guid.NewGuid();
var elementWriter = Guid.NewGuid();
var elemPermissions = new SecurityPermissions
{
AllowedForRead = new[] { elementReader },
AllowedForWrite = new[] { elementWriter }
};
var modelPermissions = new SecurityPermissions
{
AllowedForRead = new[] { modelReader },
AllowedForWrite = new[] { modelWriter }
};
cachier.Post(_singleModel.Key, modelPermissions);
cachier.Post(_dependentModel.Key, modelPermissions);
cachier.Post(_singleElement.Key, elemPermissions);
cachier.Post(_dependentElement.Key, elemPermissions);
var user1 = Guid.NewGuid();
var user2 = Guid.NewGuid();
var group1 = new SecurityGroup { Groups = new[] { modelReader, elementReader, elementWriter } };
var group2 = new SecurityGroup { Groups = new[] { modelReader, elementReader, modelWriter } };
cachier.Post(user1, group1);
cachier.Post(user2, group2);
Session.UserId = user1;
var elem = cachier.GetLater<Element>(_singleElement.Key);
var elem2 = cachier.GetLater<Element>(_dependentElement.Key);
Assert.IsNotNull(elem.Value);
Assert.IsNotNull(elem2.Value);
Assert.AreEqual(1, ModelSecurityProvider.TimesWasUsed);//серия должна взяться один раз
//после этого должы браться результаты серии закэшированные результаты
ModelSecurityProvider.TimesWasUsed = 0;
cachier.Post(_singleElement.Key, _singleElement);
cachier.Post(_dependentElement.Key, _dependentElement);
Assert.AreEqual(0, ModelSecurityProvider.TimesWasUsed);
Session.UserId = user2;
elem = cachier.GetLater<Element>(_singleElement.Key);
elem2 = cachier.GetLater<Element>(_dependentElement.Key);
Assert.IsNotNull(elem.Value);
Assert.IsNotNull(elem2.Value);
Assert.AreEqual(1, ModelSecurityProvider.TimesWasUsed);//серия должна взяться один раз
//после этого должы браться результаты серии закэшированные результаты
ModelSecurityProvider.TimesWasUsed = 0;
MockHelper.AwaitException<SecurityException>(() => cachier.Post(_singleElement.Key, _singleElement));
MockHelper.AwaitException<SecurityException>(() =>cachier.Post(_dependentElement.Key, _dependentElement));
Assert.AreEqual(0, ModelSecurityProvider.TimesWasUsed);
}
public void BasicSecurity()
{
var cachier = GetCachier();
var modelReader = Guid.NewGuid();
var modelWriter = Guid.NewGuid();
var elementReader = Guid.NewGuid();
var elementWriter = Guid.NewGuid();
var elemPermissions = new SecurityPermissions
{
AllowedForRead = new[] {elementReader},
AllowedForWrite = new[] {elementWriter}
};
var modelPermissions = new SecurityPermissions
{
AllowedForRead = new[] {modelReader},
AllowedForWrite = new[] {modelWriter}
};
cachier.Post(_singleModel.Key, modelPermissions);
cachier.Post(_dependentModel.Key, modelPermissions);
cachier.Post(_singleElement.Key, elemPermissions);
cachier.Post(_dependentElement.Key, elemPermissions);
var user1 = Guid.NewGuid();
var user2 = Guid.NewGuid();
var group1 = new SecurityGroup {Groups = new[] {modelReader, elementReader, elementWriter}};
var group2 = new SecurityGroup {Groups = new[] {modelReader, elementReader, modelWriter}};
cachier.Post(user1, group1);
cachier.Post(user2, group2);
Session.UserId = user1;
var elem = cachier.Get<Element>(_singleElement.Key);
Assert.IsNotNull(elem);
var model = cachier.Get<Model>(_singleModel.Key);
Assert.IsNotNull(model);
ModelSecurityProvider.TimesWasUsed = 0;//после этого должы браться закэшированные результаты
try
{
cachier.Post(_singleModel.Key, _singleModel);
Assert.Fail();
}
catch (SecurityException)
{
}
cachier.Post(_singleElement.Key, _singleElement);
Assert.AreEqual(0,ModelSecurityProvider.TimesWasUsed);
Session.UserId = user2;
elem = cachier.Get<Element>(_singleElement.Key);
Assert.IsNotNull(elem);
model = cachier.Get<Model>(_singleModel.Key);
Assert.IsNotNull(model);
Assert.AreEqual(2,ModelSecurityProvider.TimesWasUsed);//поскольку берем в другом контексте безопасности, кэшироваться еще ничего было не должно
ModelSecurityProvider.TimesWasUsed = 0;//после этого снова должны браться закэшированные результаты
try
{
cachier.Post(_singleElement.Key, _singleElement);
Assert.Fail();
}
catch (SecurityException)
{
}
cachier.Post(_singleModel.Key, _singleModel);
Assert.AreEqual(0,ModelSecurityProvider.TimesWasUsed);
}
public void ChangingSecurity()
{
var cachier = GetCachier();
var modelReader = Guid.NewGuid();
var modelWriter = Guid.NewGuid();
var elementReader = Guid.NewGuid();
var elementWriter = Guid.NewGuid();
var elemPermissions = new SecurityPermissions
{
AllowedForRead = new[] { elementReader },
AllowedForWrite = new[] { elementWriter }
};
var modelPermissions = new SecurityPermissions
{
AllowedForRead = new[] { modelReader },
AllowedForWrite = new[] { modelWriter }
};
cachier.Post(_singleModel.Key, modelPermissions);
cachier.Post(_dependentModel.Key, modelPermissions);
cachier.Post(_singleElement.Key, elemPermissions);
cachier.Post(_dependentElement.Key, elemPermissions);
var user1 = Guid.NewGuid();
var user2 = Guid.NewGuid();
var group1 = new SecurityGroup { Groups = new[] { modelReader, elementReader, elementWriter } };
var group2 = new SecurityGroup { Groups = new[] { modelReader, elementReader, modelWriter } };
cachier.Post(user1, group1);
cachier.Post(user2, group2);
Session.UserId = user1;
var elem = cachier.Get<Element>(_singleElement.Key);
Assert.IsNotNull(elem);
var model = cachier.Get<Model>(_singleModel.Key);
Assert.IsNotNull(model);
//запрещаем чтение из модели
group1.Groups = new[] {elementReader, elementWriter};
elem = cachier.Get<Element>(_singleElement.Key);
Assert.IsNotNull(elem);
model = cachier.Get<Model>(_singleModel.Key);
Assert.IsNotNull(model);
cachier.Post(user1, group1);
elem = cachier.Get<Element>(_singleElement.Key);
Assert.IsNotNull(elem);
model = cachier.Get<Model>(_singleModel.Key);
Assert.IsNull(model);
MockHelper.AwaitException<SecurityException>(() => cachier.Post(_singleModel.Key, _singleModel));
cachier.Post(_singleElement.Key, _singleElement);
//разрешаем только запись во все
group1.Groups = new[] { modelWriter, elementWriter };
cachier.Post(user1, group1);
cachier.Post(_singleModel.Key, _singleModel);
cachier.Post(_singleElement.Key, _singleElement);
Session.UserId = user2;
elem = cachier.Get<Element>(_singleElement.Key);
Assert.IsNotNull(elem);
model = cachier.Get<Model>(_singleModel.Key);
Assert.IsNotNull(model);
MockHelper.AwaitException<SecurityException>(() => cachier.Post(_singleElement.Key, _singleElement));
cachier.Post(_singleModel.Key, _singleModel);
}