public void CreateAclExpansionEntryTest()
{
var userRoleAclAce = new UserRoleAclAceCombination(Role, Ace);
var allowedAccessTypes = new[] { WriteAccessType, DeleteAccessType };
var deniedAccessTypes = new[] { ReadAccessType };
AccessInformation accessInformation = new AccessInformation(allowedAccessTypes, deniedAccessTypes);
var mocks = new MockRepository();
var aclExpansionEntryCreatorMock = mocks.PartialMock <AclExpansionEntryCreator> ();
var aclProbe = AclProbe.CreateAclProbe(User, Role, Ace);
var accessTypeStatisticsMock = mocks.StrictMock <AccessTypeStatistics>();
accessTypeStatisticsMock.Expect(x => x.IsInAccessTypesContributingAces(userRoleAclAce.Ace)).Return(true);
aclExpansionEntryCreatorMock.Expect(x => x.GetAccessTypes(userRoleAclAce)).
Return(new AclExpansionEntryCreator_GetAccessTypesResult(accessInformation, aclProbe, accessTypeStatisticsMock));
aclExpansionEntryCreatorMock.Replay();
accessTypeStatisticsMock.Replay();
var aclExpansionEntry = aclExpansionEntryCreatorMock.CreateAclExpansionEntry(userRoleAclAce);
aclExpansionEntryCreatorMock.VerifyAllExpectations();
accessTypeStatisticsMock.VerifyAllExpectations();
Assert.That(aclExpansionEntry.User, Is.EqualTo(userRoleAclAce.User));
Assert.That(aclExpansionEntry.Role, Is.EqualTo(userRoleAclAce.Role));
Assert.That(aclExpansionEntry.AccessControlList, Is.EqualTo(userRoleAclAce.Acl));
Assert.That(aclExpansionEntry.AccessConditions, Is.EqualTo(aclProbe.AccessConditions));
Assert.That(aclExpansionEntry.AllowedAccessTypes, Is.EqualTo(allowedAccessTypes));
Assert.That(aclExpansionEntry.DeniedAccessTypes, Is.EqualTo(deniedAccessTypes));
}
public void CreateAclProbe_Role_Test()
{
AccessControlEntry ace = TestHelper.CreateAceWithAbstractRole();
FleshOutAccessControlEntryForTest(ace);
AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);
Assert.That(aclProbe.SecurityToken.Principal.Roles, Is.EquivalentTo(new[] { Role }).Using(PrincipalRoleComparer.Instance));
}
public void CreateAclProbe_Tenant_Test()
{
AccessControlEntry ace = TestHelper.CreateAceWithAbstractRole();
FleshOutAccessControlEntryForTest(ace);
AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);
Assert.That(aclProbe.SecurityToken.Principal.Tenant.ObjectID, Is.EqualTo(User.Tenant.ID));
}
public void CreateAclProbe_GroupSelectionAll_Test()
{
AccessControlEntry ace = TestHelper.CreateAceWithoutGroupCondition();
FleshOutAccessControlEntryForTest(ace);
AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);
Assert.That(aclProbe.SecurityToken.OwningGroup, Is.Null);
var accessConditionsExpected = new AclExpansionAccessConditions();
Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
}
public void CreateAclProbe_SpecificTenant_Test()
{
AccessControlEntry ace = TestHelper.CreateAceWithSpecificTenant(Tenant);
FleshOutAccessControlEntryForTest(ace);
AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);
Assert.That(aclProbe.SecurityToken.OwningTenant, Is.Null);
var accessConditionsExpected = new AclExpansionAccessConditions();
Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
}
public void CreateAclProbe_SpecificAbstractRole_Test()
{
AccessControlEntry ace = TestHelper.CreateAceWithAbstractRole();
FleshOutAccessControlEntryForTest(ace);
Assert.That(ace.SpecificAbstractRole, Is.Not.Null);
AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);
Assert.That(aclProbe.SecurityToken.AbstractRoles, Has.Member(ace.SpecificAbstractRole).Using(DomainObjectHandleComparer.Instance));
var accessConditionsExpected = new AclExpansionAccessConditions();
accessConditionsExpected.AbstractRole = ace.SpecificAbstractRole;
Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
}
public void CreateAclProbe_OwningGroup_Test()
{
AccessControlEntry ace = TestHelper.CreateAceWithOwningGroup();
FleshOutAccessControlEntryForTest(ace);
AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);
Assert.That(aclProbe.SecurityToken.OwningGroup, Is.EqualTo(Role.Group).Using(DomainObjectHandleComparer.Instance));
var accessConditionsExpected = new AclExpansionAccessConditions
{
OwningGroup = Group,
GroupHierarchyCondition = GroupHierarchyCondition.ThisAndChildren
};
Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
}
public void CreateAclProbe_OwningTenant_Test()
{
AccessControlEntry ace = TestHelper.CreateAceWithOwningTenant();
FleshOutAccessControlEntryForTest(ace);
AclProbe aclProbe = AclProbe.CreateAclProbe(User, Role, ace);
Assert.That(aclProbe.SecurityToken.OwningTenant, Is.EqualTo(User.Tenant).Using(DomainObjectHandleComparer.Instance));
var accessConditionsExpected = new AclExpansionAccessConditions
{
OwningTenant = Tenant,
TenantHierarchyCondition = TenantHierarchyCondition.This
};
Assert.That(aclProbe.AccessConditions, Is.EqualTo(accessConditionsExpected));
}