public void EvaluateSpecificRule_DefaultDeny_ExpectDenyUpdate() { _securityOptions .Setup(x => x.DefaultSecurityRules) .Returns(SecurityOptions <FakeEntityContext> .CreateDefaultDenyRule()); var ruleId = Guid.NewGuid(); var entityId = Guid.NewGuid(); var node = new EntityNode { EntityId = entityId, IdPath = $"/{Guid.NewGuid()}/{Guid.NewGuid()}/{entityId}", }; var rules = new List <EntityNodeRuleContainer> { new EntityNodeRuleContainer(node, new EntitySecurityRule { Id = ruleId, EntityId = entityId, Rule = new SecurityRule { Right = SecurityRight.Read, Type = RuleType.Allow, Inherit = false, } }) }; var result = _matcher.EvaluateRule(node, rules, SecurityRight.Update); Assert.False(result.IsRightGranted); Assert.Equal(entityId, result.EntityId); Assert.Equal(SecurityRight.Update, result.AccessRight); Assert.NotNull(result.MatchedRule); Assert.Equal(Guid.Empty, result.MatchedRule.Id); }
public async Task EvaluateRootDefaultDeny() { _securityDisablerService .Setup(x => x.IsSecurityDisabled()) .Returns(false); _securityOptions .Setup(x => x.UseAuthorization) .Returns(true); _securityOptions .Setup(x => x.DefaultSecurityRules) .Returns(SecurityOptions <FakeEntityContext> .CreateDefaultDenyRule()); var result = await _evaluator.EvaluateRoot(SecurityRight.Read); Assert.False(result.IsRightGranted); }
public void Evaluate_DefaultDenyRule_ExpectDenyRead() { _securityOptions .Setup(x => x.DefaultSecurityRules) .Returns(SecurityOptions <FakeEntityContext> .CreateDefaultDenyRule()); var entityId = Guid.NewGuid(); var node = new EntityNode { EntityId = entityId, IdPath = $"/{Guid.NewGuid()}/{Guid.NewGuid()}/{entityId}", }; var rules = new List <EntityNodeRuleContainer>(); var result = _matcher.EvaluateRule(node, rules, SecurityRight.Read); Assert.False(result.IsRightGranted); Assert.Equal(entityId, result.EntityId); Assert.Equal(SecurityRight.Read, result.AccessRight); Assert.Equal(Guid.Empty, result.MatchedRule.Id); }
public void SetDenyAllDefaultSecurityRule() { _securityOptions.DefaultSecurityRules = SecurityOptions <TContext> .CreateDefaultDenyRule(); }