public void CreateSuperAdminAccount()
{
UserAccount superAdministratorUserAccount;
IAccessRuleFactory accessRuleFactory;
superAdministratorUserAccount = new UserAccount
{
Name = SpecialStrings.SystemAdministratorUser,
AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Disabled
};
superAdministratorUserAccount.Save();
accessRuleFactory = new AccessRuleFactory();
accessRuleFactory.AddAllowByQuery(
superAdministratorUserAccount.As <Subject>(),
Entity.Get <SecurableEntity>("core:resource"),
new[] { Permissions.Create, Permissions.Read, Permissions.Modify, Permissions.Delete },
TestQueries.Entities().ToReport()
);
}
public void SetupEntities()
{
using (DatabaseContext context = DatabaseContext.GetContext(true))
{
using (new SecurityBypassContext())
{
Role administratorRole;
EntityType resourceType;
AccessRuleFactory accessControlHelper;
administratorRole = Entity.Get <Role>(new EntityRef("core", "administratorRole"), true);
resourceType = Entity.Get <EntityType>(new EntityRef("core", "resource"));
// resourceType = Entity.Get<EntityType>(new EntityRef("core", "securableEntity"));
accessControlHelper = new AccessRuleFactory();
accessControlHelper.AddAllowCreate(administratorRole.As <Subject>(), resourceType.As <SecurableEntity>());
accessControlHelper.AddAllowByQuery(administratorRole.As <Subject>(), resourceType.As <SecurableEntity>(),
new[] { Permissions.Read, Permissions.Modify, Permissions.Delete }, TestQueries.Entities().ToReport());
context.CommitTransaction();
}
}
}
public void Setup( )
{
// Getting Forbidden? Or ConnectorConfigException?
// Maybe there's duplicate copies of these objects in the DB.
// Define key and user
using (new TenantAdministratorContext(TenantName))
{
// Define schema
type = new EntityType( );
type.Inherits.Add(UserResource.UserResource_Type);
type.Name = "Test type " + Guid.NewGuid( );
type.Save( );
type2 = new EntityType();
type2.Inherits.Add(UserResource.UserResource_Type);
type2.Name = "Test type2 " + Guid.NewGuid();
type2.Save();
stringField = new StringField( );
stringField.Name = "Field 1";
stringField.FieldIsOnType = type;
stringField.Save( );
lookup = new Relationship();
lookup.Cardinality_Enum = CardinalityEnum_Enumeration.OneToOne;
lookup.FromType = type;
lookup.ToType = type2;
// Define API
mapping = new ApiResourceMapping( );
mapping.Name = "Test mapping " + Guid.NewGuid( );;
mapping.MappedType = type;
mapping.Save( );
lookupMapping = new ApiRelationshipMapping();
lookupMapping.Name = "lookup1";
lookupMapping.MappedRelationship = lookup;
lookupMapping.MemberForResourceMapping = mapping;
lookupMapping.Save();
fieldMapping = new ApiFieldMapping( );
fieldMapping.Name = "field1";
fieldMapping.MappedField = stringField.As <Field>( );
fieldMapping.MemberForResourceMapping = mapping;
fieldMapping.Save( );
endpoint = new ApiResourceEndpoint( );
endpoint.Name = "Test endpoint " + Guid.NewGuid( );
endpoint.ApiEndpointAddress = EndpointAddress;
endpoint.EndpointResourceMapping = mapping;
endpoint.ApiEndpointEnabled = true;
endpoint.EndpointCanCreate = true;
endpoint.EndpointCanDelete = true;
endpoint.EndpointCanUpdate = true;
endpoint.Save( );
api = new Api( );
api.Name = "Test API " + Guid.NewGuid( );;
api.ApiAddress = ApiAddress;
api.ApiEnabled = true;
api.ApiEndpoints.Add(endpoint.As <ApiEndpoint>( ));
api.Save( );
// Define access
userAccount = new UserAccount( );
userAccount.Name = "Test user " + Guid.NewGuid( );
userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active;
userAccount.Password = "******";
userAccount.Save( );
key = new ApiKey( );
key.Name = ApiKey;
key.ApiKeyUserAccount = userAccount;
key.ApiKeyEnabled = true;
key.KeyForApis.Add(api);
key.Save( );
updateInstance = Entity.Create(type).AsWritable <Resource>( );
updateInstance.Name = updateInstanceName = "ResourceToUpdate" + Guid.NewGuid( );
updateInstance.Description = updateInstanceDesc = "ResourceToUpdate" + Guid.NewGuid( );
updateInstance.Save( );
updateInstanceGuid = updateInstance.UpgradeId;
IAccessRuleFactory accessControlHelper = new AccessRuleFactory( );
accessRule = accessControlHelper.AddAllowCreate(userAccount.As <Subject>( ), type.As <SecurableEntity>( ));
accessRule = accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type.As <SecurableEntity>( ), new[] { Permissions.Read, Permissions.Modify, Permissions.Delete }, TestQueries.Entities(type).ToReport( ));
}
cleanup = new List <IEntity> {
userAccount, key, api, type, mapping, endpoint, fieldMapping, stringField, accessRule, updateInstance
};
}
private void CreateScenarioImpl(string testInstanceName, Func <EntityRef[]> permissionsCallback)
{
// Define key and user
using (new TenantAdministratorContext(TenantName))
{
// Define schema
type = new EntityType( );
type.Inherits.Add(UserResource.UserResource_Type);
type.Name = "Test type " + Guid.NewGuid( );
type.Save( );
type2 = new EntityType( );
type2.Inherits.Add(UserResource.UserResource_Type);
type2.Name = "Test type2 " + Guid.NewGuid( );
type2.Save( );
stringField = new StringField( );
stringField.Name = "Field 1";
stringField.FieldIsOnType = type;
stringField.MaxLength = 50;
stringField.Save( );
lookup = new Relationship( );
lookup.Cardinality_Enum = CardinalityEnum_Enumeration.OneToOne;
lookup.FromType = type;
lookup.ToType = type2;
relationship = new Relationship( );
relationship.Cardinality_Enum = CardinalityEnum_Enumeration.ManyToMany;
relationship.FromType = type;
relationship.ToType = type2;
// Define API
mapping = new ApiResourceMapping( );
mapping.Name = "Test mapping " + Guid.NewGuid( );;
mapping.MappedType = type;
mapping.Save( );
fieldMapping = new ApiFieldMapping( );
fieldMapping.Name = "field1";
fieldMapping.MappedField = stringField.As <Field>( );
fieldMapping.MemberForResourceMapping = mapping;
fieldMapping.Save( );
lookupMapping = new ApiRelationshipMapping( );
lookupMapping.Name = "lookup1";
lookupMapping.MappedRelationship = lookup;
lookupMapping.MemberForResourceMapping = mapping;
lookupMapping.Save( );
relationshipMapping = new ApiRelationshipMapping( );
relationshipMapping.Name = "rel1";
relationshipMapping.MappedRelationship = relationship;
relationshipMapping.MemberForResourceMapping = mapping;
relationshipMapping.Save( );
endpoint = new ApiResourceEndpoint( );
endpoint.Name = "Test endpoint " + Guid.NewGuid( );;
endpoint.ApiEndpointAddress = EndpointAddress;
endpoint.EndpointResourceMapping = mapping;
endpoint.ApiEndpointEnabled = true;
endpoint.EndpointCanCreate = true;
endpoint.EndpointCanUpdate = true;
endpoint.EndpointCanDelete = true;
endpoint.Save( );
api = new Api( );
api.Name = "Test API " + Guid.NewGuid( );;
api.ApiAddress = ApiAddress;
api.ApiEnabled = true;
api.ApiEndpoints.Add(endpoint.As <ApiEndpoint>( ));
api.Save( );
// Define access
userAccount = new UserAccount( );
userAccount.Name = "Test user " + Guid.NewGuid( );
userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active;
userAccount.Password = "******";
userAccount.Save( );
key = new ApiKey( );
key.Name = ApiKey;
key.ApiKeyUserAccount = userAccount;
key.ApiKeyEnabled = true;
key.KeyForApis.Add(api);
key.Save( );
if (testInstanceName != null)
{
scenarioInstance = Entity.Create(type);
scenarioInstance.SetField("core:name", testInstanceName);
scenarioInstance.Save( );
}
foreignName = "Foreign" + Guid.NewGuid( ).ToString( );
foreignInstance = Entity.Create(type2);
foreignInstance.SetField("core:name", foreignName);
foreignInstance.Save( );
// Grant create
var permissions = permissionsCallback( );
IAccessRuleFactory accessControlHelper = new AccessRuleFactory( );
if (permissions [0] == Permissions.Create)
{
accessControlHelper.AddAllowCreate(userAccount.As <Subject>( ), type.As <SecurableEntity>( ));
}
else if (permissions.Length > 0)
{
accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type.As <SecurableEntity>( ), permissions, TestQueries.Entities(type).ToReport( ));
}
accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type2.As <SecurableEntity>( ), new [] { Permissions.Read, Permissions.Modify }, TestQueries.Entities(type2).ToReport( ));
}
}
