void Verify_IsAuthorized(Permissions configPermissions, TestAuthorizationRequest authorizationRequest, bool isServer)
{
var configPermission = new WindowsGroupPermission {
WindowsGroup = TestAuthorizationRequest.UserRole, IsServer = isServer, Permissions = configPermissions
};
if (!isServer && !string.IsNullOrEmpty(authorizationRequest.Resource))
{
if (Guid.TryParse(authorizationRequest.Resource, out Guid resourceID))
{
configPermission.ResourceID = resourceID;
configPermission.ResourceName = "TestCategory\\";
}
else
{
configPermission.ResourceID = Guid.NewGuid();
configPermission.ResourceName = string.Format("TestCategory\\{0}", authorizationRequest.Resource);
}
}
authorizationRequest.UserIsInRole = false;
Verify_IsAuthorized(configPermission, authorizationRequest);
authorizationRequest.UserIsInRole = true;
Verify_IsAuthorized(configPermission, authorizationRequest);
}
void Verify_IsAuthorized(WindowsGroupPermission configPermissions, TestAuthorizationRequest authorizationRequest)
{
//------------Setup for test--------------------------
var allowedPermissions = AuthorizationHelpers.ToPermissions(authorizationRequest.AuthorizationContext);
var expected = authorizationRequest.UserIsInRole && (configPermissions.Permissions & allowedPermissions) != 0;
var securityService = new Mock <ISecurityService>();
securityService.SetupGet(p => p.Permissions).Returns(new[] { configPermissions });
var authorizationService = new TestServerAuthorizationService(securityService.Object);
//------------Execute Test---------------------------
var authorized = authorizationService.IsAuthorized(authorizationRequest);
//------------Assert Results-------------------------
Assert.AreEqual(expected, authorized, string.Format("\nUserIsInRole: {0}\nAllowed: {1}\nConfig: {2}\nIsServer: {3}\nURL: {4}",
authorizationRequest.UserIsInRole, allowedPermissions, configPermissions.Permissions, configPermissions.IsServer, authorizationRequest.Url));
}
void Verify_IsAuthorized(Permissions configPermissions, TestAuthorizationRequest authorizationRequest, bool isServer)
{
var configPermission = new WindowsGroupPermission { WindowsGroup = TestAuthorizationRequest.UserRole, IsServer = isServer, Permissions = configPermissions };
if(!isServer && !string.IsNullOrEmpty(authorizationRequest.Resource))
{
Guid resourceID;
if(Guid.TryParse(authorizationRequest.Resource, out resourceID))
{
configPermission.ResourceID = resourceID;
configPermission.ResourceName = "TestCategory\\";
}
else
{
configPermission.ResourceID = Guid.NewGuid();
configPermission.ResourceName = string.Format("TestCategory\\{0}", authorizationRequest.Resource);
}
}
authorizationRequest.UserIsInRole = false;
Verify_IsAuthorized(configPermission, authorizationRequest);
authorizationRequest.UserIsInRole = true;
Verify_IsAuthorized(configPermission, authorizationRequest);
}
void Verify_IsAuthorized(WindowsGroupPermission configPermissions, TestAuthorizationRequest authorizationRequest)
{
//------------Setup for test--------------------------
var allowedPermissions = AuthorizationHelpers.ToPermissions(authorizationRequest.AuthorizationContext);
var expected = authorizationRequest.UserIsInRole && (configPermissions.Permissions & allowedPermissions) != 0;
var securityService = new Mock<ISecurityService>();
securityService.SetupGet(p => p.Permissions).Returns(new[] { configPermissions });
var authorizationService = new TestServerAuthorizationService(securityService.Object);
//------------Execute Test---------------------------
var authorized = authorizationService.IsAuthorized(authorizationRequest);
//------------Assert Results-------------------------
Assert.AreEqual(expected, authorized, string.Format("\nUserIsInRole: {0}\nAllowed: {1}\nConfig: {2}\nIsServer: {3}\nURL: {4}",
authorizationRequest.UserIsInRole, allowedPermissions, configPermissions.Permissions, configPermissions.IsServer, authorizationRequest.Url));
}
void Verify_IsAuthorized(TestAuthorizationRequest[] requests)
{
var isServers = new[] { false, true };
foreach(var isServer in isServers)
{
foreach(var request in requests)
{
Verify_IsAuthorized(Permissions.None, request, isServer);
Verify_IsAuthorized(Permissions.View, request, isServer);
Verify_IsAuthorized(Permissions.Execute, request, isServer);
Verify_IsAuthorized(Permissions.Contribute, request, isServer);
Verify_IsAuthorized(Permissions.Administrator, request, isServer);
Verify_IsAuthorized(Permissions.View | Permissions.Execute, request, isServer);
Verify_IsAuthorized(Permissions.View | Permissions.Contribute, request, isServer);
Verify_IsAuthorized(Permissions.Execute | Permissions.Contribute, request, isServer);
Verify_IsAuthorized(Permissions.View | Permissions.Execute | Permissions.Contribute, request, isServer);
}
}
}
