public ConditionalStatementTests() { var container = new ServiceContainer(); container.Register <IRequirementHandler <DelegatedRequirement>, DelegatedRequirementHandler>(); var cache = new PrivilegesCache(); cache.SetPrivileges(DbObjectType.Table, ObjectName.Parse("sys.tab1"), "user1", Privileges.Insert); container.RegisterInstance <ISecurityResolver>(cache); var mock = new Mock <ISession>(); mock.Setup(x => x.Scope) .Returns(container); mock.SetupGet(x => x.User) .Returns(new User("user1")); context = mock.Object; var mock2 = new Mock <ISqlExpressionPreparer>(); mock2.Setup(x => x.Prepare(It.IsAny <SqlExpression>())) .Returns <SqlExpression>(exp => exp); mock2.Setup(x => x.CanPrepare(It.IsAny <SqlExpression>())) .Returns(true); container.RegisterInstance <ISqlExpressionPreparer>(mock2.Object); }
public DropRoleStatementTests() { var container = new ServiceContainer(); var securityManager = new Mock <IRoleManager>(); securityManager.Setup(x => x.DropRoleAsync(It.IsNotNull <string>())) .Callback <string>(x => droppedRole = x) .Returns <string>(x => Task.FromResult(true)); securityManager.Setup(x => x.RoleExistsAsync(It.IsAny <string>())) .Returns <string>(x => Task.FromResult(true)); securityManager.Setup(x => x.GetUserRolesAsync(It.Is <string>(u => u == "user2"))) .Returns <string>(x => Task.FromResult <IEnumerable <Role> >(new[] { new Role("admin_group") })); container.RegisterInstance <IRoleManager>(securityManager.Object); var cache = new PrivilegesCache(null); cache.SetSystemPrivileges("admin_group", SqlPrivileges.Admin); container.RegisterInstance <IAccessController>(cache); var systemContext = new Mock <IContext>(); systemContext.SetupGet(x => x.Scope) .Returns(container); adminContext = CreateUserSession(systemContext.Object, User.System); userContext = CreateUserSession(systemContext.Object, new User("user1")); userInAdminRoleContext = CreateUserSession(systemContext.Object, new User("user2")); }
public void GrantOn(DbObjectType objectType, ObjectName objectName, string grantee, Privileges privileges, bool withOption = false) { try { var granter = Session.User.Name; var grant = new Grant(privileges, objectName, objectType, grantee, granter, withOption); PrivilegeManager.Grant(grant); } finally { PrivilegesCache.Remove(new GrantCacheKey(grantee, objectType, objectName.FullName, withOption, false)); } }
public void Revoke(DbObjectType objectType, ObjectName objectName, string grantee, Privileges privileges, bool grantOption = false) { try { var revoker = Session.User.Name; var grant = new Grant(privileges, objectName, objectType, grantee, revoker, grantOption); SystemSession.Access().PrivilegeManager.Revoke(grant); } finally { var key = new GrantCacheKey(grantee, objectType, objectName.FullName, grantOption, false); PrivilegesCache.Remove(key); } }
public GrantObjectPrivilegesStatementTests() { var container = new ServiceContainer(); var userManager = new Mock <IUserManager>(); userManager.Setup(x => x.UserExistsAsync(It.IsNotNull <string>())) .Returns <string>(x => Task.FromResult(true)); var grantManager = new Mock <IGrantManager>(); grantManager.Setup(x => x.GrantToUserAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsNotNull <ObjectName>(), It.IsAny <Privilege>(), It.IsAny <bool>())) .Callback <string, string, ObjectName, Privilege, bool>((granter, grantee, obj, priv, option) => grant = new Grant(granter, grantee, obj, priv, option)) .Returns <string, string, ObjectName, Privilege, bool>((a, b, c, d, e) => Task.FromResult(true)); var securityManager = new Mock <IRoleManager>(); securityManager.Setup(x => x.GetUserRolesAsync(It.Is <string>(u => u == "user2"))) .Returns <string>(x => Task.FromResult <IEnumerable <Role> >(new[] { new Role("admin_group") })); container.RegisterInstance <IRoleManager>(securityManager.Object); container.RegisterInstance <IUserManager>(userManager.Object); container.RegisterInstance <IGrantManager>(grantManager.Object); var cache = new PrivilegesCache(null); cache.SetSystemPrivileges("admin_group", SqlPrivileges.Admin); container.RegisterInstance <IAccessController>(cache); var objManager = new Mock <IDbObjectManager>(); objManager.Setup(x => x.ObjectExistsAsync(It.IsNotNull <ObjectName>())) .Returns <ObjectName>(x => Task.FromResult(true)); container.RegisterInstance <IDbObjectManager>(objManager.Object); var systemContext = new Mock <IContext>(); systemContext.SetupGet(x => x.Scope) .Returns(container); adminContext = MockedSession.Create(systemContext.Object, User.System); userContext = MockedSession.Create(systemContext.Object, new User("user1")); userInAdminRoleContext = MockedSession.Create(systemContext.Object, new User("user2")); }
private void RevokeAllGrantsFrom(string grantee) { var grants = PrivilegeManager.GetGrants(grantee, false); try { foreach (var grant in grants) { PrivilegeManager.Revoke(grant); } } finally { foreach (var grant in grants) { PrivilegesCache.Remove(new GrantCacheKey(grant.Grantee, grant.ObjectType, grant.ObjectName.FullName, grant.WithOption, false)); } } }
public void RevokeAllGrantsOn(DbObjectType objectType, ObjectName objectName) { var grants = PrivilegeManager.GetGrantsOn(objectType, objectName); try { foreach (var grant in grants) { PrivilegeManager.Revoke(grant); } } finally { foreach (var grant in grants) { PrivilegesCache.Remove(new GrantCacheKey(grant.Grantee, grant.ObjectType, grant.ObjectName.FullName, grant.WithOption, false)); } } }
public SqlStatementTests() { var container = new ServiceContainer(); var cache = new PrivilegesCache(null); cache.SetObjectPrivileges(ObjectName.Parse("sys.tab1"), "user1", SqlPrivileges.Insert); container.RegisterInstance <IAccessController>(cache); var mock = new Mock <ISession>(); mock.Setup(x => x.Scope) .Returns(container); mock.SetupGet(x => x.User) .Returns(new User("user1")); context = mock.Object; }
public SetAccountStatusTests() { var container = new ServiceContainer(); var userManager = new Mock <IUserManager>(); userManager.Setup(x => x.GetUserStatusAsync(It.IsAny <string>())) .Returns <string>(x => Task.FromResult(UserStatus.Unlocked)); userManager.Setup(x => x.UserExistsAsync(It.IsNotNull <string>())) .Returns(Task.FromResult(true)); userManager.Setup(x => x.SetUserStatusAsync(It.IsNotNull <string>(), It.IsAny <UserStatus>())) .Callback <string, UserStatus>((x, y) => { userSet = x; newStatus = y; }) .Returns(Task.FromResult(true)); var securityManager = new Mock <IRoleManager>(); securityManager.Setup(x => x.GetUserRolesAsync(It.Is <string>(u => u == "user2"))) .Returns <string>(x => Task.FromResult <IEnumerable <Role> >(new[] { new Role("admin_group") })); container.RegisterInstance <IRoleManager>(securityManager.Object); container.RegisterInstance <IUserManager>(userManager.Object); var cache = new PrivilegesCache(null); cache.SetSystemPrivileges("admin_group", SqlPrivileges.Admin); container.RegisterInstance <IAccessController>(cache); var systemContext = new Mock <IContext>(); systemContext.SetupGet(x => x.Scope) .Returns(container); adminContext = MockedSession.Create(systemContext.Object, User.System); userContext = MockedSession.Create(systemContext.Object, new User("user1")); userInAdminRoleContext = MockedSession.Create(systemContext.Object, new User("user2")); }
public SqlStatementTests() { var container = new ServiceContainer(); container.Register <IRequirementHandler <DelegatedRequirement>, DelegatedRequirementHandler>(); var cache = new PrivilegesCache(); cache.SetPrivileges(DbObjectType.Table, ObjectName.Parse("sys.tab1"), "user1", Privileges.Insert); container.RegisterInstance <ISecurityResolver>(cache); var mock = new Mock <ISession>(); mock.Setup(x => x.Scope) .Returns(container); mock.SetupGet(x => x.User) .Returns(new User("user1")); context = mock.Object; }
private Privileges GetPrivileges(string grantee, DbObjectType objectType, ObjectName objectName, bool withOption) { object privsObj; Privileges privs; var key = new GrantCacheKey(grantee, objectType, objectName.FullName, true, true); if (PrivilegesCache.TryGet(key, out privsObj)) { privs = (Privileges)privsObj; } else { var grants = PrivilegeManager.GetGrants(grantee, true); foreach (var g in grants) { PrivilegesCache.Set(new GrantCacheKey(g.Grantee, g.ObjectType, g.ObjectName.FullName, g.WithOption, true), g.Privileges); } if (withOption) { grants = grants.Where(x => x.WithOption && x.ObjectType == objectType && x.ObjectName.Equals(objectName)) .ToArray(); } privs = Privileges.None; foreach (var grant in grants) { privs |= grant.Privileges; } } return(privs); }