public void Test() { long[] outerEntities; long[] innerEntities; outerEntities = new long[] { 1 }; innerEntities = new long[] { 2 }; Assert.That(ForceSecurityTraceContext.IsSet(), Is.False, "Context set initially"); Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.Empty, "Entities to trace initially"); using (new ForceSecurityTraceContext(outerEntities)) { Assert.That(ForceSecurityTraceContext.IsSet(), Is.True, "Context not set (before inner)"); Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.EquivalentTo(outerEntities)); using (new ForceSecurityTraceContext(innerEntities)) { Assert.That(ForceSecurityTraceContext.IsSet(), Is.True, "Context not set (inner)"); Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.EquivalentTo(innerEntities.Union(outerEntities))); } Assert.That(ForceSecurityTraceContext.IsSet(), Is.True, "Context not set (after inner)"); Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.EquivalentTo(outerEntities)); } Assert.That(ForceSecurityTraceContext.IsSet(), Is.False, "Context set afterwards"); Assert.That(ForceSecurityTraceContext.EntitiesToTrace(), Is.Empty, "Entities to trace afterwards"); }
/// <summary> /// Should the security trace message be written? /// </summary> /// <param name="result"> /// The results of the check. This cannot be null. /// </param> /// <exception cref="ArgumentNullException"> /// <paramref name="result"/> cannot be null. /// </exception> /// <returns> /// True if the message should be written out, false otherwise. /// </returns> internal bool ShouldWriteSecurityTraceMessage(IDictionary <long, bool> result) { if (result == null) { throw new ArgumentNullException("result"); } bool writeMessage; writeMessage = false; if (SkipCheck()) { writeMessage = false; } else if (ForceSecurityTraceContext.EntitiesToTrace().Overlaps(result.Keys)) { writeMessage = true; } else { switch (TraceLevel) { case SecurityTraceLevel.None: break; case SecurityTraceLevel.DenyBasic: case SecurityTraceLevel.DenyVerbose: writeMessage = result.Any(kvp => !kvp.Value); break; case SecurityTraceLevel.AllBasic: case SecurityTraceLevel.AllVerbose: writeMessage = true; break; default: EventLog.Application.WriteWarning("Unknown security trace level {0}", TraceLevel); break; } } return(writeMessage); }
public void GetInspectingEntities() { EventLogSettings eventLogSettings; eventLogSettings = Entity.Get <EventLogSettings>(ForceSecurityTraceContext.EventLogSettingsAlias, true); Assert.That(eventLogSettings, Is.Not.Null); eventLogSettings.InspectSecurityChecksOnResource.Add(eventLogSettings.As <Resource>()); eventLogSettings.Save(); Thread.Sleep(new TimeSpan(ForceSecurityTraceContext.TicksToWaitBeforeRefreshing)); Assert.That( ForceSecurityTraceContext.GetInspectingEntities(), Has.Exactly(1).EqualTo(eventLogSettings.Id)); eventLogSettings.InspectSecurityChecksOnResource.Clear( ); eventLogSettings.Save( ); Thread.Sleep(new TimeSpan(ForceSecurityTraceContext.TicksToWaitBeforeRefreshing)); }
/// <summary> /// Get the <see cref="MessageContextBehavior"/> used for diagnostic logging. /// </summary> /// <param name="entityIds"> /// The entity IDs the security check is being performed on. /// </param> /// <returns></returns> internal MessageContextBehavior GetBehavior(IEnumerable <long> entityIds) { if (entityIds == null) { throw new ArgumentNullException("entityIds"); } if (!RequestContext.IsSet) { throw new InvalidOperationException("Request context not set"); } MessageContextBehavior behavior; behavior = MessageContextBehavior.New; if (!SkipCheck() && (ForceSecurityTraceContext.EntitiesToTrace().Overlaps(entityIds) || TraceLevel != SecurityTraceLevel.None)) { behavior |= MessageContextBehavior.Capturing; } return(behavior); }