public void TestApiKeyQueryAll()
{
ApiKey key = new ApiKey();
key.Save();
Balanced.Balanced.configure(key.secret);
Marketplace marketplace = new Marketplace();
marketplace.Save();
ApiKey key1 = new ApiKey();
key1.SaveToMarketplace();
ApiKey key2 = new ApiKey();
key2.SaveToMarketplace();
ApiKey key3 = new ApiKey();
key3.SaveToMarketplace();
List <ApiKey> keys = ApiKey.Query().All();
Assert.AreEqual(4, keys.Count);
List <String> key_guids = new List <String>();
foreach (ApiKey k in keys)
{
key_guids.Add(k.id);
}
Assert.IsTrue(key_guids.Contains(key1.id));
Assert.IsTrue(key_guids.Contains(key2.id));
Assert.IsTrue(key_guids.Contains(key3.id));
}
public void TestApiKeyQueryAll()
{
ApiKey key = new ApiKey();
key.Save();
Balanced.Balanced.configure(key.secret);
Marketplace marketplace = new Marketplace();
marketplace.Save();
ApiKey key1 = new ApiKey();
key1.SaveToMarketplace();
ApiKey key2 = new ApiKey();
key2.SaveToMarketplace();
ApiKey key3 = new ApiKey();
key3.SaveToMarketplace();
List<ApiKey> keys = ApiKey.Query().All();
Assert.AreEqual(4, keys.Count);
List<String> key_guids = new List<String>();
foreach (ApiKey k in keys) {
key_guids.Add(k.id);
}
Assert.IsTrue(key_guids.Contains(key1.id));
Assert.IsTrue(key_guids.Contains(key2.id));
Assert.IsTrue(key_guids.Contains(key3.id));
}
public void TestApiKeyDelete()
{
ApiKey key = new ApiKey();
key.Save();
Balanced.Balanced.configure(key.secret);
key.Unstore();
}
public void TestApiKeyCreate()
{
ApiKey key = new ApiKey();
key.Save();
Assert.IsNotNull(key.secret);
}
public void TestApiKeyCollection()
{
ApiKey key = new ApiKey();
key.Save();
Balanced.Balanced.configure(key.secret);
ApiKey.Collection apiKeys = new ApiKey.Collection();
Assert.AreEqual(1, apiKeys.Total());
}
public void TestApiKeyDelete()
{
ApiKey key = new ApiKey();
key.Save();
Balanced.Balanced.configure(key.secret);
key.Unstore();
}
public void setUp()
{
ApiKey key = new ApiKey();
key.Save();
Balanced.Balanced.configure(key.secret);
Marketplace marketplace = new Marketplace();
marketplace.Save();
mp = marketplace;
}
public void TestApiKeyCollection()
{
ApiKey key = new ApiKey();
key.Save();
Balanced.Balanced.configure(key.secret);
ApiKey.Collection apiKeys = new ApiKey.Collection();
Assert.AreEqual(1, apiKeys.Total());
}
public void setUp()
{
ApiKey key = new ApiKey();
key.Save();
Balanced.Balanced.configure(key.secret);
Marketplace marketplace = new Marketplace();
marketplace.Save();
mp = marketplace;
}
protected void Page_Load(object sender, EventArgs e)
{
if (Request["mode"] == "start")
{
var newcd = ModelServices.LogIn(Request["username"], new Guid(Request["apikey"]));
if (newcd != null)
{
Session["Credentials"] = newcd;
Response.Redirect(string.Format("Designer.aspx?ModelId={0}", Request["ModelId"]));
}
else
{
Response.Redirect("default.htm");
}
}
CredentialData cd = Session["Credentials"] as CredentialData;
if (null != cd)
{
// we are not logged in
AddParam("username", cd.Username);
AddParam("apikey", cd.ApiKey.ToString());
this.SignInLink.Visible = false;
}
else
{
this.UserDetailsLink.Visible = false;
this.SignOutLink.Visible = false;
if (null == Session["ApiKey"] as string)
{
Guid key = Guid.NewGuid();
ApiKey apiKey = new ApiKey();
apiKey.APIKey = key;
apiKey.DateCreated = DateTime.Now;
apiKey.Save();
Session["ApiKey"] = key.ToString();
// TODO: save the apikey to the database
}
AddParam("apikey", Session["ApiKey"] as string);
}
if (null != Request["ModelId"])
{
AddParam("modelid", Request["ModelId"]);
}
this.initParams.Controls.Add(new LiteralControl(string.Format(@"<param name=""initParams"" value=""{0}"" />", string.Join(",", paramsList.ToArray()))));
}
public void Test_UserAccount_Invalid(UserAccountStatusEnum_Enumeration accountStatus)
{
string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever
string tenantName = RunAsDefaultTenant.DefaultTenantName;
Mock <IConnectorService> mockService;
Mock <IEndpointResolver> mockEndpointResolver;
IConnectorService apiKeyService;
ConnectorRequest request;
ConnectorResponse response;
UserAccount userAccount;
ApiKey key;
// Define key and user
using (new TenantAdministratorContext(tenantName))
{
userAccount = new UserAccount( );
userAccount.Name = "Test user " + Guid.NewGuid( );
userAccount.AccountStatus_Enum = accountStatus;
userAccount.Password = "******";
userAccount.Save( );
key = new ApiKey( );
key.Name = apiKey;
key.ApiKeyEnabled = true;
key.Save( );
}
// Define service and mock
mockService = new Mock <IConnectorService>(MockBehavior.Strict);
mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict);
apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository);
// Define request
request = new ConnectorRequest
{
TenantName = tenantName,
QueryString = new Dictionary <string, string> {
{ "key", apiKey }
}
};
// Place request
response = apiKeyService.HandleRequest(request);
Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));
mockService.VerifyAll( );
}
public void Test_ApiKey_Disabled( )
{
string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever
string tenantName = RunAsDefaultTenant.DefaultTenantName;
Mock <IConnectorService> mockService;
Mock <IEndpointResolver> mockEndpointResolver;
IConnectorService apiKeyService;
ConnectorRequest request;
ConnectorResponse response;
ApiKey key;
// Define key and user
using (new TenantAdministratorContext(tenantName))
{
key = new ApiKey( );
key.Name = apiKey;
key.Save( );
}
// Define service and mock
mockService = new Mock <IConnectorService>(MockBehavior.Strict);
mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict);
apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository);
// Define request
request = new ConnectorRequest
{
TenantName = tenantName,
QueryString = new Dictionary <string, string> {
{ "key", apiKey }
}
};
// Place request
response = apiKeyService.HandleRequest(request);
Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized));
mockService.VerifyAll( );
}
public void Test_Successful_Impersonation(bool apiKeyCanSeeApi, HttpStatusCode expectCode)
{
string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever
string tenantName = RunAsDefaultTenant.DefaultTenantName;
Mock <IConnectorService> mockService;
Mock <IEndpointResolver> mockEndpointResolver;
IConnectorService apiKeyService;
ConnectorRequest request;
ConnectorResponse response;
UserAccount userAccount;
ApiKey key;
Api api;
long tenantId;
EndpointAddressResult endpoint;
// Define key and user
using (new TenantAdministratorContext(tenantName))
{
tenantId = RequestContext.TenantId;
userAccount = new UserAccount( );
userAccount.Name = "Test user " + Guid.NewGuid( );
userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active;
userAccount.Password = "******";
userAccount.Save( );
api = new Api();
api.Name = "Test API";
api.Save( );
key = new ApiKey();
key.Name = apiKey;
key.ApiKeyEnabled = true;
key.ApiKeyUserAccount = userAccount;
if (apiKeyCanSeeApi)
{
key.KeyForApis.Add(api);
}
key.Save();
}
// Define service and mock
mockService = new Mock <IConnectorService>(MockBehavior.Strict);
mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict);
apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository);
// Define request
request = new ConnectorRequest
{
TenantName = tenantName,
QueryString = new Dictionary <string, string> {
{ "key", apiKey }
},
ApiPath = new[] { "whatever" }
};
// Setup
if (apiKeyCanSeeApi)
{
mockService.Setup(connector => connector.HandleRequest(request)).Returns(() =>
{
Assert.That(RequestContext.TenantId, Is.EqualTo(tenantId));
return(new ConnectorResponse(HttpStatusCode.OK));
}).Verifiable( );
}
endpoint = new EndpointAddressResult(api.Id, 0);
mockEndpointResolver.Setup(resolver => resolver.ResolveEndpoint(request.ApiPath, true)).Returns(endpoint).Verifiable( );
// Place request
response = apiKeyService.HandleRequest(request);
Assert.That(response.StatusCode, Is.EqualTo(expectCode));
mockService.VerifyAll( );
}
public void Setup( )
{
// Getting Forbidden? Or ConnectorConfigException?
// Maybe there's duplicate copies of these objects in the DB.
// Define key and user
using (new TenantAdministratorContext(TenantName))
{
// Define schema
type = new EntityType( );
type.Inherits.Add(UserResource.UserResource_Type);
type.Name = "Test type " + Guid.NewGuid( );
type.Save( );
type2 = new EntityType();
type2.Inherits.Add(UserResource.UserResource_Type);
type2.Name = "Test type2 " + Guid.NewGuid();
type2.Save();
stringField = new StringField( );
stringField.Name = "Field 1";
stringField.FieldIsOnType = type;
stringField.Save( );
lookup = new Relationship();
lookup.Cardinality_Enum = CardinalityEnum_Enumeration.OneToOne;
lookup.FromType = type;
lookup.ToType = type2;
// Define API
mapping = new ApiResourceMapping( );
mapping.Name = "Test mapping " + Guid.NewGuid( );;
mapping.MappedType = type;
mapping.Save( );
lookupMapping = new ApiRelationshipMapping();
lookupMapping.Name = "lookup1";
lookupMapping.MappedRelationship = lookup;
lookupMapping.MemberForResourceMapping = mapping;
lookupMapping.Save();
fieldMapping = new ApiFieldMapping( );
fieldMapping.Name = "field1";
fieldMapping.MappedField = stringField.As <Field>( );
fieldMapping.MemberForResourceMapping = mapping;
fieldMapping.Save( );
endpoint = new ApiResourceEndpoint( );
endpoint.Name = "Test endpoint " + Guid.NewGuid( );
endpoint.ApiEndpointAddress = EndpointAddress;
endpoint.EndpointResourceMapping = mapping;
endpoint.ApiEndpointEnabled = true;
endpoint.EndpointCanCreate = true;
endpoint.EndpointCanDelete = true;
endpoint.EndpointCanUpdate = true;
endpoint.Save( );
api = new Api( );
api.Name = "Test API " + Guid.NewGuid( );;
api.ApiAddress = ApiAddress;
api.ApiEnabled = true;
api.ApiEndpoints.Add(endpoint.As <ApiEndpoint>( ));
api.Save( );
// Define access
userAccount = new UserAccount( );
userAccount.Name = "Test user " + Guid.NewGuid( );
userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active;
userAccount.Password = "******";
userAccount.Save( );
key = new ApiKey( );
key.Name = ApiKey;
key.ApiKeyUserAccount = userAccount;
key.ApiKeyEnabled = true;
key.KeyForApis.Add(api);
key.Save( );
updateInstance = Entity.Create(type).AsWritable <Resource>( );
updateInstance.Name = updateInstanceName = "ResourceToUpdate" + Guid.NewGuid( );
updateInstance.Description = updateInstanceDesc = "ResourceToUpdate" + Guid.NewGuid( );
updateInstance.Save( );
updateInstanceGuid = updateInstance.UpgradeId;
IAccessRuleFactory accessControlHelper = new AccessRuleFactory( );
accessRule = accessControlHelper.AddAllowCreate(userAccount.As <Subject>( ), type.As <SecurableEntity>( ));
accessRule = accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type.As <SecurableEntity>( ), new[] { Permissions.Read, Permissions.Modify, Permissions.Delete }, TestQueries.Entities(type).ToReport( ));
}
cleanup = new List <IEntity> {
userAccount, key, api, type, mapping, endpoint, fieldMapping, stringField, accessRule, updateInstance
};
}
public void TestApiKeyCreate()
{
ApiKey key = new ApiKey();
key.Save();
Assert.IsNotNull(key.secret);
}
private void CreateScenarioImpl(string testInstanceName, Func <EntityRef[]> permissionsCallback)
{
// Define key and user
using (new TenantAdministratorContext(TenantName))
{
// Define schema
type = new EntityType( );
type.Inherits.Add(UserResource.UserResource_Type);
type.Name = "Test type " + Guid.NewGuid( );
type.Save( );
type2 = new EntityType( );
type2.Inherits.Add(UserResource.UserResource_Type);
type2.Name = "Test type2 " + Guid.NewGuid( );
type2.Save( );
stringField = new StringField( );
stringField.Name = "Field 1";
stringField.FieldIsOnType = type;
stringField.MaxLength = 50;
stringField.Save( );
lookup = new Relationship( );
lookup.Cardinality_Enum = CardinalityEnum_Enumeration.OneToOne;
lookup.FromType = type;
lookup.ToType = type2;
relationship = new Relationship( );
relationship.Cardinality_Enum = CardinalityEnum_Enumeration.ManyToMany;
relationship.FromType = type;
relationship.ToType = type2;
// Define API
mapping = new ApiResourceMapping( );
mapping.Name = "Test mapping " + Guid.NewGuid( );;
mapping.MappedType = type;
mapping.Save( );
fieldMapping = new ApiFieldMapping( );
fieldMapping.Name = "field1";
fieldMapping.MappedField = stringField.As <Field>( );
fieldMapping.MemberForResourceMapping = mapping;
fieldMapping.Save( );
lookupMapping = new ApiRelationshipMapping( );
lookupMapping.Name = "lookup1";
lookupMapping.MappedRelationship = lookup;
lookupMapping.MemberForResourceMapping = mapping;
lookupMapping.Save( );
relationshipMapping = new ApiRelationshipMapping( );
relationshipMapping.Name = "rel1";
relationshipMapping.MappedRelationship = relationship;
relationshipMapping.MemberForResourceMapping = mapping;
relationshipMapping.Save( );
endpoint = new ApiResourceEndpoint( );
endpoint.Name = "Test endpoint " + Guid.NewGuid( );;
endpoint.ApiEndpointAddress = EndpointAddress;
endpoint.EndpointResourceMapping = mapping;
endpoint.ApiEndpointEnabled = true;
endpoint.EndpointCanCreate = true;
endpoint.EndpointCanUpdate = true;
endpoint.EndpointCanDelete = true;
endpoint.Save( );
api = new Api( );
api.Name = "Test API " + Guid.NewGuid( );;
api.ApiAddress = ApiAddress;
api.ApiEnabled = true;
api.ApiEndpoints.Add(endpoint.As <ApiEndpoint>( ));
api.Save( );
// Define access
userAccount = new UserAccount( );
userAccount.Name = "Test user " + Guid.NewGuid( );
userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active;
userAccount.Password = "******";
userAccount.Save( );
key = new ApiKey( );
key.Name = ApiKey;
key.ApiKeyUserAccount = userAccount;
key.ApiKeyEnabled = true;
key.KeyForApis.Add(api);
key.Save( );
if (testInstanceName != null)
{
scenarioInstance = Entity.Create(type);
scenarioInstance.SetField("core:name", testInstanceName);
scenarioInstance.Save( );
}
foreignName = "Foreign" + Guid.NewGuid( ).ToString( );
foreignInstance = Entity.Create(type2);
foreignInstance.SetField("core:name", foreignName);
foreignInstance.Save( );
// Grant create
var permissions = permissionsCallback( );
IAccessRuleFactory accessControlHelper = new AccessRuleFactory( );
if (permissions [0] == Permissions.Create)
{
accessControlHelper.AddAllowCreate(userAccount.As <Subject>( ), type.As <SecurableEntity>( ));
}
else if (permissions.Length > 0)
{
accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type.As <SecurableEntity>( ), permissions, TestQueries.Entities(type).ToReport( ));
}
accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type2.As <SecurableEntity>( ), new [] { Permissions.Read, Permissions.Modify }, TestQueries.Entities(type2).ToReport( ));
}
}
