public async Task GivenOtherMembersHavePermissionsToDeleteTeamProject_WhenFix_ThenPermissionsAreUpdated() { var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client, _deleteTeamProjectAllow); InitializeApplicationGroupsLookup(client, _pa, _rpa, new ApplicationGroup { FriendlyDisplayName = "Contributors", TeamFoundationId = "afewsf" }); InitializeMembersLookup(client); var rule = new NobodyCanDeleteTheTeamProject(client); await rule.ReconcileAsync(""); await client .Received() .PostAsync(Arg.Any <IVstsRequest <Permissions.UpdateWrapper, object> >(), Arg.Is <Permissions.UpdateWrapper>(x => x.UpdatePackage.Contains("afewsf") && x.UpdatePackage.Contains(@"PermissionId"":0"))); await client .DidNotReceive() .PostAsync(Arg.Any <IVstsRequest <Permissions.UpdateWrapper, object> >(), Arg.Is <Permissions.UpdateWrapper>(x => x.UpdatePackage.Contains(_pa.TeamFoundationId))); await client .Received(1) .PostAsync(Arg.Any <IVstsRequest <Permissions.UpdateWrapper, object> >(), Arg.Is <Permissions.UpdateWrapper>(x => x.UpdatePackage.Contains(_rpa.TeamFoundationId))); // Only the DENY update }
public async Task GivenRabobankProjectAdministratorsGroupDoesNotExist_WhenFix_ThenThatGroupIsCreated() { // Arrange var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client, _deleteTeamProjectAllow); InitializeApplicationGroupsLookup(client, _pa); InitializeMembersLookup(client); client .PostAsync(Arg.Any <IVstsRequest <SecurePipelineScan.VstsService.Requests.Security.ManageGroupData, ApplicationGroup> >(), Arg.Any <SecurePipelineScan.VstsService.Requests.Security.ManageGroupData>()) .Returns(_rpa); // Act var rule = new NobodyCanDeleteTheTeamProject(client); await rule.ReconcileAsync(""); // Assert await client .Received() .PostAsync( Arg.Any <IVstsRequest <SecurePipelineScan.VstsService.Requests.Security.ManageGroupData, ApplicationGroup> >(), Arg.Any <SecurePipelineScan.VstsService.Requests.Security.ManageGroupData>()); }
GivenProjectAdministratorsGroupContainsOtherMembers_WhenFix_ThenMembersAreAddedToRabobankProjectAdministratorsGroup() { var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client, _deleteTeamProjectAllow); InitializeApplicationGroupsLookup(client, _pa, _rpa); InitializeMembersLookup(client, _rpa, new ApplicationGroup { TeamFoundationId = "asdf" }, new ApplicationGroup { TeamFoundationId = "gsdgs" }); var rule = new NobodyCanDeleteTheTeamProject(client); await rule.ReconcileAsync(""); await client .Received() .PostAsync(Arg.Any <IVstsRequest <SecurePipelineScan.VstsService.Requests.Security.AddMemberData, object> >(), Arg.Is <SecurePipelineScan.VstsService.Requests.Security.AddMemberData>(x => x.GroupsToJoinJson.Contains(_rpa.TeamFoundationId) && x.ExistingUsersJson.Contains("asdf") && x.ExistingUsersJson.Contains("gsdgs"))); }
public async Task GivenProjectAdministratorsGroupContainsOtherMembers_WhenFix_ThenMembersAreRemoved() { var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client, _deleteTeamProjectAllow); InitializeApplicationGroupsLookup(client, _pa, _rpa); InitializeMembersLookup(client, new ApplicationGroup { TeamFoundationId = "asdf" }, new ApplicationGroup { TeamFoundationId = "gsdgs" }); var rule = new NobodyCanDeleteTheTeamProject(client); await rule.ReconcileAsync(""); await client .Received() .PostAsync(Arg.Any <IVstsRequest <SecurePipelineScan.VstsService.Requests.Security.EditMembersData, object> >(), Arg.Is <SecurePipelineScan.VstsService.Requests.Security.RemoveMembersData>(x => x.RemoveItemsJson.Contains("asdf") && x.RemoveItemsJson.Contains("gsdgs") && x.GroupId == "1234")); }
public async Task GivenOnlyProjectAdministratorHasPermissionToDeleteTeamProject_WhenEvaluate_ThenTrue() { var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client, _deleteTeamProjectAllow); InitializeApplicationGroupsLookup(client, _pa); InitializeMembersLookup(client); var rule = new NobodyCanDeleteTheTeamProject(client); (await rule.EvaluateAsync("")).ShouldBeTrue(); }
public async Task GivenProjectAdministratorsHasOtherMember_WhenEvaluate_ThenFalse() { var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client); InitializeApplicationGroupsLookup(client, _pa); InitializeMembersLookup(client, new ApplicationGroup()); var rule = new NobodyCanDeleteTheTeamProject(client); (await rule.EvaluateAsync("")).ShouldBeFalse(); }
public async Task GivenContributorsHasPermissionToDeleteTeamProject_WhenEvaluate_ThenFalse() { var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client, _deleteTeamProjectAllow); InitializeApplicationGroupsLookup(client, new ApplicationGroup { FriendlyDisplayName = "Contributors" }); InitializeMembersLookup(client); var rule = new NobodyCanDeleteTheTeamProject(client); (await rule.EvaluateAsync("")).ShouldBeFalse(); }
GivenProjectAdministratorsGroupContainsRabobankAdministratorsGroups_WhenFix_ThenThatMemberIsNotRemoved() { var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client, _deleteTeamProjectAllow); InitializeApplicationGroupsLookup(client, _pa, _rpa); InitializeMembersLookup(client, _rpa); var rule = new NobodyCanDeleteTheTeamProject(client); await rule.ReconcileAsync(""); await client .DidNotReceive() .PostAsync(Arg.Any <IVstsRequest <SecurePipelineScan.VstsService.Requests.Security.RemoveMembersData, object> >(), Arg.Any <SecurePipelineScan.VstsService.Requests.Security.RemoveMembersData>()); }
GivenRabobankProjectAdministratorsHasInheritedAllowToDeleteTeamProject_WhenFix_ThenPermissionsAreUpdated() { var client = Substitute.For <IVstsRestClient>(); InitializePermissions(client, _deleteTeamProjectAllow); InitializeApplicationGroupsLookup(client, _pa, _rpa, new ApplicationGroup { FriendlyDisplayName = "Contributors" }); InitializeMembersLookup(client); var rule = new NobodyCanDeleteTheTeamProject(client); await rule.ReconcileAsync(""); await client .Received() .PostAsync(Arg.Any <IVstsRequest <Permissions.UpdateWrapper, object> >(), Arg.Is <Permissions.UpdateWrapper>(x => x.UpdatePackage.Contains(_rpa.TeamFoundationId) && x.UpdatePackage.Contains(@"PermissionBit"":4") && x.UpdatePackage.Contains(@"PermissionId"":2"))); }
public async Task ReconcileIntegrationTest() { var client = new VstsRestClient(_config.Organization, _config.Token); await ManagePermissions .ForTeamProject(client, _config.Project) .Permissions((4, "52d39943-cb85-4d7f-8fa8-c6baac873819")) .SetToAsync(PermissionId.Allow); var rule = new NobodyCanDeleteTheTeamProject(client); (await rule.EvaluateAsync(_config.Project)) .ShouldBe(false); await rule.ReconcileAsync(_config.Project); await Policy .Handle <Exception>() .WaitAndRetryAsync(Constants.NumRetries, t => TimeSpan.FromSeconds(t)) .ExecuteAsync(async() => { (await rule.EvaluateAsync(_config.Project)).ShouldBe(true); }); }
public async Task FixIntegrationTest() { var rule = new NobodyCanDeleteTheTeamProject(new VstsRestClient(_config.Organization, _config.Token)); await rule.ReconcileAsync(_config.Project); }