public void SecureForCausesHighCpu() { User user = new User { Name = "Mr. Test" }; Content contentWithoutPermission = new Content { Title = "Content Without Permission" }; Content contentWithPermission = new Content { Title = "Content With Permission" }; using (IDocumentSession session = store.OpenSession()) { session.Store(user); session.Store(contentWithoutPermission); session.Store(contentWithPermission); client::Raven.Bundles.Authorization.Model.DocumentAuthorization authorization = client::Raven.Client.Authorization.AuthorizationClientExtensions.GetAuthorizationFor(session, contentWithoutPermission) ?? new client::Raven.Bundles.Authorization.Model.DocumentAuthorization(); authorization.Permissions.Add(new client::Raven.Bundles.Authorization.Model.DocumentPermission { Allow = false, Operation = Operation, User = user.Id }); client::Raven.Client.Authorization.AuthorizationClientExtensions.SetAuthorizationFor(session, contentWithoutPermission, authorization); authorization = client::Raven.Client.Authorization.AuthorizationClientExtensions.GetAuthorizationFor(session, contentWithPermission) ?? new client::Raven.Bundles.Authorization.Model.DocumentAuthorization(); authorization.Permissions.Add(new client::Raven.Bundles.Authorization.Model.DocumentPermission { Allow = true, Operation = Operation, User = user.Id }); client::Raven.Client.Authorization.AuthorizationClientExtensions.SetAuthorizationFor(session, contentWithPermission, authorization); session.SaveChanges(); } while (store.DatabaseCommands.GetStatistics().StaleIndexes.Length > 0) { Thread.Sleep(10); } for (int i = 0; i < 5; i++) { using (IDocumentSession session = store.OpenSession()) { client::Raven.Client.Authorization.AuthorizationClientExtensions.SecureFor(session, user.Id, Operation); Content contentY = session.Query <Content>().FirstOrDefault(); Assert.NotNull(contentY); Assert.Equal(contentWithPermission.Id, contentY.Id); } } }
public void Create_Library_And_Set_Permission_For_Roles_Administrators_And_For_User_Andrea() { using (IDocumentSession session = store.OpenSession(DatabaseName)) { SetupRoles(session); SetupUsers(session); } using (IDocumentSession session = store.OpenSession(DatabaseName)) { var library = new Library { Id = "library/andrea-lib" }; session.Store(library); var documentAuthorization = new client::Raven.Bundles. Authorization.Model. DocumentAuthorization { Permissions = { new client::Raven.Bundles. Authorization.Model. DocumentPermission { Allow = true, Operation = "Library/View", User = "******" }, new client::Raven.Bundles. Authorization.Model. DocumentPermission { Allow = true, Operation = "Library/Manage", Role = "Administrators" } } }; client::Raven.Client.Authorization.AuthorizationClientExtensions.SetAuthorizationFor(session, library, documentAuthorization); session.SaveChanges(); } using (IDocumentSession session = store.OpenSession(DatabaseName)) { var paolo = session.Load<client::Raven.Bundles.Authorization.Model.AuthorizationUser>("paolo"); //Paolo is a Users Assert.True(paolo.Roles.Exists(mc => mc.Equals("Users"))); //Paolo is not an Administrators Assert.True(!paolo.Roles.Exists(mc => mc.Equals("Administrators"))); client::Raven.Bundles.Authorization.OperationAllowedResult paoloCanView = client::Raven.Client.Authorization.AuthorizationClientExtensions.IsOperationAllowedOnDocument(session.Advanced, "paolo", "Library/View", "library/andrea-lib"); //Paolo cannot View Assert.True(!paoloCanView.IsAllowed); client::Raven.Bundles.Authorization.OperationAllowedResult paoloCanMange = client::Raven.Client.Authorization.AuthorizationClientExtensions.IsOperationAllowedOnDocument(session.Advanced, "paolo", "Library/Manage", "library/andrea-lib"); //Paolo cannot Manage Assert.True(!paoloCanMange.IsAllowed); } }
public void Create_Library_And_Set_Permission_For_Roles_Administrators_And_For_User_Andrea() { using (IDocumentSession session = store.OpenSession(DatabaseName)) { SetupRoles(session); SetupUsers(session); } using (IDocumentSession session = store.OpenSession(DatabaseName)) { var library = new Library { Id = "library/andrea-lib" }; session.Store(library); var documentAuthorization = new client::Raven.Bundles. Authorization.Model. DocumentAuthorization { Permissions = { new client::Raven.Bundles. Authorization.Model. DocumentPermission { Allow = true, Operation = "Library/View", User = "******" }, new client::Raven.Bundles. Authorization.Model. DocumentPermission { Allow = true, Operation = "Library/Manage", Role = "Administrators" } } }; client::Raven.Client.Authorization.AuthorizationClientExtensions.SetAuthorizationFor(session, library, documentAuthorization); session.SaveChanges(); } using (IDocumentSession session = store.OpenSession(DatabaseName)) { var paolo = session.Load <client::Raven.Bundles.Authorization.Model.AuthorizationUser>("paolo"); //Paolo is a Users Assert.True(paolo.Roles.Exists(mc => mc.Equals("Users"))); //Paolo is not an Administrators Assert.True(!paolo.Roles.Exists(mc => mc.Equals("Administrators"))); client::Raven.Bundles.Authorization.OperationAllowedResult paoloCanView = client::Raven.Client.Authorization.AuthorizationClientExtensions.IsOperationAllowedOnDocument(session.Advanced, "paolo", "Library/View", "library/andrea-lib"); //Paolo cannot View Assert.True(!paoloCanView.IsAllowed); client::Raven.Bundles.Authorization.OperationAllowedResult paoloCanMange = client::Raven.Client.Authorization.AuthorizationClientExtensions.IsOperationAllowedOnDocument(session.Advanced, "paolo", "Library/Manage", "library/andrea-lib"); //Paolo cannot Manage Assert.True(!paoloCanMange.IsAllowed); } }