public void RoleManagementLogic_SetRoleScopes_InvalidScopeProvided_ThrowsReferencedObjectDoesNotExistException() { List <Scope> validScopes = new List <Scope>() { new Scope("TestScope", AuthorizationScopes.ManageRoles) }; Mock <IAuthorizationLogic> authorizationLogic = new Mock <IAuthorizationLogic>(); authorizationLogic.Setup(x => x.IsAuthorized(It.IsAny <Guid>(), It.IsAny <ClaimsPrincipal>())).Returns(true); authorizationLogic.Setup(x => x.GetAvailibleScopes()).Returns(validScopes); SetRoleScopesModel model = new SetRoleScopesModel() { RoleId = new Guid(), Scopes = new List <Guid>() { Guid.NewGuid() } }; SecurityRole role = new SecurityRole() { Name = "TestRole", Id = Guid.NewGuid() }; Mock <IConfigurationRepository> configurationRepository = new Mock <IConfigurationRepository>(); configurationRepository.Setup(x => x.Get <SecurityRole>(It.IsAny <Guid>())).Returns(role); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository.Object, authorizationLogic.Object); roleManagementLogic.SetRoleScopes(model, null); }
public void RoleManagementLogic_UpdateRole_Unauthorized_ThrowsUnauthorizedAccessException() { SecurityRole securityRole = new SecurityRole(); ClaimsPrincipal user = new ClaimsPrincipal(); Mock <IAuthorizationLogic> authorizationLogic = new Mock <IAuthorizationLogic>(); authorizationLogic.Setup(x => x.IsAuthorizedThrowsException(AuthorizationScopes.ManageRoles, user, It.IsAny <ILoggableEntity>(), It.IsAny <EventCategory>())).Throws(new UnauthorizedAccessException()); Mock <IConfigurationRepository> configurationRepository = new Mock <IConfigurationRepository>(); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository.Object, authorizationLogic.Object); roleManagementLogic.UpdateRole(securityRole, user); }
public void RoleManagementLogic_SetRoleScopes_UnauthorizedUser_ThrowsUnauthorizedAccessException() { SetRoleScopesModel model = new SetRoleScopesModel() { RoleId = new Guid() }; Mock <IAuthorizationLogic> authorizationLogic = new Mock <IAuthorizationLogic>(); authorizationLogic.Setup(x => x.IsAuthorizedThrowsException(AuthorizationScopes.ManageRoles, It.IsAny <ClaimsPrincipal>(), It.IsAny <ILoggableEntity>(), It.IsAny <EventCategory>())).Throws(new UnauthorizedAccessException()); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(null, authorizationLogic.Object); roleManagementLogic.SetRoleScopes(model, null); }
public void RoleManagementLogic_AddRoleMember_UserNotFound_ThrowsReferencedObjectDoesNotExistException() { AddSecurityRoleMemberModel model = new AddSecurityRoleMemberModel() { MemberId = Guid.NewGuid(), RoleId = Guid.NewGuid() }; ClaimsPrincipal user = new ClaimsPrincipal(); Mock <IConfigurationRepository> configurationRepository = new Mock <IConfigurationRepository>(); configurationRepository.Setup(x => x.Get <AuthenticablePrincipal>(model.MemberId)).Returns((AuthenticablePrincipal)null); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository.Object, new AuthorizeInitialSetup(configurationRepository.Object)); roleManagementLogic.AddRoleMember(model, user); }
public void RoleManagementLogic_DeleteRole_DeleteWellKnownAdministratorId_ThrowsInvalidOperationException() { SecurityRole securityRole = new SecurityRole() { Id = RoleManagementLogic.WellKnownAdministratorRoleId }; ClaimsPrincipal user = new ClaimsPrincipal(); Mock <IAuthorizationLogic> authorizationLogic = new Mock <IAuthorizationLogic>(); authorizationLogic.Setup(x => x.IsAuthorizedThrowsException(AuthorizationScopes.ManageRoles, user, It.IsAny <ILoggableEntity>(), It.IsAny <EventCategory>())); Mock <IConfigurationRepository> configurationRepository = new Mock <IConfigurationRepository>(); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository.Object, authorizationLogic.Object); roleManagementLogic.DeleteRole(securityRole, user); }
public void RoleManagementLogic_AddRoleMember_Unauthorized_ThrowsUnauthorizedAccessException() { ClaimsPrincipal user = new ClaimsPrincipal(); AddSecurityRoleMemberModel model = new AddSecurityRoleMemberModel() { MemberId = Guid.NewGuid(), RoleId = Guid.NewGuid() }; Mock <IAuthorizationLogic> authorizationLogic = new Mock <IAuthorizationLogic>(); authorizationLogic.Setup(x => x.IsAuthorizedThrowsException(AuthorizationScopes.ManageRoles, user, It.IsAny <ILoggableEntity>(), It.IsAny <EventCategory>())).Throws(new UnauthorizedAccessException()); Mock <IConfigurationRepository> configurationRepository = new Mock <IConfigurationRepository>(); configurationRepository.Setup(x => x.Get <AuthenticablePrincipal>(model.MemberId)).Returns(new AuthenticablePrincipal()); configurationRepository.Setup(x => x.Get <SecurityRole>(model.RoleId)).Returns((SecurityRole)null); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository.Object, authorizationLogic.Object); roleManagementLogic.AddRoleMember(model, user); }
private void InitializeApp(IServiceCollection services, AppSettings appSettings) { //singleton pattern here was a huge mistake, i'm going to fix this. LiteDbConfigurationRepository configurationRepository = new LiteDbConfigurationRepository(databaseLocator.GetConfigurationRepositoryConnectionString()); appConfig = configurationRepository.GetAppConfig(); ActiveDirectoryRepository activeDirectory = new ActiveDirectoryRepository(); EncryptionProvider cipher = new EncryptionProvider(appConfig.EncryptionKey); services.AddSingleton <EncryptionProvider>(cipher); services.AddSingleton <IActiveDirectoryAuthenticator>(activeDirectory); services.AddSingleton <IActiveDirectoryRepository>(activeDirectory); IdentityAuthenticationLogic identityAuthenticationLogic = new IdentityAuthenticationLogic(configurationRepository, activeDirectory); services.AddSingleton <IdentityAuthenticationLogic>(); ICertificateRepository certificateRepository = new LiteDbCertificateRepository(databaseLocator.GetCertificateRepositoryConnectionString()); RuntimeCacheRepository runtimeCacheRepository = null; LiteDbAuditRepository auditRepository = new LiteDbAuditRepository(databaseLocator.GetAuditRepositoryConnectionString()); IAuditLogic auditLogic = new AuditLogic(auditRepository, configurationRepository); services.AddSingleton <IAuditLogic>(auditLogic); IAuthorizationLogic authorizationLogic = new AuthorizationLogic(configurationRepository, auditLogic); IScriptManagementLogic scriptManagement = new ScriptManagementLogic(configurationRepository, authorizationLogic); services.AddSingleton <IScriptManagementLogic>(scriptManagement); IPowershellEngine powershellEngine = new PowershellEngine(auditLogic, scriptManagement); services.AddSingleton <IPowershellEngine>(powershellEngine); RoleManagementLogic roleManagementLogic = new RoleManagementLogic(configurationRepository, authorizationLogic); services.AddSingleton <RoleManagementLogic>(roleManagementLogic); UserManagementLogic userManagementLogic = new UserManagementLogic(configurationRepository, authorizationLogic); services.AddSingleton <UserManagementLogic>(userManagementLogic); SecurityPrincipalLogic securityPrincipalLogic = new SecurityPrincipalLogic(roleManagementLogic, userManagementLogic); services.AddSingleton <SecurityPrincipalLogic>(); AdcsTemplateLogic adcsTemplateLogic = new AdcsTemplateLogic(configurationRepository, activeDirectory); services.AddSingleton <AdcsTemplateLogic>(adcsTemplateLogic); services.AddSingleton <IAuthorizationLogic>(authorizationLogic); services.AddSingleton <IConfigurationRepository>(configurationRepository); ICertificateProvider certificateProvider = new Win32CertificateProvider(); services.AddSingleton <ICertificateProvider>(certificateProvider); services.AddSingleton <ICertificateRepository>(certificateRepository); ActiveDirectoryIdentityProviderLogic activeDirectoryIdentityProviderLogic = new ActiveDirectoryIdentityProviderLogic(configurationRepository); services.AddSingleton <ActiveDirectoryIdentityProviderLogic>(activeDirectoryIdentityProviderLogic); certificateManagementLogic = new CertificateManagementLogic( configurationRepository, certificateRepository, authorizationLogic, auditLogic, securityPrincipalLogic, cipher); services.AddSingleton <CertificateManagementLogic>(certificateManagementLogic); PrivateCertificateProcessing privateCertificateProcessing = new PrivateCertificateProcessing(certificateRepository, configurationRepository, certificateProvider, authorizationLogic, adcsTemplateLogic, auditLogic); services.AddSingleton <IPrivateCertificateProcessing>(privateCertificateProcessing); services.AddSingleton <NodeLogic>(new NodeLogic(configurationRepository, authorizationLogic, activeDirectoryIdentityProviderLogic, powershellEngine, auditLogic, certificateManagementLogic, privateCertificateProcessing)); services.AddSingleton <IRuntimeConfigurationState>( new RuntimeConfigurationState(configurationRepository, runtimeCacheRepository) { InitialSetupComplete = initialSetupComplete }); services.AddSingleton <IClientsideConfigurationProvider>(new ClientsideConfigurationProvider(configurationRepository)); services.AddSingleton <AnalyticsLogic>(new AnalyticsLogic(configurationRepository, certificateRepository, auditRepository)); services.AddSingleton <DataRenderingProvider>(new DataRenderingProvider()); oidcLogic = new OpenIdConnectIdentityProviderLogic(configurationRepository, authorizationLogic); services.AddSingleton <IOpenIdConnectIdentityProviderLogic>(oidcLogic); }
//AuthorizationLogic authorizationLogic; public SecurityRolesController(RoleManagementLogic roleManagement) { this.http = new HttpResponseHandler(this); this.roleManagement = roleManagement; //this.authorizationLogic = authorizationLogic; }