public void TestApiKeyQueryAll() { ApiKey key = new ApiKey(); key.Save(); Balanced.Balanced.configure(key.secret); Marketplace marketplace = new Marketplace(); marketplace.Save(); ApiKey key1 = new ApiKey(); key1.SaveToMarketplace(); ApiKey key2 = new ApiKey(); key2.SaveToMarketplace(); ApiKey key3 = new ApiKey(); key3.SaveToMarketplace(); List <ApiKey> keys = ApiKey.Query().All(); Assert.AreEqual(4, keys.Count); List <String> key_guids = new List <String>(); foreach (ApiKey k in keys) { key_guids.Add(k.id); } Assert.IsTrue(key_guids.Contains(key1.id)); Assert.IsTrue(key_guids.Contains(key2.id)); Assert.IsTrue(key_guids.Contains(key3.id)); }
public void TestApiKeyQueryAll() { ApiKey key = new ApiKey(); key.Save(); Balanced.Balanced.configure(key.secret); Marketplace marketplace = new Marketplace(); marketplace.Save(); ApiKey key1 = new ApiKey(); key1.SaveToMarketplace(); ApiKey key2 = new ApiKey(); key2.SaveToMarketplace(); ApiKey key3 = new ApiKey(); key3.SaveToMarketplace(); List<ApiKey> keys = ApiKey.Query().All(); Assert.AreEqual(4, keys.Count); List<String> key_guids = new List<String>(); foreach (ApiKey k in keys) { key_guids.Add(k.id); } Assert.IsTrue(key_guids.Contains(key1.id)); Assert.IsTrue(key_guids.Contains(key2.id)); Assert.IsTrue(key_guids.Contains(key3.id)); }
public void TestApiKeyDelete() { ApiKey key = new ApiKey(); key.Save(); Balanced.Balanced.configure(key.secret); key.Unstore(); }
public void TestApiKeyCreate() { ApiKey key = new ApiKey(); key.Save(); Assert.IsNotNull(key.secret); }
public void TestApiKeyCollection() { ApiKey key = new ApiKey(); key.Save(); Balanced.Balanced.configure(key.secret); ApiKey.Collection apiKeys = new ApiKey.Collection(); Assert.AreEqual(1, apiKeys.Total()); }
public void setUp() { ApiKey key = new ApiKey(); key.Save(); Balanced.Balanced.configure(key.secret); Marketplace marketplace = new Marketplace(); marketplace.Save(); mp = marketplace; }
protected void Page_Load(object sender, EventArgs e) { if (Request["mode"] == "start") { var newcd = ModelServices.LogIn(Request["username"], new Guid(Request["apikey"])); if (newcd != null) { Session["Credentials"] = newcd; Response.Redirect(string.Format("Designer.aspx?ModelId={0}", Request["ModelId"])); } else { Response.Redirect("default.htm"); } } CredentialData cd = Session["Credentials"] as CredentialData; if (null != cd) { // we are not logged in AddParam("username", cd.Username); AddParam("apikey", cd.ApiKey.ToString()); this.SignInLink.Visible = false; } else { this.UserDetailsLink.Visible = false; this.SignOutLink.Visible = false; if (null == Session["ApiKey"] as string) { Guid key = Guid.NewGuid(); ApiKey apiKey = new ApiKey(); apiKey.APIKey = key; apiKey.DateCreated = DateTime.Now; apiKey.Save(); Session["ApiKey"] = key.ToString(); // TODO: save the apikey to the database } AddParam("apikey", Session["ApiKey"] as string); } if (null != Request["ModelId"]) { AddParam("modelid", Request["ModelId"]); } this.initParams.Controls.Add(new LiteralControl(string.Format(@"<param name=""initParams"" value=""{0}"" />", string.Join(",", paramsList.ToArray())))); }
public void Test_UserAccount_Invalid(UserAccountStatusEnum_Enumeration accountStatus) { string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever string tenantName = RunAsDefaultTenant.DefaultTenantName; Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; UserAccount userAccount; ApiKey key; // Define key and user using (new TenantAdministratorContext(tenantName)) { userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = accountStatus; userAccount.Password = "******"; userAccount.Save( ); key = new ApiKey( ); key.Name = apiKey; key.ApiKeyEnabled = true; key.Save( ); } // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } } }; // Place request response = apiKeyService.HandleRequest(request); Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized)); mockService.VerifyAll( ); }
public void Test_ApiKey_Disabled( ) { string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever string tenantName = RunAsDefaultTenant.DefaultTenantName; Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; ApiKey key; // Define key and user using (new TenantAdministratorContext(tenantName)) { key = new ApiKey( ); key.Name = apiKey; key.Save( ); } // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } } }; // Place request response = apiKeyService.HandleRequest(request); Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Unauthorized)); mockService.VerifyAll( ); }
public void Test_Successful_Impersonation(bool apiKeyCanSeeApi, HttpStatusCode expectCode) { string apiKey = "6cb36a1cd60e460bbbfce5af03eb9507"; // or whatever string tenantName = RunAsDefaultTenant.DefaultTenantName; Mock <IConnectorService> mockService; Mock <IEndpointResolver> mockEndpointResolver; IConnectorService apiKeyService; ConnectorRequest request; ConnectorResponse response; UserAccount userAccount; ApiKey key; Api api; long tenantId; EndpointAddressResult endpoint; // Define key and user using (new TenantAdministratorContext(tenantName)) { tenantId = RequestContext.TenantId; userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active; userAccount.Password = "******"; userAccount.Save( ); api = new Api(); api.Name = "Test API"; api.Save( ); key = new ApiKey(); key.Name = apiKey; key.ApiKeyEnabled = true; key.ApiKeyUserAccount = userAccount; if (apiKeyCanSeeApi) { key.KeyForApis.Add(api); } key.Save(); } // Define service and mock mockService = new Mock <IConnectorService>(MockBehavior.Strict); mockEndpointResolver = new Mock <IEndpointResolver>(MockBehavior.Strict); apiKeyService = new ApiKeySecurity(mockService.Object, mockEndpointResolver.Object, Factory.EntityRepository); // Define request request = new ConnectorRequest { TenantName = tenantName, QueryString = new Dictionary <string, string> { { "key", apiKey } }, ApiPath = new[] { "whatever" } }; // Setup if (apiKeyCanSeeApi) { mockService.Setup(connector => connector.HandleRequest(request)).Returns(() => { Assert.That(RequestContext.TenantId, Is.EqualTo(tenantId)); return(new ConnectorResponse(HttpStatusCode.OK)); }).Verifiable( ); } endpoint = new EndpointAddressResult(api.Id, 0); mockEndpointResolver.Setup(resolver => resolver.ResolveEndpoint(request.ApiPath, true)).Returns(endpoint).Verifiable( ); // Place request response = apiKeyService.HandleRequest(request); Assert.That(response.StatusCode, Is.EqualTo(expectCode)); mockService.VerifyAll( ); }
public void Setup( ) { // Getting Forbidden? Or ConnectorConfigException? // Maybe there's duplicate copies of these objects in the DB. // Define key and user using (new TenantAdministratorContext(TenantName)) { // Define schema type = new EntityType( ); type.Inherits.Add(UserResource.UserResource_Type); type.Name = "Test type " + Guid.NewGuid( ); type.Save( ); type2 = new EntityType(); type2.Inherits.Add(UserResource.UserResource_Type); type2.Name = "Test type2 " + Guid.NewGuid(); type2.Save(); stringField = new StringField( ); stringField.Name = "Field 1"; stringField.FieldIsOnType = type; stringField.Save( ); lookup = new Relationship(); lookup.Cardinality_Enum = CardinalityEnum_Enumeration.OneToOne; lookup.FromType = type; lookup.ToType = type2; // Define API mapping = new ApiResourceMapping( ); mapping.Name = "Test mapping " + Guid.NewGuid( );; mapping.MappedType = type; mapping.Save( ); lookupMapping = new ApiRelationshipMapping(); lookupMapping.Name = "lookup1"; lookupMapping.MappedRelationship = lookup; lookupMapping.MemberForResourceMapping = mapping; lookupMapping.Save(); fieldMapping = new ApiFieldMapping( ); fieldMapping.Name = "field1"; fieldMapping.MappedField = stringField.As <Field>( ); fieldMapping.MemberForResourceMapping = mapping; fieldMapping.Save( ); endpoint = new ApiResourceEndpoint( ); endpoint.Name = "Test endpoint " + Guid.NewGuid( ); endpoint.ApiEndpointAddress = EndpointAddress; endpoint.EndpointResourceMapping = mapping; endpoint.ApiEndpointEnabled = true; endpoint.EndpointCanCreate = true; endpoint.EndpointCanDelete = true; endpoint.EndpointCanUpdate = true; endpoint.Save( ); api = new Api( ); api.Name = "Test API " + Guid.NewGuid( );; api.ApiAddress = ApiAddress; api.ApiEnabled = true; api.ApiEndpoints.Add(endpoint.As <ApiEndpoint>( )); api.Save( ); // Define access userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active; userAccount.Password = "******"; userAccount.Save( ); key = new ApiKey( ); key.Name = ApiKey; key.ApiKeyUserAccount = userAccount; key.ApiKeyEnabled = true; key.KeyForApis.Add(api); key.Save( ); updateInstance = Entity.Create(type).AsWritable <Resource>( ); updateInstance.Name = updateInstanceName = "ResourceToUpdate" + Guid.NewGuid( ); updateInstance.Description = updateInstanceDesc = "ResourceToUpdate" + Guid.NewGuid( ); updateInstance.Save( ); updateInstanceGuid = updateInstance.UpgradeId; IAccessRuleFactory accessControlHelper = new AccessRuleFactory( ); accessRule = accessControlHelper.AddAllowCreate(userAccount.As <Subject>( ), type.As <SecurableEntity>( )); accessRule = accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type.As <SecurableEntity>( ), new[] { Permissions.Read, Permissions.Modify, Permissions.Delete }, TestQueries.Entities(type).ToReport( )); } cleanup = new List <IEntity> { userAccount, key, api, type, mapping, endpoint, fieldMapping, stringField, accessRule, updateInstance }; }
private void CreateScenarioImpl(string testInstanceName, Func <EntityRef[]> permissionsCallback) { // Define key and user using (new TenantAdministratorContext(TenantName)) { // Define schema type = new EntityType( ); type.Inherits.Add(UserResource.UserResource_Type); type.Name = "Test type " + Guid.NewGuid( ); type.Save( ); type2 = new EntityType( ); type2.Inherits.Add(UserResource.UserResource_Type); type2.Name = "Test type2 " + Guid.NewGuid( ); type2.Save( ); stringField = new StringField( ); stringField.Name = "Field 1"; stringField.FieldIsOnType = type; stringField.MaxLength = 50; stringField.Save( ); lookup = new Relationship( ); lookup.Cardinality_Enum = CardinalityEnum_Enumeration.OneToOne; lookup.FromType = type; lookup.ToType = type2; relationship = new Relationship( ); relationship.Cardinality_Enum = CardinalityEnum_Enumeration.ManyToMany; relationship.FromType = type; relationship.ToType = type2; // Define API mapping = new ApiResourceMapping( ); mapping.Name = "Test mapping " + Guid.NewGuid( );; mapping.MappedType = type; mapping.Save( ); fieldMapping = new ApiFieldMapping( ); fieldMapping.Name = "field1"; fieldMapping.MappedField = stringField.As <Field>( ); fieldMapping.MemberForResourceMapping = mapping; fieldMapping.Save( ); lookupMapping = new ApiRelationshipMapping( ); lookupMapping.Name = "lookup1"; lookupMapping.MappedRelationship = lookup; lookupMapping.MemberForResourceMapping = mapping; lookupMapping.Save( ); relationshipMapping = new ApiRelationshipMapping( ); relationshipMapping.Name = "rel1"; relationshipMapping.MappedRelationship = relationship; relationshipMapping.MemberForResourceMapping = mapping; relationshipMapping.Save( ); endpoint = new ApiResourceEndpoint( ); endpoint.Name = "Test endpoint " + Guid.NewGuid( );; endpoint.ApiEndpointAddress = EndpointAddress; endpoint.EndpointResourceMapping = mapping; endpoint.ApiEndpointEnabled = true; endpoint.EndpointCanCreate = true; endpoint.EndpointCanUpdate = true; endpoint.EndpointCanDelete = true; endpoint.Save( ); api = new Api( ); api.Name = "Test API " + Guid.NewGuid( );; api.ApiAddress = ApiAddress; api.ApiEnabled = true; api.ApiEndpoints.Add(endpoint.As <ApiEndpoint>( )); api.Save( ); // Define access userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active; userAccount.Password = "******"; userAccount.Save( ); key = new ApiKey( ); key.Name = ApiKey; key.ApiKeyUserAccount = userAccount; key.ApiKeyEnabled = true; key.KeyForApis.Add(api); key.Save( ); if (testInstanceName != null) { scenarioInstance = Entity.Create(type); scenarioInstance.SetField("core:name", testInstanceName); scenarioInstance.Save( ); } foreignName = "Foreign" + Guid.NewGuid( ).ToString( ); foreignInstance = Entity.Create(type2); foreignInstance.SetField("core:name", foreignName); foreignInstance.Save( ); // Grant create var permissions = permissionsCallback( ); IAccessRuleFactory accessControlHelper = new AccessRuleFactory( ); if (permissions [0] == Permissions.Create) { accessControlHelper.AddAllowCreate(userAccount.As <Subject>( ), type.As <SecurableEntity>( )); } else if (permissions.Length > 0) { accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type.As <SecurableEntity>( ), permissions, TestQueries.Entities(type).ToReport( )); } accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type2.As <SecurableEntity>( ), new [] { Permissions.Read, Permissions.Modify }, TestQueries.Entities(type2).ToReport( )); } }