public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_AdministratorsMembersOfWarewolfGroup_WhenAdministratorsMembersOfTheGroup_ExpectTrue()
{
//------------Setup for test--------------------------
// permissions setup
var warewolfGroupOps = MoqInstallerActionFactory.CreateSecurityOperationsObject();
// Delete warewolf if already a member...
warewolfGroupOps.DeleteWarewolfGroup();
warewolfGroupOps.AddWarewolfGroup();
Console.WriteLine("BEFOREEntering AddAdministratorsGroupToWarewolf");
try
{
warewolfGroupOps.AddAdministratorsGroupToWarewolf();
}
catch (COMException e)
{
//'The Server service is not started.' error is expected in containers. See: https://github.com/moby/moby/issues/26409#issuecomment-304978309
if (e.Message != "The Server service is not started.\r\n")
{
throw e;
}
}
var result = warewolfGroupOps.IsAdminMemberOfWarewolf();
Assert.IsTrue(result);
// Setup rest of test ;)
var resource = Guid.NewGuid();
var securityPermission = new WindowsGroupPermission {
IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup
};
var securityService = new Mock <ISecurityService>();
securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
securityPermission
});
var user = new Mock <IPrincipal>();
user.Setup(u => u.Identity.Name).Returns("TestUser");
var authorizationService = new TestAuthorizationServiceBase(securityService.Object)
{
User = user.Object
};
//------------Execute Test---------------------------
var isMember = authorizationService.AreAdministratorsMembersOfWarewolfAdministrators();
//------------Assert Results-------------------------
Assert.IsTrue(isMember);
}
public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_AdministratorsMembersOfWarewolfGroup_WhenAdministratorsAreNotMembersOfTheGroup_ExpectFalse()
{
//------------Setup for test--------------------------
// permissions setup
var warewolfGroupOps = MoqInstallerActionFactory.CreateSecurityOperationsObject();
// Delete warewolf if already a member...
warewolfGroupOps.DeleteWarewolfGroup();
warewolfGroupOps.AddWarewolfGroup();
var result = warewolfGroupOps.IsAdminMemberOfWarewolf();
Assert.IsFalse(result);
// Setup rest of test ;)
var resource = Guid.NewGuid();
var securityPermission = new WindowsGroupPermission {
IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup
};
var securityService = new Mock <ISecurityService>();
securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
securityPermission
});
var user = new Mock <IPrincipal>();
user.Setup(u => u.Identity.Name).Returns("TestUser");
var authorizationService = new TestAuthorizationServiceBase(securityService.Object, true, false, true)
{
User = user.Object
};
authorizationService.MemberOfAdminOverride = true;
//------------Execute Test---------------------------
var isMember = authorizationService.AreAdministratorsMembersOfWarewolfAdministrators();
//------------Assert Results-------------------------
Assert.IsFalse(isMember);
}
public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_AdministratorsMembersOfWarewolfGroup_WhenAdministratorsAreNotMembersOfTheGroup_ExpectFalse()
{
//------------Setup for test--------------------------
// permissions setup
var warewolfGroupOps = MoqInstallerActionFactory.CreateSecurityOperationsObject();
// Delete warewolf if already a member...
warewolfGroupOps.DeleteWarewolfGroup();
warewolfGroupOps.AddWarewolfGroup();
var result = warewolfGroupOps.IsAdminMemberOfWarewolf();
Assert.IsFalse(result);
// Setup rest of test ;)
var resource = Guid.NewGuid();
var securityPermission = new WindowsGroupPermission { IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup };
var securityService = new Mock<ISecurityService>();
securityService.SetupGet(p => p.Permissions).Returns(new List<WindowsGroupPermission> { securityPermission });
var user = new Mock<IPrincipal>();
user.Setup(u => u.Identity.Name).Returns("TestUser");
var authorizationService = new TestAuthorizationServiceBase(securityService.Object, true, true, true) { User = user.Object };
//------------Execute Test---------------------------
var isMember = authorizationService.AreAdministratorsMembersOfWarewolfAdministrators();
//------------Assert Results-------------------------
Assert.IsFalse(isMember);
}
public void AuthorizationServiceBase_IsAuthorizedToConnect_ToLocalServer_AdministratorsMembersOfWarewolfGroup_WhenMemberOfAdministrator_ExpectTrue()
{
//------------Setup for test--------------------------
var getPassword = TestEnvironmentVariables.GetVar("dev2\\IntegrationTester");
// permissions setup
var warewolfGroupOps = MoqInstallerActionFactory.CreateSecurityOperationsObject();
//Delete warewolf if already a member...
warewolfGroupOps.DeleteWarewolfGroup();
warewolfGroupOps.AddWarewolfGroup();
var result = warewolfGroupOps.IsAdminMemberOfWarewolf();
Assert.IsFalse(result);
// Setup rest of test
var resource = Guid.NewGuid();
var securityPermission = new WindowsGroupPermission {
IsServer = false, ResourceID = resource, Permissions = Permissions.View, WindowsGroup = GlobalConstants.WarewolfGroup
};
var securityService = new Mock <ISecurityService>();
var user = new Mock <IPrincipal>();
var actualGChildren = new List <Mock <IDirectoryEntry> > {
new Mock <IDirectoryEntry>()
};
var gChildren = new Mock <IDirectoryEntries>();
var actualChildren = new List <Mock <IDirectoryEntry> > {
new Mock <IDirectoryEntry>()
};
var children = new Mock <IDirectoryEntries>();
var dir = new Mock <IDirectoryEntryFactory>();
securityService.SetupGet(p => p.Permissions).Returns(new List <WindowsGroupPermission> {
securityPermission
});
user.Setup(u => u.Identity.Name).Returns("TestUser");
actualGChildren.ForEach(b => b.Setup(a => a.Name).Returns("Warewolf Administrators"));
actualGChildren.ForEach(b => b.Setup(a => a.SchemaClassName).Returns("Computer"));
gChildren.Setup(a => a.GetEnumerator()).Returns(actualGChildren.Select(a => a.Object).GetEnumerator());
actualChildren.First().Setup(a => a.Children).Returns(gChildren.Object);
children.Setup(a => a.GetEnumerator()).Returns(actualChildren.Select(a => a.Object).GetEnumerator());
SchemaNameCollection filterList = new DirectoryEntry("LDAP://dev2.local", "IntegrationTester", getPassword).Children.SchemaFilter;
children.Setup(a => a.SchemaFilter).Returns(filterList);
var ss = "WinNT://" + Environment.MachineName + ",computer";
dir.Setup(a => a.Create(ss)).Returns(new TestDirectoryEntry(ss));
var authorizationService = new TestAuthorizationServiceBase(dir.Object, securityService.Object, true, true, false)
{
User = user.Object
};
authorizationService.MemberOfAdminOverride = true;
//------------Execute Test---------------------------
var isMember = authorizationService.AreAdministratorsMembersOfWarewolfAdministrators();
//------------Assert Results-------------------------
Assert.IsTrue(isMember);
}
