Exemplo n.º 1
0
        public void ApplyPermissionChange(Guid principalID, Guid claimID, string isAuthorized)
        {
            bool?authorized = ConvertIsAuthorized(isAuthorized);

            if (authorized == null)
            {
                DeletePermission(principalID, claimID);
            }
            else
            {
                SaveEntityCommandInfo commandInfo = new SaveEntityCommandInfo();
                commandInfo.Entity = _ePermission;

                dynamic permission = FindPermission(principalID, claimID);
                if (permission == null)
                {
                    permission               = CreateEntity(_ePermission);
                    permission.ID            = Guid.NewGuid();
                    permission.PrincipalID   = principalID;
                    permission.ClaimID       = claimID;
                    permission.IsAuthorized  = (bool)authorized;
                    commandInfo.DataToInsert = new IEntity[] { permission };
                }
                else
                {
                    permission.IsAuthorized  = (bool)authorized;
                    commandInfo.DataToUpdate = new IEntity[] { permission };
                }

                SaveEntity(commandInfo);
            }
        }
Exemplo n.º 2
0
        private void ExecuteSaveCommand(SaveEntityCommandInfo saveInfo, RhetosTestContainer container)
        {
            var commandImplementations = container.Resolve <IPluginsContainer <ICommandImplementation> >();
            var saveCommand            = commandImplementations.GetImplementations(saveInfo.GetType()).Single();

            saveCommand.Execute(saveInfo);
        }
Exemplo n.º 3
0
        public void DeletePrincipal(Guid id)
        {
            SaveEntityCommandInfo commandInfo = new SaveEntityCommandInfo();

            commandInfo.Entity = _ePrincipal;
            dynamic principal = CreateEntity(_ePrincipal);

            principal.ID             = id;
            commandInfo.DataToDelete = new IEntity[] { principal };

            SaveEntity(commandInfo);
        }
Exemplo n.º 4
0
        public void CreatePrincipal(string name)
        {
            SaveEntityCommandInfo commandInfo = new SaveEntityCommandInfo();

            commandInfo.Entity = _ePrincipal;
            dynamic principal = CreateEntity(_ePrincipal);

            principal.ID             = Guid.NewGuid();
            principal.Name           = name;
            commandInfo.DataToInsert = new IEntity[] { principal };

            SaveEntity(commandInfo);
        }
Exemplo n.º 5
0
        public void UpdatePrincipalName(Guid id, string name)
        {
            SaveEntityCommandInfo commandInfo = new SaveEntityCommandInfo();

            commandInfo.Entity = _ePrincipal;
            dynamic principal = CreateEntity(_ePrincipal);

            principal.ID             = id;
            principal.Name           = name;
            commandInfo.DataToUpdate = new IEntity[] { principal };

            SaveEntity(commandInfo);
        }
        public string WriteBook()
        {
            var newBook = new Bookstore.Book {
                Title = "NewBook"
            };
            var saveCommandInfo = new SaveEntityCommandInfo {
                Entity = "Bookstore.Book", DataToInsert = new[] { newBook }
            };

            processingEngine.Execute(saveCommandInfo);
            unitOfWork.CommitAndClose(); // Commits and closes the database transaction for the current unit of work scope (web request).
            return("1 book inserted.");
        }
        private void DeleteUsers(params string[] usernames)
        {
            var users = ReadUsers(usernames);

            if (users.Length > 0)
            {
                var command = new SaveEntityCommandInfo
                {
                    Entity       = typeof(Common.Principal).FullName,
                    DataToDelete = users
                };
                Exec(command);
            }
        }
        public ProcessingResult DeleteData <T>(T entity)
        {
            var commandInfo = new SaveEntityCommandInfo
            {
                Entity       = typeof(T).FullName,
                DataToDelete = new[] { (IEntity)entity }
            };

            var result = _processingEngine.Execute(new[] { commandInfo });

            CheckForErrors(result);

            return(result);
        }
Exemplo n.º 9
0
        private T[] TestWrite <T>(T[] initial, T[] insertItems, T[] updateItems, T[] deleteItems, string expectedException) where T : class, IEntity
        {
            // we need to use commitChanges == true to validate rollbacks on bad inserts and updates

            // initialize and persist
            using (var container = new RhetosTestContainer(true))
            {
                var gRepository = container.Resolve <GenericRepository <T> >();
                // clear the repository
                gRepository.Save(null, null, gRepository.Load());

                // save initial data
                gRepository.Save(initial, null, null);
            }

            // attempt to write test data
            using (var container = new RhetosTestContainer(true))
            {
                // construct and execute SaveEntityCommand
                var saveCommand = new SaveEntityCommandInfo()
                {
                    Entity       = typeof(T).FullName,
                    DataToInsert = insertItems,
                    DataToUpdate = updateItems,
                    DataToDelete = deleteItems
                };

                if (string.IsNullOrEmpty(expectedException))
                {
                    ExecuteSaveCommand(saveCommand, container);
                }
                else
                {
                    TestUtility.ShouldFail(() => ExecuteSaveCommand(saveCommand, container), expectedException);
                }
            } // closing the scope makes transactions rollback for failed commands

            // read final state and cleanup
            using (var container = new RhetosTestContainer(true))
            {
                var finalRepository = container.Resolve <GenericRepository <T> >();
                var allData         = finalRepository.Load().ToArray();

                // cleanup
                finalRepository.Save(null, null, allData);

                // return state of repository before cleanup
                return(allData);
            }
        }
Exemplo n.º 10
0
        private void DeletePermission(Guid principalID, Guid claimID)
        {
            dynamic permission = FindPermission(principalID, claimID);

            if (permission == null)
            {
                return;
            }

            SaveEntityCommandInfo commandInfo = new SaveEntityCommandInfo();

            commandInfo.Entity       = _ePermission;
            commandInfo.DataToDelete = new IEntity[] { permission };
            SaveEntity(commandInfo);
        }
        public void LogCommandClientErrorDescription()
        {
            var log = new List <string>();

            using (var scope = TestScope.Create(builder => builder
                                                .ConfigureLogMonitor(log)
                                                .ConfigureIgnoreClaims()))
            {
                var processingEngine = scope.Resolve <IProcessingEngine>();
                var saveDuplicates   = new SaveEntityCommandInfo
                {
                    Entity       = "TestUnique.E",
                    DataToInsert = new[]
                    {
                        new TestUnique.E {
                            I = 123, S = "abc"
                        },
                        new TestUnique.E {
                            I = 123, S = "abc"
                        },
                    }
                };
                var processingEngineResult = processingEngine.Execute(new[] { saveDuplicates });
                Assert.IsFalse(processingEngineResult.Success);
                TestUtility.AssertContains(processingEngineResult.UserMessage, "duplicate");

                var excected = new ListOfTuples <string, IEnumerable <string> >()
                {
                    { "request info", new[] { "ProcessingEngine Request", "SaveEntityCommandInfo TestUnique.E, insert 2" } },
                    { "command xml", new[] { "ProcessingEngine Commands", "<DataToInsert", ">abc</S>" } },
                    { "error info", new[] { "Command failed: SaveEntityCommandInfo TestUnique.E, insert 2. Rhetos.UserException", "duplicate", "IX_E_S_I_R", "stack trace" } },
                    { "CommandsWithClientError xml", new[] { "ProcessingEngine CommandsWithClientError", "<DataToInsert", ">abc</S>" } },
                    { "CommandsWithClientError result", new[] { "ProcessingEngine CommandsWithClientError", "<UserMessage>", "It is not allowed" } },
                };

                foreach (var test in excected)
                {
                    Assert.IsTrue(log.Any(line => test.Item2.All(pattern => line.Contains(pattern))), "Missing a log entry for test '" + test.Item1 + "'.");
                }

                var notExpected = new[] { "CommandsWithServerError" };

                foreach (var test in notExpected)
                {
                    Assert.IsFalse(log.Any(line => line.Contains(test)), "Unexpected log entry for test '" + test + "'.");
                }
            }
        }
        public string DemoEntity(string name)
        {
            if (string.IsNullOrEmpty(name))
            {
                return($"Please specify value for Name property for entity to add.");
            }

            var insertCommand = new SaveEntityCommandInfo()
            {
                Entity       = "AspNetDemo.DemoEntity",
                DataToInsert = new[] { new AspNetDemo_DemoEntity()
                                       {
                                           Name = name
                                       } }
            };
            var result = rhetosProcessingEngine.Value.Execute(new List <ICommandInfo>()
            {
                insertCommand
            });

            return(JsonConvert.SerializeObject(result, Formatting.Indented));
        }
Exemplo n.º 13
0
 public void ProcessingEngineUniqueConstraintError()
 {
     using (var scope = TestScope.Create(builder => builder.ConfigureIgnoreClaims()))
     {
         var processingEngine = scope.Resolve <IProcessingEngine>();
         var saveDuplicates   = new SaveEntityCommandInfo
         {
             Entity       = "TestUnique.E",
             DataToInsert = new[]
             {
                 new TestUnique.E {
                     I = 123, S = "abc"
                 },
                 new TestUnique.E {
                     I = 123, S = "abc"
                 },
             }
         };
         var processingEngineResult = processingEngine.Execute(new[] { saveDuplicates });
         Assert.IsFalse(processingEngineResult.Success);
         TestUtility.AssertContains(processingEngineResult.UserMessage, "duplicate");
     }
 }
Exemplo n.º 14
0
        public void CombiningMultipleRules()
        {
            InsertCurrentPrincipal(); // Not related to row permissions.

            // Insert the test data (server code bypasses row permissions):

            using (var scope = TestScope.Create())
            {
                var repository = scope.Resolve <Common.DomRepository>();
                var context    = scope.Resolve <Common.ExecutionContext>();
                repository.DemoRowPermissions2.DocumentApproval.Delete(repository.DemoRowPermissions2.DocumentApproval.Query());
                repository.DemoRowPermissions2.DocumentComment.Delete(repository.DemoRowPermissions2.DocumentComment.Query());
                repository.DemoRowPermissions2.Document.Delete(repository.DemoRowPermissions2.Document.Query());
                repository.DemoRowPermissions2.RegionSupervisor.Delete(repository.DemoRowPermissions2.RegionSupervisor.Query());
                repository.DemoRowPermissions2.Employee.Delete(repository.DemoRowPermissions2.Employee.Query());
                repository.DemoRowPermissions2.Division.Delete(repository.DemoRowPermissions2.Division.Query());
                repository.DemoRowPermissions2.Region.Delete(repository.DemoRowPermissions2.Region.Query());

                var reg3 = new DemoRowPermissions2.Region {
                    Name = "reg3"
                };
                repository.DemoRowPermissions2.Region.Insert(new[] { reg3 });

                var div1 = new DemoRowPermissions2.Division {
                    Name = "div1"
                };
                var div2 = new DemoRowPermissions2.Division {
                    Name = "div2"
                };
                var div3 = new DemoRowPermissions2.Division {
                    Name = "div3", RegionID = reg3.ID
                };
                repository.DemoRowPermissions2.Division.Insert(new[] { div1, div2, div3 });

                // The current user:
                var emp1 = new DemoRowPermissions2.Employee
                {
                    UserName   = context.UserInfo.UserName,
                    DivisionID = div1.ID
                };
                repository.DemoRowPermissions2.Employee.Insert(new[] { emp1 });

                var sup3 = new DemoRowPermissions2.RegionSupervisor
                {
                    EmployeeID = emp1.ID,
                    RegionID   = reg3.ID
                };
                repository.DemoRowPermissions2.RegionSupervisor.Insert(new[] { sup3 });

                // The user can access doc1, because it's in the same division:
                var doc1 = new DemoRowPermissions2.Document {
                    Title = "doc1", DivisionID = div1.ID
                };
                // The user cannot access doc2:
                var doc2 = new DemoRowPermissions2.Document {
                    Title = "doc2", DivisionID = div2.ID
                };
                // The user can access doc3, because it's in the region he supervises:
                var doc3 = new DemoRowPermissions2.Document {
                    Title = "doc3", DivisionID = div3.ID
                };
                // The user can access doc4 (same division), but cannot edit it (previous year):
                var doc4 = new DemoRowPermissions2.Document {
                    Title = "doc4", DivisionID = div1.ID, Created = DateTime.Now.AddYears(-1)
                };
                repository.DemoRowPermissions2.Document.Insert(new[] { doc1, doc2, doc3, doc4 });

                scope.CommitAndClose();
            }

            // Simulate client request: Reading all documents (access denied)

            using (var scope = TestScope.Create(builder => builder.ConfigureIgnoreClaims()))
            {
                var processingEngine = scope.Resolve <IProcessingEngine>();
                var serverCommand    = new ReadCommandInfo
                {
                    DataSource  = typeof(DemoRowPermissions2.Document).FullName,
                    ReadRecords = true
                };
                var serverResponse = processingEngine.Execute(new[] { serverCommand });
                var report         = GenerateReport(serverResponse);
                Console.WriteLine("Server response: " + report);
                Assert.IsTrue(report.Contains("You are not authorized"));
            }

            // Simulate client request: Reading the user's documents

            using (var scope = TestScope.Create(builder => builder.ConfigureIgnoreClaims()))
            {
                var processingEngine = scope.Resolve <IProcessingEngine>();
                var serverCommand    = new ReadCommandInfo
                {
                    DataSource  = typeof(DemoRowPermissions2.Document).FullName,
                    ReadRecords = true,
                    Filters     = new[] { new FilterCriteria(typeof(Common.RowPermissionsReadItems)) }
                };
                var serverResponse = processingEngine.Execute(new[] { serverCommand });
                var report         = GenerateReport(serverResponse);
                Console.WriteLine("Server response: " + report);
                Assert.AreEqual("doc1, doc3, doc4", report);
            }

            // Simulate client request: Edit doc1 (ok)

            using (var scope = TestScope.Create(builder => builder.ConfigureIgnoreClaims()))
            {
                var repository = scope.Resolve <Common.DomRepository>();
                var doc1       = repository.DemoRowPermissions2.Document.Query().Where(d => d.Title == "doc1").Single();
                doc1.Title += "x";

                var processingEngine = scope.Resolve <IProcessingEngine>();
                var serverCommand    = new SaveEntityCommandInfo
                {
                    Entity       = typeof(DemoRowPermissions2.Document).FullName,
                    DataToUpdate = new[] { doc1 }
                };
                var serverResponse = processingEngine.Execute(new[] { serverCommand });
                var report         = GenerateReport(serverResponse);
                Console.WriteLine("Server response: " + report);
                Assert.AreEqual("Command executed", report);

                var documents = repository.DemoRowPermissions2.Document.Query().Select(d => d.Title).OrderBy(t => t);
                Assert.AreEqual("doc1x, doc2, doc3, doc4", string.Join(", ", documents));
            }

            // Simulate client request: Edit doc4 (access denied)

            using (var scope = TestScope.Create(builder => builder.ConfigureIgnoreClaims()))
            {
                var repository = scope.Resolve <Common.DomRepository>();
                var doc4       = repository.DemoRowPermissions2.Document.Query().Where(d => d.Title == "doc4").Single();
                doc4.Title += "x";

                var processingEngine = scope.Resolve <IProcessingEngine>();
                var serverCommand    = new SaveEntityCommandInfo
                {
                    Entity       = typeof(DemoRowPermissions2.Document).FullName,
                    DataToUpdate = new[] { doc4 }
                };

                var serverResponse = processingEngine.Execute(new[] { serverCommand });
                var report         = GenerateReport(serverResponse);
                Console.WriteLine("Server response: " + report);
                Assert.IsTrue(report.Contains("Insufficient permissions"));
            }
        }
Exemplo n.º 15
0
        public void RulesWrite()
        {
            using (var container = new RhetosTestContainer())
            {
                var repositories           = container.Resolve <Common.DomRepository>();
                var emptyRP                = repositories.TestRowPermissions.RPWriteRulesEmpty;
                var writeRP                = repositories.TestRowPermissions.RPWriteRules;
                var commandImplementations = container.Resolve <IPluginsContainer <ICommandImplementation> >();
                var saveCommand            = commandImplementations.GetImplementations(typeof(SaveEntityCommandInfo)).Single();

                {
                    emptyRP.Delete(emptyRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRulesEmpty"
                    };
                    saveInfo.DataToInsert = new[] { new RPWriteRulesEmpty() };
                    TestUtility.ShouldFail(() => saveCommand.Execute(saveInfo), _writeException);
                }
                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    saveInfo.DataToInsert = (new[] { 10 }).Select(item => new RPWriteRules()
                    {
                        value = item
                    }).ToArray();
                    TestUtility.ShouldFail(() => saveCommand.Execute(saveInfo), _writeException);
                }

                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    saveInfo.DataToInsert = (new[] { 5 }).Select(item => new RPWriteRules()
                    {
                        value = item
                    }).ToArray();
                    TestUtility.ShouldFail(() => saveCommand.Execute(saveInfo), _writeException);
                }

                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    saveInfo.DataToInsert = (new[] { 1, 2, 8 }).Select(item => new RPWriteRules()
                    {
                        value = item
                    }).ToArray();
                    TestUtility.ShouldFail(() => saveCommand.Execute(saveInfo), _writeException);
                }

                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    saveInfo.DataToDelete = (new[] { 7 }).Select(item => new RPWriteRules()
                    {
                        value = item, ID = Guid.NewGuid()
                    }).ToArray();
                    writeRP.Insert((RPWriteRules[])saveInfo.DataToDelete);

                    TestUtility.ShouldFail(() => saveCommand.Execute(saveInfo), _writeException);
                }

                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    saveInfo.DataToInsert = (new[] { 1, 2, 3, 4, 6, 9 }).Select(item => new RPWriteRules()
                    {
                        value = item, ID = Guid.NewGuid()
                    }).ToArray();
                    saveCommand.Execute(saveInfo);
                    saveInfo.DataToDelete = saveInfo.DataToInsert;
                    saveInfo.DataToInsert = null;
                    saveCommand.Execute(saveInfo);
                    Assert.AreEqual(0, writeRP.Query().Count());
                }

                // update to legal
                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    var items = (new[] { 12 }).Select(item => new RPWriteRules()
                    {
                        value = item, ID = Guid.NewGuid()
                    }).ToArray();
                    writeRP.Insert(items);
                    items[0].value        = 1;
                    saveInfo.DataToUpdate = items;
                    TestUtility.ShouldFail(() => saveCommand.Execute(saveInfo), _writeException);
                }

                // update from legal
                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    var items = (new[] { 1 }).Select(item => new RPWriteRules()
                    {
                        value = item, ID = Guid.NewGuid()
                    }).ToArray();
                    writeRP.Insert(items);
                    items[0].value        = 12;
                    saveInfo.DataToUpdate = items;
                    TestUtility.ShouldFail(() => saveCommand.Execute(saveInfo), _writeException);
                }

                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    var items = (new[] { 1 }).Select(item => new RPWriteRules()
                    {
                        value = item, ID = Guid.NewGuid()
                    }).ToArray();
                    writeRP.Insert(items);
                    items[0].value        = 2;
                    saveInfo.DataToUpdate = items;
                    saveCommand.Execute(saveInfo);
                }

                {
                    writeRP.Delete(writeRP.Query());
                    var saveInfo = new SaveEntityCommandInfo()
                    {
                        Entity = "TestRowPermissions.RPWriteRules"
                    };
                    saveInfo.DataToInsert = (new[] { 20 }).Select(item => new RPWriteRules()
                    {
                        value = item, ID = Guid.NewGuid()
                    }).ToArray();

                    saveCommand.Execute(saveInfo);
                }
            }
        }
Exemplo n.º 16
0
        private static void RunCommandSequence(RhetosHost rhetosHost)
        {
            using (var scope = rhetosHost.CreateScope())
            {
                var processingEngine = scope.Resolve <IProcessingEngine>();
                var readCommand      = new ReadCommandInfo()
                {
                    DataSource = "AspNetDemo.DemoEntity", ReadRecords = true
                };
                var result = processingEngine.Execute(new List <ICommandInfo>()
                {
                    readCommand
                });
                var resultData = result.CommandResults.Single().Data.Value as ReadCommandResult;

                var deleteCommand = new SaveEntityCommandInfo()
                {
                    Entity       = "AspNetDemo.DemoEntity",
                    DataToDelete = resultData.Records.Cast <IEntity>().ToArray()
                };
                Console.WriteLine($"Deleting {resultData.Records.Length} records.");
                processingEngine.Execute(new List <ICommandInfo>()
                {
                    deleteCommand
                });
                scope.CommitAndClose();
            }

            using (var scope = rhetosHost.CreateScope())
            {
                var processingEngine = scope.Resolve <IProcessingEngine>();
                var readCommand      = new ReadCommandInfo()
                {
                    DataSource = "AspNetDemo.DemoEntity", ReadRecords = true
                };
                var result = processingEngine.Execute(new List <ICommandInfo>()
                {
                    readCommand
                });
                var resultData = result.CommandResults.Single().Data.Value as ReadCommandResult;

                Console.WriteLine($"Reading entities Count={resultData.Records.Length}.");

                var insertCommand = new SaveEntityCommandInfo()
                {
                    Entity       = "AspNetDemo.DemoEntity",
                    DataToInsert = new[] { new AspNetDemo_DemoEntity()
                                           {
                                               Name = "not_saved"
                                           } }
                };
                Console.WriteLine($"Inserting entity without committing transaction.");
                processingEngine.Execute(new List <ICommandInfo>()
                {
                    insertCommand
                });
            }

            using (var scope = rhetosHost.CreateScope())
            {
                var processingEngine = scope.Resolve <IProcessingEngine>();
                var readCommand      = new ReadCommandInfo()
                {
                    DataSource = "AspNetDemo.DemoEntity", ReadRecords = true
                };
                var result = processingEngine.Execute(new List <ICommandInfo>()
                {
                    readCommand
                });
                var resultData = result.CommandResults.Single().Data.Value as ReadCommandResult;

                Console.WriteLine($"Reading entities Count={resultData.Records.Length}.");

                var insertCommand = new SaveEntityCommandInfo()
                {
                    Entity       = "AspNetDemo.DemoEntity",
                    DataToInsert = new[] { new AspNetDemo_DemoEntity()
                                           {
                                               Name = "InsertedEntityName"
                                           } }
                };
                Console.WriteLine($"Inserting entity with commit.");
                processingEngine.Execute(new List <ICommandInfo>()
                {
                    insertCommand
                });
                scope.CommitAndClose();
            }

            using (var scope = rhetosHost.CreateScope())
            {
                var processingEngine = scope.Resolve <IProcessingEngine>();
                var readCommand      = new ReadCommandInfo()
                {
                    DataSource = "AspNetDemo.DemoEntity", ReadRecords = true
                };
                var result = processingEngine.Execute(new List <ICommandInfo>()
                {
                    readCommand
                });
                var resultData = result.CommandResults.Single().Data.Value as ReadCommandResult;
                Console.WriteLine($"Reading entities Count={resultData.Records.Length}.");
                Console.WriteLine(JsonConvert.SerializeObject(resultData, Formatting.Indented));
            }
        }
Exemplo n.º 17
0
        private void SaveEntity(SaveEntityCommandInfo commandInfo)
        {
            var processingResult = _processingEngine.Execute(new[] { commandInfo });

            ThrowExceptionOnError(processingResult);
        }