public ConditionalStatementTests()
{
var container = new ServiceContainer();
container.Register <IRequirementHandler <DelegatedRequirement>, DelegatedRequirementHandler>();
var cache = new PrivilegesCache();
cache.SetPrivileges(DbObjectType.Table, ObjectName.Parse("sys.tab1"), "user1", Privileges.Insert);
container.RegisterInstance <ISecurityResolver>(cache);
var mock = new Mock <ISession>();
mock.Setup(x => x.Scope)
.Returns(container);
mock.SetupGet(x => x.User)
.Returns(new User("user1"));
context = mock.Object;
var mock2 = new Mock <ISqlExpressionPreparer>();
mock2.Setup(x => x.Prepare(It.IsAny <SqlExpression>()))
.Returns <SqlExpression>(exp => exp);
mock2.Setup(x => x.CanPrepare(It.IsAny <SqlExpression>()))
.Returns(true);
container.RegisterInstance <ISqlExpressionPreparer>(mock2.Object);
}
public DropRoleStatementTests()
{
var container = new ServiceContainer();
var securityManager = new Mock <IRoleManager>();
securityManager.Setup(x =>
x.DropRoleAsync(It.IsNotNull <string>()))
.Callback <string>(x => droppedRole = x)
.Returns <string>(x => Task.FromResult(true));
securityManager.Setup(x => x.RoleExistsAsync(It.IsAny <string>()))
.Returns <string>(x => Task.FromResult(true));
securityManager.Setup(x => x.GetUserRolesAsync(It.Is <string>(u => u == "user2")))
.Returns <string>(x => Task.FromResult <IEnumerable <Role> >(new[] { new Role("admin_group") }));
container.RegisterInstance <IRoleManager>(securityManager.Object);
var cache = new PrivilegesCache(null);
cache.SetSystemPrivileges("admin_group", SqlPrivileges.Admin);
container.RegisterInstance <IAccessController>(cache);
var systemContext = new Mock <IContext>();
systemContext.SetupGet(x => x.Scope)
.Returns(container);
adminContext = CreateUserSession(systemContext.Object, User.System);
userContext = CreateUserSession(systemContext.Object, new User("user1"));
userInAdminRoleContext = CreateUserSession(systemContext.Object, new User("user2"));
}
public void GrantOn(DbObjectType objectType, ObjectName objectName, string grantee, Privileges privileges, bool withOption = false)
{
try {
var granter = Session.User.Name;
var grant = new Grant(privileges, objectName, objectType, grantee, granter, withOption);
PrivilegeManager.Grant(grant);
} finally {
PrivilegesCache.Remove(new GrantCacheKey(grantee, objectType, objectName.FullName, withOption, false));
}
}
public void Revoke(DbObjectType objectType, ObjectName objectName, string grantee, Privileges privileges,
bool grantOption = false)
{
try {
var revoker = Session.User.Name;
var grant = new Grant(privileges, objectName, objectType, grantee, revoker, grantOption);
SystemSession.Access().PrivilegeManager.Revoke(grant);
} finally {
var key = new GrantCacheKey(grantee, objectType, objectName.FullName, grantOption, false);
PrivilegesCache.Remove(key);
}
}
public GrantObjectPrivilegesStatementTests()
{
var container = new ServiceContainer();
var userManager = new Mock <IUserManager>();
userManager.Setup(x => x.UserExistsAsync(It.IsNotNull <string>()))
.Returns <string>(x => Task.FromResult(true));
var grantManager = new Mock <IGrantManager>();
grantManager.Setup(x => x.GrantToUserAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsNotNull <ObjectName>(),
It.IsAny <Privilege>(), It.IsAny <bool>()))
.Callback <string, string, ObjectName, Privilege, bool>((granter, grantee, obj, priv, option) =>
grant = new Grant(granter, grantee, obj, priv, option))
.Returns <string, string, ObjectName, Privilege, bool>((a, b, c, d, e) => Task.FromResult(true));
var securityManager = new Mock <IRoleManager>();
securityManager.Setup(x => x.GetUserRolesAsync(It.Is <string>(u => u == "user2")))
.Returns <string>(x => Task.FromResult <IEnumerable <Role> >(new[] { new Role("admin_group") }));
container.RegisterInstance <IRoleManager>(securityManager.Object);
container.RegisterInstance <IUserManager>(userManager.Object);
container.RegisterInstance <IGrantManager>(grantManager.Object);
var cache = new PrivilegesCache(null);
cache.SetSystemPrivileges("admin_group", SqlPrivileges.Admin);
container.RegisterInstance <IAccessController>(cache);
var objManager = new Mock <IDbObjectManager>();
objManager.Setup(x => x.ObjectExistsAsync(It.IsNotNull <ObjectName>()))
.Returns <ObjectName>(x => Task.FromResult(true));
container.RegisterInstance <IDbObjectManager>(objManager.Object);
var systemContext = new Mock <IContext>();
systemContext.SetupGet(x => x.Scope)
.Returns(container);
adminContext = MockedSession.Create(systemContext.Object, User.System);
userContext = MockedSession.Create(systemContext.Object, new User("user1"));
userInAdminRoleContext = MockedSession.Create(systemContext.Object, new User("user2"));
}
private void RevokeAllGrantsFrom(string grantee)
{
var grants = PrivilegeManager.GetGrants(grantee, false);
try {
foreach (var grant in grants)
{
PrivilegeManager.Revoke(grant);
}
} finally {
foreach (var grant in grants)
{
PrivilegesCache.Remove(new GrantCacheKey(grant.Grantee, grant.ObjectType, grant.ObjectName.FullName,
grant.WithOption, false));
}
}
}
public void RevokeAllGrantsOn(DbObjectType objectType, ObjectName objectName)
{
var grants = PrivilegeManager.GetGrantsOn(objectType, objectName);
try {
foreach (var grant in grants)
{
PrivilegeManager.Revoke(grant);
}
} finally {
foreach (var grant in grants)
{
PrivilegesCache.Remove(new GrantCacheKey(grant.Grantee, grant.ObjectType, grant.ObjectName.FullName,
grant.WithOption, false));
}
}
}
public SqlStatementTests()
{
var container = new ServiceContainer();
var cache = new PrivilegesCache(null);
cache.SetObjectPrivileges(ObjectName.Parse("sys.tab1"), "user1", SqlPrivileges.Insert);
container.RegisterInstance <IAccessController>(cache);
var mock = new Mock <ISession>();
mock.Setup(x => x.Scope)
.Returns(container);
mock.SetupGet(x => x.User)
.Returns(new User("user1"));
context = mock.Object;
}
public SetAccountStatusTests()
{
var container = new ServiceContainer();
var userManager = new Mock <IUserManager>();
userManager.Setup(x => x.GetUserStatusAsync(It.IsAny <string>()))
.Returns <string>(x => Task.FromResult(UserStatus.Unlocked));
userManager.Setup(x => x.UserExistsAsync(It.IsNotNull <string>()))
.Returns(Task.FromResult(true));
userManager.Setup(x => x.SetUserStatusAsync(It.IsNotNull <string>(), It.IsAny <UserStatus>()))
.Callback <string, UserStatus>((x, y) => {
userSet = x;
newStatus = y;
})
.Returns(Task.FromResult(true));
var securityManager = new Mock <IRoleManager>();
securityManager.Setup(x => x.GetUserRolesAsync(It.Is <string>(u => u == "user2")))
.Returns <string>(x => Task.FromResult <IEnumerable <Role> >(new[] { new Role("admin_group") }));
container.RegisterInstance <IRoleManager>(securityManager.Object);
container.RegisterInstance <IUserManager>(userManager.Object);
var cache = new PrivilegesCache(null);
cache.SetSystemPrivileges("admin_group", SqlPrivileges.Admin);
container.RegisterInstance <IAccessController>(cache);
var systemContext = new Mock <IContext>();
systemContext.SetupGet(x => x.Scope)
.Returns(container);
adminContext = MockedSession.Create(systemContext.Object, User.System);
userContext = MockedSession.Create(systemContext.Object, new User("user1"));
userInAdminRoleContext = MockedSession.Create(systemContext.Object, new User("user2"));
}
public SqlStatementTests()
{
var container = new ServiceContainer();
container.Register <IRequirementHandler <DelegatedRequirement>, DelegatedRequirementHandler>();
var cache = new PrivilegesCache();
cache.SetPrivileges(DbObjectType.Table, ObjectName.Parse("sys.tab1"), "user1", Privileges.Insert);
container.RegisterInstance <ISecurityResolver>(cache);
var mock = new Mock <ISession>();
mock.Setup(x => x.Scope)
.Returns(container);
mock.SetupGet(x => x.User)
.Returns(new User("user1"));
context = mock.Object;
}
private Privileges GetPrivileges(string grantee, DbObjectType objectType, ObjectName objectName, bool withOption)
{
object privsObj;
Privileges privs;
var key = new GrantCacheKey(grantee, objectType, objectName.FullName, true, true);
if (PrivilegesCache.TryGet(key, out privsObj))
{
privs = (Privileges)privsObj;
}
else
{
var grants = PrivilegeManager.GetGrants(grantee, true);
foreach (var g in grants)
{
PrivilegesCache.Set(new GrantCacheKey(g.Grantee, g.ObjectType, g.ObjectName.FullName, g.WithOption, true), g.Privileges);
}
if (withOption)
{
grants = grants.Where(x => x.WithOption &&
x.ObjectType == objectType &&
x.ObjectName.Equals(objectName))
.ToArray();
}
privs = Privileges.None;
foreach (var grant in grants)
{
privs |= grant.Privileges;
}
}
return(privs);
}
