示例#1
0
        public void Should_build_expectation_groups_and_verify_expectations()
        {
            // Arrange
            var configuration     = FluentSecurityFactory.CreateSecurityConfiguration();
            var expectationGroups = new List <ExpectationGroup>();

            var builder  = new Mock <IExpectationGroupBuilder>();
            var verifyer = new Mock <IExpectationVerifyer>();

            builder.Setup(x => x.Build(It.IsAny <IEnumerable <ExpectationExpression> >())).Returns(expectationGroups).AtMostOnce();
            verifyer.Setup(x => x.VerifyExpectationsOf(expectationGroups)).Returns(new List <ExpectationResult>()).AtMostOnce();

            var policyExpectations = new PolicyExpectations();

            policyExpectations.SetExpectationGroupBuilder(builder.Object);
            policyExpectations.ConstructExpectationVerifyerUsing((c, h) => verifyer.Object);
            policyExpectations.For <SampleController>();
            policyExpectations.For <AdminController>(x => x.Login());

            // Act
            policyExpectations.VerifyAll(configuration);

            // Assert
            builder.VerifyAll();
            verifyer.VerifyAll();
        }
        public void Should_build_expectation_groups_and_verify_expectations()
        {
            // Arrange
            var configuration = FluentSecurityFactory.CreateSecurityConfiguration();
            var expectationGroups = new List<ExpectationGroup>();

            var builder = new Mock<IExpectationGroupBuilder>();
            var verifyer = new Mock<IExpectationVerifyer>();

            builder.Setup(x => x.Build(It.IsAny<IEnumerable<ExpectationExpression>>())).Returns(expectationGroups).AtMostOnce();
            verifyer.Setup(x => x.VerifyExpectationsOf(expectationGroups)).Returns(new List<ExpectationResult>()).AtMostOnce();

            var policyExpectations = new PolicyExpectations();
            policyExpectations.SetExpectationGroupBuilder(builder.Object);
            policyExpectations.ConstructExpectationVerifyerUsing((c, h) => verifyer.Object);
            policyExpectations.For<SampleController>();
            policyExpectations.For<AdminController>(x => x.Login());

            // Act
            policyExpectations.VerifyAll(configuration);

            // Assert
            builder.VerifyAll();
            verifyer.VerifyAll();
        }
        public void Should_be_configured_correctly()
        {
            var expectations = new PolicyExpectations();

            expectations.For<HomeController>().Has<IgnorePolicy>();

            expectations.For<AccountController>().Has<DenyAuthenticatedAccessPolicy>();
            expectations.For<AccountController>(x => x.LogOut()).Has<DenyAnonymousAccessPolicy>().DoesNotHave<DenyAuthenticatedAccessPolicy>();

            expectations.For<ExampleController>(x => x.DenyAnonymousAccess()).Has<DenyAnonymousAccessPolicy>();
            expectations.For<ExampleController>(x => x.DenyAuthenticatedAccess()).Has<DenyAuthenticatedAccessPolicy>();
            expectations.For<ExampleController>(x => x.RequireAdministratorRole()).Has<RequireRolePolicy>(p =>
                p.RolesRequired.Contains(UserRole.Administrator) &&
                p.RolesRequired.Count() == 1
                );
            expectations.For<ExampleController>(x => x.RequirePublisherRole()).Has<RequireRolePolicy>(p =>
                p.RolesRequired.Contains(UserRole.Publisher) &&
                p.RolesRequired.Count() == 1
                );

            expectations.For<AdminController>().Has<AdministratorPolicy>();
            expectations.For<AdminController>(x => x.Delete()).Has<DelegatePolicy>(p => p.Name == "LocalOnlyPolicy");

            expectations.For<Areas.ExampleArea.Controllers.HomeController>(x => x.Index()).Has<DenyAnonymousAccessPolicy>();
            expectations.For<Areas.ExampleArea.Controllers.HomeController>(x => x.AdministratorsOnly()).Has(new RequireRolePolicy(UserRole.Administrator));
            expectations.For<Areas.ExampleArea.Controllers.HomeController>(x => x.PublishersOnly()).Has(new RequireRolePolicy(UserRole.Publisher));

            var results = expectations.VerifyAll(Bootstrapper.SetupFluentSecurity());

            Assert.That(results.Valid(), results.ErrorMessages());
        }
示例#4
0
        public void Should_be_configured_correctly()
        {
            var expectations = new PolicyExpectations();

            expectations.For <HomeController>().Has <IgnorePolicy>();

            expectations.For <AccountController>().Has <DenyAuthenticatedAccessPolicy>();
            expectations.For <AccountController>(x => x.LogOut()).Has <DenyAnonymousAccessPolicy>().DoesNotHave <DenyAuthenticatedAccessPolicy>();

            expectations.For <ExampleController>(x => x.DenyAnonymousAccess()).Has <DenyAnonymousAccessPolicy>();
            expectations.For <ExampleController>(x => x.DenyAuthenticatedAccess()).Has <DenyAuthenticatedAccessPolicy>();
            expectations.For <ExampleController>(x => x.RequireAdministratorRole()).Has <RequireRolePolicy>(p =>
                                                                                                            p.RolesRequired.Contains(UserRole.Administrator) &&
                                                                                                            p.RolesRequired.Count() == 1
                                                                                                            );
            expectations.For <ExampleController>(x => x.RequirePublisherRole()).Has <RequireRolePolicy>(p =>
                                                                                                        p.RolesRequired.Contains(UserRole.Publisher) &&
                                                                                                        p.RolesRequired.Count() == 1
                                                                                                        );

            expectations.For <AdminController>().Has <AdministratorPolicy>();
            expectations.For <AdminController>(x => x.Delete()).Has <DelegatePolicy>(p => p.Name == "LocalOnlyPolicy");

            expectations.For <Areas.ExampleArea.Controllers.HomeController>(x => x.Index()).Has <DenyAnonymousAccessPolicy>();
            expectations.For <Areas.ExampleArea.Controllers.HomeController>(x => x.AdministratorsOnly()).Has(new RequireRolePolicy(UserRole.Administrator));
            expectations.For <Areas.ExampleArea.Controllers.HomeController>(x => x.PublishersOnly()).Has(new RequireRolePolicy(UserRole.Publisher));

            var results = expectations.VerifyAll(Bootstrapper.SetupFluentSecurity());

            Assert.That(results.Valid(), results.ErrorMessages());
        }
示例#5
0
        public void Should_throw_when_configuration_is_null()
        {
            // Arrange
            ISecurityConfiguration configuration = null;
            var policyExpectations = new PolicyExpectations();

            // Act & assert
            Assert.Throws <ArgumentNullException>(() => policyExpectations.VerifyAll(configuration));
        }
        public void Should_verify_expectations_for_aliased_action_using_convention_expectations()
        {
            SecurityConfigurator.Configure(configuration => configuration.For<SampleController>().DenyAnonymousAccess());
            var policyExpectations = new PolicyExpectations();

            policyExpectations.For<SampleController>().Has<DenyAnonymousAccessPolicy>();
            var results = policyExpectations.VerifyAll(SecurityConfiguration.Current);

            Assert.That(results.Valid(), results.ErrorMessages());
        }
        public void Should_verify_expectations_for_void_action_using_convention_expectations()
        {
            SecurityConfigurator.Configure(configuration => configuration.For <SampleController>().DenyAnonymousAccess());
            var policyExpectations = new PolicyExpectations();

            policyExpectations.For <SampleController>().Has <DenyAnonymousAccessPolicy>();
            var results = policyExpectations.VerifyAll(SecurityConfiguration.Current);

            Assert.That(results.Valid(), results.ErrorMessages());
        }
示例#8
0
        public void Should_fail_once_with_predicate_description_in_result_message()
        {
            // Arrange
            var configuration = FluentSecurityFactory.CreateSecurityConfiguration();

            var expectationViolationHandler = new DefaultExpectationViolationHandler();
            var expectationVerifyer         = new ExpectationVerifyer(configuration, expectationViolationHandler);
            var policyExpectations          = new PolicyExpectations();

            policyExpectations.For <AdminController>(x => x.Login()).Has <DelegatePolicy>(p => p.Name == "LoginPolicy");

            // Act
            var expectationResults = expectationVerifyer.VerifyExpectationsOf(policyExpectations.ExpectationGroups);

            // Assert
            Assert.That(expectationResults.Count(), Is.EqualTo(1));
            Assert.That(expectationResults.First().ExpectationsMet, Is.False);
            Assert.That(expectationResults.First().Message, Is.EqualTo("Expected policy of type \"FluentSecurity.Policy.DelegatePolicy\" for controller \"FluentSecurity.TestHelper.Specification.TestData.AdminController\", action \"Login\".\r\n\t\tPredicate: p => (p.Name == \"LoginPolicy\")"));
        }
        public static PolicyExpectations CreatePolicyExpectations()
        {
            var policyExpectations = new PolicyExpectations();

            policyExpectations.For<SampleController>(x => x.Index()).Has<DenyAuthenticatedAccessPolicy>();
            policyExpectations.For<SampleController>(x => x.List()).Has<DenyAnonymousAccessPolicy>();
            policyExpectations.For<SampleController>(x => x.New()).Has(new RequireRolePolicy("Editor")).DoesNotHave(new RequireRolePolicy("Writer")).Has<DenyInternetExplorerPolicy>();

            policyExpectations.For<AdminController>().Has<DenyAnonymousAccessPolicy>();
            policyExpectations.For<AdminController>(x => x.Login())
                .DoesNotHave<DenyAnonymousAccessPolicy>()
                .Has<DenyAuthenticatedAccessPolicy>();

            policyExpectations.For<IgnoreController>().Has<IgnorePolicy>();

            policyExpectations.For<TestController>().DoesNotHave<IgnorePolicy>();

            return policyExpectations;
        }
        public void Should_be_configured_base_actions()
        {
            // Arrange
            var _expectations = new PolicyExpectations();

            _expectations.For <HomeController>().Has <DenyAnonymousAccessPolicy>();
            _expectations.For <Areas.ExampleArea.Controllers.BaseController>().Has(new RequireRolePolicy(UserRole.Administrator));
            _expectations.For <Areas.ExampleArea.Controllers.RolesController>(p => p.Index()).Has(new RequireRolePolicy(UserRole.Administrator));
            _expectations.For <Areas.ExampleArea.Controllers.RolesController>().Has(new RequireRolePolicy(UserRole.Administrator));

            SecurityConfigurator.Configure(c => {
                c.ForAllControllersInAssembly(typeof(HomeController).Assembly).DenyAnonymousAccess();
                c.ForAllControllersInAssemblyThatInherit <Areas.ExampleArea.Controllers.BaseController>().RequireRole(UserRole.Administrator);
            });

            // Act
            var results = _expectations.VerifyAll(SecurityConfiguration.Current);

            // Assert
            Assert.That(results.Valid(), results.ErrorMessages());
        }
        public void Should_be_configured_correctly()
        {
            var expectations = new PolicyExpectations();

            expectations.For<AccountController>(x => x.LogInAsAdministrator()).Has<DenyAuthenticatedAccessPolicy>();
            expectations.For<AccountController>(x => x.LogInAsPublisher()).Has<DenyAuthenticatedAccessPolicy>();
            expectations.For<AccountController>(x => x.LogOut()).Has<DenyAnonymousAccessPolicy>();

            expectations.For<ExampleController>(x => x.DenyAnonymousAccess()).Has<DenyAnonymousAccessPolicy>();
            expectations.For<ExampleController>(x => x.DenyAuthenticatedAccess()).Has<DenyAuthenticatedAccessPolicy>();

            expectations.For<ExampleController>(x => x.RequireAdministratorRole()).Has(new RequireRolePolicy(UserRole.Administrator));
            expectations.For<ExampleController>(x => x.RequirePublisherRole()).Has(new RequireRolePolicy(UserRole.Publisher));

            expectations.For<AdminController>().Has<AdministratorPolicy>();
            expectations.For<AdminController>(x => x.Index()).Has<IgnorePolicy>().DoesNotHave<AdministratorPolicy>();

            var results = expectations.VerifyAll(Bootstrapper.SetupFluentSecurity());

            Assert.That(results.Valid(), results.ErrorMessages());
        }
        public static PolicyExpectations CreatePolicyExpectations()
        {
            var policyExpectations = new PolicyExpectations();

            policyExpectations.For <SampleController>(x => x.Index()).Has <DenyAuthenticatedAccessPolicy>();
            policyExpectations.For <SampleController>(x => x.List()).Has <DenyAnonymousAccessPolicy>();
            policyExpectations.For <SampleController>(x => x.New()).Has(new RequireRolePolicy("Editor")).DoesNotHave(new RequireRolePolicy("Writer")).Has <DenyInternetExplorerPolicy>();

            policyExpectations.For <AdminController>().Has <DenyAnonymousAccessPolicy>();
            policyExpectations.For <AdminController>(x => x.Login())
            .DoesNotHave <DenyAnonymousAccessPolicy>()
            .Has <DenyAuthenticatedAccessPolicy>();
            policyExpectations.For <AdminController>(x => x.NewUser())
            .DoesNotHave <DenyAnonymousAccessPolicy>()
            .Has <RequireRolePolicy>();

            policyExpectations.For <IgnoreController>().Has <IgnorePolicy>();

            policyExpectations.For <TestController>().DoesNotHave <IgnorePolicy>();

            return(policyExpectations);
        }
        public void Should_throw_when_configuration_is_null()
        {
            // Arrange
            ISecurityConfiguration configuration = null;
            var policyExpectations = new PolicyExpectations();

            // Act & assert
            Assert.Throws<ArgumentNullException>(() => policyExpectations.VerifyAll(configuration));
        }
 public void SetUp()
 {
     _policyExpectations = new PolicyExpectations();
 }
示例#15
0
 public void SetUp()
 {
     _policyExpectations = new PolicyExpectations();
 }
        public void Should_fail_once_with_predicate_description_in_result_message()
        {
            // Arrange
            var configuration = FluentSecurityFactory.CreateSecurityConfiguration();

            var expectationViolationHandler = new DefaultExpectationViolationHandler();
            var expectationVerifyer = new ExpectationVerifyer(configuration, expectationViolationHandler);
            var policyExpectations = new PolicyExpectations();
            policyExpectations.For<AdminController>(x => x.Login()).Has<DelegatePolicy>(p => p.Name == "LoginPolicy");

            // Act
            var expectationResults = expectationVerifyer.VerifyExpectationsOf(policyExpectations.ExpectationGroups);

            // Assert
            Assert.That(expectationResults.Count(), Is.EqualTo(1));
            Assert.That(expectationResults.First().ExpectationsMet, Is.False);
            Assert.That(expectationResults.First().Message, Is.EqualTo("Expected policy of type \"FluentSecurity.Policy.DelegatePolicy\" for controller \"FluentSecurity.TestHelper.Specification.TestData.AdminController\", action \"Login\".\r\n\t\tPredicate: p => (p.Name == \"LoginPolicy\")"));
        }