public void negative_state_denies_action()
{
AbilityConfiguration.ConfigureWith(c => c.Allow("send").On("order"));
Then.IShouldNotBeAbleTo("send", new Order {
CanSend = false
});
}
public void allow_all_on_anything__allows_everything()
{
AbilityConfiguration.ConfigureWith(c => c.Allow("view").OnEverything());
Then.IShouldBeAbleTo("view", "customer");
Then.IShouldBeAbleTo("view", "order");
Then.IShouldNotBeAbleTo("edit", "customer");
}
public void negative_state_allows_action_with_manage_action()
{
AbilityConfiguration.ConfigureWith(c => c.AllowTo("manage", "order"));
Then.IShouldNotBeAbleTo("send", new Order {
CanSend = false
});
}
public void positive_state_allows_action()
{
AbilityConfiguration.ConfigureWith(c => c.Allow("send").On("order"));
Then.IShouldBeAbleTo("send", new Order {
CanSend = true
});
}
public void negative_state_denies_action_even_with_manage_action()
{
AbilityConfiguration.ConfigureWith(c => c.AllowAnything().OnEverything());
Then.IShouldNotBeAbleTo("send", new Order {
CanSend = false
});
}
public GunController(AbilityConfiguration abilityItemConfig)
{
_returnObjectToPull = new GenericSubscriptionAction <GunAbilityView>();
_returnObjectToPull.SubscribeOnChange(OnReturnObjectToPull);
_abilityItemConfig = abilityItemConfig;
_gunPull = new ProjectilePull(abilityItemConfig, _returnObjectToPull);
}
public void checking_denied_ability_should_log_it()
{
AbilityConfiguration.Debug(t => debugMessages.Add(t));
Then.IShouldNotBeAbleTo("view", "order");
debugMessages.ShouldContain("user cannot view/order");
}
public void with_negative_context_denies_its_action()
{
AbilityConfiguration.ConfigureWith(c =>
c.AllowTo("edit", "order")
.If(() => false)
);
Then.IShouldNotBeAbleTo("edit", "order");
}
public void with_subject_context_still_allows_string_action()
{
AbilityConfiguration.ConfigureWith(c =>
c.AllowTo("edit", "order")
.If <Order>(o => o.IsPending)
);
Then.IShouldBeAbleTo("edit", "order");
}
public void with_subject_context_doesnt_allow_string_action()
{
AbilityConfiguration.ConfigureWith(c =>
c.Allow("view").On <Order>(o => o.IsPending)
);
Then.IShouldNotBeAbleTo("view", "order");
Then.IShouldNotBeAbleTo("view", "blah");
}
public void with_positive_context_allows_its_action()
{
AbilityConfiguration.ConfigureWith(c =>
c.AllowTo("edit", "order")
.If(() => true)
);
Then.IShouldBeAbleTo("edit", "order");
}
public void default_area_behavior_on_command_with_area_and_subject_alias()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.Allow("area/edit").On("customer");
c.ConfigureSubjectAliases("customer", "client");
});
Then.IShouldBeAbleToExecute("area/EditClientCommand");
}
public void default_area_aliasing_behavior()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.Allow("area/view").On("customer");
c.ConfigureActionAliases("area", "other");
});
Then.IShouldBeAbleTo("other/view", "customer");
}
public void no_logging_happens_when_ability_is_not_checked()
{
AbilityConfiguration.Debug(t => debugMessages.Add(t));
AbilityConfiguration.ConfigureWith(c => c.Allow("view").On("order"));
debugMessages.ShouldNotContain("user has the ability to view/order")
.ShouldNotContain("user can view/order");
}
public void allows_command_by_convention_with_action_alias()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.AllowTo("edit", "order");
c.ConfigureCommandConvention("{action}{subject}Command");
});
Then.IShouldBeAbleToExecute(new UpdateOrderCommand());
}
public void configured_alias_works()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.Allow("view").On("customer");
c.ConfigureActionAliases("view", "consult");
});
Then.IShouldBeAbleTo("consult", "customer");
}
public void an_ability_can_be_checked_with_a_subject_alias()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.AllowTo("view", "customer");
c.ConfigureSubjectAliases("customer", "customers");
});
Then.IShouldBeAbleTo("view", "customers");
}
public void default_area_behavior_on_command_with_area_and_action_alias()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.Allow("area/edit").On("customer");
c.ConfigureActionAliases("edit", "promote");
});
Then.IShouldBeAbleToExecute("area/PromoteCustomerCommand");
}
public void if_you_can_manage__you_can_do_anything()
{
AbilityConfiguration.ConfigureWith(c => c.AllowTo("manage", "customer"));
Then.IShouldBeAbleTo("view", "customer");
Then.IShouldBeAbleTo("create", "customer");
Then.IShouldBeAbleTo("edit", "customer");
Then.IShouldBeAbleTo("delete", "customer");
Then.IShouldBeAbleTo("discombobulate", "customer");
}
public void configured_alias_is_case_insensitive()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.Allow("view").On("customer");
c.ConfigureActionAliases("view", "ConSult");
});
Then.IShouldBeAbleTo("coNsult", "customer");
}
public void abilities_ignore_prefixes_and_postfixes_by_default_with_subjectAlieas()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.Allow("edit").On("customer");
c.ConfigureSubjectAliases("customer", "client");
});
Then.IShouldBeAbleTo("edit", new GetClientDetailDto());
}
public void allows_command_by_convention_for_manage_all_subjects()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.AllowTo("manage", "all");
c.ConfigureCommandConvention("{action}{subject}Command");
});
Then.IShouldBeAbleToExecute(new EditOrderCommand());
}
public void allows_command_by_custom_action_alias()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.Allow("edit").On("customer");
c.ConfigureActionAliases("edit", "discombobulate");
});
Then.IShouldBeAbleToExecute(new DiscombobulateCustomerCommand());
}
public void allows_command_by_custom_subject_alias()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.Allow("edit").On("customer");
c.ConfigureSubjectAliases("customer", "client");
});
Then.IShouldBeAbleToExecute(new EditClientCommand());
}
public void doesn_allow_LIKE_subjects()
{
AbilityConfiguration.ConfigureWith(c =>
c.Allow("view").On <Order>(o => o.IsPending)
);
Then.IShouldNotBeAbleTo("view", new OrderDto {
IsPending = true
});
}
public void with_negative_subject_context_with_full_access_still_denies_its_action()
{
AbilityConfiguration.ConfigureWith(c =>
c.AllowAnything().On <Order>(o => o.IsPending)
);
Then.IShouldNotBeAbleTo("view", new Order {
IsPending = false
});
}
public void abilities_ignore_postfixes_case_insensitive()
{
AbilityConfiguration.ConfigureWith(c =>
{
c.AllowTo("view", "customer");
c.IgnoreSubjectPostfixes("viewmodel");
});
Then.IShouldBeAbleTo("view", new CustomerViewModel());
}
public static void Configure()
{
AbilityConfiguration.Debug(message => Trace.Write(string.Format("Authorization: {0}", message))).Verbose();
AbilityConfiguration.ConfigureCache(new PerRequestHttpCache());
AbilityConfiguration.ConfigureWith(
config => new AbilityConfigurator(config, System.Web.HttpContext.Current.User)
);
AbilityMvcConfiguration.ConfigureUnauthorizedActionResult(new HttpUnauthorizedResult());
}
public void area_behavior_on_model_with_denied_data()
{
AbilityConfiguration.ConfigureWith(c => c.Allow("area/delete").On("customer"));
Then.IShouldNotBeAbleTo("delete", new CustomerWithPermissionDto {
CanDelete = false
});
Then.IShouldNotBeAbleTo("area/delete", new CustomerWithPermissionDto {
CanDelete = false
});
}
public void with_positive_subject_context_allows_its_action()
{
AbilityConfiguration.ConfigureWith(c =>
c.Allow("view").On <Order>(o => o.IsPending)
);
Then.IShouldBeAbleTo("view", new Order {
IsPending = true
});
}
public GameConfigurationManager()
{
bulletConfig = new BulletConfiguration();
gameConfig = new GameConfiguration();
shipConfig = new ShipConfiguration();
mapConfig = new MapConfiguration();
screenConfig = new ScreenConfiguration();
leaderboardConfig = new LeaderboardConfiguration();
healthPackConfig = new HealthPackConfiguration();
abilityConfig = new AbilityConfiguration();
shipMovementControllerConfig = new ShipMovementControllerConfiguration();
}
