public void Should_enforce_policies_with_context()
{
// Arrange
var roles = new List <object> {
UserRole.Owner
}.ToArray();
const bool isAuthenticated = true;
var context = new Mock <ISecurityContext>();
context.Setup(x => x.CurrenUserAuthenticated()).Returns(isAuthenticated);
context.Setup(x => x.CurrenUserRoles()).Returns(roles);
var policy = new Mock <ISecurityPolicy>();
policy.Setup(x => x.Enforce(It.Is <ISecurityContext>(c => c.CurrenUserAuthenticated() == isAuthenticated && c.CurrenUserRoles() == roles))).Returns(PolicyResult.CreateSuccessResult(policy.Object));
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.SecurityConfigurationProvider = TestDataFactory.CreateValidSecurityConfiguration;
policyContainer.AddPolicy(policy.Object);
// Act
policyContainer.EnforcePolicies(context.Object);
// Assert
policy.VerifyAll();
}
public void Should_return_results()
{
// Arrange
var roles = new List <object> {
UserRole.Owner
}.ToArray();
const bool isAuthenticated = true;
const string failureOccured = "Failure occured";
var context = TestDataFactory.CreateSecurityContext(isAuthenticated, roles);
var policy = new Mock <ISecurityPolicy>();
policy.Setup(x => x.Enforce(It.IsAny <ISecurityContext>())).Returns(PolicyResult.CreateFailureResult(policy.Object, failureOccured));
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.SecurityConfigurationProvider = TestDataFactory.CreateValidSecurityConfiguration;
policyContainer.AddPolicy(policy.Object);
// Act
var results = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results.Count(), Is.EqualTo(1));
Assert.That(results.Single().ViolationOccured, Is.True);
Assert.That(results.Single().Message, Is.EqualTo(failureOccured));
}
public void Should_load_lazy_policy_with_cache_key_exactly_twice_during_execution_with_caching_on()
{
// Arrange
var callsToContainer = 0;
var policy = new LazyLoadedPolicyWithCacheKey();
FakeIoC.GetAllInstancesProvider = () =>
{
callsToContainer++;
return(new List <object> {
policy
});
};
SecurityConfigurator.Configure(configuration =>
{
configuration.GetAuthenticationStatusFrom(TestDataFactory.ValidIsAuthenticatedFunction);
configuration.ResolveServicesUsing(FakeIoC.GetAllInstances);
configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.PerHttpRequest);
});
var context = new MockSecurityContext();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy <LazyLoadedPolicyWithCacheKey>();
// Act
policyContainer.EnforcePolicies(context);
policyContainer.EnforcePolicies(context);
// Assert
Assert.That(callsToContainer, Is.EqualTo(2));
Assert.That(policy.CacheKeyCallCount, Is.EqualTo(2), "Did not get the custom cache key the expected amount of times");
Assert.That(policy.EnforceCallCount, Is.EqualTo(1), "Did not call enforce the expected amount of times");
}
public void Should_stop_on_first_violation_and_return_1_result()
{
// Arrange
PolicyExecutionMode.StopOnFirstViolation(true);
var context = TestDataFactory.CreateSecurityContext(false);
var firstPolicy = new Mock <ISecurityPolicy>();
firstPolicy.Setup(x => x.Enforce(It.IsAny <ISecurityContext>())).Returns(PolicyResult.CreateFailureResult(firstPolicy.Object, "Failure occured"));
var secondPolicy = new Mock <ISecurityPolicy>();
secondPolicy.Setup(x => x.Enforce(It.IsAny <ISecurityContext>())).Returns(PolicyResult.CreateSuccessResult(secondPolicy.Object));
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(firstPolicy.Object).AddPolicy(secondPolicy.Object);
// Act
var results = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results.Count(), Is.EqualTo(1));
Assert.That(results.Single().ViolationOccured, Is.True);
}
public void Should_use_cache_lifecycle_specified_when_adding_a_policy()
{
// Arrange
const Cache defaultCacheLifecycle = Cache.PerHttpSession;
const Cache specifiedCacheLifecycle = Cache.PerHttpRequest;
var context = TestDataFactory.CreateSecurityContext(false);
var securityPolicy = new IgnorePolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.SecurityConfigurationProvider = () => TestDataFactory.CreateValidSecurityConfiguration(configuration => configuration.Advanced.SetDefaultResultsCacheLifecycle(defaultCacheLifecycle));
policyContainer.AddPolicy(securityPolicy).Cache <IgnorePolicy>(specifiedCacheLifecycle);
// Act
var results1 = policyContainer.EnforcePolicies(context);
var results2 = policyContainer.EnforcePolicies(context);
SecurityCache.ClearCache(Lifecycle.HybridHttpContext);;
var results3 = policyContainer.EnforcePolicies(context);
var results4 = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results1.Single(), Is.EqualTo(results2.Single()));
Assert.That(results3.Single(), Is.EqualTo(results4.Single()));
Assert.That(results1.Single(), Is.Not.EqualTo(results3.Single()), "Results should not be equal across requests.");
}
public void Should_stop_on_first_violation_and_return_2_results()
{
// Arrange
var context = TestDataFactory.CreateSecurityContext(false);
var firstPolicy = new TestPolicy();
var secondPolicy = new Mock <ISecurityPolicy>();
secondPolicy.Setup(x => x.Enforce(It.IsAny <ISecurityContext>())).Returns(PolicyResult.CreateFailureResult(secondPolicy.Object, "Failure occured"));
var thirdPolicy = new TestPolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.SecurityConfigurationProvider = TestDataFactory.CreateValidSecurityConfiguration;
policyContainer.AddPolicy(firstPolicy).AddPolicy(secondPolicy.Object).AddPolicy(thirdPolicy);
// Act
var results = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results.Count(), Is.EqualTo(2));
Assert.That(results.First().ViolationOccured, Is.False);
Assert.That(results.Last().ViolationOccured, Is.True);
}
public void Should_return_the_same_results()
{
// Arrange
var context = TestDataFactory.CreateSecurityContext(false);
var firstPolicy = new IgnorePolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.SecurityConfigurationProvider = () => TestDataFactory.CreateValidSecurityConfiguration(configuration => configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.PerHttpSession));
policyContainer.AddPolicy(firstPolicy);
// Act
var results1 = policyContainer.EnforcePolicies(context);
var results2 = policyContainer.EnforcePolicies(context);
SecurityCache.ClearCache(Lifecycle.HybridHttpSession);;
var results3 = policyContainer.EnforcePolicies(context);
var results4 = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results1.Single(), Is.EqualTo(results2.Single()));
Assert.That(results3.Single(), Is.EqualTo(results4.Single()));
Assert.That(results1.Single(), Is.Not.EqualTo(results3.Single()), "Results should not be equal across sessions.");
}
public void SetUp()
{
// Arrange
_policyContainer = TestDataFactory.CreateValidPolicyContainer();
// Act
_return = _policyContainer.AddPolicy<SomePolicy>();
}
public void SetUp()
{
// Arrange
_policyContainer = TestDataFactory.CreateValidPolicyContainer();
_policyContainer
.AddPolicy(_policy1)
.AddPolicy(_policy2);
}
public void SetUp()
{
// Arrange
_policyContainer = TestDataFactory.CreateValidPolicyContainer();
_policyContainer.SecurityConfigurationProvider = TestDataFactory.CreateValidSecurityConfiguration;
_policyContainer
.AddPolicy(_policy1)
.AddPolicy(_policy2);
}
public void SetUp()
{
// Arrange
_policy = new DenyAnonymousAccessPolicy();
_policyContainer = TestDataFactory.CreateValidPolicyContainer();
// Act
_return = _policyContainer.AddPolicy(_policy);
}
public void Should_return_unique_results()
{
// Arrange
var firstPolicy = new IgnorePolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.SecurityConfigurationProvider = () => TestDataFactory.CreateValidSecurityConfiguration(configuration => configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.DoNotCache));
policyContainer.AddPolicy(firstPolicy);
// Act
var context = TestDataFactory.CreateSecurityContext(false);
var results1 = policyContainer.EnforcePolicies(context);
var results2 = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results1.Single(), Is.Not.EqualTo(results2.Single()));
}
public void Should_invoke_the_isautheticated_and_roles_functions()
{
// Arrange
var context = MockRepository.GenerateMock <ISecurityContext>();
context.Expect(x => x.CurrenUserAuthenticated()).Return(true).Repeat.Once();
context.Expect(x => x.CurrenUserRoles()).Return(new List <object> {
UserRole.Owner
}.ToArray()).Repeat.Once();
context.Replay();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(new TestPolicy());
// Act
policyContainer.EnforcePolicies(context);
// Assert
context.VerifyAllExpectations();
}
public void Should_enforce_policies_with_context()
{
// Arrange
var roles = new List<object> { UserRole.Owner }.ToArray();
const bool isAuthenticated = true;
var context = new Mock<ISecurityContext>();
context.Setup(x => x.CurrenUserAuthenticated()).Returns(isAuthenticated);
context.Setup(x => x.CurrenUserRoles()).Returns(roles);
var policy = new Mock<ISecurityPolicy>();
policy.Setup(x => x.Enforce(It.Is<ISecurityContext>(c => c.CurrenUserAuthenticated() == isAuthenticated && c.CurrenUserRoles() == roles))).Returns(PolicyResult.CreateSuccessResult(policy.Object));
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(policy.Object);
// Act
policyContainer.EnforcePolicies(context.Object);
// Assert
policy.VerifyAll();
}
public void Should_return_the_same_results()
{
// Arrange
var context = TestDataFactory.CreateSecurityContext(false);
context.Runtime.As<SecurityRuntime>().DefaultResultsCacheLifecycle = Cache.PerHttpSession;
var firstPolicy = new IgnorePolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(firstPolicy);
// Act
var results1 = policyContainer.EnforcePolicies(context);
var results2 = policyContainer.EnforcePolicies(context);
SecurityCache.ClearCache(Lifecycle.HybridHttpSession); ;
var results3 = policyContainer.EnforcePolicies(context);
var results4 = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results1.Single(), Is.EqualTo(results2.Single()));
Assert.That(results3.Single(), Is.EqualTo(results4.Single()));
Assert.That(results1.Single(), Is.Not.EqualTo(results3.Single()), "Results should not be equal across sessions.");
}
public void Should_return_unique_results()
{
// Arrange
var context = TestDataFactory.CreateSecurityContext(false);
context.Runtime.As<SecurityRuntime>().DefaultResultsCacheLifecycle = Cache.DoNotCache;
var firstPolicy = new IgnorePolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(firstPolicy);
// Act
var results1 = policyContainer.EnforcePolicies(context);
var results2 = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results1.Single(), Is.Not.EqualTo(results2.Single()));
}
public void Should_use_cache_lifecycle_specified_when_adding_a_policy()
{
// Arrange
const Cache defaultCacheLifecycle = Cache.PerHttpSession;
const Cache specifiedCacheLifecycle = Cache.PerHttpRequest;
var context = TestDataFactory.CreateSecurityContext(false);
context.Runtime.As<SecurityRuntime>().DefaultResultsCacheLifecycle = defaultCacheLifecycle;
var securityPolicy = new IgnorePolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(securityPolicy).Cache<IgnorePolicy>(specifiedCacheLifecycle);
// Act
var results1 = policyContainer.EnforcePolicies(context);
var results2 = policyContainer.EnforcePolicies(context);
SecurityCache.ClearCache(Lifecycle.HybridHttpContext); ;
var results3 = policyContainer.EnforcePolicies(context);
var results4 = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results1.Single(), Is.EqualTo(results2.Single()));
Assert.That(results3.Single(), Is.EqualTo(results4.Single()));
Assert.That(results1.Single(), Is.Not.EqualTo(results3.Single()), "Results should not be equal across requests.");
}
public void Should_stop_on_first_violation_and_return_2_results()
{
// Arrange
var context = TestDataFactory.CreateSecurityContext(false);
var firstPolicy = new TestPolicy();
var secondPolicy = new Mock<ISecurityPolicy>();
secondPolicy.Setup(x => x.Enforce(It.IsAny<ISecurityContext>())).Returns(PolicyResult.CreateFailureResult(secondPolicy.Object, "Failure occured"));
var thirdPolicy = new TestPolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(firstPolicy).AddPolicy(secondPolicy.Object).AddPolicy(thirdPolicy);
// Act
var results = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results.Count(), Is.EqualTo(2));
Assert.That(results.First().ViolationOccured, Is.False);
Assert.That(results.Last().ViolationOccured, Is.True);
}
public void Should_return_results()
{
// Arrange
var roles = new List<object> { UserRole.Owner }.ToArray();
const bool isAuthenticated = true;
const string failureOccured = "Failure occured";
var context = TestDataFactory.CreateSecurityContext(isAuthenticated, roles);
var policy = new Mock<ISecurityPolicy>();
policy.Setup(x => x.Enforce(It.IsAny<ISecurityContext>())).Returns(PolicyResult.CreateFailureResult(policy.Object, failureOccured));
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(policy.Object);
// Act
var results = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results.Count(), Is.EqualTo(1));
Assert.That(results.Single().ViolationOccured, Is.True);
Assert.That(results.Single().Message, Is.EqualTo(failureOccured));
}
public void Should_invoke_the_isautheticated_and_roles_functions()
{
// Arrange
var context = MockRepository.GenerateMock<ISecurityContext>();
context.Expect(x => x.Runtime).Return(TestDataFactory.CreateSecurityRuntime()).Repeat.Once();
context.Expect(x => x.CurrentUserIsAuthenticated()).Return(true).Repeat.Once();
context.Expect(x => x.CurrentUserRoles()).Return(new List<object> { UserRole.Owner }.ToArray()).Repeat.Once();
context.Replay();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy(new TestPolicy());
// Act
policyContainer.EnforcePolicies(context);
// Assert
context.VerifyAllExpectations();
}
public void SetUp()
{
// Arrange
_policyContainer = TestDataFactory.CreateValidPolicyContainer();
_policyContainer.SecurityConfigurationProvider = TestDataFactory.CreateValidSecurityConfiguration;
_policyContainer
.AddPolicy(_policy1)
.AddPolicy(_policy2);
}
public void Should_load_lazy_policy_with_cache_key_exactly_twice_during_execution_with_caching_on()
{
// Arrange
var callsToContainer = 0;
var policy = new LazyLoadedPolicyWithCacheKey();
FakeIoC.GetAllInstancesProvider = () =>
{
callsToContainer++;
return new List<object> { policy };
};
SecurityConfigurator.Configure(configuration =>
{
configuration.GetAuthenticationStatusFrom(TestDataFactory.ValidIsAuthenticatedFunction);
configuration.ResolveServicesUsing(FakeIoC.GetAllInstances);
configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.PerHttpRequest);
});
var context = new MockSecurityContext(runtime: SecurityConfiguration.Current.Runtime);
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.AddPolicy<LazyLoadedPolicyWithCacheKey>();
// Act
policyContainer.EnforcePolicies(context);
policyContainer.EnforcePolicies(context);
// Assert
Assert.That(callsToContainer, Is.EqualTo(2));
Assert.That(policy.CacheKeyCallCount, Is.EqualTo(2), "Did not get the custom cache key the expected amount of times");
Assert.That(policy.EnforceCallCount, Is.EqualTo(1), "Did not call enforce the expected amount of times");
}
public void Should_add_policyresult_cache_strategy_for_Policy_T_with_lifecycle_set_to_PerHttpSession_and_level_set_to_Policy()
{
const By expectedLevel = By.Policy;
var policyContainer = new PolicyContainer("Controller", "Action", TestDataFactory.CreateValidPolicyAppender());
// Act
policyContainer.AddPolicy<RequireAnyRolePolicy>().CachePerHttpSession(expectedLevel);
// Assert
var policyResultCacheStrategy = policyContainer.CacheStrategies.Single();
Assert.That(policyResultCacheStrategy.PolicyType, Is.EqualTo(typeof(RequireAnyRolePolicy)));
Assert.That(policyResultCacheStrategy.CacheLifecycle, Is.EqualTo(Cache.PerHttpSession));
Assert.That(policyResultCacheStrategy.CacheLevel, Is.EqualTo(expectedLevel));
}
public void Should_add_policyresult_cache_strategy_for_Policy_T_with_lifecycle_set_to_PerHttpSession()
{
const Cache expectedLifecycle = Cache.PerHttpSession;
const string expectedControllerName = "Controller3";
const string expectedActionName = "Action3";
var policyContainer = new PolicyContainer(expectedControllerName, expectedActionName, TestDataFactory.CreateValidPolicyAppender());
// Act
policyContainer.AddPolicy<RequireAnyRolePolicy>().CachePerHttpSession();
// Assert
var policyResultCacheStrategy = policyContainer.CacheStrategies.Single();
Assert.That(policyResultCacheStrategy.ControllerName, Is.EqualTo(expectedControllerName));
Assert.That(policyResultCacheStrategy.ActionName, Is.EqualTo(expectedActionName));
Assert.That(policyResultCacheStrategy.PolicyType, Is.EqualTo(typeof(RequireAnyRolePolicy)));
Assert.That(policyResultCacheStrategy.CacheLifecycle, Is.EqualTo(expectedLifecycle));
Assert.That(policyResultCacheStrategy.CacheLevel, Is.EqualTo(By.ControllerAction));
}
public void Should_return_the_same_results()
{
// Arrange
var context = TestDataFactory.CreateSecurityContext(false);
var firstPolicy = new IgnorePolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.SecurityConfigurationProvider = () => TestDataFactory.CreateValidSecurityConfiguration(configuration => configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.PerHttpRequest));
policyContainer.AddPolicy(firstPolicy);
// Act
var results1 = policyContainer.EnforcePolicies(context);
var results2 = policyContainer.EnforcePolicies(context);
SecurityCache.ClearCache(Lifecycle.HybridHttpContext);;
var results3 = policyContainer.EnforcePolicies(context);
var results4 = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results1.Single(), Is.EqualTo(results2.Single()));
Assert.That(results3.Single(), Is.EqualTo(results4.Single()));
Assert.That(results1.Single(), Is.Not.EqualTo(results3.Single()), "Results should not be equal across requests.");
}
private void Because()
{
_policyContainer
.AddPolicy(new DenyAnonymousAccessPolicy())
.AddPolicy(new DenyAnonymousAccessPolicy());
}
public void SetUp()
{
// Arrange
_policyContainer = TestDataFactory.CreateValidPolicyContainer();
_policyContainer
.AddPolicy(_policy1)
.AddPolicy(_policy2);
}
public void Should_return_unique_results()
{
// Arrange
var firstPolicy = new IgnorePolicy();
var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender());
policyContainer.SecurityConfigurationProvider = () => TestDataFactory.CreateValidSecurityConfiguration(configuration => configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.DoNotCache));
policyContainer.AddPolicy(firstPolicy);
// Act
var context = TestDataFactory.CreateSecurityContext(false);
var results1 = policyContainer.EnforcePolicies(context);
var results2 = policyContainer.EnforcePolicies(context);
// Assert
Assert.That(results1.Single(), Is.Not.EqualTo(results2.Single()));
}
