public void CreateSuperAdminAccount() { UserAccount superAdministratorUserAccount; IAccessRuleFactory accessRuleFactory; superAdministratorUserAccount = new UserAccount { Name = SpecialStrings.SystemAdministratorUser, AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Disabled }; superAdministratorUserAccount.Save(); accessRuleFactory = new AccessRuleFactory(); accessRuleFactory.AddAllowByQuery( superAdministratorUserAccount.As <Subject>(), Entity.Get <SecurableEntity>("core:resource"), new[] { Permissions.Create, Permissions.Read, Permissions.Modify, Permissions.Delete }, TestQueries.Entities().ToReport() ); }
public void SetupEntities() { using (DatabaseContext context = DatabaseContext.GetContext(true)) { using (new SecurityBypassContext()) { Role administratorRole; EntityType resourceType; AccessRuleFactory accessControlHelper; administratorRole = Entity.Get <Role>(new EntityRef("core", "administratorRole"), true); resourceType = Entity.Get <EntityType>(new EntityRef("core", "resource")); // resourceType = Entity.Get<EntityType>(new EntityRef("core", "securableEntity")); accessControlHelper = new AccessRuleFactory(); accessControlHelper.AddAllowCreate(administratorRole.As <Subject>(), resourceType.As <SecurableEntity>()); accessControlHelper.AddAllowByQuery(administratorRole.As <Subject>(), resourceType.As <SecurableEntity>(), new[] { Permissions.Read, Permissions.Modify, Permissions.Delete }, TestQueries.Entities().ToReport()); context.CommitTransaction(); } } }
public void Setup( ) { // Getting Forbidden? Or ConnectorConfigException? // Maybe there's duplicate copies of these objects in the DB. // Define key and user using (new TenantAdministratorContext(TenantName)) { // Define schema type = new EntityType( ); type.Inherits.Add(UserResource.UserResource_Type); type.Name = "Test type " + Guid.NewGuid( ); type.Save( ); type2 = new EntityType(); type2.Inherits.Add(UserResource.UserResource_Type); type2.Name = "Test type2 " + Guid.NewGuid(); type2.Save(); stringField = new StringField( ); stringField.Name = "Field 1"; stringField.FieldIsOnType = type; stringField.Save( ); lookup = new Relationship(); lookup.Cardinality_Enum = CardinalityEnum_Enumeration.OneToOne; lookup.FromType = type; lookup.ToType = type2; // Define API mapping = new ApiResourceMapping( ); mapping.Name = "Test mapping " + Guid.NewGuid( );; mapping.MappedType = type; mapping.Save( ); lookupMapping = new ApiRelationshipMapping(); lookupMapping.Name = "lookup1"; lookupMapping.MappedRelationship = lookup; lookupMapping.MemberForResourceMapping = mapping; lookupMapping.Save(); fieldMapping = new ApiFieldMapping( ); fieldMapping.Name = "field1"; fieldMapping.MappedField = stringField.As <Field>( ); fieldMapping.MemberForResourceMapping = mapping; fieldMapping.Save( ); endpoint = new ApiResourceEndpoint( ); endpoint.Name = "Test endpoint " + Guid.NewGuid( ); endpoint.ApiEndpointAddress = EndpointAddress; endpoint.EndpointResourceMapping = mapping; endpoint.ApiEndpointEnabled = true; endpoint.EndpointCanCreate = true; endpoint.EndpointCanDelete = true; endpoint.EndpointCanUpdate = true; endpoint.Save( ); api = new Api( ); api.Name = "Test API " + Guid.NewGuid( );; api.ApiAddress = ApiAddress; api.ApiEnabled = true; api.ApiEndpoints.Add(endpoint.As <ApiEndpoint>( )); api.Save( ); // Define access userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active; userAccount.Password = "******"; userAccount.Save( ); key = new ApiKey( ); key.Name = ApiKey; key.ApiKeyUserAccount = userAccount; key.ApiKeyEnabled = true; key.KeyForApis.Add(api); key.Save( ); updateInstance = Entity.Create(type).AsWritable <Resource>( ); updateInstance.Name = updateInstanceName = "ResourceToUpdate" + Guid.NewGuid( ); updateInstance.Description = updateInstanceDesc = "ResourceToUpdate" + Guid.NewGuid( ); updateInstance.Save( ); updateInstanceGuid = updateInstance.UpgradeId; IAccessRuleFactory accessControlHelper = new AccessRuleFactory( ); accessRule = accessControlHelper.AddAllowCreate(userAccount.As <Subject>( ), type.As <SecurableEntity>( )); accessRule = accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type.As <SecurableEntity>( ), new[] { Permissions.Read, Permissions.Modify, Permissions.Delete }, TestQueries.Entities(type).ToReport( )); } cleanup = new List <IEntity> { userAccount, key, api, type, mapping, endpoint, fieldMapping, stringField, accessRule, updateInstance }; }
private void CreateScenarioImpl(string testInstanceName, Func <EntityRef[]> permissionsCallback) { // Define key and user using (new TenantAdministratorContext(TenantName)) { // Define schema type = new EntityType( ); type.Inherits.Add(UserResource.UserResource_Type); type.Name = "Test type " + Guid.NewGuid( ); type.Save( ); type2 = new EntityType( ); type2.Inherits.Add(UserResource.UserResource_Type); type2.Name = "Test type2 " + Guid.NewGuid( ); type2.Save( ); stringField = new StringField( ); stringField.Name = "Field 1"; stringField.FieldIsOnType = type; stringField.MaxLength = 50; stringField.Save( ); lookup = new Relationship( ); lookup.Cardinality_Enum = CardinalityEnum_Enumeration.OneToOne; lookup.FromType = type; lookup.ToType = type2; relationship = new Relationship( ); relationship.Cardinality_Enum = CardinalityEnum_Enumeration.ManyToMany; relationship.FromType = type; relationship.ToType = type2; // Define API mapping = new ApiResourceMapping( ); mapping.Name = "Test mapping " + Guid.NewGuid( );; mapping.MappedType = type; mapping.Save( ); fieldMapping = new ApiFieldMapping( ); fieldMapping.Name = "field1"; fieldMapping.MappedField = stringField.As <Field>( ); fieldMapping.MemberForResourceMapping = mapping; fieldMapping.Save( ); lookupMapping = new ApiRelationshipMapping( ); lookupMapping.Name = "lookup1"; lookupMapping.MappedRelationship = lookup; lookupMapping.MemberForResourceMapping = mapping; lookupMapping.Save( ); relationshipMapping = new ApiRelationshipMapping( ); relationshipMapping.Name = "rel1"; relationshipMapping.MappedRelationship = relationship; relationshipMapping.MemberForResourceMapping = mapping; relationshipMapping.Save( ); endpoint = new ApiResourceEndpoint( ); endpoint.Name = "Test endpoint " + Guid.NewGuid( );; endpoint.ApiEndpointAddress = EndpointAddress; endpoint.EndpointResourceMapping = mapping; endpoint.ApiEndpointEnabled = true; endpoint.EndpointCanCreate = true; endpoint.EndpointCanUpdate = true; endpoint.EndpointCanDelete = true; endpoint.Save( ); api = new Api( ); api.Name = "Test API " + Guid.NewGuid( );; api.ApiAddress = ApiAddress; api.ApiEnabled = true; api.ApiEndpoints.Add(endpoint.As <ApiEndpoint>( )); api.Save( ); // Define access userAccount = new UserAccount( ); userAccount.Name = "Test user " + Guid.NewGuid( ); userAccount.AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active; userAccount.Password = "******"; userAccount.Save( ); key = new ApiKey( ); key.Name = ApiKey; key.ApiKeyUserAccount = userAccount; key.ApiKeyEnabled = true; key.KeyForApis.Add(api); key.Save( ); if (testInstanceName != null) { scenarioInstance = Entity.Create(type); scenarioInstance.SetField("core:name", testInstanceName); scenarioInstance.Save( ); } foreignName = "Foreign" + Guid.NewGuid( ).ToString( ); foreignInstance = Entity.Create(type2); foreignInstance.SetField("core:name", foreignName); foreignInstance.Save( ); // Grant create var permissions = permissionsCallback( ); IAccessRuleFactory accessControlHelper = new AccessRuleFactory( ); if (permissions [0] == Permissions.Create) { accessControlHelper.AddAllowCreate(userAccount.As <Subject>( ), type.As <SecurableEntity>( )); } else if (permissions.Length > 0) { accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type.As <SecurableEntity>( ), permissions, TestQueries.Entities(type).ToReport( )); } accessControlHelper.AddAllowByQuery(userAccount.As <Subject>( ), type2.As <SecurableEntity>( ), new [] { Permissions.Read, Permissions.Modify }, TestQueries.Entities(type2).ToReport( )); } }