예제 #1
0
        public void ListApplicableRolesForAction()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);

            sec.GetRolesForAction("UndefinedController", "ReaderAppliedAction1").Should().BeEquivalentTo(new [] { "WildcardAppliedRole" });
        }
예제 #2
0
        public void CantPerformActionNotGranted()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);
            var id      = GetIdentity();

            var result = sec.CanPerformOperation("ControllerA", "Details", id);

            result.Should().Be(false);
        }
예제 #3
0
        public void GrantActionBasedOnWildcardControllerAliasedAction()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);
            var id      = GetIdentity("WildcardAppliedRoleId");

            sec.CanPerformOperation("UndefinedController", "ReaderAppliedAction1", id).Should().Be(true);
            sec.CanPerformOperation("UndefinedController", "ReaderAppliedAction2", id).Should().Be(true);
            sec.CanPerformOperation("UndefinedController", "WriterAppliedAction1", id).Should().Be(true);
            sec.CanPerformOperation("UndefinedController", "WriterAppliedAction2", id).Should().Be(true);
            sec.CanPerformOperation("UndefinedController", "Create", id).Should().Be(true);
            sec.CanPerformOperation("UndefinedController", "UnknownAction", id).Should().Be(false);
        }
예제 #4
0
        public void GlobalDeniedControllersShouldTakePrecenceOverExplicitGrants()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);
            var id      = GetIdentity();

            var result = sec.CanPerformOperation("ControllerB", "Details", id);

            options.Value.SecurityRoles[0].AllowActions.IndexOf("ControllerB.Details").Should().BeGreaterOrEqualTo(0);
            options.Value.GlobalAllowActions.IndexOf("ControllerB.Details").Should().BeGreaterOrEqualTo(0);
            options.Value.GlobalDenyActions.IndexOf("ControllerB").Should().BeGreaterOrEqualTo(0);
            result.Should().Be(false);
        }
예제 #5
0
        public void CantPerformUnconfiguredROles()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);
            var id      = GetIdentity();

            var result = sec.CanPerformOperation("ControllerA", "DoAThing", id);

            options.Value.SecurityRoles[0].AllowActions.IndexOf("ControllerA.DoAThing").Should().Be(-1);
            options.Value.GlobalAllowActions.IndexOf("ControllerA.DoAThing").Should().Be(-1);
            options.Value.GlobalDenyActions.IndexOf("ControllerA.DoAThing").Should().Be(-1);
            options.Value.GlobalDenyActions.IndexOf("ControllerA").Should().Be(-1);
            result.Should().Be(false);
        }
예제 #6
0
        public void CantPerformActionDeniedInInGlobalListEvenIfGrantedToRole()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);
            var id      = GetIdentity();

            var result = sec.CanPerformOperation("ControllerA", "Delete", id);

            options.Value.SecurityRoles[0].AllowActions.IndexOf("ControllerA.Delete").Should().BeGreaterOrEqualTo(0);
            options.Value.GlobalAllowActions.IndexOf("ControllerA.Delete").Should().Be(-1);
            options.Value.GlobalDenyActions.IndexOf("ControllerA.Delete").Should().BeGreaterOrEqualTo(0);
            options.Value.GlobalDenyActions.IndexOf("ControllerA").Should().Be(-1);
            result.Should().Be(false);
        }
예제 #7
0
        public void CanPerformActionAllowedInGlobalList()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);
            var id      = GetIdentity();

            var result = sec.CanPerformOperation("ControllerA", "List", id);

            options.Value.SecurityRoles[0].AllowActions.IndexOf("ControllerA.List").Should().Be(-1);
            options.Value.GlobalAllowActions.IndexOf("ControllerA.List").Should().BeGreaterOrEqualTo(0);
            options.Value.GlobalDenyActions.IndexOf("ControllerA.List").Should().Be(-1);
            options.Value.GlobalDenyActions.IndexOf("ControllerA").Should().Be(-1);
            result.Should().Be(true);
        }
예제 #8
0
        public void GrantActionBasedOnInnerWildCardActionName()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);
            var id      = GetIdentity();

            //test the wildcard inclusion
            sec.CanPerformOperation("ControllerA", "WildCardItem", id).Should().Be(true);
            sec.CanPerformOperation("ControllerA", "WildCardItem*", id).Should().Be(true);
            sec.CanPerformOperation("ControllerA", "WildCardItemRANDOMTEXT", id).Should().Be(true);

            //varify that it's not caught up in a full-action wildcard assignmenent
            sec.CanPerformOperation("ControllerA", "BoopWildCardItemRANDOMTEXT", id).Should().Be(false);
            sec.CanPerformOperation("ControllerB", "WildCardItem*", id).Should().Be(false);
            sec.CanPerformOperation("ControllerB", "WildCardItemRANDOMTEXT", id).Should().Be(false);
        }
예제 #9
0
        public void GrantActionBasedOnAliasedActions()
        {
            var options = GetSecurityAccessProviderOptions();
            var sec     = new SecurityAccessProvider(options);
            var id      = GetIdentity("AliasAppliedRoleId");

            sec.CanPerformOperation("GlobalAppliedController", "ReaderAppliedAction1", id).Should().Be(true);
            sec.CanPerformOperation("GlobalAppliedController", "ReaderAppliedAction2", id).Should().Be(true);
            sec.CanPerformOperation("GlobalAppliedController", "WriterAppliedAction1", id).Should().Be(true);
            sec.CanPerformOperation("GlobalAppliedController", "WriterAppliedAction2", id).Should().Be(true);
            sec.CanPerformOperation("UserAppliedController", "ReaderAppliedAction1", id).Should().Be(true);
            sec.CanPerformOperation("UserAppliedController", "ReaderAppliedAction2", id).Should().Be(true);
            sec.CanPerformOperation("UserAppliedController", "WriterAppliedAction1", id).Should().Be(true);
            sec.CanPerformOperation("UserAppliedController", "WriterAppliedAction2", id).Should().Be(true);
            sec.CanPerformOperation("UserAppliedController", "UnknownAction", id).Should().Be(false);
            sec.CanPerformOperation("OtherController", "ReaderAppliedAction1", id).Should().Be(false);
            sec.CanPerformOperation("OtherController", "ReaderAppliedAction2", id).Should().Be(false);
        }
예제 #10
0
 public TaskTypeMappingController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     Name     = "TaskTypeMapping";
     _context = context;
 }
예제 #11
0
 public SubjectAreaController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     Name     = "SubjectArea";
     _context = context;
 }
예제 #12
0
 public TaskGroupDependencyController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     Name     = "TaskGroupDependency";
     _context = context;
 }
예제 #13
0
 public FrameworkTaskRunnerController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     Name     = "FrameworkTaskRunner";
     _context = context;
 }
예제 #14
0
 public TaskMasterController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     Name     = "TaskMaster";
     _context = context;
 }
예제 #15
0
 public BaseController(SecurityAccessProvider securityAccessProvider)
 {
     Name = GetType().Name.Replace("Controller", string.Empty);
     _securityAccessProvider = securityAccessProvider;
 }
예제 #16
0
 public AFLogMonitorController(AppInsightsContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     _context = context;
 }
예제 #17
0
 public SourceAndTargetSystemsJsonSchemaController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     Name     = "SourceAndTargetSystemsJsonSchema";
     _context = context;
 }
예제 #18
0
 public TaskInstanceExecutionController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     _context = context;
 }
예제 #19
0
 public AFExecutionSummaryController(AppInsightsContext context, SecurityAccessProvider securityAccess) :  base(securityAccess)
 {
     _context = context;
 }
예제 #20
0
 public FrameworkTaskRunnerDapperController(AdsGoFastDapperContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     _context = context;
 }
예제 #21
0
 public ReportsAndStatisticsController(AdsGoFastDapperContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     _context = context;
 }
예제 #22
0
 public DataFactoryController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     Name     = "DataFactory";
     _context = context;
 }
예제 #23
0
 public ADFPipelineStatsController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     _context = context;
 }
예제 #24
0
 public ScheduleInstanceController(AdsGoFastContext context, SecurityAccessProvider securityAccessProvider) : base(securityAccessProvider)
 {
     Name     = "ScheduleInstance";
     _context = context;
 }