public void Should_throw_when_the_user_does_not_have_the_role_Owner() { // Arrange SecurityConfigurator.Configure(policy => { policy.GetAuthenticationStatusFrom(StaticHelper.IsAuthenticatedReturnsTrue); policy.GetRolesFrom(StaticHelper.GetRolesExcludingOwner); policy.For <BlogController>(x => x.DeletePost(0)).RequireAnyRole(UserRole.Owner); }); var securityHandler = new SecurityHandler(); // Act var exception = Assert.Throws <PolicyViolationException>(() => securityHandler.HandleSecurityFor(NameHelper.Controller <BlogController>(), "DeletePost", SecurityContext.Current)); // Assert Assert.That(exception.PolicyType, Is.EqualTo(typeof(RequireAnyRolePolicy))); Assert.That(exception.Message, Does.Contain("Access requires one of the following roles: Owner.")); }
protected void Application_Start() { SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(() => HttpContext.Current.User.Identity.IsAuthenticated); //Chamada para as configurações de segurança da aplicação ControllersConfiguration.Configure(configuration); //Chamada para as configurações de segurança das controllers especificas de autenticação/autorização //Ex.: Criação e configuração de usuários, criação e configurações de roles Core.Security.Authorization.SecurityControllers.ControllersConfiguration.Configure(configuration); }); XmlConfigurator.Configure(); AreaRegistration.RegisterAllAreas(); FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters); RouteConfig.RegisterRoutes(RouteTable.Routes); }
public void Should_not_throw_ConfigurationErrorsException_when_IgnoreMissingConfigurations_is_true() { // Arrange var events = new List <ISecurityEvent>(); SecurityDoctor.Register(events.Add); SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(StaticHelper.IsAuthenticatedReturnsTrue); configuration.Advanced.IgnoreMissingConfiguration(); configuration.For <BlogController>(x => x.Index()).DenyAnonymousAccess(); }); var securityHandler = new SecurityHandler(); // Act & Assert Assert.DoesNotThrow(() => securityHandler.HandleSecurityFor("NonConfiguredController", "Action", SecurityContext.Current)); Assert.That(events.Any(e => e.Message == "Ignoring missing configuration.")); }
public void Should_create_security_context_from_configuration() { // Arrange const bool status = true; var roles = new object[3]; SecurityConfigurator.Configure(c => { c.GetAuthenticationStatusFrom(() => status); c.GetRolesFrom(() => roles); }); // Act var context = SecurityContext.Current; // Assert Assert.That(context.Data, Is.TypeOf(typeof(ExpandoObject))); Assert.That(context.CurrenUserAuthenticated(), Is.EqualTo(status)); Assert.That(context.CurrenUserRoles(), Is.EqualTo(roles)); }
public void Install(IWindsorContainer container, IConfigurationStore store) { SecurityConfigurator.Configure(configuration => { configuration.ResolveServicesUsing(type => container.ResolveAll(type).OfType <object>()); // Let Fluent Security know how to get the authentication status of the current user configuration.GetAuthenticationStatusFrom(() => UserManager.IsUserLogged); configuration.ForAllControllers().DenyAnonymousAccess(); // This is where you set up the policies you want Fluent Security to enforce on your controllers and actions configuration.For <HomeController>(x => x.Index()).Ignore(); //configuration.For<HomeController>(x => x.Test()).DenyAuthenticatedAccess(); configuration.For <AuthenticationController>().Ignore(); configuration.For <AuthenticationController>(x => x.Logoff()).DenyAnonymousAccess(); }); }
public static ISecurityConfiguration CreateSecurityConfiguration() { SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(() => false); configuration.IgnoreMissingConfiguration(); configuration.For <SampleController>(x => x.Index()).DenyAuthenticatedAccess(); configuration.For <SampleController>(x => x.List()).DenyAnonymousAccess(); configuration.For <SampleController>(x => x.New()).RequireRole("Editor").AddPolicy(new DenyInternetExplorerPolicy()); configuration.For <AdminController>().DenyAnonymousAccess(); configuration.For <AdminController>(x => x.Login()).DenyAuthenticatedAccess(); configuration.For <AdminController>(x => x.NewUser()).RequireRole(UserRole.UserEditor); configuration.For <IgnoreController>().Ignore(); }); return(SecurityConfiguration.Current); }
public static void Configure() { SecurityConfigurator.Configure(configuration => { // Let FluentSecurity know how to get the authentication status of the current user configuration.GetAuthenticationStatusFrom(() => HttpContext.Current.User.Identity.IsAuthenticated); configuration.IgnoreMissingConfiguration(); // This is where you set up the policies you want FluentSecurity to enforce on your controllers and actions configuration.For <HomeController>().Ignore(); configuration.For <HomeController>().Ignore(); configuration.For <AccountController>().DenyAuthenticatedAccess(); // configuration.For<AccountController>(x => x.ChangePassword()).DenyAnonymousAccess(); // configuration.For<AccountController>(x => x.LogOff()).DenyAnonymousAccess(); // configuration.For<StoreController>().RequireRole(roles:) }); GlobalFilters.Filters.Add(new HandleSecurityAttribute(), 0); }
public static ISecurityConfiguration SetupFluentSecurity() { SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(Helpers.SecurityHelper.UserIsAuthenticated); configuration.GetRolesFrom(Helpers.SecurityHelper.UserRoles); configuration.ResolveServicesUsing(type => { var results = new List <object>(); if (type == typeof(IPolicyViolationHandler)) { results.Add(new DefaultPolicyViolationHandler()); } return(results); }); configuration.Advanced.ModifySecurityContext(context => context.Data.QueryString = HttpContext.Current.Request.QueryString); configuration.For <HomeController>().Ignore(); configuration.For <AccountController>(x => x.LogInAsAdministrator()).DenyAuthenticatedAccess(); configuration.For <AccountController>(x => x.LogInAsPublisher()).DenyAuthenticatedAccess(); configuration.For <AccountController>(x => x.LogOut()).DenyAnonymousAccess(); configuration.For <ExampleController>(x => x.DenyAnonymousAccess()).DenyAnonymousAccess(); configuration.For <ExampleController>(x => x.DenyAuthenticatedAccess()).DenyAuthenticatedAccess(); configuration.For <ExampleController>(x => x.RequireAdministratorRole()).RequireRole(UserRole.Administrator); configuration.For <ExampleController>(x => x.RequirePublisherRole()).RequireRole(UserRole.Publisher); configuration.For <AdminController>().AddPolicy(new AdministratorPolicy()); configuration.For <AdminController>(x => x.Delete()).DelegatePolicy("LocalOnlyPolicy", context => HttpContext.Current.Request.IsLocal ); configuration.For <Areas.ExampleArea.Controllers.HomeController>().DenyAnonymousAccess(); configuration.For <Areas.ExampleArea.Controllers.HomeController>(x => x.PublishersOnly()).RequireRole(UserRole.Publisher); configuration.For <Areas.ExampleArea.Controllers.HomeController>(x => x.AdministratorsOnly()).RequireRole(UserRole.Administrator); }); return(SecurityConfiguration.Current); }
public static ISecurityConfiguration CreateSecurityConfigurationWithTwoExpectations() { SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(() => false); configuration.IgnoreMissingConfiguration(); configuration.For <SampleController>(x => x.Index()); configuration.For <SampleController>(x => x.List()); configuration.For <SampleController>(x => x.New()).RequireRole("Writer"); configuration.For <AdminController>(); configuration.For <AdminController>(x => x.Login()); configuration.For <IgnoreController>(); configuration.For <TestController>().Ignore(); }); return(SecurityConfiguration.Current); }
public void Should_not_throw_when_instance_is_registered_in_an_external_IoC_container() { // Arrange var expectedInstance = TestDataFactory.CreateSecurityContext(true); FakeIoC.Reset(); FakeIoC.GetInstanceProvider = () => new List <object> { expectedInstance }; SecurityConfigurator.Configure(configuration => { configuration.ResolveServicesUsing(FakeIoC.GetAllInstances, FakeIoC.GetInstance); }); var serviceLocator = new ServiceLocator(); // Act var instance = serviceLocator.Resolve <ISecurityContext>(); // Assert Assert.That(instance, Is.EqualTo(expectedInstance)); }
public void Should_handle_loading_policy_from_container() { // Arrange var expectedPolicy = new PolicyWithConstructorArguments("arg1", "arg2", "arg3"); FakeIoC.GetAllInstancesProvider = () => new List <object> { expectedPolicy }; SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(() => true); configuration.ResolveServicesUsing(FakeIoC.GetAllInstances); }); var lazySecurityPolicy = new LazySecurityPolicy <PolicyWithConstructorArguments>(); // Act var policy = lazySecurityPolicy.Load(); // Assert Assert.That(policy, Is.EqualTo(expectedPolicy)); }
public void Should_be_configured_base_actions() { // Arrange var _expectations = new PolicyExpectations(); _expectations.For <HomeController>().Has <DenyAnonymousAccessPolicy>(); _expectations.For <Areas.ExampleArea.Controllers.BaseController>().Has(new RequireRolePolicy(UserRole.Administrator)); _expectations.For <Areas.ExampleArea.Controllers.RolesController>(p => p.Index()).Has(new RequireRolePolicy(UserRole.Administrator)); _expectations.For <Areas.ExampleArea.Controllers.RolesController>().Has(new RequireRolePolicy(UserRole.Administrator)); SecurityConfigurator.Configure(c => { c.ForAllControllersInAssembly(typeof(HomeController).Assembly).DenyAnonymousAccess(); c.ForAllControllersInAssemblyThatInherit <Areas.ExampleArea.Controllers.BaseController>().RequireRole(UserRole.Administrator); }); // Act var results = _expectations.VerifyAll(SecurityConfiguration.Current); // Assert Assert.That(results.Valid(), results.ErrorMessages()); }
public void ConfigureServices(IServiceCollection services) { services.AddSingleton <IAuthorizationHandler, StatusAuthorizationHandler>(); services.AddMvc(options => options.Filters.Add( new AuthorizeFilter(SecurityConfigurator.BuildUserPolicy())) ).SetCompatibilityVersion(CompatibilityVersion.Version_2_2); services.AddCookieAuthenticationScheme(); services.AddAuthorization(options => { options.AddAdministratorPolicy(); options.AddUserPolicy(); }); services.AddDbContext <ArticleLibraryContext>(options => options.UseLazyLoadingProxies() .UseSqlServer(Configuration.GetConnectionString("WebArticle"))); services.AddSignalR(); }
public static void Configure() { SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(() => HttpContext.Current.User.Identity.IsAuthenticated); configuration.GetRolesFrom(SecurityHelpers.UserRoles); configuration.ForAllControllers().DenyAnonymousAccess(); configuration.For <AccountController>().Ignore(); configuration.For <AccountSignUpController>().Ignore(); configuration.For <PasswordRecoveryController>().Ignore(); configuration.For <PasswordResetController>().Ignore(); configuration.For <AccountController>(x => x.Confirmed("")).Ignore(); //configuration.For<DiskController>().RequireRole(new object[] { "User" }); configuration.For <RegisteredUsersListController>().RequireRole(new object[] { "Admin" }); configuration.For <PackageListController>().RequireRole(new object[] { "Admin" }); configuration.For <CreateEditPackageController>().RequireRole(new object[] { "Admin" }); configuration.For <ChangeUserSpaceLimitController>().RequireRole(new object[] { "Admin" }); configuration.ResolveServicesUsing(type => { if (type == typeof(IPolicyViolationHandler)) { var types = Assembly .GetAssembly(typeof(MvcApplication)) .GetTypes() .Where(x => typeof(IPolicyViolationHandler).IsAssignableFrom(x)).ToList(); var handlers = types.Select(t => Activator.CreateInstance(t) as IPolicyViolationHandler).ToList(); return(handlers); } return(Enumerable.Empty <object>()); }); }); }
public void Should_return_the_current_configuration() { var baseDirectory = AppDomain.CurrentDomain.BaseDirectory; var fullFilePath = Path.Combine(baseDirectory, "TestData", "DiagnosticsOutputExample.txt"); var expectedOutput = File.ReadAllText(fullFilePath); var securityConfiguration = new SecurityConfiguration(configuration => { configuration.GetAuthenticationStatusFrom(StaticHelper.IsAuthenticatedReturnsFalse); configuration.IgnoreMissingConfiguration(); configuration.For <BlogController>(x => x.DeletePost(0)).DenyAnonymousAccess().RequireRole(UserRole.Owner, UserRole.Publisher); configuration.For <BlogController>(x => x.Index()).DenyAnonymousAccess(); }); SecurityConfigurator.SetConfiguration(securityConfiguration); // Act var whatIHave = securityConfiguration.WhatDoIHave(); // Assert Assert.That(whatIHave, Is.EqualTo(expectedOutput)); }
public void Should_resolve_policy_violation_handler_for_exception_from_container() { // Arrange var controllerName = NameHelper.Controller <BlogController>(); const string actionName = "Index"; var events = new List <ISecurityEvent>(); SecurityDoctor.Register(events.Add); var expectedActionResult = new ViewResult { ViewName = "SomeViewName" }; var violationHandler = new DenyAnonymousAccessPolicyViolationHandler(expectedActionResult); FakeIoC.GetAllInstancesProvider = () => new List <IPolicyViolationHandler> { violationHandler }; SecurityConfigurator.Configure(policy => { policy.ResolveServicesUsing(FakeIoC.GetAllInstances); policy.GetAuthenticationStatusFrom(StaticHelper.IsAuthenticatedReturnsFalse); policy.For <BlogController>(x => x.Index()).DenyAnonymousAccess(); }); var securityHandler = new SecurityHandler(); // Act var result = securityHandler.HandleSecurityFor(controllerName, actionName, SecurityContext.Current); // Assert Assert.That(result, Is.EqualTo(expectedActionResult)); Assert.That(events.Any(e => e.Message == "Handling security for {0} action {1}.".FormatWith(controllerName, actionName))); Assert.That(events.Any(e => e.Message == "Finding policy violation handler using convention {0}.".FormatWith(typeof(FindByPolicyNameConvention)))); Assert.That(events.Any(e => e.Message == "Found policy violation handler {0}.".FormatWith(violationHandler.GetType().FullName))); Assert.That(events.Any(e => e.Message == "Handling violation with {0}.".FormatWith(violationHandler.GetType().FullName))); Assert.That(events.Any(e => e.Message == "Done enforcing policies. Violation occured!")); }
public void Should_not_throw_exception_when_the_user_is_authenticated() { // Arrange var controllerName = NameHelper.Controller <BlogController>(); const string actionName = "Index"; var events = new List <ISecurityEvent>(); SecurityDoctor.Register(events.Add); SecurityConfigurator.Configure(policy => { policy.GetAuthenticationStatusFrom(StaticHelper.IsAuthenticatedReturnsTrue); policy.For <BlogController>(x => x.Index()).DenyAnonymousAccess(); }); var securityHandler = new SecurityHandler(); // Act & Assert Assert.DoesNotThrow(() => securityHandler.HandleSecurityFor(controllerName, actionName, SecurityContext.Current)); Assert.That(events.Any(e => e.Message == "Handling security for {0} action {1}.".FormatWith(controllerName, actionName))); Assert.That(events.Any(e => e.Message == "Done enforcing policies. Success!")); }
public void Should_enforce_lazy_policy_with_cache_key_exactly_twice_during_execution_with_caching_on() { // Arrange var callsToContainer = 0; var policy = new LazyLoadedPolicyWithCacheKey(); FakeIoC.GetAllInstancesProvider = () => { callsToContainer++; return(new List <object> { policy }); }; SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(TestDataFactory.ValidIsAuthenticatedFunction); configuration.ResolveServicesUsing(FakeIoC.GetAllInstances); configuration.Advanced.SetDefaultResultsCacheLifecycle(Cache.PerHttpRequest); }); var context = new MockSecurityContext(); var policyContainer = new PolicyContainer(TestDataFactory.ValidControllerName, TestDataFactory.ValidActionName, TestDataFactory.CreateValidPolicyAppender()); policyContainer.AddPolicy <LazyLoadedPolicyWithCacheKey>(); // Act policy.CacheKey = "101"; policyContainer.EnforcePolicies(context); policyContainer.EnforcePolicies(context); policyContainer.EnforcePolicies(context); policy.CacheKey = "102"; policyContainer.EnforcePolicies(context); policyContainer.EnforcePolicies(context); // Assert Assert.That(callsToContainer, Is.EqualTo(5)); Assert.That(policy.CacheKeyCallCount, Is.EqualTo(5), "Did not get the custom cache key the expected amount of times"); Assert.That(policy.EnforceCallCount, Is.EqualTo(2), "Did not call enforce the expected amount of times"); }
public static ISecurityConfiguration SetupFluentSecurity() { SecurityDoctor.Register(Events.Add); SecurityConfigurator.Configure(configuration => { configuration.Advanced.IgnoreMissingConfiguration(); configuration.GetAuthenticationStatusFrom(Helpers.SecurityHelper.UserIsAuthenticated); configuration.GetRolesFrom(Helpers.SecurityHelper.UserRoles); configuration.DefaultPolicyViolationHandlerIs(() => new DefaultPolicyViolationHandler()); configuration.Advanced.ModifySecurityContext(context => context.Data.QueryString = System.Web.HttpContext.Current.Request.QueryString); configuration.For <HomeController>().Ignore(); configuration.For <AccountController>(x => x.LogInAsAdministrator()).DenyAuthenticatedAccess(); configuration.For <AccountController>(x => x.LogInAsPublisher()).DenyAuthenticatedAccess(); configuration.For <AccountController>(x => x.LogOut()).DenyAnonymousAccess(); configuration.For <ExampleController>(x => x.DenyAnonymousAccess()).DenyAnonymousAccess(); configuration.For <ExampleController>(x => x.DenyAuthenticatedAccess()).DenyAuthenticatedAccess(); configuration.For <ExampleController>(x => x.RequireAdministratorRole()).RequireAnyRole(UserRole.Administrator); configuration.For <ExampleController>(x => x.RequirePublisherRole()).RequireAnyRole(UserRole.Publisher); configuration.For <AdminController>().AddPolicy(new AdministratorPolicy()); configuration.For <AdminController>(x => x.Delete()).DelegatePolicy("LocalOnlyPolicy", context => false//System.Web.HttpContext.Current.Request.IsLocal ); configuration.Scan(scan => { scan.AssembliesFromApplicationBaseDirectory(); scan.LookForProfiles(); }); configuration.ApplyProfile <CrudControllerProfile>(); }); return(SecurityConfiguration.Current); }
public static ISecurityConfiguration SetFluentSecurity() { SecurityConfigurator.Configure(configue => { //設定去那裡取得關於驗證訊息 configue.GetAuthenticationStatusFrom(IsUserAuthenticated); configue.GetRolesFrom(UserRoles); //所有頁面都可以瀏覽 configue.ForAllControllers().Ignore(); //Home/About 頁面一定要登入了才能進入 configue.For <HomeController>(hc => hc.About()).DenyAnonymousAccess(); //Home/Contact頁面一定要Role是User才能進入 configue.For <HomeController>(hc => hc.Contact()).RequireAnyRole("User"); //如果不符合Policy,預設傳回UnAuthorized。換句話說,重新導向登入頁面 //如果沒有加,預設是直接丟出exception configue.DefaultPolicyViolationHandlerIs(() => new HttpUnauthorizedPolicyViolationHandler()); configue.ForAllControllersInNamespaceContainingType <FluentSecurityDemo.Areas.Admin.Controllers.AdminHomeController>() .AddPolicy <AdminPolicy>(); //如果沒有加上這一行會鬼打牆,因為上面那一個說所有Area.Admin.Controllers都需要符合 //AdminPolicy,而下面又說如果不符合轉向到Account/Index,如果Account/Index不允許任何人 //進入,那麼就會進入無限回圈。 configue.For <FluentSecurityDemo.Areas.Admin.Controllers.AdminAccountController>() .Ignore(); configue.Advanced.Violations(violation => { violation.Of <AdminPolicy>().IsHandledBy(() => new AdminPolicyViolationHandler()); }); }); return(SecurityConfiguration.Current); }
public static void Configure() { SecurityConfigurator.Configure(c => { c.GetAuthenticationStatusFrom(() => HttpContext.Current.User.Identity.IsAuthenticated); c.GetRolesFrom(() => (HttpContext.Current.Session["Roles"] as string[])); // Blanket Deny All c.ForAllControllers().DenyAnonymousAccess(); // Publicly Available Controllers c.For <HomeController>().Ignore(); c.For <RegistrationsController>().Ignore(); c.For <LoginController>().Ignore(); // Only allow Admin To Create c.For <ReservationsController>(x => x.Create()) .RequireRole(UserRoles.Admin.ToString()); c.For <ReservationsController>(x => x.Edit("")) .RequireRole(UserRoles.Admin.ToString(), UserRoles.User.ToString()); c.For <ReservationsController>(x => x.Delete("")) .RequireRole(UserRoles.Admin.ToString(), UserRoles.User.ToString()); }); }
public void SetUp() { // Arrange _defaultPolicyAppender = TestDataFactory.CreateValidPolicyAppender(); _fakePolicyAppender = TestDataFactory.CreateFakePolicyAppender(); SecurityConfigurator.Reset(); // Act SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(StaticHelper.IsAuthenticatedReturnsFalse); configuration.GetRolesFrom(StaticHelper.GetRolesExcludingOwner); configuration.SetPolicyAppender(_defaultPolicyAppender); configuration.For <BlogController>(x => x.Index()).DenyAnonymousAccess(); configuration.SetPolicyAppender(_fakePolicyAppender); configuration.For <BlogController>(x => x.AddPost()).RequireRole(UserRole.Writer, UserRole.Publisher, UserRole.Owner); }); _policyContainers = SecurityConfiguration.Current.PolicyContainers; }
public void Should_call_HandleSecurityFor_with_the_controllername_Blog_and_actionname_Index() { // Arrange SecurityConfigurator.Configure(policy => { policy.GetAuthenticationStatusFrom(StaticHelper.IsAuthenticatedReturnsTrue); policy.For <BlogController>(x => x.Index()).DenyAnonymousAccess(); }); var securityHandler = MockRepository.GenerateMock <ISecurityHandler>(); securityHandler.Expect(x => x.HandleSecurityFor(typeof(BlogController).FullName, "Index")).Repeat.Once().Return(null); securityHandler.Replay(); var handleSecurityAttribute = new HandleSecurityAttribute(securityHandler); var filterContext = MvcHelpers.GetFilterContextFor <BlogController>(x => x.Index()); // Act handleSecurityAttribute.OnActionExecuting(filterContext); // Assert Assert.That(filterContext.Result, Is.Null); securityHandler.VerifyAllExpectations(); }
public void SetUp() { // Arrange SecurityConfigurator.Reset(); _configurationExpression = delegate { TestDataFactory.CreateValidConfigurationExpression(); }; }
public void Should_not_throw_when_setting_the_modifyer_to_null() { Assert.DoesNotThrow(() => SecurityConfigurator.Configure(configuration => configuration.Advanced.ModifySecurityContext(null))); }
public void SetUp() { SecurityConfigurator.Configure(configuration => {}); }
public static void SetupRoles() { SecurityConfigurator.Configure(configuration => { configuration.GetAuthenticationStatusFrom(SecurityHelper.IsUserAuthenticated); configuration.GetRolesFrom(SecurityHelper.GetUserRoles); //configuration.ResolveServicesUsing(type => //{ // if (type == typeof (IPolicyViolationHandler)) // { // return new List<IPolicyViolationHandler>() // { // new RequireAnyRolePolicyViolationHandler(), // new DefaultSecurityPolicyViolationHandler(), // new HasAccessToMarketPolicyViolationHandler(), // new HasAccessToProgrammePolicyViolationHandler() // }; // } // return Enumerable.Empty<object>(); //}); configuration.ResolveServicesUsing(DependencyResolver.Current.GetServices, DependencyResolver.Current.GetService); // Default policy with a friendly handler for all controllers, just in case we forget to implement something configuration.ForAllControllers() .AddPolicy <DefaultSecurityPolicy>(); configuration.For <HomeController>() .DenyAnonymousAccess(); configuration.For <ImportController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <ImportController>(i => i.DeleteImport(new ImportParameters())) .RequireAnyRole("CanDelete"); configuration.For <ImportExceptionController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <AdminController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <UserController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator"); configuration.For <UserController>(x => x.MyAccount()) .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("User"); // My user account needs to allow all users access configuration.ForActionsMatching( a => a.ControllerType == typeof(UserController) && a.ActionName.Equals("MyAccount")) .Ignore(); configuration.For <TakeRateController>() .RemovePolicy <DefaultSecurityPolicy>() .AddPolicy <HasAccessToMarketPolicy>() .AddPolicy <HasAccessToProgrammePolicy>(); configuration.For <TakeRateController>(t => t.Clone(new TakeRateParameters())) .RequireAnyRole("Cloner"); configuration.For <TakeRateDataController>() .RemovePolicy <DefaultSecurityPolicy>() .AddPolicy <HasAccessToMarketPolicy>() .AddPolicy <HasAccessToProgrammePolicy>(); configuration.For <MarketReviewController>() .RemovePolicy <DefaultSecurityPolicy>() .AddPolicy <HasAccessToMarketPolicy>() .AddPolicy <HasAccessToProgrammePolicy>() .RequireAnyRole("Administrator", "Editor", "MarketReviewer"); configuration.For <PublishController>() .RemovePolicy <DefaultSecurityPolicy>() .AddPolicy <HasAccessToMarketPolicy>() .AddPolicy <HasAccessToProgrammePolicy>() .RequireAnyRole("Administrator", "Editor", "Publisher"); configuration.For <DerivativeController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <DerivativeMappingController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <TrimController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <TrimMappingController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <FeatureController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <FeatureMappingController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <MarketController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <MarketMappingController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <IgnoredExceptionController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <SpecialFeatureMappingController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("Administrator", "Importer"); configuration.For <NewsController>() .RemovePolicy <DefaultSecurityPolicy>() .RequireAnyRole("User"); }); GlobalFilters.Filters.Add(new HandleSecurityAttribute(), 0); }
public void SetUp() { SecurityConfigurator.Reset(); }
public void SetUp() { SecurityConfigurator.Reset(); FakeIoC.Reset(); _context = new MockSecurityContext(); }