public void ComputeOnUpdatePrincipal() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve <ISqlExecuter>() .ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role"); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve <Common.DomRepository>(); var roles = container.Resolve <GenericRepository <Common.Role> >(); var principals = container.Resolve <GenericRepository <Common.Principal> >(); var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { PrincipalID = u2.ID, RoleID = r25.ID }, new Common.PrincipalHasRole { PrincipalID = u5.ID, RoleID = r25.ID } }); // Recompute membership on update principal (domain users only): u2.Name = "u2x"; principals.Update(u2); Assert.AreEqual(@"\u1-\r1, u2x-\r2, u2x-r25, u5-r25", ReportMembership(container), "auto-membership on update ignore non-domain users"); u2.Name = _domainPrefix + "u2x"; principals.Update(u2); Assert.AreEqual(@"\u1-\r1, \u2x-r25, u5-r25", ReportMembership(container), "auto-membership on update domain users"); u2.Name = _domainPrefix + "u2"; principals.Update(u2); Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "auto-membership on update domain users 2"); } }
public void ComputeOnInsertPrincipal() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve <ISqlExecuter>() .ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role"); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve <Common.DomRepository>(); var roles = container.Resolve <GenericRepository <Common.Role> >(); var principals = container.Resolve <GenericRepository <Common.Principal> >(); var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >(); roles.Insert(r1, r2, r25); Assert.AreEqual(@"\r1, \r2, r25", ReportRoles(roles.Load()), "roles created"); principals.Insert(u1, u2, u3, u5); Assert.AreEqual(@"\u1, \u2, \u3, u5", ReportPrincipals(principals.Load()), "principals created"); // Recompute membership on insert domain users: Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container), "auto-membership on insert"); // Inserting non-domain users and roles: membership.Insert(new[] { new Common.PrincipalHasRole { PrincipalID = u2.ID, RoleID = r25.ID }, new Common.PrincipalHasRole { PrincipalID = u5.ID, RoleID = r25.ID } }, checkUserPermissions: true); Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "non-domain users and roles"); } }
public void RoleInheritance() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve <ISqlExecuter>() .ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role"); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve <Common.DomRepository>(); var roles = container.Resolve <GenericRepository <Common.Role> >(); var principals = container.Resolve <GenericRepository <Common.Principal> >(); var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { PrincipalID = u2.ID, RoleID = r25.ID }, new Common.PrincipalHasRole { PrincipalID = u5.ID, RoleID = r25.ID } }); // Modify role inheritance: repository.Common.RoleInheritsRole.Insert(new[] { new Common.RoleInheritsRole { UsersFromID = r1.ID, PermissionsFromID = r25.ID } }); TestUtility.ShouldFail(() => repository.Common.RoleInheritsRole.Insert(new[] { new Common.RoleInheritsRole { UsersFromID = r25.ID, PermissionsFromID = r2.ID } }), "UserException", "It is not allowed to add users or user groups here because this role is synchronized with an Active Directory group.", "Please change the user membership on Active Directory instead."); } }
public void FailsOnDenyUserEdit() { using (var container = new RhetosTestContainer()) { var genericRepositories = container.Resolve <GenericRepositories>(); var repository = container.Resolve <Common.DomRepository>(); string currentUserName = container.Resolve <IUserInfo>().UserName; Assert.IsTrue(!string.IsNullOrWhiteSpace(currentUserName)); var currentPrincipal = new Common.Principal { Name = currentUserName }; genericRepositories.InsertOrReadId(currentPrincipal, p => p.Name); var testItem1 = new TestCreatedBy.WithConstraints { ID = Guid.NewGuid(), Name = "test1" }; var testItem2 = new TestCreatedBy.WithConstraints { ID = Guid.NewGuid(), Name = "test2", AuthorID = currentPrincipal.ID }; TestUtility.ShouldFail <Rhetos.UserException>( () => repository.TestCreatedBy.WithConstraints.Insert(new[] { testItem1, testItem2 }, checkUserPermissions: true), "It is not allowed to directly enter", "Author"); } }
public void LeavePredefinedUser() { using (var container = new RhetosTestContainer()) { var genericRepositories = container.Resolve <GenericRepositories>(); var repository = container.Resolve <Common.DomRepository>(); string currentUserName = container.Resolve <IUserInfo>().UserName; Assert.IsTrue(!string.IsNullOrWhiteSpace(currentUserName)); var currentPrincipal = new Common.Principal { Name = currentUserName }; genericRepositories.InsertOrReadId(currentPrincipal, p => p.Name); string otherUserName = "******" + Guid.NewGuid(); var otherPrincipal = new Common.Principal { Name = otherUserName }; genericRepositories.InsertOrReadId(otherPrincipal, p => p.Name); var testItem1 = new TestCreatedBy.Simple { ID = Guid.NewGuid(), Name = "test1", AuthorID = otherPrincipal.ID }; var testItem2 = new TestCreatedBy.Simple { ID = Guid.NewGuid(), Name = "test2" }; repository.TestCreatedBy.Simple.Insert(testItem1, testItem2); Assert.AreEqual( "test1 " + otherUserName + ", test2 " + currentUserName, TestUtility.DumpSorted(repository.TestCreatedBy.Simple .Query(new[] { testItem1.ID, testItem2.ID }) .Select(item => item.Name + " " + item.Author.Name))); } }
public async Task FindUserByNameTest() { using (var serviceScope = _factory.Services.CreateScope()) { var principal = new Common.Principal { Name = "IdentityUserTest" }; var repository = serviceScope.ServiceProvider.GetService <IRhetosComponent <Common.DomRepository> >().Value; repository.Common.Principal.Insert(principal); var userStore = serviceScope.ServiceProvider.GetService <IUserStore <IdentityUser <Guid> > >(); var user = await userStore.FindByIdAsync(principal.ID.ToString(), new CancellationToken(false)); user.PasswordHash = "SomeHash"; user.LockoutEnd = new DateTimeOffset(2020, 5, 5, 5, 5, 5, new TimeSpan(0)); user.AccessFailedCount = 3; await userStore.UpdateAsync(user, new CancellationToken(false)); var updatedUser = await userStore.FindByNameAsync(principal.Name, new CancellationToken(false)); Assert.AreEqual(user.Id, principal.ID); Assert.AreEqual(user.UserName, principal.Name); Assert.AreEqual(user.PasswordHash, updatedUser.PasswordHash); Assert.AreEqual(user.LockoutEnd, updatedUser.LockoutEnd); Assert.AreEqual(user.AccessFailedCount, updatedUser.AccessFailedCount); } }
public void ExecuteSqlTest() { using (var scope = TestScope.Create()) { var persistenceTransaction = scope.Resolve <IPersistenceTransaction>(); var executionContext = scope.Resolve <Common.ExecutionContext>(); var principalNamePrefix = "BaseExecuter_"; var principal1 = new Common.Principal { ID = Guid.NewGuid(), Name = principalNamePrefix + Guid.NewGuid().ToString() }; var principal2 = new Common.Principal { ID = Guid.NewGuid(), Name = principalNamePrefix + Guid.NewGuid().ToString() }; var baseSqlExecuter = new BaseSqlExecuter(persistenceTransaction); baseSqlExecuter.ExecuteSqlRaw(@" INSERT INTO Common.Principal (ID, Name) VALUES({0}, {1}); INSERT INTO Common.Principal (ID, Name) VALUES(@principal2ID, @principal2Name); ", new object[] { principal1.ID, principal1.Name, new SqlParameter("@principal2ID", principal2.ID), new SqlParameter("@principal2Name", principal2.Name) }); var results = executionContext.Repository.Common.Principal.Query(x => x.Name.StartsWith(principalNamePrefix)).ToSimple().ToArray(); Assert.AreEqual(Report(principal1, principal2), Report(results)); } }
public void ExecuteReaderTest() { using (var scope = TestScope.Create()) { var persistenceTransaction = scope.Resolve <IPersistenceTransaction>(); var executionContext = scope.Resolve <Common.ExecutionContext>(); var principalNamePrefix = "BaseExecuter_"; var principalNameSuffix = "_Test"; var principal1 = new Common.Principal { ID = Guid.NewGuid(), Name = principalNamePrefix + Guid.NewGuid().ToString() }; var principal2 = new Common.Principal { ID = Guid.NewGuid(), Name = principalNamePrefix + Guid.NewGuid().ToString() + principalNameSuffix }; executionContext.Repository.Common.Principal.Insert(principal1, principal2); var baseSqlExecuter = new BaseSqlExecuter(persistenceTransaction); var results = new List <Common.Principal>(); baseSqlExecuter.ExecuteReaderRaw("SELECT ID, Name FROM Common.Principal WHERE Name LIKE {0}+'%' AND Name LIKE '%'+@suffix", new object[] { principalNamePrefix, new SqlParameter("@suffix", principalNameSuffix) }, reader => results.Add(new Common.Principal { ID = reader.GetGuid(0), Name = reader.GetString(1) })); Assert.AreEqual(Report(principal2), Report(results.ToArray())); } }
public void LeavePredefinedUser() { using (var container = new RhetosTestContainer()) { var genericRepositories = container.Resolve<GenericRepositories>(); var repository = container.Resolve<Common.DomRepository>(); string currentUserName = container.Resolve<IUserInfo>().UserName; Assert.IsTrue(!string.IsNullOrWhiteSpace(currentUserName)); var currentPrincipal = new Common.Principal { Name = currentUserName }; genericRepositories.InsertOrReadId(currentPrincipal, p => p.Name); string otherUserName = "******" + Guid.NewGuid(); var otherPrincipal = new Common.Principal { Name = otherUserName }; genericRepositories.InsertOrReadId(otherPrincipal, p => p.Name); var testItem1 = new TestCreatedBy.Simple { ID = Guid.NewGuid(), Name = "test1", AuthorID = otherPrincipal.ID }; var testItem2 = new TestCreatedBy.Simple { ID = Guid.NewGuid(), Name = "test2" }; repository.TestCreatedBy.Simple.Insert(testItem1, testItem2); Assert.AreEqual( "test1 " + otherUserName + ", test2 " + currentUserName, TestUtility.DumpSorted(repository.TestCreatedBy.Simple .Query(new[] { testItem1.ID, testItem2.ID }) .Select(item => item.Name + " " + item.Author.Name))); } }
public void RecomputeMembership() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve <ISqlExecuter>() .ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role"); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve <Common.DomRepository>(); var roles = container.Resolve <GenericRepository <Common.Role> >(); var principals = container.Resolve <GenericRepository <Common.Principal> >(); var membership = repository.Common.PrincipalHasRole; roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { PrincipalID = u2.ID, RoleID = r25.ID }, new Common.PrincipalHasRole { PrincipalID = u5.ID, RoleID = r25.ID } }); // Recompute membership relations: var u1r1 = membership.Query(m => m.Principal.Name.Contains(@"\u1")).Single(); membership.Delete(new[] { u1r1 }, checkUserPermissions: false); Assert.AreEqual(@"\u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "modified membership"); repository.Common.PrincipalHasRole.RecomputeFromActiveDirectoryPrincipalHasRole(); Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "recomputed membership"); } }
public void TestMock() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var ws = container.Resolve<Rhetos.Security.IWindowsSecurity>(); Assert.AreEqual("r1, r12", TestUtility.DumpSorted(ws.GetIdentityMembership(u1.Name)), "u1 active directory groups"); } }
public void TestMock() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var ws = container.Resolve <Rhetos.Security.IWindowsSecurity>(); Assert.AreEqual("r1, r12", TestUtility.DumpSorted(ws.GetIdentityMembership(u1.Name)), "u1 active directory groups"); } }
public void UserShouldNotUpdateDomainMembership() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve <ISqlExecuter>() .ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role"); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var repository = container.Resolve <Common.DomRepository>(); var roles = container.Resolve <GenericRepository <Common.Role> >(); var principals = container.Resolve <GenericRepository <Common.Principal> >(); var membership = repository.Common.PrincipalHasRole; roles.Insert(r1, r2); principals.Insert(u1, u2); // The user should not update domain users/groups membership: Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container)); var u2r2 = membership.Query(m => m.Principal.Name.Contains(@"\u2")).Single(); membership.Delete(new[] { u2r2 }, checkUserPermissions: false); Assert.AreEqual(@"\u1-\r1", ReportMembership(container)); var u1r1 = membership.Query(m => m.Principal.Name.Contains(@"\u1")).Single(); TestUtility.ShouldFail( () => membership.Delete(new[] { u1r1 }, checkUserPermissions: true), "It is not allowed to remove the user membership here, because role " + _domainPrefix + "r1 is synchronized with an Active Directory group"); } }
public void CommonFilters() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve<Common.ExecutionContext>().NHibernateSession .CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role") .ExecuteUpdate(); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve<Common.DomRepository>(); var roles = container.Resolve<GenericRepository<Common.Role>>(); var principals = container.Resolve<GenericRepository<Common.Principal>>(); var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { Principal = u2, Role = r25 }, new Common.PrincipalHasRole { Principal = u5, Role = r25 } }); // Common filters: var filter1 = new Common.ActiveDirectoryAllUsersParameter(); Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container, filter1), "filter ActiveDirectoryAllUsersParameter"); var filter2 = new[] { u1.Name, u2.Name }.Select(name => new Common.ActiveDirectoryUserParameter { UserName = name }).ToArray(); Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container, filter2), "filter ActiveDirectoryUserParameter"); } }
public void FailsOnDenyUserEdit() { using (var container = new RhetosTestContainer()) { var genericRepositories = container.Resolve<GenericRepositories>(); var repository = container.Resolve<Common.DomRepository>(); string currentUserName = container.Resolve<IUserInfo>().UserName; Assert.IsTrue(!string.IsNullOrWhiteSpace(currentUserName)); var currentPrincipal = new Common.Principal { Name = currentUserName }; genericRepositories.InsertOrReadId(currentPrincipal, p => p.Name); var testItem1 = new TestCreatedBy.WithConstraints { ID = Guid.NewGuid(), Name = "test1" }; var testItem2 = new TestCreatedBy.WithConstraints { ID = Guid.NewGuid(), Name = "test2", AuthorID = currentPrincipal.ID }; TestUtility.ShouldFail<Rhetos.UserException>( () => repository.TestCreatedBy.WithConstraints.Insert(new[] { testItem1, testItem2 }, checkUserPermissions: true), "It is not allowed to directly enter", "Author"); } }
public void InsertTestPermissions() { DeleteTestPermissions(); using (var container = new RhetosTestContainer(commitChanges: true)) { var r = container.Resolve <Common.DomRepository>(); var principal1 = new Common.Principal { Name = User1Name }; var principal2 = new Common.Principal { Name = User2Name }; r.Common.Principal.Insert(principal1, principal2); var role1 = new Common.Role { Name = Role1Name }; var role2 = new Common.Role { Name = Role2Name }; r.Common.Role.Insert(role1, role2); r.Common.PrincipalHasRole.Insert(new Common.PrincipalHasRole { PrincipalID = principal1.ID, RoleID = role1.ID }); r.Common.RoleInheritsRole.Insert(new Common.RoleInheritsRole { UsersFromID = role1.ID, PermissionsFromID = role2.ID }); var claim1 = r.Common.Claim.Load(c => c.ClaimResource == Claim1.Resource && c.ClaimRight == Claim1.Right).Single(); var claim2 = r.Common.Claim.Load(c => c.ClaimResource == Claim2.Resource && c.ClaimRight == Claim2.Right).Single(); r.Common.PrincipalPermission.Insert(new Common.PrincipalPermission { PrincipalID = principal1.ID, ClaimID = claim1.ID, IsAuthorized = true }); r.Common.RolePermission.Insert(new Common.RolePermission { RoleID = role2.ID, ClaimID = claim2.ID, IsAuthorized = true }); } }
public void InsertTestPermissions() { DeleteTestPermissions(); using (var container = new RhetosTestContainer(commitChanges: true)) { var r = container.Resolve<Common.DomRepository>(); var principal1 = new Common.Principal { Name = User1Name }; var principal2 = new Common.Principal { Name = User2Name }; r.Common.Principal.Insert(principal1, principal2); var role1 = new Common.Role { Name = Role1Name }; var role2 = new Common.Role { Name = Role2Name }; r.Common.Role.Insert(role1, role2); r.Common.PrincipalHasRole.Insert(new Common.PrincipalHasRole { PrincipalID = principal1.ID, RoleID = role1.ID }); r.Common.RoleInheritsRole.Insert(new Common.RoleInheritsRole { UsersFromID = role1.ID, PermissionsFromID = role2.ID }); var claim1 = r.Common.Claim.Load(c => c.ClaimResource == Claim1.Resource && c.ClaimRight == Claim1.Right).Single(); var claim2 = r.Common.Claim.Load(c => c.ClaimResource == Claim2.Resource && c.ClaimRight == Claim2.Right).Single(); r.Common.PrincipalPermission.Insert(new Common.PrincipalPermission { PrincipalID = principal1.ID, ClaimID = claim1.ID, IsAuthorized = true }); r.Common.RolePermission.Insert(new Common.RolePermission { RoleID = role2.ID, ClaimID = claim2.ID, IsAuthorized = true }); } }
public void ComputeOnAuthorization() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve <ISqlExecuter>() .ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role"); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve <Common.DomRepository>(); var roles = container.Resolve <GenericRepository <Common.Role> >(); var principals = container.Resolve <GenericRepository <Common.Principal> >(); var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Delete(membership.Load()); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { PrincipalID = u2.ID, RoleID = r25.ID }, new Common.PrincipalHasRole { PrincipalID = u5.ID, RoleID = r25.ID } }); // Recompute membership on authorization: var authorizationProvider = container.Resolve <CommonAuthorizationProvider>(); Assert.AreEqual(@"\u2-r25, u5-r25", ReportMembership(container)); { var userRoles = authorizationProvider.GetUsersRoles(u1); Assert.AreEqual(@"\r1", ReportRoles(userRoles, container)); Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container), "membership recomputed on authorization u1"); } { var userRoles = authorizationProvider.GetUsersRoles(u2); Assert.AreEqual(@"\r2, r25", ReportRoles(userRoles, container), "mixed membership"); Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "membership recomputed on authorization u2"); } AuthorizationDataCache.ClearCache(); membership.Delete(membership.Load()); Assert.AreEqual(@"", ReportMembership(container), "membership deleted"); { var userRoles = authorizationProvider.GetUsersRoles(u1); Assert.AreEqual(@"\r1", ReportRoles(userRoles, container)); Assert.AreEqual(@"\u1-\r1", ReportMembership(container), "membership recomputed on authorization u1"); } { var userRoles = authorizationProvider.GetUsersRoles(u2); Assert.AreEqual(@"\r2", ReportRoles(userRoles, container)); Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container), "membership recomputed on authorization u2"); } } }
public void ComputeOnInsertPrincipal() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve<Common.ExecutionContext>().NHibernateSession .CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role") .ExecuteUpdate(); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve<Common.DomRepository>(); var roles = container.Resolve<GenericRepository<Common.Role>>(); var principals = container.Resolve<GenericRepository<Common.Principal>>(); var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>(); roles.Insert(r1, r2, r25); Assert.AreEqual(@"\r1, \r2, r25", ReportRoles(roles.Read()), "roles created"); principals.Insert(u1, u2, u3, u5); Assert.AreEqual(@"\u1, \u2, \u3, u5", ReportPrincipals(principals.Read()), "principals created"); // Recompute membership on insert domain users: Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container), "auto-membership on insert"); // Inserting non-domain users and roles: membership.Insert(new[] { new Common.PrincipalHasRole { Principal = u2, Role = r25 }, new Common.PrincipalHasRole { Principal = u5, Role = r25 } }, checkUserPermissions: true); Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "non-domain users and roles"); } }
public void ComputeOnUpdateRole() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve <ISqlExecuter>() .ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role"); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve <Common.DomRepository>(); var roles = container.Resolve <GenericRepository <Common.Role> >(); var principals = container.Resolve <GenericRepository <Common.Principal> >(); var membership = container.Resolve <GenericRepository <Common.PrincipalHasRole> >(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { PrincipalID = u2.ID, RoleID = r25.ID }, new Common.PrincipalHasRole { PrincipalID = u5.ID, RoleID = r25.ID } }); // Recompute membership on modified role should remove obsolete memebers: Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "initial membership"); r2.Name = _domainPrefix + "r2x"; roles.Update(r2); Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container), "recomputed membership after rename role"); // New role members will not be added automatically, to avoid performance penalty: // (the membership will be added on the principal's authorization check) r2.Name = _domainPrefix + "r2"; roles.Update(r2); // This is not reqested feature, this assert simply describes currently implemented behaviour: Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container)); } }
public void ComputeOnUpdatePrincipal() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve<Common.ExecutionContext>().NHibernateSession .CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role") .ExecuteUpdate(); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve<Common.DomRepository>(); var roles = container.Resolve<GenericRepository<Common.Role>>(); var principals = container.Resolve<GenericRepository<Common.Principal>>(); var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { Principal = u2, Role = r25 }, new Common.PrincipalHasRole { Principal = u5, Role = r25 } }); // Recompute membership on update principal (domain users only): u2.Name = "u2x"; principals.Update(u2); Assert.AreEqual(@"\u1-\r1, u2x-\r2, u2x-r25, u5-r25", ReportMembership(container), "auto-membership on update ignore non-domain users"); u2.Name = _domainPrefix + "u2x"; principals.Update(u2); Assert.AreEqual(@"\u1-\r1, \u2x-r25, u5-r25", ReportMembership(container), "auto-membership on update domain users"); u2.Name = _domainPrefix + "u2"; principals.Update(u2); Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "auto-membership on update domain users 2"); } }
public void ComputeOnUpdateRole() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve<Common.ExecutionContext>().NHibernateSession .CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role") .ExecuteUpdate(); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve<Common.DomRepository>(); var roles = container.Resolve<GenericRepository<Common.Role>>(); var principals = container.Resolve<GenericRepository<Common.Principal>>(); var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { Principal = u2, Role = r25 }, new Common.PrincipalHasRole { Principal = u5, Role = r25 } }); // Recompute membership on modified role should remove obsolete memebers: Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "initial membership"); r2.Name = _domainPrefix + "r2x"; roles.Update(r2); Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container), "recomputed membership after rename role"); // New role members will not be added automatically, to avoid performance penalty: // (the membership will be added on the principal's authorization check) r2.Name = _domainPrefix + "r2"; roles.Update(r2); // This is not reqested feature, this assert simply describes currently implemented behaviour: Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container)); } }
public void RecomputeMembership() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve<Common.ExecutionContext>().NHibernateSession .CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role") .ExecuteUpdate(); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve<Common.DomRepository>(); var roles = container.Resolve<GenericRepository<Common.Role>>(); var principals = container.Resolve<GenericRepository<Common.Principal>>(); var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { Principal = u2, Role = r25 }, new Common.PrincipalHasRole { Principal = u5, Role = r25 } }); // Recompute membership relations: var u1r1 = membership.Read(m => m.Principal.Name.Contains(@"\u1")).Single(); membership.Delete(new[] { u1r1 }, checkUserPermissions: false); Assert.AreEqual(@"\u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "modified membership"); repository.Common.PrincipalHasRole.RecomputeFromActiveDirectoryPrincipalHasRole(); Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "recomputed membership"); } }
public void CommonFilters() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve <ISqlExecuter>() .ExecuteSql("DELETE FROM Common.Principal; DELETE FROM Common.Role"); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve <Common.DomRepository>(); var roles = container.Resolve <GenericRepository <Common.Role> >(); var principals = container.Resolve <GenericRepository <Common.Principal> >(); var membership = repository.Common.PrincipalHasRole; roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { PrincipalID = u2.ID, RoleID = r25.ID }, new Common.PrincipalHasRole { PrincipalID = u5.ID, RoleID = r25.ID } }); // Common filters: var filter1 = new Common.ActiveDirectoryAllUsersParameter(); Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container, filter1), "filter ActiveDirectoryAllUsersParameter"); var filter2 = new[] { u1.Name, u2.Name }.Select(name => new Common.ActiveDirectoryUserParameter { UserName = name }).ToArray(); Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container, filter2), "filter ActiveDirectoryUserParameter"); } }
public void RoleInheritance() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve<Common.ExecutionContext>().NHibernateSession .CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role") .ExecuteUpdate(); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve<Common.DomRepository>(); var roles = container.Resolve<GenericRepository<Common.Role>>(); var principals = container.Resolve<GenericRepository<Common.Principal>>(); var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { Principal = u2, Role = r25 }, new Common.PrincipalHasRole { Principal = u5, Role = r25 } }); // Modify role inheritance: repository.Common.RoleInheritsRole.Insert(new[] { new Common.RoleInheritsRole { UsersFrom = r1, PermissionsFrom = r25 } }); TestUtility.ShouldFail(() => repository.Common.RoleInheritsRole.Insert(new[] { new Common.RoleInheritsRole { UsersFrom = r25, PermissionsFrom = r2 } }), "UserException", "It is not allowed to add users or user groups here because this role is synchronized with an Active Directory group.", "Please change the user membership on Active Directory instead."); } }
public void UserShouldNotUpdateDomainMembership() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve<Common.ExecutionContext>().NHibernateSession .CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role") .ExecuteUpdate(); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var repository = container.Resolve<Common.DomRepository>(); var roles = container.Resolve<GenericRepository<Common.Role>>(); var principals = container.Resolve<GenericRepository<Common.Principal>>(); var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>(); roles.Insert(r1, r2); principals.Insert(u1, u2); // The user should not update domain users/groups membership: Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container)); var u2r2 = membership.Read(m => m.Principal.Name.Contains(@"\u2")).Single(); membership.Delete(new[] { u2r2 }, checkUserPermissions: false); Assert.AreEqual(@"\u1-\r1", ReportMembership(container)); var u1r1 = membership.Read(m => m.Principal.Name.Contains(@"\u1")).Single(); TestUtility.ShouldFail( () => membership.Delete(new[] { u1r1 }, checkUserPermissions: true), "It is not allowed to remove the user membership here, because role " + _domainPrefix + "r1 is synchronized with an Active Directory group"); } }
public void ComputeOnAuthorization() { using (var container = new MockWindowsSecurityRhetosContainer("u1-r1 u1-r12 u2-r12 u2-r2", commitChanges: false)) { container.Resolve<Common.ExecutionContext>().NHibernateSession .CreateSQLQuery("DELETE FROM Common.Principal; DELETE FROM Common.Role") .ExecuteUpdate(); // Insert test data: var u1 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u1" }; var u2 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u2" }; var u3 = new Common.Principal { ID = Guid.NewGuid(), Name = _domainPrefix + "u3" }; var u5 = new Common.Principal { ID = Guid.NewGuid(), Name = "u5" }; var r1 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r1" }; var r2 = new Common.Role { ID = Guid.NewGuid(), Name = _domainPrefix + "r2" }; var r25 = new Common.Role { ID = Guid.NewGuid(), Name = "r25" }; var repository = container.Resolve<Common.DomRepository>(); var roles = container.Resolve<GenericRepository<Common.Role>>(); var principals = container.Resolve<GenericRepository<Common.Principal>>(); var membership = container.Resolve<GenericRepository<Common.PrincipalHasRole>>(); roles.Insert(r1, r2, r25); principals.Insert(u1, u2, u3, u5); membership.Delete(membership.Read()); membership.Insert(new[] { // Non-domain users and roles. new Common.PrincipalHasRole { Principal = u2, Role = r25 }, new Common.PrincipalHasRole { Principal = u5, Role = r25 } }); // Recompute membership on authorization: var authorizationProvider = container.Resolve<CommonAuthorizationProvider>(); Assert.AreEqual(@"\u2-r25, u5-r25", ReportMembership(container)); { var userRoles = authorizationProvider.GetUsersRoles(u1); Assert.AreEqual(@"\r1", ReportRoles(userRoles, container)); Assert.AreEqual(@"\u1-\r1, \u2-r25, u5-r25", ReportMembership(container), "membership recomputed on authorization u1"); } { var userRoles = authorizationProvider.GetUsersRoles(u2); Assert.AreEqual(@"\r2, r25", ReportRoles(userRoles, container), "mixed membership"); Assert.AreEqual(@"\u1-\r1, \u2-\r2, \u2-r25, u5-r25", ReportMembership(container), "membership recomputed on authorization u2"); } AuthorizationDataCache.ClearCache(); membership.Delete(membership.Read()); Assert.AreEqual(@"", ReportMembership(container), "membership deleted"); { var userRoles = authorizationProvider.GetUsersRoles(u1); Assert.AreEqual(@"\r1", ReportRoles(userRoles, container)); Assert.AreEqual(@"\u1-\r1", ReportMembership(container), "membership recomputed on authorization u1"); } { var userRoles = authorizationProvider.GetUsersRoles(u2); Assert.AreEqual(@"\r2", ReportRoles(userRoles, container)); Assert.AreEqual(@"\u1-\r1, \u2-\r2", ReportMembership(container), "membership recomputed on authorization u2"); } } }
static void Main(string[] args) { ConsoleLogger.MinLevel = EventType.Info; // Use "Trace" for more detailed log. var rhetosServerPath = @"..\..\..\..\..\dist\BookStoreRhetosServer\RhetosServer.2.12.0"; Directory.SetCurrentDirectory(rhetosServerPath); // Set commitChanges parameter to COMMIT or ROLLBACK the data changes. using (var container = new RhetosTestContainer(commitChanges: true)) { var context = container.Resolve <Common.ExecutionContext>(); var repository = context.Repository; //var allBooks = repository.Bookstore.Book.Load(t => t.NumberOfPages > 200).Dump(); //var someBooks = repository.Bookstore.Book.Query().ToSimple().Dump(); //var book = repository.Bookstore.Book.Query(new[] { new Guid("8FCD6DAA-27F1-4ABB-9556-5E0C74BA00F0") }).ToSimple(); var filter = new FilterCriteria("Title", "StartsWith", "osi"); var filteredBook = repository.Bookstore.Book.Query(filter); var booksWithComments = repository.Bookstore.Comment.Query().Where(c => c.BookID != null).ToString(); repository.Bookstore.Book.Insert(new Bookstore.Book { Title = "new book", NumberOfPages = 201, Code = "A+" }); // homework //Load var books = repository.Bookstore.Book.Load(); var authors = repository.Bookstore.Person.Load(); // left join //var result = from book in books // join author in authors on book.AuthorID equals author.ID into bookAuthor // from subAuthor in bookAuthor.DefaultIfEmpty() // select new { book.Title, AuthorName = subAuthor?.Name ?? "" }.Dump(); // inner join var booksWithAuthors = books.Join(repository.Bookstore.Person.Load(), currentBook => currentBook.AuthorID, author => author.ID, (currentBook, author) => new { currentBook.Title, author.Name }).Dump(); // with load var booksAndAuthors = books.Select(b => new { b.Title, repository.Bookstore.Person.Load(new Guid[] { b.AuthorID ?? Guid.Empty }).SingleOrDefault()?.Name }).Dump(); //Query var booksWithAuthorsQuery = repository.Bookstore.Book.Query().Select(b => new { b.Title, b.Author.Name }).Dump(); //ToString var booksWithAuthorsSqlQuery = repository.Bookstore.Book.Query().Select(b => new { b.Title, b.Author.Name }).ToString().Dump(); // homework 3 var filterParameter = new Bookstore.BooksWithMoreThan100Pages(); var query = repository.Bookstore.Book.Query(filterParameter); query.ToString().Dump(); query.ToSimple().ToList().Dump(); var composableFilterParameter = new Bookstore.BooksWithMoreThanPages(); composableFilterParameter.NumberOfPages = 200; var composableQuery = repository.Bookstore.Book.Query(composableFilterParameter); composableQuery.ToString().Dump(); composableQuery.ToSimple().ToList().Dump(); var complex = new Bookstore.ComplexSearch(); complex.NumberOfPages = 20; complex.IsForeignBook = true; var complexQuery = repository.Bookstore.Book.Load(complex); complexQuery.Dump(); // Query data from the `Common.Claim` table: var claims = repository.Common.Claim.Query() .Where(c => c.ClaimResource.StartsWith("Common.") && c.ClaimRight == "New") .ToSimple(); // Removes ORM navigation properties from the loaded objects. claims.ToString().Dump("Common.Claims SQL query"); claims.Dump("Common.Claims items"); // Add and remove a `Common.Principal`: var testUser = new Common.Principal { Name = "Test123", ID = Guid.NewGuid() }; repository.Common.Principal.Insert(new[] { testUser }); repository.Common.Principal.Delete(new[] { testUser }); // Print logged events for the `Common.Principal`: repository.Common.LogReader.Query() .Where(log => log.TableName == "Common.Principal" && log.ItemId == testUser.ID) .ToList() .Dump("Common.Principal log"); Console.WriteLine("Done."); Console.ReadLine(); } }