public void CanAssociateAccountWithMultipleGroups() { Account ayende = new Account(); ayende.Name = "ayende"; UnitOfWork.CurrentSession.Save(ayende); EntitiesGroup group = authorizationRepository.CreateEntitiesGroup("Accounts"); EntitiesGroup group2 = authorizationRepository.CreateEntitiesGroup("Accounts of second group"); UnitOfWork.Current.TransactionalFlush(); authorizationRepository.AssociateEntityWith(ayende, "Accounts"); UnitOfWork.Current.TransactionalFlush(); authorizationRepository.AssociateEntityWith(ayende, "Accounts of second group"); UnitOfWork.Current.TransactionalFlush(); UnitOfWork.CurrentSession.Evict(ayende); UnitOfWork.CurrentSession.Evict(group); UnitOfWork.CurrentSession.Evict(group2); EntitiesGroup[] groups = authorizationRepository.GetAssociatedEntitiesGroupsFor(ayende); Assert.AreEqual(2, groups.Length); Assert.AreEqual("Accounts", groups[0].Name); Assert.AreEqual("Accounts of second group", groups[1].Name); }
private void SetupEntities() { user = new User(); user.Name = "Ayende"; account = new Account(); account.Name = "south sand"; UnitOfWork.CurrentSession.Save(user); UnitOfWork.CurrentSession.Save(account); authorizationService = IoC.Resolve<IAuthorizationService>(); permissionService = IoC.Resolve<IPermissionsService>(); permissionsBuilderService = IoC.Resolve<IPermissionsBuilderService>(); authorizationRepository = IoC.Resolve<IAuthorizationRepository>(); authorizationRepository.CreateUsersGroup("Administrators"); authorizationRepository.CreateEntitiesGroup("Important Accounts"); authorizationRepository.CreateOperation("/Account/Edit"); UnitOfWork.Current.TransactionalFlush(); authorizationRepository.AssociateUserWith(user, "Administrators"); authorizationRepository.AssociateEntityWith(account, "Important Accounts"); UnitOfWork.Current.TransactionalFlush(); }
public void CanSaveAccount() { Account ayende = new Account {Name = "ayende"}; Assert.NotEqual(Guid.Empty, ayende.SecurityKey); session.Save(ayende); session.Flush(); session.Evict(ayende); Account fromDb = session.Get<Account>(ayende.Id); Assert.NotNull(fromDb); Assert.Equal(ayende.Name, fromDb.Name); Assert.Equal(fromDb.SecurityKey, ayende.SecurityKey); }
public void DoesDeletingEntityRemoveEntityReferences() { var account = new Account() { Name = "Bob" }; session.Save(account); authorizationRepository.AssociateEntityWith(account, "Important Accounts"); session.Flush(); Guid securityKey = Security.ExtractKey(account); // Confirm EntityReference for the new account exists. EntityReference reference = session.CreateCriteria<EntityReference>() .Add(Restrictions.Eq("EntitySecurityKey", securityKey)) .SetCacheable(true) .UniqueResult<EntityReference>(); Assert.NotNull(reference); // Create a permission for the entity this.permissionsBuilderService.Allow("/Account/Edit").For(this.user).On(account).DefaultLevel().Save(); // Confirm the permissison for the entity exists Permission permission = session.CreateCriteria<Permission>() .Add(Restrictions.Eq("EntitySecurityKey", securityKey)) .SetCacheable(true) .UniqueResult<Permission>(); Assert.NotNull(permission); _logger.Debug("deleting account"); // Delete account session.Delete(account); session.Flush(); // Confirm EntityReference was removed reference = session.CreateCriteria<EntityReference>() .Add(Restrictions.Eq("EntitySecurityKey", securityKey)) .SetCacheable(true) .UniqueResult<EntityReference>(); Assert.Null(reference); // Confirm the permissison for the entity was removed permission = session.CreateCriteria<Permission>() .Add(Restrictions.Eq("EntitySecurityKey", securityKey)) .SetCacheable(true) .UniqueResult<Permission>(); Assert.Null(permission); }
public void CanAssociateAccountWithGroup() { Account ayende = new Account(); ayende.Name = "ayende"; session.Save(ayende); EntitiesGroup group = authorizationRepository.CreateEntitiesGroup("Accounts"); authorizationRepository.AssociateEntityWith(ayende, "Accounts"); session.Flush(); session.Evict(ayende); session.Evict(group); EntitiesGroup[] groups = authorizationRepository.GetAssociatedEntitiesGroupsFor(ayende); Assert.Equal(1, groups.Length); Assert.Equal("Accounts", groups[0].Name); }
private void SetupEntities() { user = new User {Name = "Ayende"}; account = new Account {Name = "south sand"}; session.Save(user); session.Save(account); authorizationService = ServiceLocator.Current.GetInstance<IAuthorizationService>(); permissionService = ServiceLocator.Current.GetInstance<IPermissionsService>(); permissionsBuilderService = ServiceLocator.Current.GetInstance<IPermissionsBuilderService>(); authorizationRepository = ServiceLocator.Current.GetInstance<IAuthorizationRepository>(); authorizationRepository.CreateUsersGroup("Administrators"); authorizationRepository.CreateEntitiesGroup("Important Accounts"); authorizationRepository.CreateOperation("/Account/Edit"); authorizationRepository.AssociateUserWith(user, "Administrators"); authorizationRepository.AssociateEntityWith(account, "Important Accounts"); }
public void CanAssociateAccountWithNestedGroup() { Account beto = new Account(); beto.Name = "beto account"; session.Save(beto); authorizationRepository.CreateEntitiesGroup("Executive Accounts"); EntitiesGroup group = authorizationRepository.CreateChildEntityGroupOf("Executive Accounts", "Manager Accounts"); authorizationRepository.AssociateEntityWith(beto,"Manager Accounts"); session.Flush(); session.Evict(beto); session.Evict(group); EntitiesGroup[] groups = authorizationRepository.GetAssociatedEntitiesGroupsFor(beto); Assert.Equal(2, groups.Length); Assert.Equal("Executive Accounts",groups[0].Name); Assert.Equal("Manager Accounts", groups[1].Name); }
public void CanAssociateAccountWithMultipleGroups() { var ayende = new Account(); ayende.Name = "ayende"; session.Save(ayende); var group = authorizationRepository.CreateEntitiesGroup("Accounts"); var group2 = authorizationRepository.CreateEntitiesGroup("Accounts of second group"); authorizationRepository.AssociateEntityWith(ayende, "Accounts"); authorizationRepository.AssociateEntityWith(ayende, "Accounts of second group"); session.Flush(); session.Evict(ayende); session.Evict(group); session.Evict(group2); var groups = authorizationRepository.GetAssociatedEntitiesGroupsFor(ayende); Assert.Equal(2, groups.Length); Assert.Equal("Accounts", groups[0].Name); Assert.Equal("Accounts of second group", groups[1].Name); }
public void WillReturnTrueOnGlobalIfPermissionWasAllowedOnGlobalButDeniedOnNestedEntitiesGroup() { Account beto = new Account(); beto.Name = "beto account"; authorizationRepository.CreateEntitiesGroup("Executive Accounts"); authorizationRepository.CreateChildEntityGroupOf("Executive Accounts", "Manager Accounts"); authorizationRepository.CreateChildEntityGroupOf("Manager Accounts", "Employee Accounts"); authorizationRepository.AssociateEntityWith(beto, "Employee Accounts"); permissionsBuilderService .Allow("/Account/Edit") .For(user) .OnEverything() .DefaultLevel() .Save(); permissionsBuilderService .Deny("/Account/Edit") .For(user) .On("Executive Accounts") .DefaultLevel() .Save(); bool IsAllowed = authorizationService.IsAllowed(user, "/Account/Edit"); Assert.True(IsAllowed); }
public void WillReturnTrueOnAccountIfPermissionWasAllowedToUserOnTheNestedEntityGroupIsAssociatedWith() { Account beto = new Account(); beto.Name = "beto account"; authorizationRepository.CreateEntitiesGroup("Executive Accounts"); authorizationRepository.CreateChildEntityGroupOf("Executive Accounts", "Manager Accounts"); authorizationRepository.CreateChildEntityGroupOf("Manager Accounts", "Employee Accounts"); authorizationRepository.AssociateEntityWith(beto, "Employee Accounts"); permissionsBuilderService .Allow("/Account/Edit") .For(user) .On("Executive Accounts") .DefaultLevel() .Save(); session.Flush(); bool isAllowed = authorizationService.IsAllowed(user, beto, "/Account/Edit"); Assert.True(isAllowed); }
public void CanGetAncestryAssociationOfAccountWithGroupWhereThereIsMoreThanOneIndirectPathShouldSelectShortest() { Account beto = new Account(); beto.Name = "beto account"; session.Save(beto); authorizationRepository.CreateEntitiesGroup("Executive Accounts"); authorizationRepository.CreateChildEntityGroupOf("Executive Accounts", "Manager Accounts"); authorizationRepository.CreateChildEntityGroupOf("Manager Accounts", "Employee Accounts"); authorizationRepository.AssociateEntityWith(account, "Manager Accounts"); authorizationRepository.AssociateEntityWith(account, "Employee Accounts"); EntitiesGroup[] groups = authorizationRepository.GetAncestryAssociationOfEntity(account, "Executive Accounts"); Assert.Equal(2, groups.Length); Assert.Equal("Manager Accounts", groups[0].Name); Assert.Equal("Executive Accounts", groups[1].Name); }
public void CanGetAncestryAssociationOfAccountWithGroupWhereThereIsTwoLevelNesting() { Account beto = new Account(); beto.Name = "beto account"; session.Save(beto); authorizationRepository.CreateEntitiesGroup("Executive Accounts"); authorizationRepository.CreateChildEntityGroupOf("Executive Accounts", "Manager Accounts"); authorizationRepository.CreateChildEntityGroupOf("Manager Accounts", "Employee Accounts"); authorizationRepository.AssociateEntityWith(beto, "Employee Accounts"); EntitiesGroup[] groups = authorizationRepository.GetAncestryAssociationOfEntity(beto, "Executive Accounts"); Assert.Equal(3, groups.Length); Assert.Equal("Employee Accounts", groups[0].Name); Assert.Equal("Manager Accounts", groups[1].Name); Assert.Equal("Executive Accounts", groups[2].Name); }
public void CanGetAncestryAssociationOfEntityWithGroupWhereNonExists() { Account beto = new Account(); beto.Name = "beto account"; session.Save(beto); authorizationRepository.CreateEntitiesGroup("Executive Accounts"); EntitiesGroup[] groups = authorizationRepository.GetAncestryAssociationOfEntity(beto, "Executive Accounts"); Assert.Equal(0,groups.Length); }
public void CanSaveAccount() { Account ayende = new Account(); ayende.Name = "ayende"; Assert.AreNotEqual(Guid.Empty, ayende.SecurityKey); UnitOfWork.CurrentSession.Save(ayende); UnitOfWork.CurrentSession.Flush(); UnitOfWork.CurrentSession.Evict(ayende); Account fromDb = UnitOfWork.CurrentSession.Get<Account>(ayende.Id); Assert.IsNotNull(fromDb); Assert.AreEqual(ayende.Name, fromDb.Name); Assert.AreEqual(fromDb.SecurityKey, ayende.SecurityKey); }
public void CanGetAncestryAssociationOfAccountWithGroupWithNested() { var beto = new Account(); beto.Name = "beto account"; session.Save(beto); authorizationRepository.CreateEntitiesGroup("Executive Accounts"); authorizationRepository.CreateChildEntityGroupOf("Executive Accounts", "Manager Accounts"); authorizationRepository.AssociateEntityWith(beto, "Manager Accounts"); var groups = authorizationRepository.GetAncestryAssociationOfEntity(beto, "Executive Accounts"); Assert.Equal(2, groups.Length); Assert.Equal("Manager Accounts", groups[0].Name); Assert.Equal("Executive Accounts", groups[1].Name); }