public void ComputeOnUpdatePrincipal()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve <ISqlExecuter>()
.ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role");
// Insert test data:
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var u2 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u2"
};
var u3 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u3"
};
var u5 = new Common.Principal {
ID = Guid.NewGuid(), Name = "u5"
};
var r1 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r1"
};
var r2 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r2"
};
var r25 = new Common.Role {
ID = Guid.NewGuid(), Name = "r25"
};
var repository = container.Resolve <Common.DomRepository>();
var roles = container.Resolve <GenericRepository <Common.Role> >();
var principals = container.Resolve <GenericRepository <Common.Principal> >();
var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole {
PrincipalID = u2.ID, RoleID = r25.ID
},
new Common.PrincipalHasRole {
PrincipalID = u5.ID, RoleID = r25.ID
}
});
// Recompute membership on update principal (domain users only):
u2.Name = "u2x";
principals.Update(u2);
Assert.AreEqual(@"\u1-\r1, u2x-\r2, u2x-r25, u5-r25", ReportMembership(container), "auto-membership on update ignore non-domain users");
u2.Name = _domainPrefix + "u2x";
principals.Update(u2);
Assert.AreEqual(@"\u1-\r1, \u2x-r25, u5-r25", ReportMembership(container), "auto-membership on update domain users");
u2.Name = _domainPrefix + "u2";
principals.Update(u2);
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "auto-membership on update domain users 2");
}
}
public void ComputeOnInsertPrincipal()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve <ISqlExecuter>()
.ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role");
// Insert test data:
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var u2 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u2"
};
var u3 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u3"
};
var u5 = new Common.Principal {
ID = Guid.NewGuid(), Name = "u5"
};
var r1 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r1"
};
var r2 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r2"
};
var r25 = new Common.Role {
ID = Guid.NewGuid(), Name = "r25"
};
var repository = container.Resolve <Common.DomRepository>();
var roles = container.Resolve <GenericRepository <Common.Role> >();
var principals = container.Resolve <GenericRepository <Common.Principal> >();
var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >();
roles.Insert(r1, r2, r25);
Assert.AreEqual(@"\r1, \r2, r25", ReportRoles(roles.Load()), "roles created");
principals.Insert(u1, u2, u3, u5);
Assert.AreEqual(@"\u1, \u2, \u3, u5", ReportPrincipals(principals.Load()), "principals created");
// Recompute membership on insert domain users:
Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container), "auto-membership on insert");
// Inserting non-domain users and roles:
membership.Insert(new[] {
new Common.PrincipalHasRole {
PrincipalID = u2.ID, RoleID = r25.ID
},
new Common.PrincipalHasRole {
PrincipalID = u5.ID, RoleID = r25.ID
}
},
checkUserPermissions: true);
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "non-domain users and roles");
}
}
public void RoleInheritance()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve <ISqlExecuter>()
.ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role");
// Insert test data:
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var u2 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u2"
};
var u3 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u3"
};
var u5 = new Common.Principal {
ID = Guid.NewGuid(), Name = "u5"
};
var r1 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r1"
};
var r2 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r2"
};
var r25 = new Common.Role {
ID = Guid.NewGuid(), Name = "r25"
};
var repository = container.Resolve <Common.DomRepository>();
var roles = container.Resolve <GenericRepository <Common.Role> >();
var principals = container.Resolve <GenericRepository <Common.Principal> >();
var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole {
PrincipalID = u2.ID, RoleID = r25.ID
},
new Common.PrincipalHasRole {
PrincipalID = u5.ID, RoleID = r25.ID
}
});
// Modify role inheritance:
repository.Common.RoleInheritsRole.Insert(new[] { new Common.RoleInheritsRole {
UsersFromID = r1.ID, PermissionsFromID = r25.ID
} });
TestUtility.ShouldFail(() => repository.Common.RoleInheritsRole.Insert(new[] { new Common.RoleInheritsRole {
UsersFromID = r25.ID, PermissionsFromID = r2.ID
} }), "UserException",
"It is not allowed to add users or user groups here because this role is synchronized with an Active Directory group.",
"Please change the user membership on Active Directory instead.");
}
}
public void FailsOnDenyUserEdit()
{
using (var container = new RhetosTestContainer())
{
var genericRepositories = container.Resolve <GenericRepositories>();
var repository = container.Resolve <Common.DomRepository>();
string currentUserName = container.Resolve <IUserInfo>().UserName;
Assert.IsTrue(!string.IsNullOrWhiteSpace(currentUserName));
var currentPrincipal = new Common.Principal {
Name = currentUserName
};
genericRepositories.InsertOrReadId(currentPrincipal, p => p.Name);
var testItem1 = new TestCreatedBy.WithConstraints {
ID = Guid.NewGuid(), Name = "test1"
};
var testItem2 = new TestCreatedBy.WithConstraints {
ID = Guid.NewGuid(), Name = "test2", AuthorID = currentPrincipal.ID
};
TestUtility.ShouldFail <Rhetos.UserException>(
() => repository.TestCreatedBy.WithConstraints.Insert(new[] { testItem1, testItem2 }, checkUserPermissions: true),
"It is not allowed to directly enter", "Author");
}
}
public void LeavePredefinedUser()
{
using (var container = new RhetosTestContainer())
{
var genericRepositories = container.Resolve <GenericRepositories>();
var repository = container.Resolve <Common.DomRepository>();
string currentUserName = container.Resolve <IUserInfo>().UserName;
Assert.IsTrue(!string.IsNullOrWhiteSpace(currentUserName));
var currentPrincipal = new Common.Principal {
Name = currentUserName
};
genericRepositories.InsertOrReadId(currentPrincipal, p => p.Name);
string otherUserName = "******" + Guid.NewGuid();
var otherPrincipal = new Common.Principal {
Name = otherUserName
};
genericRepositories.InsertOrReadId(otherPrincipal, p => p.Name);
var testItem1 = new TestCreatedBy.Simple {
ID = Guid.NewGuid(), Name = "test1", AuthorID = otherPrincipal.ID
};
var testItem2 = new TestCreatedBy.Simple {
ID = Guid.NewGuid(), Name = "test2"
};
repository.TestCreatedBy.Simple.Insert(testItem1, testItem2);
Assert.AreEqual(
"test1 " + otherUserName + ", test2 " + currentUserName,
TestUtility.DumpSorted(repository.TestCreatedBy.Simple
.Query(new[] { testItem1.ID, testItem2.ID })
.Select(item => item.Name + " " + item.Author.Name)));
}
}
public async Task FindUserByNameTest()
{
using (var serviceScope = _factory.Services.CreateScope())
{
var principal = new Common.Principal {
Name = "IdentityUserTest"
};
var repository = serviceScope.ServiceProvider.GetService <IRhetosComponent <Common.DomRepository> >().Value;
repository.Common.Principal.Insert(principal);
var userStore = serviceScope.ServiceProvider.GetService <IUserStore <IdentityUser <Guid> > >();
var user = await userStore.FindByIdAsync(principal.ID.ToString(), new CancellationToken(false));
user.PasswordHash = "SomeHash";
user.LockoutEnd = new DateTimeOffset(2020, 5, 5, 5, 5, 5, new TimeSpan(0));
user.AccessFailedCount = 3;
await userStore.UpdateAsync(user, new CancellationToken(false));
var updatedUser = await userStore.FindByNameAsync(principal.Name, new CancellationToken(false));
Assert.AreEqual(user.Id, principal.ID);
Assert.AreEqual(user.UserName, principal.Name);
Assert.AreEqual(user.PasswordHash, updatedUser.PasswordHash);
Assert.AreEqual(user.LockoutEnd, updatedUser.LockoutEnd);
Assert.AreEqual(user.AccessFailedCount, updatedUser.AccessFailedCount);
}
}
public void ExecuteSqlTest()
{
using (var scope = TestScope.Create())
{
var persistenceTransaction = scope.Resolve <IPersistenceTransaction>();
var executionContext = scope.Resolve <Common.ExecutionContext>();
var principalNamePrefix = "BaseExecuter_";
var principal1 = new Common.Principal {
ID = Guid.NewGuid(), Name = principalNamePrefix + Guid.NewGuid().ToString()
};
var principal2 = new Common.Principal {
ID = Guid.NewGuid(), Name = principalNamePrefix + Guid.NewGuid().ToString()
};
var baseSqlExecuter = new BaseSqlExecuter(persistenceTransaction);
baseSqlExecuter.ExecuteSqlRaw(@"
INSERT INTO Common.Principal (ID, Name) VALUES({0}, {1});
INSERT INTO Common.Principal (ID, Name) VALUES(@principal2ID, @principal2Name);
", new object[] { principal1.ID, principal1.Name, new SqlParameter("@principal2ID", principal2.ID),
new SqlParameter("@principal2Name", principal2.Name) });
var results = executionContext.Repository.Common.Principal.Query(x => x.Name.StartsWith(principalNamePrefix)).ToSimple().ToArray();
Assert.AreEqual(Report(principal1, principal2), Report(results));
}
}
public void ExecuteReaderTest()
{
using (var scope = TestScope.Create())
{
var persistenceTransaction = scope.Resolve <IPersistenceTransaction>();
var executionContext = scope.Resolve <Common.ExecutionContext>();
var principalNamePrefix = "BaseExecuter_";
var principalNameSuffix = "_Test";
var principal1 = new Common.Principal {
ID = Guid.NewGuid(), Name = principalNamePrefix + Guid.NewGuid().ToString()
};
var principal2 = new Common.Principal {
ID = Guid.NewGuid(), Name = principalNamePrefix + Guid.NewGuid().ToString() + principalNameSuffix
};
executionContext.Repository.Common.Principal.Insert(principal1, principal2);
var baseSqlExecuter = new BaseSqlExecuter(persistenceTransaction);
var results = new List <Common.Principal>();
baseSqlExecuter.ExecuteReaderRaw("SELECT ID, Name FROM Common.Principal WHERE Name LIKE {0}+'%' AND Name LIKE '%'+@suffix",
new object[] { principalNamePrefix, new SqlParameter("@suffix", principalNameSuffix) },
reader => results.Add(new Common.Principal {
ID = reader.GetGuid(0), Name = reader.GetString(1)
}));
Assert.AreEqual(Report(principal2), Report(results.ToArray()));
}
}
public void LeavePredefinedUser()
{
using (var container = new RhetosTestContainer())
{
var genericRepositories = container.Resolve<GenericRepositories>();
var repository = container.Resolve<Common.DomRepository>();
string currentUserName = container.Resolve<IUserInfo>().UserName;
Assert.IsTrue(!string.IsNullOrWhiteSpace(currentUserName));
var currentPrincipal = new Common.Principal { Name = currentUserName };
genericRepositories.InsertOrReadId(currentPrincipal, p => p.Name);
string otherUserName = "******" + Guid.NewGuid();
var otherPrincipal = new Common.Principal { Name = otherUserName };
genericRepositories.InsertOrReadId(otherPrincipal, p => p.Name);
var testItem1 = new TestCreatedBy.Simple { ID = Guid.NewGuid(), Name = "test1", AuthorID = otherPrincipal.ID };
var testItem2 = new TestCreatedBy.Simple { ID = Guid.NewGuid(), Name = "test2" };
repository.TestCreatedBy.Simple.Insert(testItem1, testItem2);
Assert.AreEqual(
"test1 " + otherUserName + ", test2 " + currentUserName,
TestUtility.DumpSorted(repository.TestCreatedBy.Simple
.Query(new[] { testItem1.ID, testItem2.ID })
.Select(item => item.Name + " " + item.Author.Name)));
}
}
public void RecomputeMembership()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve <ISqlExecuter>()
.ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role");
// Insert test data:
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var u2 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u2"
};
var u3 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u3"
};
var u5 = new Common.Principal {
ID = Guid.NewGuid(), Name = "u5"
};
var r1 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r1"
};
var r2 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r2"
};
var r25 = new Common.Role {
ID = Guid.NewGuid(), Name = "r25"
};
var repository = container.Resolve <Common.DomRepository>();
var roles = container.Resolve <GenericRepository <Common.Role> >();
var principals = container.Resolve <GenericRepository <Common.Principal> >();
var membership = repository.Common.PrincipalHasRole;
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole {
PrincipalID = u2.ID, RoleID = r25.ID
},
new Common.PrincipalHasRole {
PrincipalID = u5.ID, RoleID = r25.ID
}
});
// Recompute membership relations:
var u1r1 = membership.Query(m => m.Principal.Name.Contains(@"\u1")).Single();
membership.Delete(new[] { u1r1 }, checkUserPermissions: false);
Assert.AreEqual(@"\u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "modified membership");
repository.Common.PrincipalHasRole.RecomputeFromActiveDirectoryPrincipalHasRole();
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "recomputed membership");
}
}
public void TestMock()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var ws = container.Resolve<Rhetos.Security.IWindowsSecurity>();
Assert.AreEqual("r1, r12", TestUtility.DumpSorted(ws.GetIdentityMembership(u1.Name)), "u1 active directory groups");
}
}
public void TestMock()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var ws = container.Resolve <Rhetos.Security.IWindowsSecurity>();
Assert.AreEqual("r1, r12", TestUtility.DumpSorted(ws.GetIdentityMembership(u1.Name)), "u1 active directory groups");
}
}
public void UserShouldNotUpdateDomainMembership()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve <ISqlExecuter>()
.ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role");
// Insert test data:
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var u2 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u2"
};
var r1 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r1"
};
var r2 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r2"
};
var repository = container.Resolve <Common.DomRepository>();
var roles = container.Resolve <GenericRepository <Common.Role> >();
var principals = container.Resolve <GenericRepository <Common.Principal> >();
var membership = repository.Common.PrincipalHasRole;
roles.Insert(r1, r2);
principals.Insert(u1, u2);
// The user should not update domain users/groups membership:
Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container));
var u2r2 = membership.Query(m => m.Principal.Name.Contains(@"\u2")).Single();
membership.Delete(new[] { u2r2 }, checkUserPermissions: false);
Assert.AreEqual(@"\u1-\r1", ReportMembership(container));
var u1r1 = membership.Query(m => m.Principal.Name.Contains(@"\u1")).Single();
TestUtility.ShouldFail(
() => membership.Delete(new[] { u1r1 }, checkUserPermissions: true),
"It is not allowed to remove the user membership here, because role " + _domainPrefix + "r1 is synchronized with an Active Directory group");
}
}
public void CommonFilters()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve<Common.ExecutionContext>().NHibernateSession
.CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role")
.ExecuteUpdate();
// Insert test data:
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" };
var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" };
var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" };
var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" };
var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" };
var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" };
var repository = container.Resolve<Common.DomRepository>();
var roles = container.Resolve<GenericRepository<Common.Role>>();
var principals = container.Resolve<GenericRepository<Common.Principal>>();
var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole { Principal = u2, Role = r25 },
new Common.PrincipalHasRole { Principal = u5, Role = r25 } });
// Common filters:
var filter1 = new Common.ActiveDirectoryAllUsersParameter();
Assert.AreEqual(@"\u1-\r1, \u2-\r2",
ReportMembership(container, filter1),
"filter ActiveDirectoryAllUsersParameter");
var filter2 = new[] { u1.Name, u2.Name }.Select(name => new Common.ActiveDirectoryUserParameter { UserName = name }).ToArray();
Assert.AreEqual(@"\u1-\r1, \u2-\r2",
ReportMembership(container, filter2),
"filter ActiveDirectoryUserParameter");
}
}
public void FailsOnDenyUserEdit()
{
using (var container = new RhetosTestContainer())
{
var genericRepositories = container.Resolve<GenericRepositories>();
var repository = container.Resolve<Common.DomRepository>();
string currentUserName = container.Resolve<IUserInfo>().UserName;
Assert.IsTrue(!string.IsNullOrWhiteSpace(currentUserName));
var currentPrincipal = new Common.Principal { Name = currentUserName };
genericRepositories.InsertOrReadId(currentPrincipal, p => p.Name);
var testItem1 = new TestCreatedBy.WithConstraints { ID = Guid.NewGuid(), Name = "test1" };
var testItem2 = new TestCreatedBy.WithConstraints { ID = Guid.NewGuid(), Name = "test2", AuthorID = currentPrincipal.ID };
TestUtility.ShouldFail<Rhetos.UserException>(
() => repository.TestCreatedBy.WithConstraints.Insert(new[] { testItem1, testItem2 }, checkUserPermissions: true),
"It is not allowed to directly enter", "Author");
}
}
public void InsertTestPermissions()
{
DeleteTestPermissions();
using (var container = new RhetosTestContainer(commitChanges: true))
{
var r = container.Resolve <Common.DomRepository>();
var principal1 = new Common.Principal {
Name = User1Name
};
var principal2 = new Common.Principal {
Name = User2Name
};
r.Common.Principal.Insert(principal1, principal2);
var role1 = new Common.Role {
Name = Role1Name
};
var role2 = new Common.Role {
Name = Role2Name
};
r.Common.Role.Insert(role1, role2);
r.Common.PrincipalHasRole.Insert(new Common.PrincipalHasRole {
PrincipalID = principal1.ID, RoleID = role1.ID
});
r.Common.RoleInheritsRole.Insert(new Common.RoleInheritsRole {
UsersFromID = role1.ID, PermissionsFromID = role2.ID
});
var claim1 = r.Common.Claim.Load(c => c.ClaimResource == Claim1.Resource && c.ClaimRight == Claim1.Right).Single();
var claim2 = r.Common.Claim.Load(c => c.ClaimResource == Claim2.Resource && c.ClaimRight == Claim2.Right).Single();
r.Common.PrincipalPermission.Insert(new Common.PrincipalPermission {
PrincipalID = principal1.ID, ClaimID = claim1.ID, IsAuthorized = true
});
r.Common.RolePermission.Insert(new Common.RolePermission {
RoleID = role2.ID, ClaimID = claim2.ID, IsAuthorized = true
});
}
}
public void InsertTestPermissions()
{
DeleteTestPermissions();
using (var container = new RhetosTestContainer(commitChanges: true))
{
var r = container.Resolve<Common.DomRepository>();
var principal1 = new Common.Principal { Name = User1Name };
var principal2 = new Common.Principal { Name = User2Name };
r.Common.Principal.Insert(principal1, principal2);
var role1 = new Common.Role { Name = Role1Name };
var role2 = new Common.Role { Name = Role2Name };
r.Common.Role.Insert(role1, role2);
r.Common.PrincipalHasRole.Insert(new Common.PrincipalHasRole { PrincipalID = principal1.ID, RoleID = role1.ID });
r.Common.RoleInheritsRole.Insert(new Common.RoleInheritsRole { UsersFromID = role1.ID, PermissionsFromID = role2.ID });
var claim1 = r.Common.Claim.Load(c => c.ClaimResource == Claim1.Resource && c.ClaimRight == Claim1.Right).Single();
var claim2 = r.Common.Claim.Load(c => c.ClaimResource == Claim2.Resource && c.ClaimRight == Claim2.Right).Single();
r.Common.PrincipalPermission.Insert(new Common.PrincipalPermission { PrincipalID = principal1.ID, ClaimID = claim1.ID, IsAuthorized = true });
r.Common.RolePermission.Insert(new Common.RolePermission { RoleID = role2.ID, ClaimID = claim2.ID, IsAuthorized = true });
}
}
public void ComputeOnAuthorization()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve <ISqlExecuter>()
.ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role");
// Insert test data:
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var u2 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u2"
};
var u3 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u3"
};
var u5 = new Common.Principal {
ID = Guid.NewGuid(), Name = "u5"
};
var r1 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r1"
};
var r2 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r2"
};
var r25 = new Common.Role {
ID = Guid.NewGuid(), Name = "r25"
};
var repository = container.Resolve <Common.DomRepository>();
var roles = container.Resolve <GenericRepository <Common.Role> >();
var principals = container.Resolve <GenericRepository <Common.Principal> >();
var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Delete(membership.Load());
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole {
PrincipalID = u2.ID, RoleID = r25.ID
},
new Common.PrincipalHasRole {
PrincipalID = u5.ID, RoleID = r25.ID
}
});
// Recompute membership on authorization:
var authorizationProvider = container.Resolve <CommonAuthorizationProvider>();
Assert.AreEqual(@"\u2-r25, u5-r25", ReportMembership(container));
{
var userRoles = authorizationProvider.GetUsersRoles(u1);
Assert.AreEqual(@"\r1", ReportRoles(userRoles, container));
Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container), "membership recomputed on authorization u1");
}
{
var userRoles = authorizationProvider.GetUsersRoles(u2);
Assert.AreEqual(@"\r2, r25", ReportRoles(userRoles, container), "mixed membership");
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "membership recomputed on authorization u2");
}
AuthorizationDataCache.ClearCache();
membership.Delete(membership.Load());
Assert.AreEqual(@"", ReportMembership(container), "membership deleted");
{
var userRoles = authorizationProvider.GetUsersRoles(u1);
Assert.AreEqual(@"\r1", ReportRoles(userRoles, container));
Assert.AreEqual(@"\u1-\r1", ReportMembership(container), "membership recomputed on authorization u1");
}
{
var userRoles = authorizationProvider.GetUsersRoles(u2);
Assert.AreEqual(@"\r2", ReportRoles(userRoles, container));
Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container), "membership recomputed on authorization u2");
}
}
}
public void ComputeOnInsertPrincipal()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve<Common.ExecutionContext>().NHibernateSession
.CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role")
.ExecuteUpdate();
// Insert test data:
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" };
var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" };
var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" };
var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" };
var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" };
var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" };
var repository = container.Resolve<Common.DomRepository>();
var roles = container.Resolve<GenericRepository<Common.Role>>();
var principals = container.Resolve<GenericRepository<Common.Principal>>();
var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>();
roles.Insert(r1, r2, r25);
Assert.AreEqual(@"\r1, \r2, r25", ReportRoles(roles.Read()), "roles created");
principals.Insert(u1, u2, u3, u5);
Assert.AreEqual(@"\u1, \u2, \u3, u5", ReportPrincipals(principals.Read()), "principals created");
// Recompute membership on insert domain users:
Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container), "auto-membership on insert");
// Inserting non-domain users and roles:
membership.Insert(new[] {
new Common.PrincipalHasRole { Principal = u2, Role = r25 },
new Common.PrincipalHasRole { Principal = u5, Role = r25 } },
checkUserPermissions: true);
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "non-domain users and roles");
}
}
public void ComputeOnUpdateRole()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve <ISqlExecuter>()
.ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role");
// Insert test data:
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var u2 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u2"
};
var u3 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u3"
};
var u5 = new Common.Principal {
ID = Guid.NewGuid(), Name = "u5"
};
var r1 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r1"
};
var r2 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r2"
};
var r25 = new Common.Role {
ID = Guid.NewGuid(), Name = "r25"
};
var repository = container.Resolve <Common.DomRepository>();
var roles = container.Resolve <GenericRepository <Common.Role> >();
var principals = container.Resolve <GenericRepository <Common.Principal> >();
var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole {
PrincipalID = u2.ID, RoleID = r25.ID
},
new Common.PrincipalHasRole {
PrincipalID = u5.ID, RoleID = r25.ID
}
});
// Recompute membership on modified role should remove obsolete memebers:
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "initial membership");
r2.Name = _domainPrefix + "r2x";
roles.Update(r2);
Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container), "recomputed membership after rename role");
// New role members will not be added automatically, to avoid performance penalty:
// (the membership will be added on the principal's authorization check)
r2.Name = _domainPrefix + "r2";
roles.Update(r2);
// This is not reqested feature, this assert simply describes currently implemented behaviour:
Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container));
}
}
public void ComputeOnUpdatePrincipal()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve<Common.ExecutionContext>().NHibernateSession
.CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role")
.ExecuteUpdate();
// Insert test data:
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" };
var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" };
var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" };
var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" };
var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" };
var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" };
var repository = container.Resolve<Common.DomRepository>();
var roles = container.Resolve<GenericRepository<Common.Role>>();
var principals = container.Resolve<GenericRepository<Common.Principal>>();
var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole { Principal = u2, Role = r25 },
new Common.PrincipalHasRole { Principal = u5, Role = r25 } });
// Recompute membership on update principal (domain users only):
u2.Name = "u2x";
principals.Update(u2);
Assert.AreEqual(@"\u1-\r1, u2x-\r2, u2x-r25, u5-r25", ReportMembership(container), "auto-membership on update ignore non-domain users");
u2.Name = _domainPrefix + "u2x";
principals.Update(u2);
Assert.AreEqual(@"\u1-\r1, \u2x-r25, u5-r25", ReportMembership(container), "auto-membership on update domain users");
u2.Name = _domainPrefix + "u2";
principals.Update(u2);
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "auto-membership on update domain users 2");
}
}
public void ComputeOnUpdateRole()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve<Common.ExecutionContext>().NHibernateSession
.CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role")
.ExecuteUpdate();
// Insert test data:
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" };
var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" };
var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" };
var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" };
var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" };
var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" };
var repository = container.Resolve<Common.DomRepository>();
var roles = container.Resolve<GenericRepository<Common.Role>>();
var principals = container.Resolve<GenericRepository<Common.Principal>>();
var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole { Principal = u2, Role = r25 },
new Common.PrincipalHasRole { Principal = u5, Role = r25 } });
// Recompute membership on modified role should remove obsolete memebers:
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "initial membership");
r2.Name = _domainPrefix + "r2x";
roles.Update(r2);
Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container), "recomputed membership after rename role");
// New role members will not be added automatically, to avoid performance penalty:
// (the membership will be added on the principal's authorization check)
r2.Name = _domainPrefix + "r2";
roles.Update(r2);
// This is not reqested feature, this assert simply describes currently implemented behaviour:
Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container));
}
}
public void RecomputeMembership()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve<Common.ExecutionContext>().NHibernateSession
.CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role")
.ExecuteUpdate();
// Insert test data:
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" };
var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" };
var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" };
var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" };
var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" };
var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" };
var repository = container.Resolve<Common.DomRepository>();
var roles = container.Resolve<GenericRepository<Common.Role>>();
var principals = container.Resolve<GenericRepository<Common.Principal>>();
var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole { Principal = u2, Role = r25 },
new Common.PrincipalHasRole { Principal = u5, Role = r25 } });
// Recompute membership relations:
var u1r1 = membership.Read(m => m.Principal.Name.Contains(@"\u1")).Single();
membership.Delete(new[] { u1r1 }, checkUserPermissions: false);
Assert.AreEqual(@"\u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "modified membership");
repository.Common.PrincipalHasRole.RecomputeFromActiveDirectoryPrincipalHasRole();
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "recomputed membership");
}
}
public void CommonFilters()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve <ISqlExecuter>()
.ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role");
// Insert test data:
var u1 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u1"
};
var u2 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u2"
};
var u3 = new Common.Principal {
ID = Guid.NewGuid(), Name = _domainPrefix + "u3"
};
var u5 = new Common.Principal {
ID = Guid.NewGuid(), Name = "u5"
};
var r1 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r1"
};
var r2 = new Common.Role {
ID = Guid.NewGuid(), Name = _domainPrefix + "r2"
};
var r25 = new Common.Role {
ID = Guid.NewGuid(), Name = "r25"
};
var repository = container.Resolve <Common.DomRepository>();
var roles = container.Resolve <GenericRepository <Common.Role> >();
var principals = container.Resolve <GenericRepository <Common.Principal> >();
var membership = repository.Common.PrincipalHasRole;
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole {
PrincipalID = u2.ID, RoleID = r25.ID
},
new Common.PrincipalHasRole {
PrincipalID = u5.ID, RoleID = r25.ID
}
});
// Common filters:
var filter1 = new Common.ActiveDirectoryAllUsersParameter();
Assert.AreEqual(@"\u1-\r1, \u2-\r2",
ReportMembership(container, filter1),
"filter ActiveDirectoryAllUsersParameter");
var filter2 = new[] { u1.Name, u2.Name }.Select(name => new Common.ActiveDirectoryUserParameter {
UserName = name
}).ToArray();
Assert.AreEqual(@"\u1-\r1, \u2-\r2",
ReportMembership(container, filter2),
"filter ActiveDirectoryUserParameter");
}
}
public void RoleInheritance()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve<Common.ExecutionContext>().NHibernateSession
.CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role")
.ExecuteUpdate();
// Insert test data:
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" };
var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" };
var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" };
var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" };
var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" };
var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" };
var repository = container.Resolve<Common.DomRepository>();
var roles = container.Resolve<GenericRepository<Common.Role>>();
var principals = container.Resolve<GenericRepository<Common.Principal>>();
var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole { Principal = u2, Role = r25 },
new Common.PrincipalHasRole { Principal = u5, Role = r25 } });
// Modify role inheritance:
repository.Common.RoleInheritsRole.Insert(new[] { new Common.RoleInheritsRole {
UsersFrom = r1, PermissionsFrom = r25 } });
TestUtility.ShouldFail(() => repository.Common.RoleInheritsRole.Insert(new[] { new Common.RoleInheritsRole {
UsersFrom = r25, PermissionsFrom = r2 } }), "UserException",
"It is not allowed to add users or user groups here because this role is synchronized with an Active Directory group.",
"Please change the user membership on Active Directory instead.");
}
}
public void UserShouldNotUpdateDomainMembership()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve<Common.ExecutionContext>().NHibernateSession
.CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role")
.ExecuteUpdate();
// Insert test data:
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" };
var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" };
var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" };
var repository = container.Resolve<Common.DomRepository>();
var roles = container.Resolve<GenericRepository<Common.Role>>();
var principals = container.Resolve<GenericRepository<Common.Principal>>();
var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>();
roles.Insert(r1, r2);
principals.Insert(u1, u2);
// The user should not update domain users/groups membership:
Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container));
var u2r2 = membership.Read(m => m.Principal.Name.Contains(@"\u2")).Single();
membership.Delete(new[] { u2r2 }, checkUserPermissions: false);
Assert.AreEqual(@"\u1-\r1", ReportMembership(container));
var u1r1 = membership.Read(m => m.Principal.Name.Contains(@"\u1")).Single();
TestUtility.ShouldFail(
() => membership.Delete(new[] { u1r1 }, checkUserPermissions: true),
"It is not allowed to remove the user membership here, because role " + _domainPrefix + "r1 is synchronized with an Active Directory group");
}
}
public void ComputeOnAuthorization()
{
using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false))
{
container.Resolve<Common.ExecutionContext>().NHibernateSession
.CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role")
.ExecuteUpdate();
// Insert test data:
var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" };
var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" };
var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" };
var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" };
var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" };
var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" };
var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" };
var repository = container.Resolve<Common.DomRepository>();
var roles = container.Resolve<GenericRepository<Common.Role>>();
var principals = container.Resolve<GenericRepository<Common.Principal>>();
var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>();
roles.Insert(r1, r2, r25);
principals.Insert(u1, u2, u3, u5);
membership.Delete(membership.Read());
membership.Insert(new[] { // Non-domain users and roles.
new Common.PrincipalHasRole { Principal = u2, Role = r25 },
new Common.PrincipalHasRole { Principal = u5, Role = r25 } });
// Recompute membership on authorization:
var authorizationProvider = container.Resolve<CommonAuthorizationProvider>();
Assert.AreEqual(@"\u2-r25, u5-r25", ReportMembership(container));
{
var userRoles = authorizationProvider.GetUsersRoles(u1);
Assert.AreEqual(@"\r1", ReportRoles(userRoles, container));
Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container), "membership recomputed on authorization u1");
}
{
var userRoles = authorizationProvider.GetUsersRoles(u2);
Assert.AreEqual(@"\r2, r25", ReportRoles(userRoles, container), "mixed membership");
Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "membership recomputed on authorization u2");
}
AuthorizationDataCache.ClearCache();
membership.Delete(membership.Read());
Assert.AreEqual(@"", ReportMembership(container), "membership deleted");
{
var userRoles = authorizationProvider.GetUsersRoles(u1);
Assert.AreEqual(@"\r1", ReportRoles(userRoles, container));
Assert.AreEqual(@"\u1-\r1", ReportMembership(container), "membership recomputed on authorization u1");
}
{
var userRoles = authorizationProvider.GetUsersRoles(u2);
Assert.AreEqual(@"\r2", ReportRoles(userRoles, container));
Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container), "membership recomputed on authorization u2");
}
}
}
static void Main(string[] args)
{
ConsoleLogger.MinLevel = EventType.Info; // Use "Trace" for more detailed log.
var rhetosServerPath = @"..\..\..\..\..\dist\BookStoreRhetosServer\RhetosServer.2.12.0";
Directory.SetCurrentDirectory(rhetosServerPath);
// Set commitChanges parameter to COMMIT or ROLLBACK the data changes.
using (var container = new RhetosTestContainer(commitChanges: true))
{
var context = container.Resolve <Common.ExecutionContext>();
var repository = context.Repository;
//var allBooks = repository.Bookstore.Book.Load(t => t.NumberOfPages > 200).Dump();
//var someBooks = repository.Bookstore.Book.Query().ToSimple().Dump();
//var book = repository.Bookstore.Book.Query(new[] { new Guid("8FCD6DAA-27F1-4ABB-9556-5E0C74BA00F0") }).ToSimple();
var filter = new FilterCriteria("Title", "StartsWith", "osi");
var filteredBook = repository.Bookstore.Book.Query(filter);
var booksWithComments = repository.Bookstore.Comment.Query().Where(c => c.BookID != null).ToString();
repository.Bookstore.Book.Insert(new Bookstore.Book {
Title = "new book", NumberOfPages = 201, Code = "A+"
});
// homework
//Load
var books = repository.Bookstore.Book.Load();
var authors = repository.Bookstore.Person.Load();
// left join
//var result = from book in books
// join author in authors on book.AuthorID equals author.ID into bookAuthor
// from subAuthor in bookAuthor.DefaultIfEmpty()
// select new { book.Title, AuthorName = subAuthor?.Name ?? "" }.Dump();
// inner join
var booksWithAuthors = books.Join(repository.Bookstore.Person.Load(), currentBook => currentBook.AuthorID, author => author.ID, (currentBook, author) => new { currentBook.Title, author.Name }).Dump();
// with load
var booksAndAuthors = books.Select(b => new
{
b.Title,
repository.Bookstore.Person.Load(new Guid[] { b.AuthorID ?? Guid.Empty }).SingleOrDefault()?.Name
}).Dump();
//Query
var booksWithAuthorsQuery = repository.Bookstore.Book.Query().Select(b => new { b.Title, b.Author.Name }).Dump();
//ToString
var booksWithAuthorsSqlQuery = repository.Bookstore.Book.Query().Select(b => new { b.Title, b.Author.Name }).ToString().Dump();
// homework 3
var filterParameter = new Bookstore.BooksWithMoreThan100Pages();
var query = repository.Bookstore.Book.Query(filterParameter);
query.ToString().Dump();
query.ToSimple().ToList().Dump();
var composableFilterParameter = new Bookstore.BooksWithMoreThanPages();
composableFilterParameter.NumberOfPages = 200;
var composableQuery = repository.Bookstore.Book.Query(composableFilterParameter);
composableQuery.ToString().Dump();
composableQuery.ToSimple().ToList().Dump();
var complex = new Bookstore.ComplexSearch();
complex.NumberOfPages = 20;
complex.IsForeignBook = true;
var complexQuery = repository.Bookstore.Book.Load(complex);
complexQuery.Dump();
// Query data from the `Common.Claim` table:
var claims = repository.Common.Claim.Query()
.Where(c => c.ClaimResource.StartsWith("Common.") && c.ClaimRight == "New")
.ToSimple(); // Removes ORM navigation properties from the loaded objects.
claims.ToString().Dump("Common.Claims SQL query");
claims.Dump("Common.Claims items");
// Add and remove a `Common.Principal`:
var testUser = new Common.Principal {
Name = "Test123", ID = Guid.NewGuid()
};
repository.Common.Principal.Insert(new[] { testUser });
repository.Common.Principal.Delete(new[] { testUser });
// Print logged events for the `Common.Principal`:
repository.Common.LogReader.Query()
.Where(log => log.TableName == "Common.Principal" && log.ItemId == testUser.ID)
.ToList()
.Dump("Common.Principal log");
Console.WriteLine("Done.");
Console.ReadLine();
}
}
