public void Test()
{
long[] outerEntities;
long[] innerEntities;
outerEntities = new long[] { 1 };
innerEntities = new long[] { 2 };
Assert.That(ForceSecurityTraceContext.IsSet(), Is.False, "Context set initially");
Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.Empty, "Entities to trace initially");
using (new ForceSecurityTraceContext(outerEntities))
{
Assert.That(ForceSecurityTraceContext.IsSet(), Is.True, "Context not set (before inner)");
Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.EquivalentTo(outerEntities));
using (new ForceSecurityTraceContext(innerEntities))
{
Assert.That(ForceSecurityTraceContext.IsSet(), Is.True, "Context not set (inner)");
Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.EquivalentTo(innerEntities.Union(outerEntities)));
}
Assert.That(ForceSecurityTraceContext.IsSet(), Is.True, "Context not set (after inner)");
Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.EquivalentTo(outerEntities));
}
Assert.That(ForceSecurityTraceContext.IsSet(), Is.False, "Context set afterwards");
Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.Empty, "Entities to trace afterwards");
}
/// <summary>
/// Should the security trace message be written?
/// </summary>
/// <param name="result">
/// The results of the check. This cannot be null.
/// </param>
/// <exception cref="ArgumentNullException">
/// <paramref name="result"/> cannot be null.
/// </exception>
/// <returns>
/// True if the message should be written out, false otherwise.
/// </returns>
internal bool ShouldWriteSecurityTraceMessage(IDictionary <long, bool> result)
{
if (result == null)
{
throw new ArgumentNullException("result");
}
bool writeMessage;
writeMessage = false;
if (SkipCheck())
{
writeMessage = false;
}
else if (ForceSecurityTraceContext.EntitiesToTrace().Overlaps(result.Keys))
{
writeMessage = true;
}
else
{
switch (TraceLevel)
{
case SecurityTraceLevel.None:
break;
case SecurityTraceLevel.DenyBasic:
case SecurityTraceLevel.DenyVerbose:
writeMessage = result.Any(kvp => !kvp.Value);
break;
case SecurityTraceLevel.AllBasic:
case SecurityTraceLevel.AllVerbose:
writeMessage = true;
break;
default:
EventLog.Application.WriteWarning("Unknown security trace level {0}", TraceLevel);
break;
}
}
return(writeMessage);
}
public void GetInspectingEntities()
{
EventLogSettings eventLogSettings;
eventLogSettings = Entity.Get <EventLogSettings>(ForceSecurityTraceContext.EventLogSettingsAlias, true);
Assert.That(eventLogSettings, Is.Not.Null);
eventLogSettings.InspectSecurityChecksOnResource.Add(eventLogSettings.As <Resource>());
eventLogSettings.Save();
Thread.Sleep(new TimeSpan(ForceSecurityTraceContext.TicksToWaitBeforeRefreshing));
Assert.That(
ForceSecurityTraceContext.GetInspectingEntities(),
Has.Exactly(1).EqualTo(eventLogSettings.Id));
eventLogSettings.InspectSecurityChecksOnResource.Clear( );
eventLogSettings.Save( );
Thread.Sleep(new TimeSpan(ForceSecurityTraceContext.TicksToWaitBeforeRefreshing));
}
/// <summary>
/// Get the <see cref="MessageContextBehavior"/> used for diagnostic logging.
/// </summary>
/// <param name="entityIds">
/// The entity IDs the security check is being performed on.
/// </param>
/// <returns></returns>
internal MessageContextBehavior GetBehavior(IEnumerable <long> entityIds)
{
if (entityIds == null)
{
throw new ArgumentNullException("entityIds");
}
if (!RequestContext.IsSet)
{
throw new InvalidOperationException("Request context not set");
}
MessageContextBehavior behavior;
behavior = MessageContextBehavior.New;
if (!SkipCheck() &&
(ForceSecurityTraceContext.EntitiesToTrace().Overlaps(entityIds) ||
TraceLevel != SecurityTraceLevel.None))
{
behavior |= MessageContextBehavior.Capturing;
}
return(behavior);
}
