public void ListApplicableRolesForAction() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); sec.GetRolesForAction("UndefinedController", "ReaderAppliedAction1").Should().BeEquivalentTo(new [] { "WildcardAppliedRole" }); }
public void CantPerformActionNotGranted() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); var id = GetIdentity(); var result = sec.CanPerformOperation("ControllerA", "Details", id); result.Should().Be(false); }
public void GrantActionBasedOnWildcardControllerAliasedAction() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); var id = GetIdentity("WildcardAppliedRoleId"); sec.CanPerformOperation("UndefinedController", "ReaderAppliedAction1", id).Should().Be(true); sec.CanPerformOperation("UndefinedController", "ReaderAppliedAction2", id).Should().Be(true); sec.CanPerformOperation("UndefinedController", "WriterAppliedAction1", id).Should().Be(true); sec.CanPerformOperation("UndefinedController", "WriterAppliedAction2", id).Should().Be(true); sec.CanPerformOperation("UndefinedController", "Create", id).Should().Be(true); sec.CanPerformOperation("UndefinedController", "UnknownAction", id).Should().Be(false); }
public void GlobalDeniedControllersShouldTakePrecenceOverExplicitGrants() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); var id = GetIdentity(); var result = sec.CanPerformOperation("ControllerB", "Details", id); options.Value.SecurityRoles[0].AllowActions.IndexOf("ControllerB.Details").Should().BeGreaterOrEqualTo(0); options.Value.GlobalAllowActions.IndexOf("ControllerB.Details").Should().BeGreaterOrEqualTo(0); options.Value.GlobalDenyActions.IndexOf("ControllerB").Should().BeGreaterOrEqualTo(0); result.Should().Be(false); }
public void CantPerformUnconfiguredROles() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); var id = GetIdentity(); var result = sec.CanPerformOperation("ControllerA", "DoAThing", id); options.Value.SecurityRoles[0].AllowActions.IndexOf("ControllerA.DoAThing").Should().Be(-1); options.Value.GlobalAllowActions.IndexOf("ControllerA.DoAThing").Should().Be(-1); options.Value.GlobalDenyActions.IndexOf("ControllerA.DoAThing").Should().Be(-1); options.Value.GlobalDenyActions.IndexOf("ControllerA").Should().Be(-1); result.Should().Be(false); }
public void CantPerformActionDeniedInInGlobalListEvenIfGrantedToRole() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); var id = GetIdentity(); var result = sec.CanPerformOperation("ControllerA", "Delete", id); options.Value.SecurityRoles[0].AllowActions.IndexOf("ControllerA.Delete").Should().BeGreaterOrEqualTo(0); options.Value.GlobalAllowActions.IndexOf("ControllerA.Delete").Should().Be(-1); options.Value.GlobalDenyActions.IndexOf("ControllerA.Delete").Should().BeGreaterOrEqualTo(0); options.Value.GlobalDenyActions.IndexOf("ControllerA").Should().Be(-1); result.Should().Be(false); }
public void CanPerformActionAllowedInGlobalList() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); var id = GetIdentity(); var result = sec.CanPerformOperation("ControllerA", "List", id); options.Value.SecurityRoles[0].AllowActions.IndexOf("ControllerA.List").Should().Be(-1); options.Value.GlobalAllowActions.IndexOf("ControllerA.List").Should().BeGreaterOrEqualTo(0); options.Value.GlobalDenyActions.IndexOf("ControllerA.List").Should().Be(-1); options.Value.GlobalDenyActions.IndexOf("ControllerA").Should().Be(-1); result.Should().Be(true); }
public void GrantActionBasedOnInnerWildCardActionName() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); var id = GetIdentity(); //test the wildcard inclusion sec.CanPerformOperation("ControllerA", "WildCardItem", id).Should().Be(true); sec.CanPerformOperation("ControllerA", "WildCardItem*", id).Should().Be(true); sec.CanPerformOperation("ControllerA", "WildCardItemRANDOMTEXT", id).Should().Be(true); //varify that it's not caught up in a full-action wildcard assignmenent sec.CanPerformOperation("ControllerA", "BoopWildCardItemRANDOMTEXT", id).Should().Be(false); sec.CanPerformOperation("ControllerB", "WildCardItem*", id).Should().Be(false); sec.CanPerformOperation("ControllerB", "WildCardItemRANDOMTEXT", id).Should().Be(false); }
public void GrantActionBasedOnAliasedActions() { var options = GetSecurityAccessProviderOptions(); var sec = new SecurityAccessProvider(options); var id = GetIdentity("AliasAppliedRoleId"); sec.CanPerformOperation("GlobalAppliedController", "ReaderAppliedAction1", id).Should().Be(true); sec.CanPerformOperation("GlobalAppliedController", "ReaderAppliedAction2", id).Should().Be(true); sec.CanPerformOperation("GlobalAppliedController", "WriterAppliedAction1", id).Should().Be(true); sec.CanPerformOperation("GlobalAppliedController", "WriterAppliedAction2", id).Should().Be(true); sec.CanPerformOperation("UserAppliedController", "ReaderAppliedAction1", id).Should().Be(true); sec.CanPerformOperation("UserAppliedController", "ReaderAppliedAction2", id).Should().Be(true); sec.CanPerformOperation("UserAppliedController", "WriterAppliedAction1", id).Should().Be(true); sec.CanPerformOperation("UserAppliedController", "WriterAppliedAction2", id).Should().Be(true); sec.CanPerformOperation("UserAppliedController", "UnknownAction", id).Should().Be(false); sec.CanPerformOperation("OtherController", "ReaderAppliedAction1", id).Should().Be(false); sec.CanPerformOperation("OtherController", "ReaderAppliedAction2", id).Should().Be(false); }
public TaskTypeMappingController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { Name = "TaskTypeMapping"; _context = context; }
public SubjectAreaController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { Name = "SubjectArea"; _context = context; }
public TaskGroupDependencyController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { Name = "TaskGroupDependency"; _context = context; }
public FrameworkTaskRunnerController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { Name = "FrameworkTaskRunner"; _context = context; }
public TaskMasterController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { Name = "TaskMaster"; _context = context; }
public BaseController(SecurityAccessProvider securityAccessProvider) { Name = GetType().Name.Replace("Controller", string.Empty); _securityAccessProvider = securityAccessProvider; }
public AFLogMonitorController(AppInsightsContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { _context = context; }
public SourceAndTargetSystemsJsonSchemaController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { Name = "SourceAndTargetSystemsJsonSchema"; _context = context; }
public TaskInstanceExecutionController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { _context = context; }
public AFExecutionSummaryController(AppInsightsContext context, SecurityAccessProvider securityAccess) : base(securityAccess) { _context = context; }
public FrameworkTaskRunnerDapperController(AdsGoFastDapperContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { _context = context; }
public ReportsAndStatisticsController(AdsGoFastDapperContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { _context = context; }
public DataFactoryController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { Name = "DataFactory"; _context = context; }
public ADFPipelineStatsController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { _context = context; }
public ScheduleInstanceController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider) { Name = "ScheduleInstance"; _context = context; }