public void IsReadonly_CustomPermissionMixedProperty_True() { var securityContextStub = MockRepository.GenerateStub <ISecurityContext> (); var securityContextFactoryStub = MockRepository.GenerateStub <ISecurityContextFactory> (); securityContextFactoryStub.Stub(mock => mock.CreateSecurityContext()).Return(securityContextStub); _securityProviderStub.Stub(mock => mock.GetAccess(securityContextStub, _securityPrincipalStub)).Return(new AccessType[0]); IBusinessObject bindableSecurableObject; using (SecurityFreeSection.Activate()) { bindableSecurableObject = CreateBindableSecurableObject(securityContextFactoryStub); } var businessObjectClass = bindableSecurableObject.BusinessObjectClass; var property = businessObjectClass.GetPropertyDefinition("CustomPermissionMixedProperty"); Assert.That(property.IsReadOnly(bindableSecurableObject), Is.True); }
public void NoTest_DerivedReadOnlyProperty_IsNotAccessible() { var securityContextStub = MockRepository.GenerateStub <ISecurityContext> (); var securityContextFactoryStub = MockRepository.GenerateStub <ISecurityContextFactory> (); securityContextFactoryStub.Stub(mock => mock.CreateSecurityContext()).Return(securityContextStub); _securityProviderStub.Stub(mock => mock.GetAccess(securityContextStub, _securityPrincipalStub)).Return(new[] { AccessType.Get(TestAccessTypes.First) }); IBusinessObject bindableSecurableObject; using (SecurityFreeSection.Activate()) { bindableSecurableObject = CreateDerivedBindableSecurableObject(securityContextFactoryStub); } var businessObjectClass = bindableSecurableObject.BusinessObjectClass; var property = businessObjectClass.GetPropertyDefinition("PropertyToOverride"); Assert.That(property.IsAccessible(bindableSecurableObject), Is.False); }
public void IsAccessible_MixedPropertyWithWritePermission_True() { var securityContextStub = MockRepository.GenerateStub <ISecurityContext> (); var securityContextFactoryStub = MockRepository.GenerateStub <ISecurityContextFactory> (); securityContextFactoryStub.Stub(mock => mock.CreateSecurityContext()).Return(securityContextStub); _securityProviderStub.Stub(mock => mock.GetAccess(securityContextStub, _securityPrincipalStub)).Return(new[] { AccessType.Get(GeneralAccessTypes.Read) }); IBusinessObject bindableSecurableObject; using (SecurityFreeSection.Activate()) { bindableSecurableObject = CreateBindableSecurableObject(securityContextFactoryStub); } var businessObjectClass = bindableSecurableObject.BusinessObjectClass; var property = businessObjectClass.GetPropertyDefinition("MixedPropertyWithWritePermission"); Assert.That(property.IsAccessible(bindableSecurableObject), Is.True); }
public void IsReadonly_CollectionPropertyWithoutSetter_False() { var securityContextStub = MockRepository.GenerateStub <ISecurityContext> (); var securityContextFactoryStub = MockRepository.GenerateStub <ISecurityContextFactory> (); securityContextFactoryStub.Stub(mock => mock.CreateSecurityContext()).Return(securityContextStub); _securityProviderStub.Stub(mock => mock.GetAccess(securityContextStub, _securityPrincipalStub)).Return(new[] { AccessType.Get(GeneralAccessTypes.Edit) }); IBusinessObject bindableSecurableObject; using (SecurityFreeSection.Activate()) { bindableSecurableObject = CreateBindableSecurableObject(securityContextFactoryStub); } var businessObjectClass = bindableSecurableObject.BusinessObjectClass; var property = businessObjectClass.GetPropertyDefinition("Children"); Assert.That(property.IsReadOnly(bindableSecurableObject), Is.False); }
public void Test_WithinSecurityFreeSection_ReturnsQueryResultUnchanged() { SecurableObject allowedObject = _testHelper.CreateSecurableObject(); SecurableObject deniedObject = _testHelper.CreateSecurableObject(); IQuery query = MockRepository.GenerateStub <IQuery>(); var queryResult = new QueryResult <DomainObject> (query, new DomainObject[] { allowedObject, deniedObject }); _testHelper.ReplayAll(); QueryResult <DomainObject> finalResult; using (SecurityFreeSection.Activate()) { finalResult = _extension.FilterQueryResult(_testHelper.Transaction, queryResult); } _testHelper.VerifyAll(); Assert.That(finalResult, Is.SameAs(queryResult)); }
public void NoAccessGranted_ReadOnlyPropertyInDeriveClass_IsAccessible() { var securityContextStub = MockRepository.GenerateStub <ISecurityContext> (); var securityContextFactoryStub = MockRepository.GenerateStub <ISecurityContextFactory> (); securityContextFactoryStub.Stub(mock => mock.CreateSecurityContext()).Return(securityContextStub); _securityProviderStub.Stub(mock => mock.GetAccess(securityContextStub, _securityPrincipalStub)).Return(new AccessType[0]); IBusinessObject bindableSecurableObject; using (SecurityFreeSection.Activate()) { bindableSecurableObject = CreateDerivedSecurableClassWithProperties(securityContextFactoryStub); } var businessObjectClass = bindableSecurableObject.BusinessObjectClass; var property = businessObjectClass.GetPropertyDefinition("PropertyToOverrideWithReadPermission"); Assert.That(property.IsAccessible(bindableSecurableObject), Is.False); }
public void AccessDenied_SubTransaction() { _securityProviderStub.Stub(mock => mock.GetAccess(_securityContextStub, _securityPrincipalStub)).Return(new AccessType[0]); Assert.That(_clientTransaction.Extensions[SecurityClientTransactionExtension.DefaultKey], Is.Not.Null); var subTransaction = _clientTransaction.CreateSubTransaction(); Assert.That(subTransaction.Extensions[SecurityClientTransactionExtension.DefaultKey], Is.Not.Null); using (subTransaction.EnterDiscardingScope()) { SecurableObject securableObject; using (SecurityFreeSection.Activate()) { securableObject = CreateSecurableObject(_securityContextFactoryStub, clientTransaction: subTransaction); } Dev.Null = securableObject.PropertyWithDefaultPermission; } }
public void Threading() { Assert.That(SecurityFreeSection.IsActive, Is.False); var scope = SecurityFreeSection.Activate(); Assert.That(SecurityFreeSection.IsActive, Is.True); ThreadRunner.Run( delegate { Assert.That(SecurityFreeSection.IsActive, Is.False); using (SecurityFreeSection.Activate()) { Assert.That(SecurityFreeSection.IsActive, Is.True); } Assert.That(SecurityFreeSection.IsActive, Is.False); }); scope.Dispose(); Assert.That(SecurityFreeSection.IsActive, Is.False); }
private ISecurityManagerPrincipal GetSecurityManagerPrincipalByUserName(IPrincipal principal) { if (!principal.Identity.IsAuthenticated) { return(SecurityManagerPrincipal.Null); } using (ClientTransaction.CreateRootTransaction().EnterNonDiscardingScope()) { using (SecurityFreeSection.Activate()) { var user = SecurityManagerUser.FindByUserName(principal.Identity.Name); if (user == null) { return(SecurityManagerPrincipal.Null); } else { return(SecurityManagerPrincipalFactory.Create(user.Tenant.GetHandle(), user.GetHandle(), null)); } } } }
public AccessType[] GetAccess(ISecurityContext context, ISecurityPrincipal principal) { ArgumentUtility.CheckNotNull("context", context); ArgumentUtility.CheckNotNull("principal", principal); using (SecurityFreeSection.Activate()) { IDomainObjectHandle <AccessControlList> acl; SecurityToken token; try { acl = _accessControlListFinder.Find(context); token = _securityTokenBuilder.CreateToken(principal, context); } catch (AccessControlException e) { s_log.Error("Error during evaluation of security query.", e); return(new AccessType[0]); } if (acl == null) { return(new AccessType[0]); } try { return(_accessResolver.GetAccessTypes(acl, token)); } catch (ObjectsNotFoundException e) { s_log.Error("Error during evaluation of security query.", e); return(new AccessType[0]); } } }
public override bool Execute(CommandActivity commandActivity) { const string incomingTypeVeReferenceId = "ABC5B6D0-6764-4801-AC36-7B42B80F63D3"; const string incomingTypeGsReferenceId = "64E46ED4-14C2-4E3D-A5D0-F3E2E39C2E73"; var restoreCtxId = ApplicationContext.CurrentID; try { var sourceFileCase = (FileCase)commandActivity.WorkItem; if (sourceFileCase == null) { throw new ActivityCommandException("").WithUserMessage(LocalizedUserMessages.NoFileCase .ToLocalizedName() .FormatWith(commandActivity)); } if (!sourceFileCase.CanEdit(true)) { throw new ActivityCommandException("").WithUserMessage(LocalizedUserMessages.NotEditable .ToLocalizedName() .FormatWith(sourceFileCase)); } //Parse tenant information from incoming string targetTenantId = String.Empty; var sourceIncoming = sourceFileCase.BaseFile.BaseIncomings .Where(i => i.IncomingType.ToHasReferenceID().ReferenceID.ToUpper() == incomingTypeVeReferenceId.ToUpper()) .OrderByDescending(t => t.CreatedAt) .FirstOrDefault(); if (sourceIncoming == null) { throw new ActivityCommandException("").WithUserMessage(LocalizedUserMessages.IncomingNotFound .ToLocalizedName() .FormatWith(sourceFileCase.BaseFile)); } var targetFileCaseUri = new Uri(sourceIncoming.GetProperty("#LHIND_Mitbericht_SourceFileCaseUrl") as string); targetTenantId = HttpUtility.ParseQueryString(targetFileCaseUri.Query).Get("TenantID"); var sourceFileCaseUrl = UrlProvider.Current.GetOpenWorkListItemUrl(sourceFileCase); //Create eCH-0147 container var messageExport = Containers.Global.Resolve <IMessageExport>(); var eCHExport = messageExport.Export(sourceFileCase); sourceFileCase.AddFileCaseContent(eCHExport); //switch tenant using (ClientTransaction.CreateRootTransaction().EnterDiscardingScope()) using (TenantSection.SwitchToTenant(Tenant.FindByUnqiueIdentifier(targetTenantId))) { //Create new incoming, set specialdata properties var incoming = Incoming.NewObject(); ApplicationContext.CurrentID = incoming.ApplicationContextID; incoming.Subject = sourceFileCase.DisplayName + " - eCH Response"; incoming.IncomingType = new ReferenceHandle <IncomingTypeClassificationType>(incomingTypeGsReferenceId) .GetObject(); incoming.ExternalNumber = sourceFileCase.FormattedNumber; incoming.Remark = sourceFileCase.WorkInstruction; using (new SpecialdataIgnoreReadOnlySection()) incoming.SetProperty("#LHIND_Mitbericht_SourceFileCaseUrl", sourceFileCaseUrl); var targeteCHDocument = Document.NewObject(incoming); ((IDocument)targeteCHDocument).Name = sourceFileCase.GetMultilingualValue(fc => fc.Title) + " (" + sourceFileCase.FormattedNumber + ") - eCH Import"; targeteCHDocument.PhysicallyPresent = false; targeteCHDocument.Type = (DocumentClassificationType)ClassificationType.GetObject(Rubicon.Gever .Bund.EGovInterface.Domain.WellKnownObjects.DocumentClassification.EchImport.GetObjectID()); using (SecurityFreeSection.Activate()) using (TenantSection.DisableQueryRestrictions()) using (var handle = eCHExport.ActiveContent.GetContent()) { targeteCHDocument.ActiveContent.SetContent(handle, "zip", "application/zip"); var targetFile = ImportHelper.TenantKnowsObject(targeteCHDocument, true); if (targetFile != null) { incoming.LeadingGroup = targetFile.LeadingGroup; incoming.Insert(targetFile); } else { incoming.LeadingGroup = UserHelper.Current.GetActaNovaUserExtension().StandardGroup != null ? UserHelper.Current.GetActaNovaUserExtension().StandardGroup.AsTenantGroup() : UserHelper.Current.OwningGroup.AsTenantGroup(); } } ClientTransaction.Current.Commit(); } } catch (Exception ex) { s_logger.Error(ex.Message, ex); throw; } finally { ApplicationContext.CurrentID = restoreCtxId; } return(true); }