public void RollbackNavigationProperty()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Write, OperationState.Deny, "Person", SecurityTestHelper.CompanyNameEqualsTwo);
Assert.AreEqual(3, dbContextConnectionClass.Company.Include(p => p.Person).Count());
Company company = dbContextConnectionClass.Company.Include(p => p.Person).First(p => p.CompanyName == "2");
Assert.IsNotNull(company.Person);
Person newPerson = new Person();
newPerson.Description = "New person";
newPerson.Company = company;
company.Person = newPerson;
dbContextConnectionClass.Persons.Add(newPerson);
Assert.AreEqual(EntityState.Modified, dbContextConnectionClass.Entry(company).State);
Assert.AreEqual(EntityState.Added, dbContextConnectionClass.Entry(newPerson).State);
SecurityTestHelper.FailSaveChanges(dbContextConnectionClass);
Assert.AreEqual(EntityState.Unchanged, dbContextConnectionClass.Entry(company).State);
Assert.IsFalse(dbContextConnectionClass.ChangeTracker.Entries().Any(p => p.Entity == newPerson));
//Assert.AreEqual(EntityState.Modified, dbContextConnectionClass.Entry(company1).State);
//Assert.IsTrue(dbContextConnectionClass.Entry(company1).Property("Description").IsModified);
//Assert.IsTrue(dbContextConnectionClass.Entry(company1).Property("DecimalItem").IsModified);
//Assert.IsFalse(dbContextConnectionClass.Entry(company1).Property("ItemCount").IsModified);
}
}
public void WriteMemberDenyPermission()
{
using (DbContextMultiClass dbContextMultiClass = new DbContextMultiClass()) {
dbContextMultiClass.Add(new DbContextObject1());
dbContextMultiClass.SaveChanges();
}
using (DbContextMultiClass dbContextMultiClass = new DbContextMultiClass()) {
DbContextObject1 obj1 = dbContextMultiClass.dbContextDbSet1.FirstOrDefault();
Expression <Func <DbContextMultiClass, DbContextObject1, bool> > badCriteria = (db, obj) => obj.Description == "Not good description";
dbContextMultiClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Write, OperationState.Deny, "DecimalItem", badCriteria);
obj1.Description = "Good description";
obj1.DecimalItem = 20;
dbContextMultiClass.SaveChanges();
obj1.Description = "Not good description";
obj1.DecimalItem = 10;
SecurityTestHelper.FailSaveChanges(dbContextMultiClass);
obj1.Description = "Good description";
obj1.DecimalItem = 10;
dbContextMultiClass.SaveChanges();
}
}
public void Can_create_VIP_level()
{
var role = SecurityTestHelper.CreateRole();
var admin = SecurityTestHelper.CreateAdmin(Licensee.Id, roleId: role.Id);
role.Id = RoleIds.SingleBrandManagerId;
admin.Licensees.Clear();
admin.AllowedBrands.Clear();
admin.Currencies.Clear();
admin.SetLicensees(new[] { Licensee.Id });
admin.AddAllowedBrand(Brand.Id);
SecurityTestHelper.SignInAdmin(admin);
var addVipLevelCommand = CreateAddVipLevelCommand(Brand);
_brandCommands.AddVipLevel(addVipLevelCommand);
var vipLevel = BrandQueries.GetVipLevels().FirstOrDefault(x => x.Code == addVipLevelCommand.Code);
Assert.That(vipLevel, Is.Not.Null);
Assert.That(vipLevel.Name, Is.EqualTo(addVipLevelCommand.Name));
Assert.That(vipLevel.VipLevelGameProviderBetLimits.Count, Is.EqualTo(1));
Assert.That(vipLevel.VipLevelGameProviderBetLimits.First().Currency.Code, Is.EqualTo(addVipLevelCommand.Limits.First().CurrencyCode));
Assert.That(vipLevel.VipLevelGameProviderBetLimits.First().GameProviderId, Is.EqualTo(addVipLevelCommand.Limits.First().GameProviderId));
// Assert.That(vipLevel.VipLevelLimits.First().Minimum, Is.EqualTo(addVipLevelCommand.Limits.First().Minimum));
}
public void Can_not_create_two_default_vip_levels()
{
var role = SecurityTestHelper.CreateRole();
var admin = SecurityTestHelper.CreateAdmin(Licensee.Id, roleId: role.Id);
role.Id = RoleIds.SingleBrandManagerId;
admin.Licensees.Clear();
admin.AllowedBrands.Clear();
admin.Currencies.Clear();
admin.SetLicensees(new[] { Licensee.Id });
admin.AddAllowedBrand(Brand.Id);
SecurityTestHelper.SignInAdmin(admin);
var vipLevel = CreateAddVipLevelCommand(Brand);
var vipLevel2 = CreateAddVipLevelCommand(Brand);
vipLevel2.IsDefault = true;
_brandCommands.AddVipLevel(vipLevel);
Action action = () => _brandCommands.AddVipLevel(vipLevel2);
action.ShouldThrow <RegoValidationException>()
.Where(x => x.Message.Contains("Default vip level for this brand already exists"));
}
public void Can_not_create_two_vip_levels_with_same_code_for_one_brand()
{
var role = SecurityTestHelper.CreateRole();
var admin = SecurityTestHelper.CreateAdmin(Licensee.Id, roleId: role.Id);
role.Id = RoleIds.SingleBrandManagerId;
admin.Licensees.Clear();
admin.AllowedBrands.Clear();
admin.Currencies.Clear();
admin.SetLicensees(new[] { Licensee.Id });
admin.AddAllowedBrand(Brand.Id);
SecurityTestHelper.SignInAdmin(admin);
var vipLevel1 = CreateAddVipLevelCommand(Brand);
var vipLevel2 = CreateAddVipLevelCommand(Brand, code: vipLevel1.Code);
_brandCommands.AddVipLevel(vipLevel1);
Action action = () => _brandCommands.AddVipLevel(vipLevel2);
action.ShouldThrow <RegoValidationException>()
.Where(x => x.Message.Contains("common.codeUnique"));
}
public void Can_create_two_vip_levels_with_same_code_and_name_for_different_brands()
{
var brand2 = BrandHelper.CreateBrand(Brand.Licensee);
SecurityTestHelper.CreateBrand(brand2.Id, brand2.LicenseeId, brand2.TimezoneId);
var role = SecurityTestHelper.CreateRole();
var admin = SecurityTestHelper.CreateAdmin(Licensee.Id, roleId: role.Id);
role.Id = RoleIds.SingleBrandManagerId;
admin.Licensees.Clear();
admin.AllowedBrands.Clear();
admin.Currencies.Clear();
admin.SetLicensees(new[] { Licensee.Id });
admin.AddAllowedBrand(Brand.Id);
admin.AddAllowedBrand(brand2.Id);
SecurityTestHelper.SignInAdmin(admin);
var vipLevel1 = CreateAddVipLevelCommand(Brand);
var vipLevel2 = CreateAddVipLevelCommand(brand2, vipLevel1.Name, vipLevel1.Code);
_brandCommands.AddVipLevel(vipLevel1);
_brandCommands.AddVipLevel(vipLevel2);
var vipLevels = BrandQueries.GetVipLevels().Where(x => x.Id == vipLevel1.Id || x.Id == vipLevel2.Id).ToList();
Assert.That(vipLevels.Count, Is.EqualTo(2));
}
public void Can_deactivate_Default_VIP_Level()
{
var role = SecurityTestHelper.CreateRole();
var admin = SecurityTestHelper.CreateAdmin(Licensee.Id, roleId: role.Id);
role.Id = RoleIds.SingleBrandManagerId;
admin.Licensees.Clear();
admin.AllowedBrands.Clear();
admin.Currencies.Clear();
admin.SetLicensees(new[] { Licensee.Id });
admin.AddAllowedBrand(Brand.Id);
SecurityTestHelper.SignInAdmin(admin);
var newVipLevel = CreateAddVipLevelCommand(Brand);
var defaultVipLevelId = Brand.DefaultVipLevelId;
var newVipLevelId = _brandCommands.AddVipLevel(newVipLevel);
Assert.DoesNotThrow(() =>
{
_brandCommands.DeactivateVipLevel(defaultVipLevelId.Value, "-", newVipLevelId);
});
var oldDefaultVipLevel = BrandRepository.VipLevels.Single(o => o.Id == defaultVipLevelId);
var newDefaultVipLevel = BrandRepository.VipLevels.Single(o => o.Id == newVipLevelId);
var brand = BrandRepository.Brands.Single(o => o.Id == Brand.Id);
Assert.True(oldDefaultVipLevel.Status == VipLevelStatus.Inactive);
Assert.True(brand.DefaultVipLevelId == newDefaultVipLevel.Id && newDefaultVipLevel.Status == VipLevelStatus.Active);
}
public void ReadBlockedMembersFromObjectWithBlockedCollectionProperty()
{
SecurityTestHelper.InitializeContextWithNavigationPropertiesAndCollections();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Read, OperationState.Deny, "Offices", SecurityTestHelper.CompanyNameEqualsTwo);
Assert.AreEqual(3, dbContextConnectionClass.Company.Include(p => p.Offices).Count());
Company company1 = dbContextConnectionClass.Company.Include(p => p.Offices).OrderBy(d => d.Id).First(p => p.CompanyName == "1");
Assert.IsNotNull(company1.Offices);
Assert.AreEqual(2, company1.Offices.Count());
IList <string> company1BlockedMembers = dbContextConnectionClass.Entry(company1).GetBlockedMembers();
Assert.IsNotNull(company1BlockedMembers);
Assert.AreEqual(0, company1BlockedMembers.Count());
Company company2 = dbContextConnectionClass.Company.Include(p => p.Offices).OrderBy(d => d.Id).First(p => p.CompanyName == "2");
Assert.IsNull(company2.Offices);
IList <string> company2BlockedMembers = dbContextConnectionClass.Entry(company2).GetBlockedMembers();
Assert.IsNotNull(company2BlockedMembers);
Assert.AreEqual(2, company2BlockedMembers.Count());
Assert.AreEqual("Offices", company2BlockedMembers.First());
}
}
public void Can_update_admin()
{
var admin = SecurityTestHelper.CreateAdmin();
var firstName = TestDataGenerator.GetRandomString();
var lastName = TestDataGenerator.GetRandomString();
var status = true;
var language = TestDataGenerator.GetRandomString();
var description = TestDataGenerator.GetRandomString();
admin.FirstName = firstName;
admin.LastName = lastName;
admin.IsActive = status;
admin.Language = language;
admin.Description = description;
var adminData = Mapper.DynamicMap <EditAdminData>(admin);
adminData.AllowedBrands = admin.AllowedBrands.Select(b => b.Id).ToList();
adminData.AssignedLicensees = admin.Licensees.Select(l => l.Id).ToList();
adminData.Password = TestDataGenerator.GetRandomString();
AdminCommands.UpdateAdmin(adminData);
admin = AdminQueries.GetAdminById(admin.Id);
Assert.True(admin.FirstName == firstName);
Assert.True(admin.LastName == lastName);
Assert.True(admin.IsActive == status);
Assert.True(admin.Language == language);
Assert.True(admin.Description == description);
}
public void WriteMembersMultiplePermissions()
{
using (DbContextMultiClass dbContextMultiClass = new DbContextMultiClass()) {
dbContextMultiClass.Add(new DbContextObject1());
dbContextMultiClass.SaveChanges();
}
using (DbContextMultiClass dbContextMultiClass = new DbContextMultiClass()) {
DbContextObject1 obj1 = dbContextMultiClass.dbContextDbSet1.FirstOrDefault();
dbContextMultiClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.DenyAllByDefault);
Expression <Func <DbContextMultiClass, DbContextObject1, bool> > goodCriteria = (db, obj) => obj.ItemCount > 3;
dbContextMultiClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Write, OperationState.Allow, "ItemCount", goodCriteria);
Expression <Func <DbContextMultiClass, DbContextObject1, bool> > goodCriteria2 = (db, obj) => obj.ItemCount < 9;
dbContextMultiClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Write, OperationState.Allow, "ItemCount", goodCriteria2);
Expression <Func <DbContextMultiClass, DbContextObject1, bool> > badCriteria = (db, obj) => obj.ItemCount == 8;
dbContextMultiClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Write, OperationState.Deny, "ItemCount", badCriteria);
obj1.ItemCount = 8;
SecurityTestHelper.FailSaveChanges(dbContextMultiClass);
Assert.AreEqual(0, obj1.DecimalItem);
obj1.ItemCount = 6;
dbContextMultiClass.SaveChanges();
}
}
public void ThenNewUserIsSuccessfullyCreated()
{
ScenarioContext.Current.Should().ContainKey("brandId");
var brandId = ScenarioContext.Current.Get <Guid>("brandId");
ScenarioContext.Current.Should().ContainKey("licenseeId");
var licenseeId = ScenarioContext.Current.Get <Guid>("licenseeId");
var data = new AddAdminData
{
Username = TestDataGenerator.GetRandomString(),
FirstName = "User",
LastName = "123",
Password = "******",
Language = "English",
IsActive = true,
AssignedLicensees = new[] { licenseeId },
AllowedBrands = new[] { brandId },
Currencies = new[] { "CAD" },
RoleId = SecurityTestHelper.CreateRole().Id
};
var result = AdminApiProxy.CreateUserInAdminManager(data);
result.Should().NotBeNull();
result.StatusCode.ShouldBeEquivalentTo(HttpStatusCode.OK);
}
public void Cannot_delete_brand_ip_regulation_with_invalid_brand()
{
/*** Arrange ***/
var licensee = BrandTestHelper.CreateLicensee();
var brand = BrandTestHelper.CreateBrand(licensee, isActive: true);
SecurityTestHelper.CreateBrand(brand.Id, brand.LicenseeId, brand.TimezoneId);
var ipAddress = TestDataGenerator.GetRandomIpAddress();
var data = new AddBrandIpRegulationData
{
IpAddress = ipAddress,
BrandId = brand.Id,
LicenseeId = licensee.Id,
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = "google.com"
};
_brandService.CreateIpRegulation(data);
var regulation = _brandService.GetIpRegulations().SingleOrDefault(ip => ip.IpAddress == ipAddress);
LogWithNewAdmin(Modules.BrandIpRegulationManager, Permissions.Delete);
/*** Act ***/
Assert.NotNull(regulation);
Assert.Throws <InsufficientPermissionsException>(() => _brandService.DeleteIpRegulation(regulation.Id));
}
public void Can_create_role()
{
var role = SecurityTestHelper.CreateRole();
Assert.IsNotNull(role);
Assert.False(role.Id == Guid.Empty);
}
public void Can_create_admin()
{
var admin = SecurityTestHelper.CreateAdmin();
Assert.IsNotNull(admin);
Assert.False(admin.Id == Guid.Empty);
}
public void Can_update_role()
{
// *** Arrange ***
var role = SecurityTestHelper.CreateRole();
var admin = SecurityTestHelper.CreateAdmin(roleId: role.Id);
role.Code = TestDataGenerator.GetRandomString();
role.Name = TestDataGenerator.GetRandomString();
role.Description = TestDataGenerator.GetRandomString();
var roleData = Mapper.DynamicMap <EditRoleData>(role);
roleData.CheckedPermissions = new List <Guid>();
SecurityTestHelper.SignInAdmin(admin);
// *** Act ***
var roleService = Container.Resolve <RoleService>();
roleService.UpdateRole(roleData);
// *** Assert ***
var updatedRole = roleService.GetRoleById(role.Id);
Assert.True(updatedRole.Code == role.Code);
Assert.True(updatedRole.Name == role.Name);
Assert.True(updatedRole.Description == role.Description);
Assert.True(updatedRole.UpdatedBy.Id == admin.Id);
Assert.True(updatedRole.UpdatedDate.HasValue);
}
public void Cannot_update_brand_ip_regulation_with_invalid_brand()
{
/*** Arrange ***/
var licensee = BrandTestHelper.CreateLicensee();
var brand = BrandTestHelper.CreateBrand(licensee, isActive: true);
SecurityTestHelper.CreateBrand(brand.Id, brand.LicenseeId, brand.TimezoneId);
var addBrandIpRegulationData = new AddBrandIpRegulationData
{
IpAddress = TestDataGenerator.GetRandomIpAddress(),
BrandId = brand.Id,
LicenseeId = licensee.Id,
BlockingType = IpRegulationConstants.BlockingTypes.Redirection,
RedirectionUrl = "google.com"
};
_brandService.CreateIpRegulation(addBrandIpRegulationData);
var editBrandIpRegulationData = Mapper.DynamicMap <EditBrandIpRegulationData>(addBrandIpRegulationData);
LogWithNewAdmin(Modules.BrandIpRegulationManager, Permissions.Update);
/*** Act ***/
Assert.Throws <InsufficientPermissionsException>(() => _brandService.UpdateIpRegulation(editBrandIpRegulationData));
}
public void SuperAdmin_can_access_all_brands()
{
// *** Arrange ***
const int brandCount = 20;
var brands = new List <Core.Brand.Interface.Data.Brand>();
for (var i = 0; i < brandCount; i++)
{
brands.Add(CreateBrand());
}
var admin = SecurityRepository.GetAdminById(_actorInfoProvider.Actor.Id);
var allowedBrands = brands.Select(b => b.Id).ToList();
allowedBrands.AddRange(admin.AllowedBrands.Select(b => b.Id));
admin.SetAllowedBrands(allowedBrands);
SecurityTestHelper.SignInAdmin(admin);
// *** Act ***
var filtered = BrandQueries.GetFilteredBrands(brands, admin.Id);
// *** Assert ***
Assert.IsNotNull(filtered);
Assert.True(filtered.Count() == brandCount);
}
public override void SetUp()
{
base.SetUp();
_securityTestHelper = new SecurityTestHelper();
_user = CreateUser();
ClientTransaction.Current.CreateSubTransaction().EnterDiscardingScope();
}
public void Read_PolicyAllow_OneObjectDeny()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.AllowAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.Read, OperationState.Deny, SecurityTestHelper.CompanyNameEqualsOne);
Assert.AreEqual(2, dbContextConnectionClass.Company.Count());
}
}
public void Read_OneObjectDeny_ObjectCount()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.ReadWrite, OperationState.Deny, SecurityTestHelper.OfficeNameEqualsOne);
Company company = dbContextConnectionClass.Company.Include(p => p.Offices).Single(d => d.CompanyName == "1");
Assert.AreEqual(2, company.Offices.Count);
}
}
public void WhenNewRoleIsCreated()
{
ScenarioContext.Current.Should().ContainKey("licenseeId");
var licenseeId = ScenarioContext.Current.Get <Guid>("licenseeId");
var role = SecurityTestHelper.CreateRole(new[] { licenseeId });
ScenarioContext.Current.Add("roleId", role.Id);
}
public AdminSteps()
{
SecurityTestHelper = Container.Resolve <SecurityTestHelper>();
SecurityTestHelper.SignInClaimsSuperAdmin();
BrandHelper = Container.Resolve <BrandTestHelper>();
PaymentHelper = Container.Resolve <PaymentTestHelper>();
BackendIpRegulationService = Container.Resolve <BackendIpRegulationService>();
BrandIpRegulationService = Container.Resolve <BrandIpRegulationService>();
}
public PlayerSteps()
{
SecurityTestHelper = Container.Resolve <SecurityTestHelper>();
SecurityTestHelper.SignInClaimsSuperAdmin();
BrandHelper = Container.Resolve <BrandTestHelper>();
PlayerHelper = Container.Resolve <PlayerTestHelper>();
PaymentHelper = Container.Resolve <PaymentTestHelper>();
PlayerQueries = Container.Resolve <PlayerQueries>();
}
public override void BeforeAll()
{
base.BeforeAll();
_playerTestHelper = _container.Resolve <PlayerTestHelper>();
_securityTestHelper = _container.Resolve <SecurityTestHelper>();
_brandTestHelper = _container.Resolve <BrandTestHelper>();
_defaultLicensee = _brandTestHelper.GetDefaultLicensee();
_playerQueries = _container.Resolve <PlayerQueries>();
}
public void Modify_FakeCollectionObject()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.AddMemberPermission(SecurityOperation.Read, OperationState.Deny, "Name", SecurityTestHelper.OfficeTrue);
Company company = dbContextConnectionClass.Company.Include(p => p.Offices).First(p => p.CompanyName == "1");
Office office = dbContextConnectionClass.Offices.First();
Assert.IsNull(office.Name);
Office officeFromCollection = company.Offices.First();
Assert.IsNull(officeFromCollection.Name);
}
}
public void ReadCompanyPerson_WhenPersonsIsDeny()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContext = new DbContextConnectionClass()) {
dbContext.PermissionsContainer.AddObjectPermission <DbContextConnectionClass, Office>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.Name == "1");
Company company = dbContext.Company.Include(p => p.Offices).First(p => p.CompanyName == "1");
Assert.AreEqual(2, company.Offices.Count);
Assert.IsFalse(company.Offices.Any(c => c.Name == "1"));
Assert.AreEqual(null, company.Person);
}
}
public void ReadTaskContactDepartment_WhenContactIsDeny()
{
using (DbContextManyToManyRelationship dbContext = new DbContextManyToManyRelationship()) {
SecurityTestHelper.InitializeData(dbContext);
dbContext.PermissionsContainer.AddObjectPermission <DbContextManyToManyRelationship, Contact>(SecurityOperation.Read, OperationState.Deny, (db, obj) => obj.ContactTasks.Any(ct => ct.Task.Description == "Draw"));
DemoTask task = dbContext.Tasks.Include(p => p.ContactTasks).ThenInclude(ct => ct.Contact).ThenInclude(c => c.Department).First(p => p.Description == "Draw");
Assert.IsNotNull(task);
Assert.IsNotEmpty(task.ContactTasks);
Assert.IsNotNull(task.ContactTasks.First());
Assert.IsNull(task.ContactTasks.First().Contact);
}
}
public override void BeforeAll()
{
base.BeforeAll();
var brandQueries = _container.Resolve <BrandQueries>();
_defaultLicenseeId = brandQueries.GetLicensees().First(x => x.Name == DefaultLicensee).Id;
_brand = brandQueries.GetBrands().First(x => x.Name == DefaultBrand);
var currencies = brandQueries.GetCurrenciesByBrand(_brand.Id).Select(c => c.Code);
// create a user for default licensee and brand
_securityTestHelper = _container.Resolve <SecurityTestHelper>();
_adminData = _securityTestHelper.CreateAdmin(_defaultLicenseeId, new[] { _brand }, currencies, "123456");
}
public override void BeforeEach()
{
base.BeforeEach();
PaymentTestHelper = Container.Resolve <PaymentTestHelper>();
BrandTestHelper = Container.Resolve <BrandTestHelper>();
SecurityTestHelper = Container.Resolve <SecurityTestHelper>();
StartWorkers();
SecurityTestHelper.PopulatePermissions();
SecurityTestHelper.CreateAndSignInSuperAdmin();
SecurityTestHelper.SignInClaimsSuperAdmin();
CurrentBrand = BrandTestHelper.CreateActiveBrandWithProducts();
}
public void Read_PolicyDeny_OneObjectAllow_IncludeNavigateObject()
{
SecurityTestHelper.InitializeContextWithNavigationProperties();
using (DbContextConnectionClass dbContextConnectionClass = new DbContextConnectionClass()) {
dbContextConnectionClass.PermissionsContainer.SetPermissionPolicy(PermissionPolicy.DenyAllByDefault);
dbContextConnectionClass.PermissionsContainer.AddObjectPermission(SecurityOperation.Read, OperationState.Allow, SecurityTestHelper.CompanyNameEqualsOne);
Assert.AreEqual(1, dbContextConnectionClass.Company.Include(p => p.Person).Count());
Assert.AreEqual(0, dbContextConnectionClass.Persons.Include(p => p.Company).Count());
Company company = dbContextConnectionClass.Company.Include(p => p.Person).First();
Assert.IsNull(company.Person);
}
}