public void User_ApplyPermissions_WithUserId_GrantsAndRevokesPermissions()
{
SyncTestHelpers.RunRosTestAsync(async() =>
{
var alice = await SyncTestHelpers.GetUserAsync();
var bob = await SyncTestHelpers.GetUserAsync();
await TestApplyPermissions(alice, bob, PermissionCondition.UserId(bob.Identity)).Timeout(20000);
});
}
public void User_ApplyPermissions_WithUserId_GrantsAndRevokesPermissions()
{
AsyncContext.Run(async() =>
{
var alice = await SyncTestHelpers.GetUser();
var bob = await SyncTestHelpers.GetUser();
await TestApplyPermissions(alice, bob, PermissionCondition.UserId(bob.Identity));
});
}
public void User_ApplyPermissions_WithEmail_GrantsAndRevokesPermissions()
{
SyncTestHelpers.RunRosTestAsync(async() =>
{
var alice = await SyncTestHelpers.GetUserAsync();
var bobEmail = $"{Guid.NewGuid()}@foo.bar";
var bobCredentials = Credentials.UsernamePassword(bobEmail, "a", createUser: true);
var bob = await User.LoginAsync(bobCredentials, SyncTestHelpers.AuthServerUri);
await TestApplyPermissions(alice, bob, PermissionCondition.Email(bobEmail)).Timeout(20000);
});
}
public void User_ApplyPermissions_WithEmail_GrantsAndRevokesPermissions()
{
AsyncContext.Run(async() =>
{
var alice = await SyncTestHelpers.GetUser();
var bobEmail = $"{Guid.NewGuid()}@foo.bar";
var bobCredentials = Credentials.UsernamePassword(bobEmail, "a", createUser: true);
var bob = await User.LoginAsync(bobCredentials, new Uri($"http://{Constants.ServerUrl}"));
await TestApplyPermissions(alice, bob, PermissionCondition.Email(bobEmail));
});
}
public void GetInstanceAsync_OpensReadonlyRealm(bool singleTransaction)
{
SyncTestHelpers.RequiresRos();
AsyncContext.Run(async() =>
{
var alice = await SyncTestHelpers.GetUserAsync();
var bob = await SyncTestHelpers.GetUserAsync();
var realmUri = SyncTestHelpers.RealmUri($"{alice.Identity}/GetInstanceAsync_OpensReadonlyRealm");
var aliceConfig = new FullSyncConfiguration(realmUri, alice, Guid.NewGuid().ToString());
var aliceRealm = GetRealm(aliceConfig);
await alice.ApplyPermissionsAsync(PermissionCondition.UserId(bob.Identity), realmUri.AbsoluteUri, AccessLevel.Read).Timeout(1000);
AddDummyData(aliceRealm, singleTransaction);
var bobConfig = new FullSyncConfiguration(realmUri, bob, Guid.NewGuid().ToString());
var bobRealm = await GetRealmAsync(bobConfig);
var bobsObjects = bobRealm.All <IntPrimaryKeyWithValueObject>();
var alicesObjects = aliceRealm.All <IntPrimaryKeyWithValueObject>();
Assert.That(bobsObjects.Count(), Is.EqualTo(alicesObjects.Count()));
var bobTcs = new TaskCompletionSource <object>();
bobsObjects.AsRealmCollection().CollectionChanged += (sender, e) =>
{
bobTcs.TrySetResult(null);
};
aliceRealm.Write(() =>
{
aliceRealm.Add(new IntPrimaryKeyWithValueObject
{
Id = 9999,
StringValue = "Some value"
});
});
await bobTcs.Task.Timeout(1000);
Assert.That(bobsObjects.Count(), Is.EqualTo(alicesObjects.Count()));
var bobObject = bobRealm.Find <IntPrimaryKeyWithValueObject>(9999);
Assert.That(bobObject, Is.Not.Null);
Assert.That(bobObject.StringValue, Is.EqualTo("Some value"));
});
}
public void WriteToReadOnlyRealm_ThrowsPermissionDenied()
{
SyncTestHelpers.RequiresRos();
AsyncContext.Run(async () =>
{
var alice = await SyncTestHelpers.GetUserAsync();
var bob = await SyncTestHelpers.GetUserAsync();
var realmPath = $"/{alice.Identity}/willBeReadonly";
var realmUrl = SyncTestHelpers.RealmUri(realmPath).AbsoluteUri;
EnsureRealmExists(alice, realmUrl);
// Give Bob just read permissions
await alice.ApplyPermissionsAsync(PermissionCondition.UserId(bob.Identity), realmUrl, AccessLevel.Read);
var config = new SyncConfiguration(bob, new Uri(realmUrl), Guid.NewGuid().ToString());
var sessionErrorTask = TestHelpers.EventToTask<ErrorEventArgs>(h => Session.Error += h, h => Session.Error -= h);
using (var realm = GetRealm(config))
{
realm.Write(() => realm.Add(new Person()));
try
{
// Sometimes PermissionDenied will be thrown too fast moving the session to an error state
await GetSession(realm).WaitForUploadAsync();
}
catch
{
}
}
var sessionError = await sessionErrorTask.Timeout(1000);
Assert.That(sessionError.Exception, Is.TypeOf<PermissionDeniedException>());
var pde = (PermissionDeniedException)sessionError.Exception;
Assert.That(pde.ErrorCode, Is.EqualTo(ErrorCode.PermissionDenied));
Assert.That(File.Exists(config.DatabasePath), Is.True);
var result = pde.DeleteRealmUserInfo(deleteRealm: true);
Assert.That(result, Is.True);
Assert.That(File.Exists(config.DatabasePath), Is.False);
});
}
private async Task TestApplyPermissions(User alice, User bob, PermissionCondition condition)
{
var realmPath = $"/{alice.Identity}/testPermission";
var realmUrl = SyncTestHelpers.RealmUri(realmPath).AbsoluteUri;
EnsureRealmExists(alice, realmUrl);
// Grant write permissions
await alice.ApplyPermissionsAsync(condition, realmUrl, AccessLevel.Write);
await ValidateWriteAndSync(realmUrl, alice, bob, 1, 2);
await AssertPermissions(alice, bob, realmPath, AccessLevel.Write);
// Revoke permissions
await alice.ApplyPermissionsAsync(condition, realmUrl, AccessLevel.None);
await AssertPermissions(alice, bob, realmPath, AccessLevel.None);
}
public void GetInstanceAsync_OpensReadonlyRealm(bool singleTransaction)
{
SyncTestHelpers.RunRosTestAsync(async() =>
{
var alice = await SyncTestHelpers.GetUserAsync();
var bob = await SyncTestHelpers.GetUserAsync();
var realmUri = SyncTestHelpers.RealmUri($"{alice.Identity}/GetInstanceAsync_OpensReadonlyRealm");
var aliceConfig = new FullSyncConfiguration(realmUri, alice, Guid.NewGuid().ToString());
var aliceRealm = GetRealm(aliceConfig);
await alice.ApplyPermissionsAsync(PermissionCondition.UserId(bob.Identity), realmUri.AbsoluteUri, AccessLevel.Read).Timeout(1000);
AddDummyData(aliceRealm, singleTransaction);
await WaitForUploadAsync(aliceRealm);
var bobConfig = new FullSyncConfiguration(realmUri, bob, Guid.NewGuid().ToString());
var bobRealm = await GetRealmAsync(bobConfig);
var bobsObjects = bobRealm.All <IntPrimaryKeyWithValueObject>();
var alicesObjects = aliceRealm.All <IntPrimaryKeyWithValueObject>();
Assert.That(bobsObjects.Count(), Is.EqualTo(alicesObjects.Count()));
aliceRealm.Write(() =>
{
aliceRealm.Add(new IntPrimaryKeyWithValueObject
{
Id = 9999,
StringValue = "Some value"
});
});
await WaitForUploadAsync(aliceRealm);
await WaitForDownloadAsync(bobRealm);
await bobRealm.RefreshAsync();
Assert.That(bobsObjects.Count(), Is.EqualTo(alicesObjects.Count()));
var bobObject = bobRealm.Find <IntPrimaryKeyWithValueObject>(9999);
Assert.That(bobObject, Is.Not.Null);
Assert.That(bobObject.StringValue, Is.EqualTo("Some value"));
});
}
private static async Task TestApplyPermissions(User alice, User bob, PermissionCondition condition)
{
var realmPath = $"/{alice.Identity}/testPermission";
var realmUrl = $"realm://{Constants.ServerUrl}{realmPath}";
EnsureRealmExists(alice, realmUrl);
// Grant write permissions
await alice.ApplyPermissionsAsync(condition, realmUrl, AccessLevel.Write);
await ValidateWriteAndSync(realmUrl, alice, bob, 1, 2);
await AssertPermissions(alice, bob, realmPath, AccessLevel.Write);
// Revoke permissions
await alice.ApplyPermissionsAsync(condition, realmUrl, AccessLevel.None);
await AssertPermissions(alice, bob, realmPath, AccessLevel.None);
}
public void UserLogin_WhenCustomRefreshToken_LogsUserIn()
{
SyncTestHelpers.RunRosTestAsync(async() =>
{
var token = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjMiLCJuYW1lIjoiSm9obiBEb2UiLCJhZG1pbiI6dHJ1ZSwiaWF0IjoxNTE2MjM5MDIyLCJhdWQiOiJteUFwcCIsImlzcyI6Im15aXNzdWVyIn0.Xhl39nnVXIgTUqDKEfz2mDiHcfH8vZGDC4gJxAHZmQ_usf-uXTXfDxkjME2W5ynKeWUQrzIhOliHaouJq-XJpzqKPvQ4d70LwtijNC53O4SUaHHaTkhh98OLOZif0md7xHeeEJAI9sixNK4GDzA88a2K5dZ9dmv3XJJ3url481CNK5mSCMgTcN5dzChbewmJ327J7mDsHF74Nvdazevk7UyShLz0YfJaPr2ny9feUXcG7yMRTfg3XoSHGUZ1IDDyvjjslfelTZWIR3ccmiua2wyN1EKAQE0o1Ft89VFHDxIHVvfgdXr9aQvtEaPR7-GChL8rx1WiqujSMJ0DZC80gQ";
var credentials = Credentials.CustomRefreshToken(token);
var realmPath = Guid.NewGuid().ToString();
var user = await User.LoginAsync(credentials, SyncTestHelpers.AuthServerUri);
var config = new FullSyncConfiguration(new Uri($"/~/{realmPath}", UriKind.Relative), user);
using (var realm = await GetRealmAsync(config))
{
realm.Write(() =>
{
realm.Add(new PrimaryKeyInt32Object
{
Int32Property = 123
});
});
await GetSession(realm).WaitForUploadAsync();
}
var token2 = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI0NTYiLCJuYW1lIjoiSm9obiBEb2UiLCJhZG1pbiI6dHJ1ZSwiaWF0IjoxNTE2MjM5MDIyLCJhdWQiOiJteUFwcCIsImlzcyI6Im15aXNzdWVyIn0.Hum9NA5KfBqKNsRN6hckbijSAME4LfH2xwmqwPrfjVEBlHRg6HIOnV4gxjY_KUhaazjsExNjAGEhxAamTiefHgvTryVlXwgLjaVs2DpR7F2t1JkpB9b7bU8fo0XV1ZhQ40s9_s3_t6Gdaf8cewSr2ADe0q71c09kP4VtxHQlzXkKuDjkwVXhaXFKglaJNy2Lhk04ybKJn0g_H-sWv2keTW1-J1RhZCzkB_o1Xv-SqoB_n5lahZ3rSUvbQalcQn20mOetTlfAkYfi3Eee4bYzc0iykDdG124uUnQVXXiQR67qlB4zqJ1LuG84KBYcO7W5g_kIBq7YzNaP68xT_x2YBw";
var credentials2 = Credentials.CustomRefreshToken(token2);
var user2 = await User.LoginAsync(credentials2, SyncTestHelpers.AuthServerUri);
await user.ApplyPermissionsAsync(PermissionCondition.UserId(user2.Identity), $"/~/{realmPath}", AccessLevel.Write);
var permissions = await user2.GetGrantedPermissionsAsync(Recipient.CurrentUser);
var userFooPermission = permissions.SingleOrDefault(p => p.Path.EndsWith($"/{realmPath}"));
Assert.That(userFooPermission, Is.Not.Null);
var config2 = new FullSyncConfiguration(new Uri(userFooPermission.Path, UriKind.Relative), user2);
using (var realm = await GetRealmAsync(config2))
{
var objects = realm.All <PrimaryKeyInt32Object>();
Assert.That(objects.Count(), Is.EqualTo(1));
Assert.That(objects.Single().Int32Property, Is.EqualTo(123));
}
});
}
public PermissionFilter(PermissionCondition condition, params string[] sysPermission)
{
this.sysPermission = sysPermission;
this.condition = condition;
}