public override void TearDown()
{
DeleteUser(_user);
_user = null;
SessionManager.CurrentSessionContext = new GuestUserContext();
base.TearDown();
}
public void TestCreateDeleteAnyone()
{
// an account can be created by anyone
Account account = new Account();
account.Created = DateTime.UtcNow;
account.Name = Guid.NewGuid().ToString();
account.Password = "******";
Session.Save(account);
Session.Flush();
// an account cannot be deleted by guest
try
{
Session.Delete(account);
Session.Flush();
}
finally
{
using (new Impersonator(new UserContext(account)))
{
Account accountCopy = Session.Load<Account>(account.Id);
Session.Delete(accountCopy);
Session.Flush();
}
}
}
public override void SetUp()
{
base.SetUp();
SessionManager.Initialize(new ThreadSessionSource(), ServiceDataEventListeners.Instance);
_user = CreateUser();
SessionManager.CurrentSessionContext = new UserContext(_user);
}
public void DeleteUser(Account instance)
{
using (new Impersonator(new UserContext(instance)))
{
Session.Delete(instance);
Session.Flush();
}
}
public AccountClassACL(Account instance)
{
// allow everyone to create an account
this.Add(new ACLEveryoneAllowCreate());
// everyone can see accounts
this.Add(new ACLEveryoneAllowRetrieve());
// owner can do everything with his own account
this.Add(new ACLAccount(instance, DataOperation.All));
}
/// <summary>
/// Create a user.
/// </summary>
/// <param name="username">username</param>
/// <param name="password">password</param>
public Account CreateUser(string username, string password)
{
Account account = new Account();
account.Created = DateTime.UtcNow;
account.Name = username;
account.Password = password;
_session.Save(account);
_session.Flush();
return account;
}
protected Account CreateUser()
{
using (new Impersonator(new GuestUserContext()))
{
Account instance = new Account();
instance.Created = DateTime.UtcNow;
instance.Name = Guid.NewGuid().ToString();
instance.Password = "******";
Session.Save(instance);
Session.Flush();
return instance;
}
}
public void TestCreateDelete()
{
// create a new account, this can be done by anyone
Account account = new Account();
account.Created = DateTime.UtcNow;
account.Name = Guid.NewGuid().ToString();
account.Password = "******";
Session.Save(account);
Session.Flush();
// switch context to self and delete the account, this can be done by the account owner himself
using (new Impersonator(new UserContext(account)))
{
Account accountCopy = Session.Load<Account>(account.Id);
// the owner can update his own account
accountCopy.Name = Guid.NewGuid().ToString();
Session.Save(accountCopy);
// an account can be deleted by self
Session.Delete(accountCopy);
Session.Flush();
}
}
public ACLAccount(Account value, int op, DataOperationPermission perm)
: base(op, perm)
{
_account = value;
}
public ACLAccount(Account value, DataOperation op)
: this(value, (int)op, DataOperationPermission.Allow)
{
}
public UserContext(Account account)
{
_accountId = account.Id;
}