public void RunReportSomeAccess() { var nameDescList = new List <Tuple <string, string> > { new Tuple <string, string>("Name1", "Description1"), new Tuple <string, string>("Name2", "Description2") }; SecurityTestData testData = SetupSecurityTest(nameDescList); var reportingInterface = new ReportingInterface(); // Create an access rule only for entity with Name1 new AccessRuleFactory().AddAllowReadQuery(testData.UserAccount.As <EntityModel.Subject>(), testData.EntityType.As <EntityModel.SecurableEntity>(), TestQueries.EntitiesWithName(testData.EntityType, "Name1").ToReport()); ReportResult reportResult; using (new SetUser(testData.UserAccount)) { reportResult = reportingInterface.RunReport(testData.Report, null); } foreach (var nameDesc in nameDescList) { Assert.AreEqual(nameDesc.Item1 == "Name1" ? 1 : 0, reportResult.GridData.Count(gd => gd.Values[1].Value == nameDesc.Item1 && gd.Values[2].Value == nameDesc.Item2)); } Assert.AreEqual(1, reportResult.GridData.Count); }
public void SetUp() { _ratAttrib = new RunAsDefaultTenant(); // Explicitly calling the RunAsDefaultTenant attribute so that we can set up some common objects to speed up the test. _ratAttrib.BeforeTest(null); _userAccount = Entity.Create <UserAccount>(); _userAccount.Name = "Test user " + Guid.NewGuid().ToString(); _userAccount.Save(); new AccessRuleFactory().AddAllowByQuery( _userAccount.As <Subject>(), Workflow.Workflow_Type.As <SecurableEntity>(), Permissions.Read.ToEnumerable(), TestQueries.WorkflowWithName("A").ToReport()); new AccessRuleFactory().AddAllowByQuery( _userAccount.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:read").ToEnumerable(), TestQueries.EntitiesWithName("Readable").ToReport()); new AccessRuleFactory().AddAllowByQuery( _userAccount.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:modify").ToEnumerable(), TestQueries.EntitiesWithName("Writable").ToReport()); new AccessRuleFactory().AddAllowByQuery( _userAccount.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:create").ToEnumerable(), TestQueries.EntitiesWithName("Creatable").ToReport()); new AccessRuleFactory().AddAllowByQuery( _userAccount.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:delete").ToEnumerable(), TestQueries.EntitiesWithName("Deletable").ToReport()); new AccessRuleFactory().AddAllowByQuery( _userAccount.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:read").ToEnumerable(), TestQueries.EntitiesWithName("Deletable").ToReport()); }
// CANNOT RUN THIS AS A TRANSACTION public void WfTriggersAsNonAdmin() { var myType = CreateType("CreateTriggerAddsAndRemovesTypeHook_type", UserResource.UserResource_Type); var myWorkflow = CreateWorkflow("CreateTriggerAddsAndRemovesTypeHook_workflow"); var myTrigger = CreateTrigger("CreateTriggerAddsAndRemovesTypeHook_trigger", myType, myWorkflow); using (new WorkflowRunContext { RunTriggersInCurrentThread = true }) { myType.AsWritable(); myType.Name = "Creatable"; myType.IsOfType.Add(Resource.Resource_Type); myType.Save(); var myUser = Entity.Create <UserAccount>(); myUser.Name = "Bob" + DateTime.Now; myUser.Save(); ToDelete.Add(myUser.Id); new AccessRuleFactory().AddAllowByQuery( myUser.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:create").ToEnumerable(), TestQueries.EntitiesWithName("Creatable").ToReport()); using (new SetUser(myUser)) { var e = Entity.Create(myType).As <Resource>(); e.Name = "MyName"; e.CreatedDate = DateTime.Now; e.CreatedBy = myUser; e.SecurityOwner = myUser; e.Save(); ToDelete.Add(e.Id); } } var wf = Entity.Get <Workflow>(myWorkflow); var failures = wf.RunningInstances.Count(r => r.WorkflowRunStatus_Enum != WorkflowRunState_Enumeration.WorkflowRunCompleted); Assert.That(wf.RunningInstances.Count, Is.EqualTo(1), "It ran"); Assert.That(wf.RunningInstances.First().WorkflowRunStatus_Enum == WorkflowRunState_Enumeration.WorkflowRunCompleted, "It ran without errors"); }
public void SimplifiedTest() { // Set up security so we have a user that can save stuff var myUser = Entity.Create <UserAccount>(); myUser.Name = "Bob" + DateTime.Now; myUser.Save(); new AccessRuleFactory().AddAllowByQuery( myUser.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:modify").ToEnumerable(), TestQueries.EntitiesWithName("Creatable").ToReport()); // Create a person var p = Entity.Create <Person>(); p.Name = "Creatable"; p.Save(); // THIS FAILS using (new SetUser(myUser)) { var pw = p.AsWritable <Person>(); pw.Name = "bob"; pw.Save(); } // THIS WORKS //var pw = p2.AsWritable<Person>(); //pw.Name = "bob"; //pw.Save(); }
// CANNOT RUN THIS AS A TRANSACTION public void Bug_GrindsToHalt_22822() { int createdEntities = 50; Workflow myWorkflow; using (new WorkflowRunContext() { RunTriggersInCurrentThread = true }) { // **** Note to DQ ****** // Make sure that WorkflowConfiguration.TriggerSettings.MaxConcurrency is set to 6 (or some number other than one) so that it is running more realistically. // var myType = CreateType("CreateTriggerAddsAndRemovesTypeHook_type", UserResource.UserResource_Type); myWorkflow = CreateWorkflow("CreateTriggerAddsAndRemovesTypeHook_workflow"); var myTrigger = CreateTrigger("CreateTriggerAddsAndRemovesTypeHook_trigger", myType, myWorkflow); ToDelete.Add(myType.Id); ToDelete.Add(myWorkflow.Id); ToDelete.Add(myTrigger.Id); myType.AsWritable(); myType.Name = "Creatable"; myType.IsOfType.Add(Resource.Resource_Type); myType.Save(); var myUser = Entity.Create <UserAccount>(); myUser.Name = "Bob" + DateTime.Now; myUser.Save(); ToDelete.Add(myUser.Id); new AccessRuleFactory().AddAllowByQuery( myUser.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:create").ToEnumerable(), TestQueries.EntitiesWithName("Creatable").ToReport()); using (new SetUser(myUser)) { for (int i = 0; i < createdEntities; i++) { var e = Entity.Create(myType).As <Resource>(); e.Name = "MyName"; e.CreatedDate = DateTime.Now; e.CreatedBy = myUser; e.SecurityOwner = myUser; e.Save(); ToDelete.Add(e.Id); } } } var wf = Entity.Get <Workflow>(myWorkflow); var runningInstances = wf.RunningInstances; Assert.That(runningInstances.Count(), Is.EqualTo(createdEntities)); var failures = runningInstances.Count(r => r.WorkflowRunStatus_Enum != WorkflowRunState_Enumeration.WorkflowRunCompleted); Assert.That(failures, Is.EqualTo(0), "No runs failed"); }
public void RegularUserMakesAChangeIsLogged() { var toDelete = new List <long>(); try { var userAccount = Entity.Create <UserAccount>(); userAccount.Name = "Test user " + Guid.NewGuid().ToString(); userAccount.Save(); toDelete.Add(userAccount.Id); new AccessRuleFactory() .AddAllowByQuery( userAccount.As <Subject>(), UserResource.UserResource_Type.As <SecurableEntity>(), new EntityRef[] { new EntityRef("core:create") }, TestQueries.EntitiesWithName("Creatable").ToReport()); new AccessRuleFactory() .AddAllowByQuery( userAccount.As <Subject>(), UserResource.UserResource_Type.As <SecurableEntity>(), new EntityRef[] { new EntityRef("core:modify") }, TestQueries.EntitiesWithName("bob").ToReport()); var entityType = new EntityType { Name = "Creatable" }; entityType.Inherits.Add(UserResource.UserResource_Type); entityType.Save(); toDelete.Add(entityType.Id); var policy = new RecordChangeAuditPolicy() { Name = "TEST ResourceAuditEventHandlerTests RegularUserMakesAChangeIsLogged", TriggeredOnType = entityType, TriggerEnabled = true }; policy.UpdatedFieldsToTriggerOn.Add(Resource.Description_Field.Cast <Field>()); policy.Save(); toDelete.Add(policy.Id); var log = RunAndLog(() => { using (new SetUser(userAccount)) { var entity = Entity.Create(entityType); entity.SetField(Resource.Name_Field.As <Field>(), "bob"); entity.SetField(Resource.Description_Field.As <Field>(), "first"); entity.Save(); toDelete.Add(entity.Id); entity = entity.AsWritable(); entity.SetField(Resource.Description_Field.As <Field>(), "second"); entity.Save(); } }); Assert.That(log.Count, Is.EqualTo(2)); Assert.That(log[0].Description, Is.EqualTo("[Description] set to 'first'")); Assert.That(log[1].Description, Is.EqualTo("[Description] changed from 'first' -> 'second'")); } finally { Entity.Delete(toDelete); } }
//[Category( "ExtendedTests" )] public void TestWithWorkflowContext() { using (new WorkflowRunContext { RunTriggersInCurrentThread = true }) { Workflow myWorkflow = null; UserAccount myUser = null; Person myPerson = null; DisplayFormUserTask task1 = null; DisplayFormUserTask task2 = null; try { myWorkflow = Entity.Create <Workflow>() .AddDefaultExitPoint() .AddDisplayForm("Display Form 1", new string[] { "Exit1" }, null, null, null) .AddLog("First Log", "Log 1") .AddDisplayForm("Display Form 2", new string[] { "Exit1" }, null, null, null) .AddLog("Seond Log", "Log 2"); myWorkflow.Name = "UNNUMBERED_DianasSecurityProblem " + DateTime.Now; myWorkflow.WorkflowRunAsOwner = true; myWorkflow.Save(); ToDelete.Add(myWorkflow.Id); var myType = CreateType("CreateTriggerAddsAndRemovesTypeHook_type", UserResource.UserResource_Type); var myTrigger = CreateTrigger("CreateTriggerAddsAndRemovesTypeHook_trigger", myType, myWorkflow); myType.AsWritable(); myType.Name = "Creatable"; myType.IsOfType.Add(Resource.Resource_Type); myType.Save(); myPerson = Entity.Create <Person>(); myPerson.FirstName = "John"; myPerson.LastName = "Bob"; myUser = Entity.Create <UserAccount>(); myUser.Name = "Bob" + DateTime.Now; myUser.AccountHolder = myPerson; myUser.Save(); ToDelete.Add(myUser.Id); new AccessRuleFactory().AddAllowByQuery(myUser.As <Subject>(), Resource.Resource_Type.As <SecurableEntity>(), new EntityRef("core:create").ToEnumerable(), TestQueries.EntitiesWithName("Creatable").ToReport()); using (new SetUser(myUser)) using (new WorkflowRunContext(true)) { var e = Entity.Create(myType).As <Resource>(); e.Name = "MyName"; e.CreatedDate = DateTime.Now; e.CreatedBy = myUser; e.SecurityOwner = myUser; e.Save(); ToDelete.Add(e.Id); } Workflow wf; WorkflowRun run1; wf = Entity.Get <Workflow>(myWorkflow.Id); run1 = wf.RunningInstances.First(); Assert.That(run1, Is.Not.Null); task1 = run1.TaskWithinWorkflowRun.Select(t => t.As <DisplayFormUserTask>()).FirstOrDefault(t => t != null); Assert.That(task1, Is.Not.Null); task1.AssignedToUser.Should().NotBeNull(); task1.AssignedToUser.Id.Should().Be(myPerson.Id); using (new SetUser(myUser)) using (new WorkflowRunContext(true)) { var writableTask = task1.AsWritable <DisplayFormUserTask>(); writableTask.UserResponse = task1.AvailableTransitions.First(t => t.Name == "Exit1"); writableTask.TaskStatus_Enum = TaskStatusEnum_Enumeration.TaskStatusCompleted; writableTask.Save(); } Assert.IsTrue(WaitForWorkflowToStop(run1), "Workflow run should have completed."); wf = Entity.Get <Workflow>(wf.Id); var run2 = wf.RunningInstances.First(); Assert.That(run2, Is.Not.Null); task2 = run2.TaskWithinWorkflowRun.First(t => t.Id != task1.Id).As <DisplayFormUserTask>(); Assert.That(task2, Is.Not.Null); using (new SetUser(myUser)) using (new WorkflowRunContext(true)) { var writableTask = task2.AsWritable <DisplayFormUserTask>(); writableTask.UserResponse = writableTask.AvailableTransitions.First(t => t.Name == "Exit1"); writableTask.TaskStatus_Enum = TaskStatusEnum_Enumeration.TaskStatusCompleted; writableTask.Save(); } Assert.IsTrue(WaitForWorkflowToStop(run2), "Workflow run should have completed."); } finally { if (task1 != null) { ToDelete.Add(task1.Id); } if (task2 != null) { ToDelete.Add(task2.Id); } if (myWorkflow != null) { ToDelete.Add(myWorkflow.Id); } if (myUser != null) { ToDelete.Add(myUser.Id); } if (myPerson != null) { ToDelete.Add(myPerson.Id); } } } }
//[Ignore] // Cant seem to get this test working in the auto test environment - don't know why public void CheckWorkflowOwnerAndTriggererSet() { using (new WorkflowRunContext { RunTriggersInCurrentThread = true }) { var wfName = "test wf" + DateTime.Now; var owner = new UserAccount { Name = "TestOwner" + DateTime.Now }; owner.Save(); new AccessRuleFactory().AddAllowByQuery( owner.As <Subject>(), Workflow.Workflow_Type.As <SecurableEntity>(), Permissions.Read.ToEnumerable(), TestQueries.WorkflowWithName(wfName).ToReport()); var triggerer = new UserAccount { Name = "TestTriggerer" + DateTime.Now }; triggerer.Save(); new AccessRuleFactory().AddAllowByQuery( triggerer.As <Subject>(), UserAccount.UserAccount_Type.As <SecurableEntity>(), new EntityRef("core:read").ToEnumerable(), TestQueries.EntitiesWithName(owner.Name).ToReport()); new AccessRuleFactory().AddAllowByQuery( triggerer.As <Subject>(), Workflow.Workflow_Type.As <SecurableEntity>(), Permissions.Read.ToEnumerable(), TestQueries.WorkflowWithName(wfName).ToReport()); var currentContext = RequestContext.GetContext(); var wf = new Workflow { Name = wfName }; //var wfAs = wf.Cast<WfActivity>(); // why? wf .AddDefaultExitPoint() .AddOutput <ResourceArgument>("triggerman") .AddOutput <ResourceArgument>("owner") .AddAssignToVar("set out 1", "[Triggering User]", "triggerman") .AddAssignToVar("set out 2", "[Workflow Owner]", "owner") .AddLog("Log", "Owner: {{[Workflow Owner]}} Triggerer: {{[Triggering User]}}"); wf.SecurityOwner = owner; wf.Save(); var input = new Dictionary <string, object> { { "wfInInt", 10 } }; WorkflowRun run; using (CustomContext.SetContext(new IdentityInfo(triggerer.Id, owner.Name), currentContext.Tenant, currentContext.Culture)) { run = (RunWorkflow(wf, input)); } var outputs = run.GetOutput(); Assert.IsTrue(outputs.ContainsKey("owner"), "Owner was returned"); Assert.IsTrue(outputs.ContainsKey("triggerman"), "Triggerer was returned"); Assert.AreEqual(triggerer.Id, ((IEntity)outputs["triggerman"]).Id, "Ensure that the Triggering user is set to the id of the context."); Assert.AreEqual(owner.Id, ((IEntity)outputs["owner"]).Id, "The owner is set correctly."); } }