public static IDomainQuery <T> ByOrganizationId <T>(int organizationId, OrganizationDataReadAccessLevel accessLevel) { var hasOrganization = typeof(IOwnedByOrganization).IsAssignableFrom(typeof(T)); var hasAccessModifier = typeof(IHasAccessModifier).IsAssignableFrom(typeof(T)); if (!hasOrganization) { return(new RejectAllResultsQuery <T>()); } var queries = new List <IDomainQuery <T> > { ByOrganizationId <T>(organizationId) }; switch (accessLevel) { case OrganizationDataReadAccessLevel.Public when hasAccessModifier: queries.Add(ByPublicAccessModifier <T>()); break; case OrganizationDataReadAccessLevel.All: break; default: return(new RejectAllResultsQuery <T>()); } return(new IntersectionQuery <T>(queries)); }
public void Cannot_GetAssignableOptions_OrganizationAccess(OrganizationDataReadAccessLevel readAccessLevel) { //Arrange var organizationId = A <int>(); ExpectOrganizationReadAccess(organizationId, readAccessLevel); //Act var assignableOptionsResult = _sut.GetAssignableDataProcessingRegistrationOptions(organizationId); //Assert Assert.True(assignableOptionsResult.Failed); Assert.Equal(OperationFailure.Forbidden, assignableOptionsResult.Error.FailureType); }
public void GetRelationsDefinedInOrganization_Returns_Forbidden(OrganizationDataReadAccessLevel accessLevelInOrganization) { //Arrange var organizationId = A <int>(); const int pageNumber = 0; const int pageSize = 100; ExpectGetOrganizationReadAccessReturns(organizationId, accessLevelInOrganization); //Act var relations = _sut.GetRelationsDefinedInOrganization(organizationId, pageNumber, pageSize); //Assert Assert.False(relations.Ok); Assert.Equal(OperationFailure.Forbidden, relations.Error.FailureType); }
public static IQueryable <T> ByOrganizationDataAndPublicDataFromOtherOrganizations <T>( this IQueryable <T> result, int organizationId, OrganizationDataReadAccessLevel organizationAccessLevel, CrossOrganizationDataReadAccessLevel crossOrganizationDataReadAccessLevel) where T : class, IHasAccessModifier, IOwnedByOrganization { var domainQueries = new List <IDomainQuery <T> >(); /****************/ /***MAIN QUERY***/ /****************/ if (organizationAccessLevel >= OrganizationDataReadAccessLevel.Public) { if (crossOrganizationDataReadAccessLevel >= CrossOrganizationDataReadAccessLevel.Public) { domainQueries.Add(new QueryByPublicAccessOrOrganizationId <T>(organizationId)); } else { domainQueries.Add(new QueryByOrganizationId <T>(organizationId)); } //Refine to public data only for the organization in question if (organizationAccessLevel == OrganizationDataReadAccessLevel.Public) { domainQueries.Add(new QueryByAccessModifier <T>(AccessModifier.Public)); } } else { domainQueries.Add(new RejectAllResultsQuery <T>()); } return(new IntersectionQuery <T>(domainQueries).Apply(result)); }
private void ExpectOrganizationalAccessLevel(int organizationId, OrganizationDataReadAccessLevel accessLevel) { _authorizationContext.Setup(x => x.GetOrganizationReadAccessLevel(organizationId)).Returns(accessLevel); }
private static OrganizationDataQueryParameters CreateExpectedQuery(bool getPublic, CrossOrganizationDataReadAccessLevel crossOrganizationDataReadAccessLevel, OrganizationDataReadAccessLevel organizationDataReadAccess, int organizationId) { return(new OrganizationDataQueryParameters(organizationId, getPublic ? OrganizationDataQueryBreadth.IncludePublicDataFromOtherOrganizations : OrganizationDataQueryBreadth.TargetOrganization, new DataAccessLevel(crossOrganizationDataReadAccessLevel, organizationDataReadAccess))); }
public void GetUnusedItSystemsByOrganization_Returns_RequestedAmount_OrderedBy_Name(int amount, bool getPublic, CrossOrganizationDataReadAccessLevel crossOrganizationDataReadAccessLevel, OrganizationDataReadAccessLevel organizationDataReadAccess) { //Arrange var prefix = A <string>(); var organizationId = A <int>(); ExpectOrganizationalAccessLevel(organizationId, organizationDataReadAccess); ExpectCrossLevelOrganizationAccess(crossOrganizationDataReadAccessLevel); var expectedQuery = CreateExpectedQuery(getPublic, crossOrganizationDataReadAccessLevel, organizationDataReadAccess, organizationId); //Create double the amount of requested to check that amount is limited by requested number. var resultSet = CreateItSystemSequenceWithNamePrefix(amount * 2, prefix); ExpectGetUnusedSystemsReturns(expectedQuery, resultSet.AsQueryable()); //Act var result = _sut.GetUnusedItSystemsByOrganization(organizationId, prefix, amount, getPublic); //Assert + requested amount returned and in the right order Assert.True(result.Ok); var itSystems = result.Value.ToList(); Assert.Equal(amount, itSystems.Count); Assert.True(resultSet.OrderBy(x => x.Name).Take(amount).SequenceEqual(itSystems)); }
public void GetAvailableOptions_Returns_Forbidden_If_Not_OrganizationDataReadAccessLevel_Is_All(OrganizationDataReadAccessLevel authContextReturn) { //Arrange var uuid = Guid.NewGuid(); var orgId = A <int>(); _organizationRepository.Setup(x => x.GetByUuid(uuid)).Returns(new Organization() { Id = orgId }); _authorizationContext.Setup(x => x.GetOrganizationReadAccessLevel(orgId)).Returns(authContextReturn); //Act var businessTypes = _sut.GetOptionTypes(uuid); //Assert Assert.True(businessTypes.Failed); Assert.Equal(OperationFailure.Forbidden, businessTypes.Error.FailureType); }
public static IQueryable <T> ByOrganizationId <T>(this IQueryable <T> result, int organizationId, OrganizationDataReadAccessLevel accessLevel) where T : class, IOwnedByOrganization { return(QueryFactory.ByOrganizationId <T>(organizationId, accessLevel).Apply(result)); }
[InlineData(false, false, true, true, false, OrganizationDataReadAccessLevel.All)] //Part of the organization always grants full access to that organization public void GetOrganizationReadAccessLevel_Returns(bool isGlobalAdmin, bool isRightsHolder, bool hasStakeHolderAccess, bool isActiveInOrganization, bool isMunicipality, OrganizationDataReadAccessLevel expectedResult) { //Arrange var targetOrganization = A <int>(); ExpectUserIsGlobalAdmin(isGlobalAdmin); ExpectUserHasStakeHolderAccess(hasStakeHolderAccess); ExpectUserHasRoleIn(targetOrganization, isActiveInOrganization); ExpectUserHasRoleInOrganizationOfType(OrganizationCategory.Municipality, isMunicipality); ExpectUserHasRoleInAnyOrganization(OrganizationRole.RightsHolderAccess, isRightsHolder); //Act var hasAccess = _sut.GetOrganizationReadAccessLevel(targetOrganization); //Assert Assert.Equal(expectedResult, hasAccess); }
private void ExpectGetOrganizationalReadAccessReturns(int orgKey, OrganizationDataReadAccessLevel result) { _authorizationContext.Setup(x => x.GetOrganizationReadAccessLevel(orgKey)) .Returns(result); }
public DataAccessLevel(CrossOrganizationDataReadAccessLevel crossOrganizational, OrganizationDataReadAccessLevel currentOrganization) { CrossOrganizational = crossOrganizational; CurrentOrganization = currentOrganization; }