public static IPolicyContainer DelegatePolicy(this IPolicyContainer policyContainer, string uniqueName, Func <DelegateSecurityContext, bool> policyDelegate, Func <PolicyViolationException, ActionResult> violationHandlerDelegate = null, string failureMessage = "Access denied")
{
Func <DelegateSecurityContext, PolicyResult> booleanPolicyDelegate =
context => policyDelegate.Invoke(context)
? PolicyResult.CreateSuccessResult(context.Policy)
: PolicyResult.CreateFailureResult(context.Policy, failureMessage);
policyContainer.AddPolicy(new DelegatePolicy(uniqueName, booleanPolicyDelegate, violationHandlerDelegate));
return(policyContainer);
}
private ExpectationResult VerifyDoesNotHaveType(IPolicyContainer policyContainer, DoesNotHaveTypeExpectation expectation)
{
if (expectation == null) return null;
if (policyContainer != null && policyContainer.HasPolicyOfType(expectation.Type))
{
const string messageFormat = "An unexpected policy of type \"{2}\" was found for controller \"{0}\", action \"{1}\".";
var message = string.Format(messageFormat, policyContainer.ControllerName, policyContainer.ActionName, expectation.Type);
return _expectationViolationHandler.Handle(message);
}
return ExpectationResult.CreateSuccessResult();
}
public void SetUp()
{
// Arrange
_configurationExpression = TestDataFactory.CreateValidConfigurationExpression();
_configurationExpression.For <BlogController>(x => x.Index());
_configurationExpression.For <BlogController>(x => x.AddPost());
_addPostPolicyContainer = _configurationExpression.GetContainerFor(NameHelper <BlogController> .Controller(), "AddPost");
// Act
_configurationExpression.RemovePoliciesFor <BlogController>(x => x.AddPost());
}
//methods
public bool CheckActionPermission(string actionName, string controllerFullName)
{
ISecurityContext context = SecurityContext.Current;
ISecurityRuntime runtime = context.Runtime;
IPolicyContainer policyContainer = runtime.PolicyContainers
.GetContainerFor(controllerFullName, actionName);
IEnumerable <PolicyResult> policyResults = policyContainer.EnforcePolicies(context);
bool valid = policyResults.All(p => !p.ViolationOccured);
return(valid);
}
private ExpectationResult VerifyDoesNotHaveType(IPolicyContainer policyContainer, DoesNotHaveTypeExpectation expectation)
{
if (expectation == null)
{
return(null);
}
if (policyContainer != null && policyContainer.HasPolicyMatching(expectation))
{
const string messageFormat = "An unexpected policy of type \"{2}\" was found for controller \"{0}\", action \"{1}\".{3}";
var message = string.Format(messageFormat, policyContainer.ControllerName, policyContainer.ActionName, expectation.Type, GetPredicateDescription(expectation));
return(_expectationViolationHandler.Handle(message));
}
return(ExpectationResult.CreateSuccessResult());
}
private ExpectationResult VerifyDoesNotHaveInstance(IPolicyContainer policyContainer, DoesNotHaveInstanceExpectation expectation)
{
if (expectation == null)
{
return(null);
}
if (policyContainer != null && policyContainer.HasPolicy(expectation.Instance))
{
const string messageFormat = "An unexpected instance of the policy type \"{2}\" was found for controller \"{0}\", action \"{1}\".";
var expectedPolicyType = expectation.Instance.GetType().Name;
var message = string.Format(messageFormat, policyContainer.ControllerName, policyContainer.ActionName, expectedPolicyType);
return(_expectationViolationHandler.Handle(message));
}
return(ExpectationResult.CreateSuccessResult());
}
private ExpectationResult VerifyHasType(IPolicyContainer policyContainer, HasTypeExpectation expectation, string controllerName, string actionName)
{
if (expectation == null)
{
return(null);
}
if (policyContainer == null)
{
const string messageFormat = "Expected a configuration for controller \"{0}\", action \"{1}\". Policycontainer could not be found!";
var message = string.Format(messageFormat, controllerName, actionName);
return(_expectationViolationHandler.Handle(message));
}
if (policyContainer.HasPolicyMatching(expectation) == false)
{
const string messageFormat = "Expected policy of type \"{2}\" for controller \"{0}\", action \"{1}\".{3}";
var message = string.Format(messageFormat, policyContainer.ControllerName, policyContainer.ActionName, expectation.Type, GetPredicateDescription(expectation));
return(_expectationViolationHandler.Handle(message));
}
return(ExpectationResult.CreateSuccessResult());
}
private ExpectationResult VerifyHasInstance(IPolicyContainer policyContainer, HasInstanceExpectation expectation, string controllerName, string actionName)
{
if (expectation == null)
{
return(null);
}
if (policyContainer == null)
{
const string messageFormat = "Expected a configuration for controller \"{0}\", action \"{1}\". Policycontainer could not be found!";
var message = string.Format(messageFormat, controllerName, actionName);
return(_expectationViolationHandler.Handle(message));
}
if (policyContainer.HasPolicy(expectation.Instance) == false)
{
const string messageFormat = "The expected instance of the policy \"{2}\" was not found! Controller \"{0}\", action \"{1}\".";
var expectedPolicyType = expectation.Instance.GetType().Name;
var message = string.Format(messageFormat, policyContainer.ControllerName, policyContainer.ActionName, expectedPolicyType);
return(_expectationViolationHandler.Handle(message));
}
return(ExpectationResult.CreateSuccessResult());
}
public static bool HasPolicy <TSecurityPolicy>(this IPolicyContainer policyContainer, TSecurityPolicy instance) where TSecurityPolicy : ISecurityPolicy
{
var policies = policyContainer.GetPolicies();
return(policies.Contains(instance));
}
public static IPolicyContainer AllowAny(this IPolicyContainer policyContainer)
{
policyContainer.AddPolicy(new IgnorePolicy());
return(policyContainer);
}
public static IPolicyContainer RequireAllRoles(this IPolicyContainer policyContainer, params object[] roles)
{
policyContainer.AddPolicy(new RequireAllRolesPolicy(roles));
return(policyContainer);
}
public static IPolicyContainer DenyAuthenticatedAccess(this IPolicyContainer policyContainer)
{
policyContainer.AddPolicy(new DenyAuthenticatedAccessPolicy());
return(policyContainer);
}
public static IPolicyContainer DenyAnonymousAccess(this IPolicyContainer policyContainer)
{
policyContainer.AddPolicy(new DenyAnonymousAccessPolicy());
return(policyContainer);
}
private ExpectationResult VerifyHasInstance(IPolicyContainer policyContainer, HasInstanceExpectation expectation, string controllerName, string actionName)
{
if (expectation == null) return null;
if (policyContainer == null)
{
const string messageFormat = "Expected a configuration for controller \"{0}\", action \"{1}\". Policycontainer could not be found!";
var message = string.Format(messageFormat, controllerName, actionName);
return _expectationViolationHandler.Handle(message);
}
if (policyContainer.HasPolicy(expectation.Instance) == false)
{
const string messageFormat = "The expected instance of the policy \"{2}\" was not found! Controller \"{0}\", action \"{1}\".";
var expectedPolicyType = expectation.Instance.GetType().Name;
var message = string.Format(messageFormat, policyContainer.ControllerName, policyContainer.ActionName, expectedPolicyType);
return _expectationViolationHandler.Handle(message);
}
return ExpectationResult.CreateSuccessResult();
}
public static IPolicyContainer DelegatePolicy(this IPolicyContainer policyContainer, string uniqueName, Func <DelegateSecurityContext, PolicyResult> policyDelegate, Func <PolicyViolationException, ActionResult> violationHandlerDelegate = null)
{
policyContainer.AddPolicy(new DelegatePolicy(uniqueName, policyDelegate, violationHandlerDelegate));
return(policyContainer);
}
public void SetUp()
{
// Arrange
_configurationExpression = TestDataFactory.CreateValidConfigurationExpression();
_configurationExpression.For<BlogController>(x => x.Index());
_configurationExpression.For<BlogController>(x => x.AddPost());
_addPostPolicyContainer = _configurationExpression.GetContainerFor(NameHelper<BlogController>.Controller(), "AddPost");
// Act
_configurationExpression.RemovePoliciesFor<BlogController>(x => x.AddPost());
}
public static bool HasPolicyMatching(this IPolicyContainer policyContainer, HasTypeExpectation predicateExpectation)
{
var policies = policyContainer.GetPolicies();
return(policies.Any(predicateExpectation.IsMatch));
}
private ExpectationResult VerifyHasType(IPolicyContainer policyContainer, HasTypeExpectation expectation, string controllerName, string actionName)
{
if (expectation == null) return null;
if (policyContainer == null)
{
const string messageFormat = "Expected a configuration for controller \"{0}\", action \"{1}\". Policycontainer could not be found!";
var message = string.Format(messageFormat, controllerName, actionName);
return _expectationViolationHandler.Handle(message);
}
if (policyContainer.HasPolicyOfType(expectation.Type) == false)
{
const string messageFormat = "Expected policy of type \"{2}\" for controller \"{0}\", action \"{1}\"!";
var message = string.Format(messageFormat, policyContainer.ControllerName, policyContainer.ActionName, expectation.Type);
return _expectationViolationHandler.Handle(message);
}
return ExpectationResult.CreateSuccessResult();
}
public PolicyFactory()
{
_container = new PolicyContainer();
}