public void AccessNewApplication()
            {
                ApplicationEntitlementProvider wrappedProvider = new ApplicationEntitlementProvider(new MockSecurityService());
                FormPreviewApplicationEntitlementProvider provider = new FormPreviewApplicationEntitlementProvider(wrappedProvider)
                {
                    ImpersonatedSession = new ImpersonatedSession(new Dictionary<string, string>
                                                                                                                       {
                                                                                                                           { "role-2", "role-2" }
                                                                                                                       })
                };

                Application application = new Application
                {
                    FormId = "form-1",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User
                {
                    Id = "user-1",
                    Roles = new Dictionary<string, string>
                            { { "role-1", "role-1" } }
                };
                user.Organisations.Add("org-1", "Organisation One");

                AccessLevel applicationAccess = provider.GetApplicationAccess(new SecureSession(user), application, this.roleList, 1);

                Assert.AreEqual(AccessLevel.Write, applicationAccess);
            }
            public void AdministratorDefaultToWriteAccess()
            {
                Application application = new Application
                {
                    FormId = "form-1",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User
                {
                    Id = "administrator-1",
                    Roles = new Dictionary<string, string> { { "role-1", "role-1" }, { "Administrators", "Administrators" } }
                };
                user.Organisations.Add("org-1", "Organisation One");

                var controlsList = new ControlList
                                       {
                                           new TextControl { Id = 1 }
                                       };

                AccessLevel applicationAccess = this.provider.GetApplicationAccess(new SecureSession(user), application, this.roleList, 1);
                List<ControlAccess> controlsAccess = this.provider.GetControlsAccess(new SecureSession(user), application, controlsList, this.roleList, 1);

                Assert.AreEqual(AccessLevel.Write, applicationAccess);
                Assert.AreEqual(AccessLevel.Write, controlsAccess[0].AccessLevel);
            }
            public void EmptyPageAccess()
            {
                Application app = new Application { FormId = "form-1", WorkflowState = "New", OrganisationId = "org-1" };
                User user = new User
                {
                    Id = "user-1",
                    Organisations = new Dictionary<string, string> { { "org-1", "org-1" } },
                    Roles = new Dictionary<string, string> { { "role-2", "role-2" } }
                };

                PageList pages = new PageList
                {
                    new UserPage
                        {
                            PageId = 1
                        },
                    new UserPage
                        {
                            PageId = 2
                        },
                    new ReceiptPage
                        {
                            PageId = 3
                        }
                };

                List<PageAccess> pagesAccess = this.provider.GetPagesAccess(new SecureSession(user), app, pages, this.roleList, 1);

                Assert.AreEqual(3, pagesAccess.Count);
                Assert.AreEqual(AccessLevel.Write, pagesAccess[0].AccessLevel);
                Assert.AreEqual(AccessLevel.Write, pagesAccess[1].AccessLevel);
                Assert.AreEqual(AccessLevel.Write, pagesAccess[2].AccessLevel);
            }
            public void ServiceAccountDefaultToWriteAccess()
            {
                Application application = new Application
                {
                    FormId = "form-1",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User
                {
                    Id = "event-handler",
                    AccountType = AccountType.Service,
                    Roles = new Dictionary<string, string> { { "Administrators", "Administrators" } }
                };

                var applicationAccess = this.provider.GetApplicationAccess(new SecureSession(user), application, this.roleList, 1);

                Assert.AreEqual(AccessLevel.Write, applicationAccess);
            }
            public void SelectHighest()
            {
                Application application = new Application
                {
                    FormId = "form-1",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User
                {
                    Id = "user-1",
                    Roles = new Dictionary<string, string> { { "role-1", "role-1" }, { "role-3", "role-3" } }
                };
                user.Organisations.Add("org-1", "Organisation One");

                MetadataControlList metadataControls = new MetadataControlList() { MetadataControls = new List<string> { "application-status" } };

                List<MetadataControlAccess> metadataControlsAccess = this.provider.GetMetadataControlsAccess(new SecureSession(user), application, metadataControls, this.roleList, 1);

                Assert.AreEqual(AccessLevel.Read, metadataControlsAccess[0].AccessLevel);
            }
            public void User()
            {
                var user = new User
                {
                    Id = "user-1",
                    Roles = new Dictionary<string, string> { { "role-1", "role-1" } }
                };
                user.Organisations.Add("org-1", "Organisation One");

                var authorisedForms = this.provider.GetAuthorisedForms(new SecureSession(user), this.roleList);
                Assert.AreEqual(3, authorisedForms.Count(f => f.ExplicitWorkflowStates.Count > 0));
            }
            public void Administrator()
            {
                var user = new User
                {
                    Id = "administrator-1",
                    Roles = new Dictionary<string, string> { { "Administrators", "Administrators" } }
                };
                user.Organisations.Add("org-1", "Organisation One");

                UserFormAccessList authorisedForms = this.provider.GetAuthorisedForms(new SecureSession(user), this.roleList);
                Assert.AreEqual(5, authorisedForms.Count);
            }
 /// <summary>
 /// Update the session user with impersonated entitlements.
 /// </summary>
 /// <param name="session">The session to update.</param>
 private void ImpersonateEntitlements(SecureSession session)
 {
     User impersonatedUser = new User
                             {
                                 Roles = this.ImpersonatedSession.Roles,
                                 Organisations = session.AuthenticatedUser.Organisations,
                                 OrganisationsDisabled = session.AuthenticatedUser.OrganisationsDisabled
                             };
     session.AuthenticatedUser = impersonatedUser;
 }
            public void OriginatorOrgEntitled()
            {
                Application application = new Application
                {
                    CreatedBy = new AuthenticatedApplicationUser { Id = "user-1" },
                    FormId = "form-5",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User
                {
                    Id = "user-1"
                };
                user.Organisations.Add("org-1", "Organisation One");

                AccessLevel applicationAccess = this.provider.GetApplicationAccess(new SecureSession(user), application, this.roleList, 1);

                Assert.AreEqual(AccessLevel.Write, applicationAccess);
            }
            public void NotOrgEntitled()
            {
                Application application = new Application
                {
                    CreatedBy = new AuthenticatedApplicationUser { Id = "user-1" },
                    FormId = "form-2",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User { Id = "user-2" };
                user.Roles.Add("role-2", "role-2");
                user.Organisations.Add("org-2", "Organisation Two");

                AccessLevel applicationAccess = this.provider.GetApplicationAccess(new SecureSession(user), application, this.roleList, 1);
                Assert.AreEqual(AccessLevel.NoAccess, applicationAccess);
            }
            public void EmptyControlEntitlements()
            {
                Application application = new Application
                {
                    FormId = "form-2",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User
                {
                    Id = "user-1",
                    Roles = new Dictionary<string, string> { { "role-1", "role-1" }, { "role-2", "role-2" } }
                };
                user.Organisations.Add("org-1", "Organisation One");

                var controlsList = new ControlList() { new TextControl() { Id = 1 } };
                var controlsAccess = this.provider.GetControlsAccess(new SecureSession(user), application, controlsList, this.roleList, 1);
                Assert.AreEqual(AccessLevel.Write, controlsAccess[0].AccessLevel);
            }
            public void DraftByViewAllDraftsUser()
            {
                Application application = new Application
                {
                    AssignedTo = "user-1",
                    CreatedBy = new AuthenticatedApplicationUser { Id = "user-1" },
                    Draft = true,
                    FormId = "form-2",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User { Id = "ViewAllDrafts" };
                user.Roles.Add("role-2", "role-2");
                user.Organisations.Add("org-1", "Organisation One");

                AccessLevel applicationAccess = this.provider.GetApplicationAccess(new SecureSession(user), application, this.roleList, 1);
                Assert.AreEqual(AccessLevel.Write, applicationAccess);
            }
 /// <summary>
 /// Initializes a new instance of the <see cref="ServiceAccountCreatedEventArgs"/> class.
 /// </summary>
 /// <param name="user">The user that was created.</param>
 /// <param name="password">The user password.</param>
 public ServiceAccountCreatedEventArgs(User user, string password)
 {
     this.User = user;
     this.Password = password;
 }
            public void SelectHighest()
            {
                Application app = new Application { FormId = "form-1", WorkflowState = "New" };
                User user = new User
                {
                    Id = "user-1",
                    Roles = new Dictionary<string, string> { { "role-1", "role-1" }, { "role-3", "role-3" } }
                };

                PageList pages = new PageList
                {
                    new UserPage
                        {
                            PageId = 1
                        },
                    new UserPage
                        {
                            PageId = 2
                        },
                    new ReceiptPage
                        {
                            PageId = 3
                        }
                };

                List<PageAccess> pagesAccess = this.provider.GetPagesAccess(new SecureSession(user), app, pages, this.roleList, 0);
                Assert.AreEqual(3, pagesAccess.Count);
                Assert.AreEqual(AccessLevel.Read, pagesAccess[0].AccessLevel);
                Assert.AreEqual(AccessLevel.Read, pagesAccess[1].AccessLevel);
                Assert.AreEqual(AccessLevel.Read, pagesAccess[2].AccessLevel);
            }
            public void SelectHighestEntitlement()
            {
                Application application = new Application
                {
                    FormId = "form-1",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User
                {
                    Id = "user-1",
                    Roles = new Dictionary<string, string> { { "role-1", "role-1" }, { "role-3", "role-3" } }
                };
                user.Organisations.Add("org-1", "Organisation One");

                ControlList controlList = new ControlList { new CalculationControl { Id = 3 } };
                List<ControlAccess> controlsAccess = this.provider.GetControlsAccess(new SecureSession(user), application, controlList, this.roleList, 1);

                Assert.AreEqual(AccessLevel.Read, controlsAccess.First(c => c.Id == 3).AccessLevel);
            }
            public void AssigneeOrgEntitled()
            {
                Application application = new Application
                {
                    AssignedTo = "user-1",
                    FormId = "form-4",
                    OrganisationId = "org-1",
                    WorkflowState = "New"
                };

                User user = new User { Id = "user-1" };
                user.Organisations.Add("org-1", "Organisation One");

                AccessLevel applicationAccess = this.provider.GetApplicationAccess(new SecureSession(user), application, this.roleList, 1);
                Assert.AreEqual(AccessLevel.Write, applicationAccess);
            }
        /// <summary>
        /// Initializes the Administrator account if it doesn't already exist.
        /// </summary>
        private void InitAdministratorAccount()
        {
            MongoCollection<BsonDocument> collection = this.Database.GetCollection(iApplyDb.UserAccess._COLLECTION_NAME);
            string username = Constants.Adminstrator_Username;
            IMongoQuery query = Query.And(
                Query.EQ(iApplyDb.UserAccess.USERNAME, new BsonRegularExpression(username, "i")));

            if (collection.Count(query) > 0)
            {
                this.installLogger.LogLine(Messages.DB_AdministratorAccountFound);
                return;
            }

            if (string.IsNullOrEmpty(this.installConfiguration.AdminEmail))
            {
                this.installConfiguration.AdminEmail = this.ReadInput("Administrator Email");
            }

            if (string.IsNullOrEmpty(this.installConfiguration.AdminPassword))
            {
                this.installConfiguration.AdminPassword = this.ReadPassword("Administrator Password");
            }

            this.installLogger.Log(Messages.DB_CreateAdministratorAccount);
            string salt = CryptoHelper.GenerateSalt();

            User user = new User
                        {
                AccountStatus = AccountStatus.Active,
                AccountType = AccountType.System,
                DisplayName = username,
                EmailAddress = this.installConfiguration.AdminEmail,
                Organisations = new Dictionary<string, string>(),
                PasswordHash = CryptoHelper.HashPassword(this.installConfiguration.AdminPassword, salt),
                PasswordSalt = salt,
                PasswordTryCount = 0,
                Roles = new Dictionary<string, string>(),
                Username = username
            };

            user.Organisations.Add(this.installVariables.OrgId, this.installVariables.BaseOrganisation.Name);

            KeyValuePair<string, string> adminRole = this.installVariables.Roles.First(kvp => kvp.Value == SecurityConstants.AdministratorRoleName);
            user.Roles.Add(adminRole.Key, adminRole.Value);
            BsonDocument userDoc = BsonConverter.ConvertToBsonViaJson(user, new JsonSerializerSettings { ContractResolver = new DiscretionalContractResolver(true) });
            collection.Save(userDoc);
            this.installLogger.LogSuccess(Messages.MAIN_StepComplete);
        }