public void EvaluateSpecificRule_DefaultAllow_ExpectAllowUpdate()
        {
            _securityOptions
            .Setup(x => x.DefaultSecurityRules)
            .Returns(SecurityOptions <FakeEntityContext> .CreateDefaultAllowRule());

            var ruleId   = Guid.NewGuid();
            var entityId = Guid.NewGuid();
            var node     = new EntityNode
            {
                EntityId = entityId,
                IdPath   = $"/{Guid.NewGuid()}/{Guid.NewGuid()}/{entityId}",
            };
            var rules = new List <EntityNodeRuleContainer>
            {
                new EntityNodeRuleContainer(node, new EntitySecurityRule
                {
                    Id       = ruleId,
                    EntityId = entityId,
                    Rule     = new SecurityRule
                    {
                        Right   = SecurityRight.Read,
                        Type    = RuleType.Deny,
                        Inherit = false,
                    }
                })
            };
            var result = _matcher.EvaluateRule(node, rules, SecurityRight.Update);

            Assert.True(result.IsRightGranted);
            Assert.Equal(entityId, result.EntityId);
            Assert.Equal(SecurityRight.Update, result.AccessRight);
            Assert.NotNull(result.MatchedRule);
            Assert.Equal(Guid.Empty, result.MatchedRule.Id);
        }
        public async Task EvaluateRootDefaultAllow()
        {
            _securityOptions
            .Setup(x => x.UseAuthorization)
            .Returns(true);

            _securityOptions
            .Setup(x => x.DefaultSecurityRules)
            .Returns(SecurityOptions <FakeEntityContext> .CreateDefaultAllowRule());

            var result = await _evaluator.EvaluateRoot(SecurityRight.Read);

            Assert.True(result.IsRightGranted);
        }
        public void Evaluate_DefaultAllowRule_ExpectAllowRead()
        {
            _securityOptions
            .Setup(x => x.DefaultSecurityRules)
            .Returns(SecurityOptions <FakeEntityContext> .CreateDefaultAllowRule());

            var entityId = Guid.NewGuid();
            var node     = new EntityNode
            {
                EntityId = entityId,
                IdPath   = $"/{Guid.NewGuid()}/{Guid.NewGuid()}/{entityId}",
            };
            var rules = new List <EntityNodeRuleContainer>();

            var result = _matcher.EvaluateRule(node, rules, SecurityRight.Read);

            Assert.True(result.IsRightGranted);
            Assert.Equal(entityId, result.EntityId);
            Assert.Equal(SecurityRight.Read, result.AccessRight);
            Assert.Equal(Guid.Empty, result.MatchedRule.Id);
        }
Пример #4
0
        public SecurityContext_Tests()
        {
            _securityOptions
            .Setup(x => x.AdminRoles)
            .Returns(() => new List <string> {
                "admin"
            });

            _securityOptions
            .Setup(x => x.UseAuthorization)
            .Returns(() => true);

            _securityOptions
            .Setup(x => x.DefaultSecurityRules)
            .Returns(() => SecurityOptions <FakeEntityContext> .CreateDefaultAllowRule());

            _impersonationService
            .Setup(x => x.ImpersonatedPrincipal)
            .Returns((ImpersonatedPrincipal)null);

            _securityContext = new SecurityContext <FakeEntityContext>(_securityOptions.Object, _impersonationService.Object, _securityContextProvider.Object);
        }
Пример #5
0
 public void SetDenyAllowDefaultSecurityRule()
 {
     _securityOptions.DefaultSecurityRules = SecurityOptions <TContext> .CreateDefaultAllowRule();
 }