public void SecurityWrite_Execute_SecuritySettingsValuePassedValidJSON_ShouldWriteFile()
{
//------------Setup for test--------------------------
var permission = new WindowsGroupPermission {
Administrator = true, IsServer = true, WindowsGroup = Environment.UserName
};
var windowsGroupPermissions = new List <WindowsGroupPermission> {
permission
};
var securitySettings = new SecuritySettingsTO(windowsGroupPermissions)
{
CacheTimeout = new TimeSpan(0, 2, 0)
};
var securitySettingsValue = JsonConvert.SerializeObject(securitySettings);
var securityWrite = new SecurityWrite();
//------------Execute Test---------------------------
securityWrite.Execute(new Dictionary <string, StringBuilder> {
{ "SecuritySettings", new StringBuilder(securitySettingsValue) }
}, null);
//------------Assert Results-------------------------
var serverSecuritySettingsFile = EnvironmentVariables.ServerSecuritySettingsFile;
Assert.IsTrue(File.Exists(serverSecuritySettingsFile), $"File \"{serverSecuritySettingsFile}\" does not exist after writing security settings to it.");
var fileData = File.ReadAllText(serverSecuritySettingsFile);
Assert.IsFalse(fileData.StartsWith("{"));
Assert.IsFalse(fileData.EndsWith("}"));
Assert.IsFalse(fileData.Contains("IsServer"));
File.Delete(serverSecuritySettingsFile);
}
public void SecurityWrite_HandlesType_ReturnsSecurityWriteService()
{
var esb = new SecurityWrite();
var result = esb.HandlesType();
Assert.AreEqual("SecurityWriteService", result);
}
public void SecurityWrite_Execute_NoValuesPassed_ExceptionThrown()
{
//------------Setup for test--------------------------
var securityWrite = new SecurityWrite();
//------------Execute Test---------------------------
securityWrite.Execute(null, null);
//------------Assert Results-------------------------
}
public void SecurityWrite_Write_SecuritySettingsIsNull_ThrowsArgumentNullException()
{
//------------Setup for test--------------------------
//------------Execute Test---------------------------
SecurityWrite.Write(null);
//------------Assert Results-------------------------
}
public void SecurityWrite_Execute_SecuritySettingsValuePassedNotValidJSON_ExceptionThrown()
{
//------------Setup for test--------------------------
var securityWrite = new SecurityWrite();
//------------Execute Test---------------------------
securityWrite.Execute(new Dictionary <string, StringBuilder> {
{ "SecuritySettings", new StringBuilder("Something") }
}, null);
//------------Assert Results-------------------------
}
public void GetAuthorizationContextForService_ShouldReturnContext()
{
//------------Setup for test--------------------------
var securityWrite = new SecurityWrite();
//------------Execute Test---------------------------
var resId = securityWrite.GetAuthorizationContextForService();
//------------Assert Results-------------------------
Assert.AreEqual(AuthorizationContext.Any, resId);
}
public void GetResourceID_ShouldReturnEmptyGuid()
{
//------------Setup for test--------------------------
var securityWrite = new SecurityWrite();
//------------Execute Test---------------------------
var resId = securityWrite.GetResourceID(new Dictionary <string, StringBuilder>());
//------------Assert Results-------------------------
Assert.AreEqual(Guid.Empty, resId);
}
public void SecurityWrite_CreateServiceEntry_ReturnsDynamicService()
{
var esb = new SecurityWrite();
var result = esb.CreateServiceEntry();
Assert.AreEqual(esb.HandlesType(), result.Name);
Assert.AreEqual("<DataList><SecuritySettings ColumnIODirection=\"Input\"></SecuritySettings><Result/><Dev2System.ManagmentServicePayload ColumnIODirection=\"Both\"></Dev2System.ManagmentServicePayload></DataList>", result.DataListSpecification.ToString());
Assert.AreEqual(1, result.Actions.Count);
var serviceAction = result.Actions[0];
Assert.AreEqual(esb.HandlesType(), serviceAction.Name);
Assert.AreEqual(enActionType.InvokeManagementDynamicService, serviceAction.ActionType);
Assert.AreEqual(esb.HandlesType(), serviceAction.SourceMethod);
}
public void SecurityWrite_Write_SecuritySettingsIsNotNull_PersistsSecuritySettings()
{
//------------Setup for test--------------------------
if (File.Exists(EnvironmentVariables.ServerSecuritySettingsFile))
{
File.Delete(EnvironmentVariables.ServerSecuritySettingsFile);
}
var securitySettings = new SecuritySettingsTO();
//------------Execute Test---------------------------
SecurityWrite.Write(securitySettings);
//------------Assert Results-------------------------
Assert.IsTrue(File.Exists(EnvironmentVariables.ServerSecuritySettingsFile));
File.Delete(EnvironmentVariables.ServerSecuritySettingsFile);
}
protected override void WritePermissions(List <WindowsGroupPermission> permissions)
{
SecurityWrite.Write(new SecuritySettingsTO(permissions));
}
public void SecurityRead_Execute_WhenSecureConfigDoesExistWithGuestPermission_ShouldHaveExistingPermissions()
{
//------------Setup for test--------------------------
var serverSecuritySettingsFile = EnvironmentVariables.ServerSecuritySettingsFile;
File.Delete(serverSecuritySettingsFile);
var permission = new WindowsGroupPermission {
Administrator = true, IsServer = true, WindowsGroup = Environment.UserName
};
var permission2 = new WindowsGroupPermission {
Administrator = false, DeployFrom = false, IsServer = true, WindowsGroup = "NETWORK SERVICE"
};
var guests = WindowsGroupPermission.CreateGuests();
guests.View = true;
var permission3 = guests;
var windowsGroupPermissions = new List <WindowsGroupPermission> {
permission, permission2, permission3
};
var securitySettings = new SecuritySettingsTO(windowsGroupPermissions)
{
CacheTimeout = new TimeSpan(0, 10, 0)
};
var serializeObject = JsonConvert.SerializeObject(securitySettings);
var securityWrite = new SecurityWrite();
var securityRead = new SecurityRead();
securityWrite.Execute(new Dictionary <string, StringBuilder> {
{ "SecuritySettings", new StringBuilder(serializeObject) }
}, null);
//------------Assert Preconditions-------------------------
Assert.IsTrue(File.Exists(serverSecuritySettingsFile));
//------------Execute Test---------------------------
var jsonPermissions = securityRead.Execute(null, null);
File.Delete("secure.config");
var readSecuritySettings = JsonConvert.DeserializeObject <SecuritySettingsTO>(jsonPermissions.ToString());
//------------Assert Results-------------------------
Assert.AreEqual(4, readSecuritySettings.WindowsGroupPermissions.Count);
var adminPermission = readSecuritySettings.WindowsGroupPermissions.FirstOrDefault(p => p.IsBuiltInAdministrators);
Assert.IsNotNull(adminPermission);
Assert.AreEqual(true, adminPermission.IsServer);
Assert.AreEqual(true, adminPermission.View);
Assert.AreEqual(true, adminPermission.Execute);
Assert.AreEqual(true, adminPermission.Contribute);
Assert.AreEqual(true, adminPermission.DeployTo);
Assert.AreEqual(true, adminPermission.DeployFrom);
Assert.AreEqual(true, adminPermission.Administrator);
var userPermission = readSecuritySettings.WindowsGroupPermissions.FirstOrDefault(p => p.WindowsGroup == Environment.UserName);
Assert.IsNotNull(userPermission);
Assert.AreEqual(true, userPermission.IsServer);
Assert.AreEqual(false, userPermission.View);
Assert.AreEqual(false, userPermission.Execute);
Assert.AreEqual(false, userPermission.Contribute);
Assert.AreEqual(false, userPermission.DeployTo);
Assert.AreEqual(false, userPermission.DeployFrom);
Assert.AreEqual(true, userPermission.Administrator);
var networkServicePermission = readSecuritySettings.WindowsGroupPermissions.FirstOrDefault(p => p.WindowsGroup == "NETWORK SERVICE");
Assert.IsNotNull(networkServicePermission);
Assert.AreEqual(true, networkServicePermission.IsServer);
Assert.AreEqual(false, networkServicePermission.View);
Assert.AreEqual(false, networkServicePermission.Execute);
Assert.AreEqual(false, networkServicePermission.Contribute);
Assert.AreEqual(false, networkServicePermission.DeployTo);
Assert.AreEqual(false, networkServicePermission.DeployFrom);
Assert.AreEqual(false, networkServicePermission.Administrator);
var guestPermission = readSecuritySettings.WindowsGroupPermissions.FirstOrDefault(p => p.WindowsGroup == WindowsGroupPermission.BuiltInGuestsText);
Assert.IsNotNull(guestPermission);
Assert.AreEqual(true, guestPermission.IsServer);
Assert.AreEqual(true, guestPermission.View);
Assert.AreEqual(false, guestPermission.Execute);
Assert.AreEqual(false, guestPermission.Contribute);
Assert.AreEqual(false, guestPermission.DeployTo);
Assert.AreEqual(false, guestPermission.DeployFrom);
Assert.AreEqual(false, guestPermission.Administrator);
Assert.AreEqual(new TimeSpan(0, 10, 0), readSecuritySettings.CacheTimeout);
}
public void JwtManager_GenerateToken_ValidateToken()
{
//------------Setup for test-------------------------
if (File.Exists(EnvironmentVariables.ServerSecuritySettingsFile))
{
File.Delete(EnvironmentVariables.ServerSecuritySettingsFile);
}
var resourceId = Guid.NewGuid();
var resourceName = @"Hello World";
var overrideResource = new NamedGuid
{
Name = "appAuth",
Value = Guid.NewGuid()
};
var permissions = new[]
{
new WindowsGroupPermission
{
IsServer = true, WindowsGroup = "Deploy Admins",
View = false, Execute = false, Contribute = false, DeployTo = true, DeployFrom = true, Administrator = false
},
new WindowsGroupPermission
{
ResourceID = resourceId,
ResourceName = "Category1\\Workflow1",
WindowsGroup = "Public",
View = true,
Execute = true,
Contribute = false
}
};
var hmac = new HMACSHA256();
var secretKey = Convert.ToBase64String(hmac.Key);
var securitySettingsTO = new SecuritySettingsTO(permissions, overrideResource, secretKey);
SecurityWrite.Write(securitySettingsTO);
var payload = "<DataList><UserGroups Description='' IsEditable='True' ColumnIODirection='Output'><Name Description='' IsEditable='True' ColumnIODirection='Output'>public</Name></UserGroups></DataList>";
var res = new Mock <IResource>();
res.Setup(a => a.ResourceName).Returns(resourceName);
res.Setup(resource => resource.ResourceID).Returns(resourceId);
var mockCatalog = new Mock <IResourceCatalog>();
mockCatalog.Setup(a => a.GetResource(It.IsAny <Guid>(), resourceId)).Returns(res.Object);
mockCatalog.Setup(a => a.GetResourcePath(It.IsAny <Guid>(), It.IsAny <Guid>())).Returns("bob\\dave");
CustomContainer.Register(mockCatalog.Object);
var mockResourceNameProvider = new Mock <IResourceNameProvider>();
mockResourceNameProvider.Setup(a => a.GetResourceNameById(It.IsAny <Guid>())).Returns(resourceName);
CustomContainer.Register(mockResourceNameProvider.Object);
//------------Execute Test---------------------------
var securitySettings = new SecuritySettings();
var jwtManager = new JwtManager(securitySettings);
var encryptedPayload = jwtManager.GenerateToken(payload);
var response = jwtManager.ValidateToken(encryptedPayload);
//------------Assert Results-------------------------
Assert.IsNotNull(encryptedPayload);
Assert.AreEqual(payload, response);
}
protected override void WritePermissions(List <WindowsGroupPermission> permissions, INamedGuid overrideResource, string secretKey)
{
SecurityWrite.Write(new SecuritySettingsTO(permissions, overrideResource, secretKey));
}
