public bool HasPermission(string memberUId, PermissionSets permission) { if (Memberships == null) { return(false); } return(Memberships.Any(m => m.MemberUId == memberUId && m.IsActive == true && m.Role.PermissionSet == (short)permission)); }
public void RunTestsInSandbox() { var permissions = PermissionSets.GetMediumTrust(AppDomain.CurrentDomain.BaseDirectory, Environment.MachineName); var testResults = SandboxTestRunner.RunTestFixturesInSandbox(_testFixtureTypes, permissions, null).SelectMany( r => r.TestResults).Where(r => r.Status != SandboxTestStatus.Ignored); Assert.That(testResults.Count(), Is.EqualTo(3)); foreach (var testResult in testResults) { testResult.EnsureNotFailed(); } }
public void GetMediumTrust() { var tempDirectory = Environment.GetEnvironmentVariable("TEMP"); var mediumTrustPermissions = PermissionSets.GetMediumTrust(tempDirectory, Environment.MachineName); var directoryName = Path.GetDirectoryName(tempDirectory); Assert.That(mediumTrustPermissions.Length, Is.EqualTo(11)); Assert.That(((AspNetHostingPermission)mediumTrustPermissions[0]).Level, Is.EqualTo(AspNetHostingPermissionLevel.Medium)); Assert.That(((DnsPermission)mediumTrustPermissions[1]).IsUnrestricted(), Is.True); Assert.That( ((EnvironmentPermission)mediumTrustPermissions[2]).GetPathList(EnvironmentPermissionAccess.Read), Is.EqualTo("TEMP;TMP;USERNAME;OS;COMPUTERNAME")); Assert.That( Path.GetDirectoryName(((FileIOPermission)mediumTrustPermissions[3]).GetPathList(FileIOPermissionAccess.Read)[0]), Is.EqualTo(directoryName)); Assert.That( Path.GetDirectoryName(((FileIOPermission)mediumTrustPermissions[3]).GetPathList(FileIOPermissionAccess.Write)[0]), Is.EqualTo(directoryName)); Assert.That( Path.GetDirectoryName(((FileIOPermission)mediumTrustPermissions[3]).GetPathList(FileIOPermissionAccess.Append)[0]), Is.EqualTo(directoryName)); Assert.That( Path.GetDirectoryName(((FileIOPermission)mediumTrustPermissions[3]).GetPathList(FileIOPermissionAccess.PathDiscovery)[0]), Is.EqualTo(directoryName)); Assert.That( ((IsolatedStorageFilePermission)mediumTrustPermissions[4]).UsageAllowed, Is.EqualTo(IsolatedStorageContainment.AssemblyIsolationByUser)); Assert.That(((IsolatedStorageFilePermission)mediumTrustPermissions[4]).UserQuota, Is.EqualTo(9223372036854775807L)); Assert.That(((PrintingPermission)mediumTrustPermissions[5]).Level, Is.EqualTo(PrintingPermissionLevel.DefaultPrinting)); Assert.That( ((SecurityPermission)mediumTrustPermissions[6]).Flags, Is.EqualTo( SecurityPermissionFlag.Assertion | SecurityPermissionFlag.Execution | SecurityPermissionFlag.ControlThread | SecurityPermissionFlag.ControlPrincipal | SecurityPermissionFlag.RemotingConfiguration)); Assert.That(((SmtpPermission)mediumTrustPermissions[7]).Access, Is.EqualTo(SmtpAccess.Connect)); Assert.That(((SqlClientPermission)mediumTrustPermissions[8]).IsUnrestricted(), Is.True); Assert.That(mediumTrustPermissions[9], Is.TypeOf(typeof(WebPermission))); Assert.That(((ReflectionPermission)mediumTrustPermissions[10]).Flags, Is.EqualTo(ReflectionPermissionFlag.RestrictedMemberAccess)); }
public void MediumTrust() { var permissions = PermissionSets .GetMediumTrust(AppDomain.CurrentDomain.BaseDirectory, Environment.MachineName) .Concat(new[] { new ReflectionPermission(ReflectionPermissionFlag.MemberAccess) }) .ToArray(); var types = (from t in typeof(MediumTrustSqlBackendIntegrationTest).Assembly.GetTypes() where t.Namespace == typeof(MediumTrustSqlBackendIntegrationTest).Namespace && t != typeof(MediumTrustSqlBackendIntegrationTest) && !t.IsAbstract && t.IsDefined(typeof(TestFixtureAttribute), false) select t).ToArray(); var testFixtureResults = SandboxTestRunner.RunTestFixturesInSandbox(types, permissions, null); var testResults = testFixtureResults.SelectMany(r => r.TestResults).ToArray(); foreach (var testResult in testResults) { testResult.EnsureNotFailed(); } Assert.That(testResults.Count(r => r.Status == SandboxTestStatus.Succeeded), Is.GreaterThan(0)); }
private void VerifyPermissionForCreateEditItem(BacklogItem item, Project project = null) { PermissionSets[] permissions = new PermissionSets[] { PermissionSets.SCRUM_MASTER, PermissionSets.PRODUCT_OWNER }; if (project == null) { project = projectsService.GetProject(item.ProjectUId); } if (project.IsTicketProject) { permissions = new PermissionSets[] { PermissionSets.SCRUM_MASTER, PermissionSets.PRODUCT_OWNER, PermissionSets.TEAM } } ; authorizationService.VerifyPermissionAtProject(item.ProjectUId, permissions); if (!project.IsTicketProject && !authorizationService.IsProjectScrumMaster(item.ProjectUId) && item.SprintNumber != null) { throw new WebFaultException <String>("Product owners can not plan items", System.Net.HttpStatusCode.BadRequest); } }
public void MediumTrust() { var permissions = PermissionSets .GetMediumTrust(AppDomain.CurrentDomain.BaseDirectory, Environment.MachineName) .Concat( new IPermission[] { new ReflectionPermission(ReflectionPermissionFlag.MemberAccess), // new SecurityPermission (SecurityPermissionFlag.SerializationFormatter) }) .ToArray(); var testFixtureResults = SandboxTestRunner.RunTestFixturesInSandbox(new[] { typeof(UnmappedItemExceptionTest) }, permissions, null); var testResults = testFixtureResults.SelectMany(r => r.TestResults).ToArray(); foreach (var testResult in testResults) { try { testResult.EnsureNotFailed(); } catch (TestFailedException) { var securityException = testResult.Exception as SecurityException; if (securityException != null) { Console.WriteLine("Action:"); Console.WriteLine(securityException.Action); Console.WriteLine("Demanded:"); Console.WriteLine(securityException.Demanded); } throw; } } Assert.That(testResults.Count(r => r.Status == SandboxTestStatus.Succeeded), Is.GreaterThan(0)); }
public void VerifyPermissionAtProjectOrFactoryOwner(string projectUId, PermissionSets[] permissions) { throw new NotSupportedException(); }
public bool HasPermission(string memberUId, PermissionSets permission) { if (Memberships == null) return false; return Memberships.Any(m => m.MemberUId == memberUId && m.IsActive==true && m.Role.PermissionSet == (short)permission); }
public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission) { return projectsRepository.MemberHasPermissionAtProject(memberUId, projectUId, permission); }
public void VerifyUserOrPermissionAtProject(string memberUId, string projectUId, PermissionSets permission) { if (!projectsService.MemberHasPermissionAtProject(SignedMemberProfile.MemberUId, projectUId, new PermissionSets[] { permission }) && SignedMemberProfile.MemberUId != memberUId) throw new WebFaultException(System.Net.HttpStatusCode.Forbidden); }
public void VerifyPermissionAtProjectOrFactoryOwner(string projectUId, PermissionSets[] permissions) { if (!authorizedTokens.ContainsKey(SignedMemberToken)) throw new WebFaultException(System.Net.HttpStatusCode.Unauthorized); if (SignedMemberProfile.IsFactoryOwner) return; VerifyPermissionAtProject(projectUId, permissions); }
public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission) { PermissionSets[] ps = new PermissionSets[1]; ps[0] = permission; return(MemberHasPermissionAtProject(memberUId, projectUId, ps)); }
public void VerifyPermissionAtProject(string projectUId, PermissionSets permission) { PermissionSets[] ps = new PermissionSets[1]; ps[0] = permission; VerifyPermissionAtProject(projectUId, ps); }
public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets[] permissions) { short[] permissionsS = new short[permissions.Length]; for (int i = 0; i < permissions.Length; i++) permissionsS[i] = (short)permissions[i]; using (var context = new ScrumFactoryEntities(this.connectionString)) { // does not make sense //if (context.Projects.Where(p => p.ProjectUId == projectUId && p.CreateBy == memberUId).Count() > 0) // return true; if (context.ProjectMemberships.Where( pmr => pmr.MemberUId == memberUId && pmr.ProjectUId == projectUId && pmr.IsActive == true && permissionsS.Contains(pmr.Role.PermissionSet)).Count() > 0) return true; } return false; }
public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission) { PermissionSets[] ps = new PermissionSets[1]; ps[0] = permission; return MemberHasPermissionAtProject(memberUId, projectUId, ps); }
public int GetMembershipCountOf(string projectUId, PermissionSets permissionSet) { using (var context = new ScrumFactoryEntities(this.connectionString)) { return context.ProjectMemberships.Count(ms => ms.Role.PermissionSet == (short)permissionSet && ms.ProjectUId == projectUId); } }
public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission) { return(projectsRepository.MemberHasPermissionAtProject(memberUId, projectUId, permission)); }
public void VerifyUserOrPermissionAtProject(string memberUId, string projectUId, PermissionSets permission) { throw new NotSupportedException(); }
public void VerifyUserOrPermissionAtProject(string memberUId, string projectUId, PermissionSets permission) { if (!projectsService.MemberHasPermissionAtProject(SignedMemberProfile.MemberUId, projectUId, new PermissionSets[] { permission }) && SignedMemberProfile.MemberUId != memberUId) { throw new WebFaultException(System.Net.HttpStatusCode.Forbidden); } }
public void SetUp() { _mediumTrustPermissions = PermissionSets.GetMediumTrust(AppDomain.CurrentDomain.BaseDirectory, Environment.MachineName); }
public int GetMembershipCountOf(string projectUId, PermissionSets permissionSet) { using (var context = new ScrumFactoryEntities(this.connectionString)) { return(context.ProjectMemberships.Count(ms => ms.Role.PermissionSet == (short)permissionSet && ms.ProjectUId == projectUId)); } }
private void VerifyPermissionForCreateEditItem(BacklogItem item, Project project = null) { PermissionSets[] permissions = new PermissionSets[] { PermissionSets.SCRUM_MASTER, PermissionSets.PRODUCT_OWNER }; if (project == null) project = projectsService.GetProject(item.ProjectUId); if (project.IsTicketProject) permissions = new PermissionSets[] { PermissionSets.SCRUM_MASTER, PermissionSets.PRODUCT_OWNER, PermissionSets.TEAM }; authorizationService.VerifyPermissionAtProject(item.ProjectUId, permissions); if (!project.IsTicketProject && !authorizationService.IsProjectScrumMaster(item.ProjectUId) && item.SprintNumber != null) throw new WebFaultException<String>("Product owners can not plan items", System.Net.HttpStatusCode.BadRequest); }
public bool MemberHasPermissionAtProject(string memberUId, string projectUId, PermissionSets permission) { throw new NotSupportedException(); }
public void VerifyPermissionAtProject(string projectUId, PermissionSets[] permissions) { string token = SignedMemberToken; AuthorizationInfo authInfo = null; authorizedTokens.TryGetValue(token, out authInfo); if (authInfo==null) throw new WebFaultException(System.Net.HttpStatusCode.Unauthorized); string memberUId = authInfo.MemberUId; bool hasPermission = projectsService.MemberHasPermissionAtProject(memberUId, projectUId, permissions); if(!hasPermission) throw new WebFaultException(System.Net.HttpStatusCode.Forbidden); }