Exemplo n.º 1
0
        public void Operation_Deny_Direct_To_User()
        {
            EngineFactory   factory    = new EngineFactory();
            ISecurityEngine engine     = factory.CreateEngine();
            ISecurityItem   operation1 = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation1");
            ISecurityItem   operation2 = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation2");
            ISecurityItem   task       = engine.Store.AddSecurityItem().AddBagItem(Name, "Task");

            task.Children.Add(operation1);
            task.Children.Add(operation2);
            ISecurityItem     hasNoAccessFromUserOperation = engine.Store.AddSecurityItem().AddBagItem(Name, "HasNoAccessFromUserOperation");
            ISecurityIdentity user = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user");

            engine.Store.AccessAuthorize(user, task);
            engine.Store.AccessAuthorize(user, operation1).Deny();

            ICheckAccessResult operation1AccessResult = engine.CheckAccess(user, operation1);
            ICheckAccessResult operation2AccessResult = engine.CheckAccess(user, operation2);
            ICheckAccessResult taskAccessResult       = engine.CheckAccess(user, task);
            ICheckAccessResult hasNoAccessFromUserOperationAccessResult = engine.CheckAccess(user, hasNoAccessFromUserOperation);


            Assert.False(operation1AccessResult.HasAccess());
            Assert.True(operation2AccessResult.HasAccess());
            Assert.True(taskAccessResult.HasAccess());
            Assert.False(hasNoAccessFromUserOperationAccessResult.HasAccess());
        }
Exemplo n.º 2
0
        public void Operation_Access_Operation_Direct_To_User()
        {
            EngineFactory     factory   = new EngineFactory();
            ISecurityEngine   engine    = factory.CreateEngine();
            ISecurityItem     operation = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation");
            ISecurityItem     hasNoAccessFromUserOperation = engine.Store.AddSecurityItem().AddBagItem(Name, "HasNoAccessFromUserOperation");
            ISecurityIdentity user = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user");

            engine.Store.AccessAuthorize(user, operation);

            ICheckAccessResult operationAccessResult = engine.CheckAccess(user, operation);
            ICheckAccessResult hasNoAccessFromUserOperationAccessResult = engine.CheckAccess(user, hasNoAccessFromUserOperation);


            Assert.True(operationAccessResult.HasAccess());
            Assert.False(hasNoAccessFromUserOperationAccessResult.HasAccess());
        }
Exemplo n.º 3
0
        public void Operation_Access_To_Group()
        {
            EngineFactory     factory    = new EngineFactory();
            ISecurityEngine   engine     = factory.CreateEngine();
            ISecurityItem     operation  = engine.Store.AddSecurityItem().AddBagItem(Name, "Operation");
            ISecurityIdentity user1      = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user1");
            ISecurityIdentity user2      = engine.Store.AddSecurityIdentity().AddBagItem(Name, "user2");
            ISecurityIdentity adminGroup = engine.Store.AddSecurityIdentity().AddBagItem(Name, "adminGroup");

            adminGroup.Children.Add(user1);
            engine.Store.AccessAuthorize(adminGroup, operation);


            ICheckAccessResult user1AccessResult = engine.CheckAccess(user1, operation);
            ICheckAccessResult user2AccessResult = engine.CheckAccess(user2, operation);

            Assert.True(user1AccessResult.HasAccess());
            Assert.False(user2AccessResult.HasAccess());
        }