public async Task EvaluateAsync_EvaluatesOnlyPoliciesRelevantToTheAction() { // Arrange const string extraPolicyName = "ExtraPolicy"; var extraPolicyHandlerMock = new Mock <UserSecurityPolicyHandler>(extraPolicyName, SecurityPolicyAction.ManagePackageOwners); var policyData = new TestUserSecurityPolicyData(); var policyHandlers = new List <UserSecurityPolicyHandler>(policyData.Handlers.Select(x => x.Object)); policyHandlers.Add(extraPolicyHandlerMock.Object); var service = new TestSecurityPolicyService(policyData, policyHandlers); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; var userSecurityPolicies = new List <UserSecurityPolicy>(subscription.Policies); userSecurityPolicies.Add(new UserSecurityPolicy(extraPolicyName, "ExtraSubscription")); user.SecurityPolicies = userSecurityPolicies; // Act var result = await service.EvaluateUserPoliciesAsync(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.True(result.Success); Assert.Null(result.ErrorMessage); service.Mocks.MockPolicyHandler1.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Once); service.Mocks.MockPolicyHandler2.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Once); extraPolicyHandlerMock.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Never); }
public async Task SubscribeAsync_AddsAllSubscriptionPoliciesWhenHasSameAsDifferentSubscription() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); var subscriptionName2 = "MockSubscription2"; var subscription = service.Mocks.Subscription.Object; foreach (var policy in subscription.Policies) { user.SecurityPolicies.Add(new UserSecurityPolicy(policy.Name, subscriptionName2)); } // Act. var subscribed = await service.SubscribeAsync(user, service.UserSubscriptions.First()); // Act & Assert. Assert.True(subscribed); var policies = user.SecurityPolicies.ToList(); Assert.Equal(4, policies.Count); Assert.Equal(subscriptionName2, policies[0].Subscription); Assert.Equal(subscriptionName2, policies[0].Subscription); service.Mocks.VerifySubscriptionPolicies(policies.Skip(2)); service.Mocks.Subscription.Verify(s => s.OnSubscribeAsync(It.IsAny <UserSecurityPolicySubscriptionContext>()), Times.Once); service.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Once); }
public async Task UnsubscribeAsync_DoesNotRemoveOtherSubscriptionPolicies() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); var subscriptionName2 = "MockSubscription2"; var subscription = service.Mocks.Subscription.Object; foreach (var policy in subscription.Policies) { user.SecurityPolicies.Add(new UserSecurityPolicy(policy)); user.SecurityPolicies.Add(new UserSecurityPolicy(policy.Name, subscriptionName2)); } Assert.Equal(4, user.SecurityPolicies.Count); // Act. await service.UnsubscribeAsync(user, service.UserSubscriptions.First()); // Act & Assert. var policies = user.SecurityPolicies.ToList(); Assert.Equal(2, policies.Count); Assert.Equal(subscriptionName2, policies[0].Subscription); Assert.Equal(subscriptionName2, policies[1].Subscription); service.Mocks.Subscription.Verify(s => s.OnUnsubscribeAsync(It.IsAny <UserSecurityPolicySubscriptionContext>()), Times.Once); service.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Once); service.MockUserSecurityPolicies.Verify(p => p.Remove(It.IsAny <UserSecurityPolicy>()), Times.Exactly(2)); }
public async Task EvaluateAsync_WhenDefaultSecurityPolicyNotMetReturnFailure() { // Arrange var policyData = new TestUserSecurityPolicyData(policy1Result: true, policy2Result: true, defaultPolicy1Result: true, defaultPolicy2Result: false); var configuration = new AppConfiguration() { EnforceDefaultSecurityPolicies = true }; var service = new TestSecurityPolicyService(policyData, null, null, null, null, configuration); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; user.SecurityPolicies = subscription.Policies.ToList(); // Act var result = await service.EvaluateUserPoliciesAsync(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.Equal(false, result.Success); // The error indicates which subscription failed Assert.Contains(policyData.DefaultSubscription.Object.SubscriptionName, result.ErrorMessage); // Audit record is saved service.MockAuditingService.Verify(s => s.SaveAuditRecordAsync(It.IsAny <AuditRecord>()), Times.Once); // Policies are evaluated only once service.Mocks.MockPolicyHandler1.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Once); service.Mocks.MockPolicyHandler2.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Once); }
public void IsSubscribed_ReturnsTrueIfUserHasSubscriptionPolicies() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; user.SecurityPolicies = subscription.Policies.ToList(); // Act & Assert. Assert.True(service.IsSubscribed(user, service.UserSubscriptions.Single())); }
public void IsSubscribed_ReturnsFalseIfUserDoesNotHaveAllSubscriptionPolicies() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; user.SecurityPolicies.Add(subscription.Policies.First()); // Act & Assert. Assert.False(service.IsSubscribed(user, service.UserSubscriptions.First())); }
public async Task UnsubscribeAsync_DoesNotSaveAuditRecordIfWasNotSubscribed() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); var subscription = service.UserSubscriptions.First(); // Act. await service.UnsubscribeAsync(user, subscription); // Act & Assert. service.MockAuditingService.Verify(s => s.SaveAuditRecordAsync(It.IsAny <AuditRecord>()), Times.Never); }
private TestSecurityPolicyService CreateSecurityPolicyService() { var auditing = new Mock <IAuditingService>(); auditing.Setup(s => s.SaveAuditRecordAsync(It.IsAny <AuditRecord>())).Returns(Task.CompletedTask).Verifiable(); var subscription = new MicrosoftTeamSubscription(); var service = new TestSecurityPolicyService( mockAuditing: auditing, userSubscriptions: new[] { subscription }, organizationSubscriptions: new[] { subscription }); return(service); }
public async Task SubscribeAsync_AddsAllSubscriptionPoliciesWhenHasNoneToStart() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); // Act. await service.SubscribeAsync(user, service.UserSubscriptions.First()); // Act & Assert. Assert.Equal(2, user.SecurityPolicies.Count); service.Mocks.VerifySubscriptionPolicies(user.SecurityPolicies); service.Mocks.Subscription.Verify(s => s.OnSubscribeAsync(It.IsAny <UserSecurityPolicySubscriptionContext>()), Times.Once); service.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Once); }
public async Task EvaluateAsync_ReturnsNonSuccessAfterFirstFailure() { // Arrange var policyData = new TestUserSecurityPolicyData(policy1Result: false, policy2Result: true); var service = new TestSecurityPolicyService(policyData); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; user.SecurityPolicies = subscription.Policies.ToList(); // Act var result = await service.EvaluateAsync(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert service.Mocks.VerifyPolicyEvaluation(expectedPolicy1: false, expectedPolicy2: null, actual: result); }
public async Task EvaluateAsync_ReturnsSuccessWithoutEvaluationIfNoPoliciesWereFound() { // Arrange var service = new TestSecurityPolicyService(); var user = new User("testUser"); // Act var result = await service.EvaluateAsync(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.True(result.Success); Assert.Null(result.ErrorMessage); service.Mocks.MockPolicy1.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Never); service.Mocks.MockPolicy2.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Never); }
public void IsSubscribed_ReturnsTrueIfUserHasSubscriptionAndOtherPolicies() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); user.SecurityPolicies.Add(new UserSecurityPolicy("OtherPolicy", "OtherSubscription")); var subscription = service.Mocks.Subscription.Object; foreach (var policy in subscription.Policies) { user.SecurityPolicies.Add(policy); } // Act & Assert. Assert.True(service.IsSubscribed(user, service.UserSubscriptions.First())); }
public async Task EvaluateAsync_SavesAuditRecordsForSuccessAndFailureCases(bool success, int times) { // Arrange var policyData = new TestUserSecurityPolicyData(policy1Result: success, policy2Result: success); var service = new TestSecurityPolicyService(policyData); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; user.SecurityPolicies = subscription.Policies.ToList(); // Act var result = await service.EvaluateAsync(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.Equal(success, result.Success); service.MockAuditingService.Verify(s => s.SaveAuditRecordAsync(It.IsAny <AuditRecord>()), Times.Exactly(times)); }
private TestSecurityPolicyService CreateSecurityPolicyService() { var auditing = new Mock <IAuditingService>(); auditing.Setup(s => s.SaveAuditRecordAsync(It.IsAny <AuditRecord>())).Returns(Task.CompletedTask).Verifiable(); var subscription = new DefaultSubscription(); var service = new TestSecurityPolicyService( mockAuditing: auditing, userHandlers: new UserSecurityPolicyHandler[] { new RequireMinProtocolVersionForPushPolicy(), new RequirePackageVerifyScopePolicy() }, userSubscriptions: new[] { subscription }); return(service); }
public async Task EvaluateAsync_ReturnsSuccessWithEvaluationIfPoliciesFoundAndMet() { // Arrange var service = new TestSecurityPolicyService(); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; user.SecurityPolicies = subscription.Policies.ToList(); // Act var result = await service.EvaluateAsync(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.True(result.Success); Assert.Null(result.ErrorMessage); service.Mocks.MockPolicy1.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Once); service.Mocks.MockPolicy2.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Once); }
public void EvaluateReturnsSuccessWithEvaluationIfPoliciesFoundAndMet() { // Arrange var service = new TestSecurityPolicyService(); var user = new User("testUser"); user.SecurityPolicies.Add(new UserSecurityPolicy("MockPushPolicy1")); user.SecurityPolicies.Add(new UserSecurityPolicy("MockPushPolicy2")); // Act var result = service.Evaluate(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.True(result.Success); Assert.Null(result.ErrorMessage); service.MockPushPolicy1.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyContext>()), Times.Once); service.MockPushPolicy2.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyContext>()), Times.Once); }
public void EvaluateReturnsAfterFirstFailure() { // Arrange var service = new TestSecurityPolicyService(success1: false, success2: true); var user = new User("testUser"); user.SecurityPolicies.Add(new UserSecurityPolicy("MockPushPolicy1")); user.SecurityPolicies.Add(new UserSecurityPolicy("MockPushPolicy2")); // Act var result = service.Evaluate(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.False(result.Success); Assert.Equal("MockPushPolicy1", result.ErrorMessage); service.MockPushPolicy1.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyContext>()), Times.Once); service.MockPushPolicy2.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyContext>()), Times.Never); }
public async Task EvaluateAsync_WhenEnforceDefaultSecurityPoliciesIsFalseDefaultPolicyNotEvaluated() { // Arrange var policyData = new TestUserSecurityPolicyData(policy1Result: true, policy2Result: true, defaultPolicy1Result: false, defaultPolicy2Result: false); var service = new TestSecurityPolicyService(policyData); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; user.SecurityPolicies = subscription.Policies.ToList(); // Act var result = await service.EvaluateUserPoliciesAsync(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.True(result.Success); Assert.Null(result.ErrorMessage); service.Mocks.MockPolicyHandler1.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Once); service.Mocks.MockPolicyHandler2.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Once); }
public async Task UnsubscribeAsync_RemovesAllSubscriptionPolicies() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); var subscription = service.Mocks.UserPoliciesSubscription.Object; foreach (var policy in subscription.Policies) { user.SecurityPolicies.Add(new UserSecurityPolicy(policy)); } Assert.Equal(2, user.SecurityPolicies.Count); // Act. await service.UnsubscribeAsync(user, service.Subscriptions.First()); // Act & Assert. Assert.Equal(0, user.SecurityPolicies.Count); service.Mocks.UserPoliciesSubscription.Verify(s => s.OnUnsubscribeAsync(It.IsAny <UserSecurityPolicySubscriptionContext>()), Times.Once); service.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Once); service.MockUserSecurityPolicies.Verify(p => p.Remove(It.IsAny <UserSecurityPolicy>()), Times.Exactly(2)); }
public async Task SubscribeAsync_DoesNotAddSubscriptionPoliciesIfAlreadySubscribed() { // Arrange. var service = new TestSecurityPolicyService(); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; foreach (var policy in subscription.Policies) { user.SecurityPolicies.Add(new UserSecurityPolicy(policy)); } Assert.Equal(2, user.SecurityPolicies.Count); // Act. await service.SubscribeAsync(user, service.UserSubscriptions.First()); // Act & Assert. Assert.Equal(2, user.SecurityPolicies.Count); service.Mocks.VerifySubscriptionPolicies(user.SecurityPolicies); service.Mocks.Subscription.Verify(s => s.OnSubscribeAsync(It.IsAny <UserSecurityPolicySubscriptionContext>()), Times.Never); service.MockEntitiesContext.Verify(c => c.SaveChangesAsync(), Times.Never); }
private TestSecurityPolicyService CreateSecurityPolicyService() { var auditing = new Mock <IAuditingService>(); auditing.Setup(s => s.SaveAuditRecordAsync(It.IsAny <AuditRecord>())).Returns(Task.CompletedTask).Verifiable(); var diagnostics = new DiagnosticsService().GetSource(nameof(SecurePushSubscriptionFacts)); var diagnosticsService = new Mock <IDiagnosticsService>(); diagnosticsService.Setup(s => s.GetSource(It.IsAny <string>())).Returns(diagnostics); var subscription = new SecurePushSubscription(auditing.Object, diagnosticsService.Object); var service = new TestSecurityPolicyService( mockAuditing: auditing, userHandlers: new UserSecurityPolicyHandler[] { new RequireMinClientVersionForPushPolicy(), new RequirePackageVerifyScopePolicy() }, userSubscriptions: new[] { subscription }); return(service); }
public async Task EvaluateAsync_WhenDefaultSecurityPolicyIsMetUserPolicyIsEvaluated(bool userPolicyMet) { // Arrange var policyData = new TestUserSecurityPolicyData(policy1Result: true, policy2Result: userPolicyMet, defaultPolicy1Result: true, defaultPolicy2Result: true); var configuration = new AppConfiguration() { EnforceDefaultSecurityPolicies = true }; var service = new TestSecurityPolicyService(policyData, null, null, null, null, configuration); var user = new User("testUser"); var subscription = service.Mocks.Subscription.Object; user.SecurityPolicies = subscription.Policies.ToList(); // Act var result = await service.EvaluateUserPoliciesAsync(SecurityPolicyAction.PackagePush, CreateHttpContext(user)); // Assert Assert.Equal(userPolicyMet, result.Success); // Default policies and user policies are evaluated service.Mocks.MockPolicyHandler1.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Exactly(2)); service.Mocks.MockPolicyHandler2.Verify(p => p.Evaluate(It.IsAny <UserSecurityPolicyEvaluationContext>()), Times.Exactly(2)); }