public void ShouldWork() { IAclProvider categories = new MemoryProvider(); IAclProvider widgets = new MemoryProvider(); IAclProvider urls = new MemoryProvider(); widgets.SetAcls( new Deny("/", "read", "*"), new Allow("/", "read", "g1") ); urls.SetAcls( new Allow("/c", "read", "g2"), new Deny("/c", "read", "g3"), new Allow("/d", "read", "g3"), new Deny("/d", "read", "*"), new Deny("/", "read", "g2") ); RouterProvider router = new RouterProvider(); router.Register("/a", widgets); router.Register("/a/b", urls); AclManager.DefaultProvider = router; Assert.AreEqual(5, router.GetAcls("/a/b/c", "read").Count()); Assert.AreEqual(5, router.GetAcls("/a/b/d", "read").Count()); Assert.IsTrue(AclManager.IsAllowed("/a/b/c", "read", "g1", "g2")); Assert.IsFalse(AclManager.IsAllowed("/a/b/c", "read", "g1", "g3")); Assert.IsTrue(AclManager.IsAllowed("/a/b/d", "read", "g3")); Assert.IsTrue(AclManager.IsAllowed("/a/b/d", "read", "g1", "g3")); Assert.IsFalse(AclManager.IsAllowed("/a/b/d", "read", "g1", "g2")); Assert.IsFalse(AclManager.IsAllowed("/a/b/c", "read", "g3")); }
public void ShouldDenyNotAuthorizedByConfiguration() { Assert.IsTrue(AclManager.IsAllowed("/travel", "read", "s.ros")); Assert.IsTrue(AclManager.IsAllowed("/travel/asshole", "read", "s.ros")); Assert.IsFalse(AclManager.IsAllowed("/", "read", "s.ros")); Assert.IsFalse(AclManager.IsAllowed("/", "read", "peter")); Assert.IsFalse(AclManager.IsAllowed("/travel", "read", "peter")); Assert.IsFalse(AclManager.IsAllowed("/travel/asshole", "read", "peter")); }
public void Bug() { AclManager.DefaultProvider = new MemoryProvider(); AclManager.Allow("/", "read", "*"); AclManager.Deny("/travel", "read", "s.ros"); Assert.IsFalse(AclManager.IsAllowed("/travel", "read", "s.ros")); Assert.IsFalse(AclManager.IsAllowed("/travel/asshole", "read", "s.ros")); Assert.IsTrue(AclManager.IsAllowed("/", "read", "s.ros")); Assert.IsTrue(AclManager.IsAllowed("/", "read", "peter")); Assert.IsTrue(AclManager.IsAllowed("/travel", "read", "peter")); Assert.IsTrue(AclManager.IsAllowed("/travel/asshole", "read", "peter")); }
public void SqlAclShouldWork() { AclManager.DefaultProvider = new SqlAclProvider(); AclManager.Allow("/", "read", "*"); AclManager.Deny("/travel", "read", "s.ros"); Assert.IsFalse(AclManager.IsAllowed("/travel", "read", "s.ros")); Assert.IsFalse(AclManager.IsAllowed("/travel/asshole", "read", "s.ros")); Assert.IsTrue(AclManager.IsAllowed("/", "read", "s.ros")); Assert.IsTrue(AclManager.IsAllowed("/", "read", "peter")); Assert.IsTrue(AclManager.IsAllowed("/travel", "read", "peter")); Assert.IsTrue(AclManager.IsAllowed("/travel/asshole", "read", "peter")); }
void context_AuthorizeRequest(object sender, EventArgs e) { HttpContext context = HttpContext.Current; if (!context.SkipAuthorization) { if (!AclManager.IsAllowed(context.Request.Url.AbsolutePath, context.Request.HttpMethod, Roles.GetRolesForUser())) { context.Response.StatusCode = 401; WriteErrorMessage(context); ((HttpApplication)sender).CompleteRequest(); } } }
private static void HandleAclRefreshedForFrameworkElement(DependencyObject target, string resourceKey, string[] subjects) { FrameworkElement targetFrameworkElement = target as FrameworkElement; if (targetFrameworkElement != null) { targetFrameworkElement.Visibility = AclManager.IsAllowed(resourceKey, Verbs.Visible.ToString(), subjects) ? Visibility.Visible : Visibility.Collapsed; Control targetControl = target as Control; if (targetControl != null) { targetControl.IsEnabled = AclManager.IsAllowed(resourceKey, Verbs.Enabled.ToString(), subjects); } } }
public void ShouldHandleStarVerb() { RouterProvider router = new RouterProvider(); AclManager.DefaultProvider = router; IAclProvider urls = new MemoryProvider(); router.Register("/Widget/Rss/Urls", urls); IAclProvider actions = new MemoryProvider(); router.Register("/Widget", actions); AclManager.Allow("/Widget", "*", "*"); AclManager.Deny("/Widget/Rss/Urls", "access", "~/Widgets/ClientRss/ClientRssWidget.ascx"); AclManager.Allow("/Widget/Rss/Urls/fr/happly", "Access", "~/Widgets/ClientRss/ClientRssWidget.ascx"); AclManager.Deny("/Widget/Rss/Urls/fr/happly/knowledgebank", "access", "~/Widgets/ClientRss/ClientRssWidget.ascx"); Assert.IsFalse(AclManager.IsAllowed("/Widget/Rss/Urls", "access", "~/Widgets/ClientRss/ClientRssWidget.ascx")); Assert.IsFalse(AclManager.IsAllowed("/Widget/Rss/Urls/fr/happly/knowledgebank", "access", "~/Widgets/ClientRss/ClientRssWidget.ascx")); Assert.IsTrue(AclManager.IsAllowed("/Widget/Rss/Urls/fr/happly/knoledgebank", "access", "~/Widgets/ClientRss/ClientRssWidget.ascx")); Assert.IsTrue(AclManager.IsAllowed("/Widget", "read", "~/Widgets/ClientRss/ClientRssWidget.ascx")); Assert.IsTrue(AclManager.IsAllowed("/Widget/Rss/Urls/fr/happly/knowledgebank", "read", "~/Widgets/ClientRss/ClientRssWidget.ascx")); }
public void ShouldDenyEveryoneWhenNoRule() { AclManager.DefaultProvider = new MemoryProvider(); Assert.IsFalse(AclManager.IsAllowed("/", "read")); Assert.IsFalse(AclManager.IsAllowed("/", "read", "s.ros")); }