CSLA.NET 6.0.0
CSLA .NET is a software development framework that helps you build a reusable, maintainable object-oriented business layer for your app.
AuthTests.cs
Go to the documentation of this file.
1//-----------------------------------------------------------------------
2// <copyright file="AuthTests.cs" company="Marimer LLC">
3// Copyright (c) Marimer LLC. All rights reserved.
4// Website: https://cslanet.com
5// </copyright>
6// <summary>no summary</summary>
7//-----------------------------------------------------------------------
8using System;
9using System.Collections.Generic;
10using System.IO;
11using System.IO.IsolatedStorage;
12using System.Reflection;
13using System.Text;
14using Csla;
15using Csla.Serialization;
16using Csla.Rules;
17using Csla.Test.Security;
18using UnitDriven;
19using System.Diagnostics;
20using System.Security.Claims;
21using Csla.TestHelpers;
22using Csla.Configuration;
23
24#if NUNIT
25using NUnit.Framework;
26using TestClass = NUnit.Framework.TestFixtureAttribute;
27using TestInitialize = NUnit.Framework.SetUpAttribute;
28using TestCleanup = NUnit.Framework.TearDownAttribute;
29using TestMethod = NUnit.Framework.TestAttribute;
30#elif MSTEST
31using Microsoft.VisualStudio.TestTools.UnitTesting;
32#endif
33
34namespace Csla.Test.Authorization
35{
36#if TESTING
37 [DebuggerNonUserCode]
38 [DebuggerStepThrough]
39#endif
40 [TestClass()]
41 public class AuthTests
42 {
43 private static TestDIContext _anonymousDIContext;
44 private static TestDIContext _adminDIContext;
45
46 private static ClaimsPrincipal GetPrincipal(params string[] roles)
47 {
48 var identity = new ClaimsIdentity();
49 foreach (var item in roles)
50 identity.AddClaim(new Claim(ClaimTypes.Role, item));
51 return new ClaimsPrincipal(identity);
52 }
53
54 [ClassInitialize]
55 public static void ClassInitialize(TestContext context)
56 {
57 _anonymousDIContext = TestDIContextFactory.CreateContext(new ClaimsPrincipal());
58 _adminDIContext = TestDIContextFactory.CreateContext(GetPrincipal("Admin"));
59 }
60
61 [TestMethod()]
62 public void TestAuthCloneRules()
63 {
64 IDataPortal<DataPortal.DpRoot> dataPortal = _adminDIContext.CreateDataPortal<DataPortal.DpRoot>();
65 ApplicationContext applicationContext = _adminDIContext.CreateTestApplicationContext();
66
67 TestResults.Reinitialise();
68
69 DataPortal.DpRoot root = dataPortal.Fetch(new DataPortal.DpRoot.Criteria());
70
71 Assert.AreEqual(true, applicationContext.User.IsInRole("Admin"));
72
73 #region "Pre Cloning Tests"
74
75 //Is it denying read properly?
76 Assert.AreEqual("[DenyReadOnProperty] Can't read property", root.DenyReadOnProperty,
77 "Read should have been denied 1");
78
79 //Is it denying write properly?
80 root.DenyWriteOnProperty = "DenyWriteOnProperty";
81
82 Assert.AreEqual("[DenyWriteOnProperty] Can't write variable", root.Auth,
83 "Write should have been denied 2");
84
85 //Is it denying both read and write properly?
86 Assert.AreEqual("[DenyReadWriteOnProperty] Can't read property", root.DenyReadWriteOnProperty,
87 "Read should have been denied 3");
88
89 root.DenyReadWriteOnProperty = "DenyReadWriteONproperty";
90
91 Assert.AreEqual("[DenyReadWriteOnProperty] Can't write variable", root.Auth,
92 "Write should have been denied 4");
93
94 //Is it allowing both read and write properly?
95 Assert.AreEqual(root.AllowReadWriteOnProperty, root.Auth,
96 "Read should have been allowed 5");
97
98 root.AllowReadWriteOnProperty = "No value";
99 Assert.AreEqual("No value", root.Auth,
100 "Write should have been allowed 6");
101
102 #endregion
103
104 #region "After Cloning Tests"
105
106 //Do they work under cloning as well?
107 DataPortal.DpRoot newRoot = root.Clone();
108
109 TestResults.Reinitialise();
110
111 //Is it denying read properly?
112 Assert.AreEqual("[DenyReadOnProperty] Can't read property", newRoot.DenyReadOnProperty,
113 "Read should have been denied 7");
114
115 //Is it denying write properly?
116 newRoot.DenyWriteOnProperty = "DenyWriteOnProperty";
117
118 Assert.AreEqual("[DenyWriteOnProperty] Can't write variable", newRoot.Auth,
119 "Write should have been denied 8");
120
121 //Is it denying both read and write properly?
122 Assert.AreEqual("[DenyReadWriteOnProperty] Can't read property", newRoot.DenyReadWriteOnProperty,
123 "Read should have been denied 9");
124
125 newRoot.DenyReadWriteOnProperty = "DenyReadWriteONproperty";
126
127 Assert.AreEqual("[DenyReadWriteOnProperty] Can't write variable", newRoot.Auth,
128 "Write should have been denied 10");
129
130 //Is it allowing both read and write properly?
131 Assert.AreEqual(newRoot.AllowReadWriteOnProperty, newRoot.Auth,
132 "Read should have been allowed 11");
133
134 newRoot.AllowReadWriteOnProperty = "AllowReadWriteOnProperty";
135 Assert.AreEqual("AllowReadWriteOnProperty", newRoot.Auth,
136 "Write should have been allowed 12");
137
138 #endregion
139
140 }
141
142 [TestMethod()]
143 public void TestAuthBeginEditRules()
144 {
145 Guid managerInstanceId;
146 TestDIContext customDIContext = TestDIContextFactory.CreateContext(GetPrincipal("Admin"));
147 IDataPortal<DataPortal.DpRoot> dataPortal = customDIContext.CreateDataPortal<DataPortal.DpRoot>();
148 ApplicationContext applicationContext = customDIContext.CreateTestApplicationContext();
149
150 TestResults.Reinitialise();
151
152 DataPortal.DpRoot root = dataPortal.Create(new DataPortal.DpRoot.Criteria());
153
154 Assert.AreEqual(true, applicationContext.Principal.IsInRole("Admin"));
155
156 root.Data = "Something new";
157
158 root.BeginEdit();
159
160 #region "Pre-Testing"
161
162 root.Data = "Something new 1";
163
164 //Is it denying read properly?
165 managerInstanceId = ((ApplicationContextManagerUnitTests)applicationContext.ContextManager).InstanceId;
166 Debug.WriteLine(managerInstanceId);
167 string result = root.DenyReadOnProperty;
168 //Assert.AreEqual(managerInstanceId.ToString(), result);
169 Assert.AreEqual("[DenyReadOnProperty] Can't read property", root.DenyReadOnProperty,
170 "Read should have been denied");
171
172 //Is it denying write properly?
173 root.DenyWriteOnProperty = "DenyWriteOnProperty";
174
175 Assert.AreEqual("[DenyWriteOnProperty] Can't write variable", root.Auth,
176 "Write should have been denied");
177
178 //Is it denying both read and write properly?
179 Assert.AreEqual("[DenyReadWriteOnProperty] Can't read property", root.DenyReadWriteOnProperty,
180 "Read should have been denied");
181
182 root.DenyReadWriteOnProperty = "DenyReadWriteONproperty";
183
184 Assert.AreEqual("[DenyReadWriteOnProperty] Can't write variable", root.Auth,
185 "Write should have been denied");
186
187 //Is it allowing both read and write properly?
188 Assert.AreEqual(root.AllowReadWriteOnProperty, root.Auth,
189 "Read should have been allowed");
190
191 root.AllowReadWriteOnProperty = "No value";
192 Assert.AreEqual("No value", root.Auth,
193 "Write should have been allowed");
194
195 #endregion
196
197 #region "Cancel Edit"
198
199 //Cancel the edit and see if the authorization rules still work
200 root.CancelEdit();
201
202 //Is it denying read properly?
203 Assert.AreEqual("[DenyReadOnProperty] Can't read property", root.DenyReadOnProperty,
204 "Read should have been denied");
205
206 //Is it denying write properly?
207 root.DenyWriteOnProperty = "DenyWriteOnProperty";
208
209 Assert.AreEqual("[DenyWriteOnProperty] Can't write variable", root.Auth,
210 "Write should have been denied");
211
212 //Is it denying both read and write properly?
213 Assert.AreEqual("[DenyReadWriteOnProperty] Can't read property", root.DenyReadWriteOnProperty,
214 "Read should have been denied");
215
216 root.DenyReadWriteOnProperty = "DenyReadWriteONproperty";
217
218 Assert.AreEqual("[DenyReadWriteOnProperty] Can't write variable", root.Auth,
219 "Write should have been denied");
220
221 //Is it allowing both read and write properly?
222 Assert.AreEqual(root.AllowReadWriteOnProperty, root.Auth,
223 "Read should have been allowed");
224
225 root.AllowReadWriteOnProperty = "No value";
226 Assert.AreEqual("No value", root.Auth,
227 "Write should have been allowed");
228
229 #endregion
230
231 #region "Apply Edit"
232
233 //Apply this edit and see if the authorization rules still work
234 //Is it denying read properly?
235 Assert.AreEqual("[DenyReadOnProperty] Can't read property", root.DenyReadOnProperty,
236 "Read should have been denied");
237
238 //Is it denying write properly?
239 root.DenyWriteOnProperty = "DenyWriteOnProperty";
240
241 Assert.AreEqual("[DenyWriteOnProperty] Can't write variable", root.Auth,
242 "Write should have been denied");
243
244 //Is it denying both read and write properly?
245 Assert.AreEqual("[DenyReadWriteOnProperty] Can't read property", root.DenyReadWriteOnProperty,
246 "Read should have been denied");
247
248 root.DenyReadWriteOnProperty = "DenyReadWriteONproperty";
249
250 Assert.AreEqual("[DenyReadWriteOnProperty] Can't write variable", root.Auth,
251 "Write should have been denied");
252
253 //Is it allowing both read and write properly?
254 Assert.AreEqual(root.AllowReadWriteOnProperty, root.Auth,
255 "Read should have been allowed");
256
257 root.AllowReadWriteOnProperty = "No value";
258 Assert.AreEqual("No value", root.Auth,
259 "Write should have been allowed");
260
261
262 #endregion
263
264 }
265
266 [TestMethod()]
267 public void TestAuthorizationAfterEditCycle()
268 {
269 TestDIContext customDIContext = TestDIContextFactory.CreateContext(GetPrincipal("Admin"));
270 IDataPortal<PermissionsRoot> dataPortal = customDIContext.CreateDataPortal<PermissionsRoot>();
271 ApplicationContext applicationContext = customDIContext.CreateTestApplicationContext();
272
273 TestResults.Reinitialise();
274
275 PermissionsRoot pr = dataPortal.Create();
276
277 pr.FirstName = "something";
278
279 pr.BeginEdit();
280 pr.FirstName = "ba";
281 pr.CancelEdit();
282
283 applicationContext.User = new ClaimsPrincipal();
284
285 PermissionsRoot prClone = pr.Clone();
286 applicationContext.User = GetPrincipal("Admin");
287 prClone.FirstName = "somethiansdfasdf";
288 }
289
290 [ExpectedException(typeof(Csla.Security.SecurityException))]
291 [TestMethod]
292 public void TestUnauthorizedAccessToGet()
293 {
294 IDataPortal<PermissionsRoot> dataPortal = _anonymousDIContext.CreateDataPortal<PermissionsRoot>();
295
296 TestResults.Reinitialise();
297
298 PermissionsRoot pr = dataPortal.Create();
299
300 //this should throw an exception, since only admins have access to this property
301 string something = pr.FirstName;
302 }
303
304 [ExpectedException(typeof(Csla.Security.SecurityException))]
305 [TestMethod]
306 public void TestUnauthorizedAccessToSet()
307 {
308 IDataPortal<PermissionsRoot> dataPortal = _anonymousDIContext.CreateDataPortal<PermissionsRoot>();
309
310 PermissionsRoot pr = dataPortal.Create();
311
312 //will cause an exception, because only admins can write to property
313 pr.FirstName = "test";
314 }
315
316 [TestMethod]
317 public void TestAuthorizedAccess()
318 {
319 TestDIContext customDIContext = TestDIContextFactory.CreateContext(GetPrincipal("Admin"));
320 IDataPortal<PermissionsRoot> dataPortal = customDIContext.CreateDataPortal<PermissionsRoot>();
321 ApplicationContext applicationContext = customDIContext.CreateTestApplicationContext();
322
323 TestResults.Reinitialise();
324
325 PermissionsRoot pr = dataPortal.Create();
326
327 //should work, because we are now logged in as an admin
328 pr.FirstName = "something";
329 string something = pr.FirstName;
330
331 Assert.AreEqual(true, applicationContext.Principal.IsInRole("Admin"));
332
333 //set to null so the other testmethods continue to throw exceptions
334 applicationContext.User = new ClaimsPrincipal();
335
336 Assert.AreEqual(false, applicationContext.Principal.IsInRole("Admin"));
337 }
338
339 [TestMethod]
340 public void TestAuthExecute()
341 {
342 TestDIContext customDIContext = TestDIContextFactory.CreateContext(GetPrincipal("Admin"));
343 IDataPortal<PermissionsRoot> dataPortal = customDIContext.CreateDataPortal<PermissionsRoot>();
344 ApplicationContext applicationContext = customDIContext.CreateTestApplicationContext();
345
346 TestResults.Reinitialise();
347
348 PermissionsRoot pr = dataPortal.Create();
349 //should work, because we are now logged in as an admin
350 pr.DoWork();
351
352 Assert.AreEqual(true, applicationContext.Principal.IsInRole("Admin"));
353
354 //set to null so the other testmethods continue to throw exceptions
355 applicationContext.User = new ClaimsPrincipal();
356
357 Assert.AreEqual(false, applicationContext.Principal.IsInRole("Admin"));
358 }
359
360 [TestMethod]
361 [ExpectedException(typeof(Csla.Security.SecurityException))]
362 public void TestUnAuthExecute()
363 {
364 IDataPortal<PermissionsRoot> dataPortal = _anonymousDIContext.CreateDataPortal<PermissionsRoot>();
365 ApplicationContext applicationContext = _anonymousDIContext.CreateTestApplicationContext();
366
367 TestResults.Reinitialise();
368
369 Assert.AreEqual(false, applicationContext.User.IsInRole("Admin"));
370
371 PermissionsRoot pr = dataPortal.Create();
372 //should fail, because we're not an admin
373 pr.DoWork();
374
375 }
376
377 [TestMethod]
378 public void TestAuthRuleSetsOnStaticHasPermissionMethodsWhenAddingAuthzRuleSetExplicitly()
379 {
380 IDataPortal<PermissionsRoot> dataPortal = _adminDIContext.CreateDataPortal<PermissionsRoot>();
381 ApplicationContext applicationContext = _adminDIContext.CreateTestApplicationContext();
382
383 TestResults.Reinitialise();
384
385 var root = dataPortal.Create();
386
387 Assert.IsTrue(applicationContext.Principal.IsInRole("Admin"));
388 Assert.IsFalse(applicationContext.Principal.IsInRole("User"));
389
390 // implicit usage of ApplicationContext.RuleSet
391 applicationContext.RuleSet = ApplicationContext.DefaultRuleSet;
392 Assert.IsFalse(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot)));
393 applicationContext.RuleSet = "custom1";
394 Assert.IsTrue(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot)));
395 applicationContext.RuleSet = "custom2";
396 Assert.IsTrue(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot)));
397
398 applicationContext.RuleSet = ApplicationContext.DefaultRuleSet;
399
400 // directly specifying which ruleset to use
401 Assert.IsFalse(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot), ApplicationContext.DefaultRuleSet));
402 Assert.IsTrue(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot), "custom1"));
403 Assert.IsTrue(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot), "custom2"));
404 }
405
406 [TestMethod]
407 public void TestAuthRuleSetsOnStaticHasPermissionMethodsWhenAddingAuthzRuleSetUsingApplicationContextRuleSet()
408 {
409 IDataPortal<PermissionsRoot2> dataPortal = _adminDIContext.CreateDataPortal<PermissionsRoot2>();
410 ApplicationContext applicationContext = _adminDIContext.CreateTestApplicationContext();
411
412 TestResults.Reinitialise();
413
414 var root = dataPortal.Create();
415
416 Assert.IsTrue(applicationContext.Principal.IsInRole("Admin"));
417 Assert.IsFalse(applicationContext.Principal.IsInRole("User"));
418
419 //BusinessRules.AddRule(typeof(PermissionsRoot), new Csla.Rules.CommonRules.IsInRole(AuthorizationActions.DeleteObject, "User"), ApplicationContext.DefaultRuleSet);
420 //BusinessRules.AddRule(typeof(PermissionsRoot), new Csla.Rules.CommonRules.IsInRole(AuthorizationActions.DeleteObject, "Admin"), "custom1");
421 //BusinessRules.AddRule(typeof(PermissionsRoot), new Csla.Rules.CommonRules.IsInRole(AuthorizationActions.DeleteObject, "User", "Admin"), "custom2");
422
423 // implicit usage of ApplicationContext.RuleSet
424 applicationContext.RuleSet = ApplicationContext.DefaultRuleSet;
425 Assert.IsFalse(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot2)));
426 applicationContext.RuleSet = "custom1";
427 Assert.IsTrue(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot2)));
428 applicationContext.RuleSet = "custom2";
429 Assert.IsTrue(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot2)));
430
431 applicationContext.RuleSet = ApplicationContext.DefaultRuleSet;
432
433 // directly specifying which ruleset to use
434 Assert.IsFalse(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot2), ApplicationContext.DefaultRuleSet));
435 Assert.IsTrue(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot2), "custom1"));
436 Assert.IsTrue(BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(PermissionsRoot2), "custom2"));
437 }
438
439 [TestMethod]
440
441 public void TestAuthRulesCleanupAndAddAgainWhenExceptionIsThrownInAddObjectBusinessRules()
442 {
443 RootException.Counter = 0;
444 ApplicationContext applicationContext = _anonymousDIContext.CreateTestApplicationContext();
445
446 applicationContext.RuleSet = ApplicationContext.DefaultRuleSet;
447 // AddObjectAuthorizations should throw exception
448 try
449 {
450 BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(RootException));
451 }
452 catch (Exception ex)
453 {
454 Assert.IsInstanceOfType(ex, typeof(TargetInvocationException));
455 Assert.IsInstanceOfType(ex.InnerException, typeof(ArgumentException));
456 }
457
458 // AddObjectAuthorizations should be called again and
459 // should throw exception again
460 try
461 {
462 BusinessRules.HasPermission(applicationContext, AuthorizationActions.DeleteObject, typeof(RootException));
463 }
464 catch (Exception ex)
465 {
466 Assert.IsInstanceOfType(ex, typeof(TargetInvocationException));
467 Assert.IsInstanceOfType(ex.InnerException, typeof(ArgumentException));
468 }
469
470 Assert.IsTrue(RootException.Counter == 2);
471 }
472
473 [TestMethod]
474 public void AuthorizeRemoveFromList()
475 {
476 IDataPortal<RootList> dataPortal = _anonymousDIContext.CreateDataPortal<RootList>();
477
478 var root = dataPortal.Create();
479 root.RemoveAt(0);
480 }
481
482 [TestMethod]
483 public void PerTypeAuthEditObject()
484 {
485 TestDIContext testDIContext = TestDIContextFactory.CreateContext(
486 options => options.DataPortal(
487 dp => dp.AddServerSideDataPortal(
488 cfg => cfg.RegisterActivator<PerTypeAuthDPActivator>())
489 ));
490 ApplicationContext applicationContext = testDIContext.CreateTestApplicationContext();
491
492 Assert.IsFalse(BusinessRules.HasPermission(applicationContext, AuthorizationActions.EditObject, typeof(PerTypeAuthRoot)));
493 }
494
495 [TestMethod]
496 public void PerTypeAuthEditObjectViaInterface()
497 {
498 TestDIContext customDIContext = TestDIContextFactory.CreateContext(
499 options => options.DataPortal(
500 dp => dp.AddServerSideDataPortal(cfg => cfg.RegisterActivator<PerTypeAuthDPActivator>())
501 ));
502 ApplicationContext applicationContext = customDIContext.CreateTestApplicationContext();
503
504 Assert.IsFalse(BusinessRules.HasPermission(applicationContext, AuthorizationActions.EditObject, typeof(IPerTypeAuthRoot)));
505 }
506
507 [TestMethod]
508 public void PerTypeAuthCreateWithCriteria()
509 {
510 ApplicationContext applicationContext = _anonymousDIContext.CreateTestApplicationContext();
511
512 Assert.IsTrue(
513 BusinessRules.HasPermission(
514 applicationContext,
515 AuthorizationActions.CreateObject,
516 typeof(PermissionRootWithCriteria),
517 new object[] { new PermissionRootWithCriteria.Criteria() }));
518
519 Assert.IsFalse(
520 BusinessRules.HasPermission(
521 applicationContext,
522 AuthorizationActions.CreateObject,
523 typeof(PermissionRootWithCriteria),
524 new[] { new object() }));
525
526
527 Assert.IsFalse(
528 BusinessRules.HasPermission(
529 applicationContext,
530 AuthorizationActions.CreateObject,
531 typeof(PermissionRootWithCriteria),
532 (object[])null));
533 }
534
535 [TestMethod]
536 public void PerTypeAuthFetchWithCriteria()
537 {
538 ApplicationContext applicationContext = _anonymousDIContext.CreateTestApplicationContext();
539
540 Assert.IsTrue(
541 BusinessRules.HasPermission(
542 applicationContext,
543 AuthorizationActions.GetObject,
544 typeof(PermissionRootWithCriteria),
545 new object[] { new PermissionRootWithCriteria.Criteria() }));
546
547 Assert.IsFalse(
548 BusinessRules.HasPermission(
549 applicationContext,
550 AuthorizationActions.GetObject,
551 typeof(PermissionRootWithCriteria),
552 new[] { new object() }));
553
554
555 Assert.IsFalse(
556 BusinessRules.HasPermission(
557 applicationContext,
558 AuthorizationActions.GetObject,
559 typeof(PermissionRootWithCriteria),
560 (object[])null));
561 }
562
563 [TestMethod]
564 public void PerTypeAuthDeleteWithCriteria()
565 {
566 ApplicationContext applicationContext = _anonymousDIContext.CreateTestApplicationContext();
567
568 Assert.IsTrue(
569 BusinessRules.HasPermission(
570 applicationContext,
571 AuthorizationActions.DeleteObject,
572 typeof(PermissionRootWithCriteria),
573 new object[] { new PermissionRootWithCriteria.Criteria() }));
574
575 Assert.IsFalse(
576 BusinessRules.HasPermission(
577 applicationContext,
578 AuthorizationActions.DeleteObject,
579 typeof(PermissionRootWithCriteria),
580 new[] { new object() }));
581
582
583 Assert.IsFalse(
584 BusinessRules.HasPermission(
585 applicationContext,
586 AuthorizationActions.DeleteObject,
587 typeof(PermissionRootWithCriteria),
588 (object[])null));
589 }
590 }
591
592 public class PerTypeAuthDPActivator : Server.IDataPortalActivator
593 {
594 public object CreateInstance(Type requestedType)
595 {
596 return Activator.CreateInstance(ResolveType(requestedType));
597 }
598
599 public void FinalizeInstance(object obj)
600 {
601 }
602
603 public void InitializeInstance(object obj)
604 {
605 }
606
607 public Type ResolveType(Type requestedType)
608 {
609 if (requestedType.Equals(typeof(IPerTypeAuthRoot)))
610 return typeof(PerTypeAuthRoot);
611 else
612 return requestedType;
613 }
614 }
615
616 public interface IPerTypeAuthRoot
617 { }
618
619 [Serializable]
620 public class PerTypeAuthRoot : BusinessBase<PerTypeAuthRoot>, IPerTypeAuthRoot
621 {
622 [System.ComponentModel.EditorBrowsable(System.ComponentModel.EditorBrowsableState.Never)]
623 public static void AddObjectAuthorizationRules()
624 {
625 Csla.Rules.BusinessRules.AddRule(
626 typeof(PerTypeAuthRoot),
627 new Csla.Rules.CommonRules.IsInRole(Csla.Rules.AuthorizationActions.EditObject, "Test"));
628 }
629 }
630
631 [Serializable]
632 public class RootList : BusinessListBase<RootList, ChildItem>
633 {
634 public RootList()
635 {
636 }
637
638 [Create]
639 private void Create([Inject] IChildDataPortal<ChildItem> childDataPortal)
640 {
641 using (SuppressListChangedEvents)
642 {
643 Add(childDataPortal.CreateChild());
644 }
645 }
646 }
647
648 [Serializable]
649 public class ChildItem : BusinessBase<ChildItem>
650 {
651 protected override void AddBusinessRules()
652 {
653 base.AddBusinessRules();
654 BusinessRules.AddRule(new NoAuth(AuthorizationActions.DeleteObject));
655 }
656
657 private class NoAuth : Csla.Rules.AuthorizationRule
658 {
659 public NoAuth(AuthorizationActions action)
660 : base(action)
661 { }
662
663 protected override void Execute(IAuthorizationContext context)
664 {
665 context.HasPermission = false;
666 }
667 }
668 }
669}
Csla.ApplicationContext
Provides consistent context information between the client and server DataPortal objects.
Definition: ApplicationContext.cs:22
Csla.ApplicationContext.ContextManager
IContextManager ContextManager
Gets the context manager responsible for storing user and context information for the application.
Definition: ApplicationContext.cs:40
Csla.ApplicationContext.RuleSet
string? RuleSet
Gets or sets the RuleSet name to use for static HasPermission calls.
Definition: ApplicationContext.cs:275
Csla.ApplicationContext.User
IPrincipal User
Get or set the current IPrincipal object representing the user's identity.
Definition: ApplicationContext.cs:63
Csla.ApplicationContext.Principal
ClaimsPrincipal Principal
Get or set the current ClaimsPrincipal object representing the user's identity.
Definition: ApplicationContext.cs:47
Csla.ApplicationContext.DefaultRuleSet
const string DefaultRuleSet
The default RuleSet name
Definition: ApplicationContext.cs:268
Csla.BusinessBase
This is the base class from which most business objects will be derived.
Definition: BusinessBase.cs:38
Csla.BusinessBase.Clone
T Clone()
Creates a clone of the object.
Definition: BusinessBase.cs:79
Csla.BusinessListBase
This is the base class from which most business collections or lists will be derived.
Definition: BusinessListBase.cs:42
Csla.DataPortal
Client side data portal used for making asynchronous data portal calls in .NET.
Definition: DataPortalT.cs:24
Csla.DataPortal.Create
T Create(params object[] criteria)
Called by a factory method in a business class to create a new object, which is loaded with default v...
Definition: DataPortalT.cs:151
Csla.DataPortal.Fetch
T Fetch(params object[] criteria)
Called by a factory method in a business class to Fetch a new object, which is loaded with default va...
Definition: DataPortalT.cs:247
Csla.Rules.AuthorizationRule
Base class providing basic authorization rule implementation.
Definition: AuthorizationRule.cs:21
Csla.Rules.BusinessRules
Tracks the business rules for a business object.
Definition: BusinessRules.cs:26
Csla.Rules.BusinessRules.HasPermission
static bool HasPermission(ApplicationContext applicationContext, AuthorizationActions action, Type objectType)
Checks per-type authorization rules.
Definition: BusinessRules.cs:327
Csla.Rules.BusinessRules.AddRule
void AddRule(IBusinessRuleBase rule)
Associates a business rule with the business object.
Definition: BusinessRules.cs:174
Csla.Rules.CommonRules.IsInRole
IsInRole authorization rule.
Definition: AuthorizationRules.cs:19
Csla.Test.Authorization.AuthTests.TestAuthRuleSetsOnStaticHasPermissionMethodsWhenAddingAuthzRuleSetUsingApplicationContextRuleSet
void TestAuthRuleSetsOnStaticHasPermissionMethodsWhenAddingAuthzRuleSetUsingApplicationContextRuleSet()
Definition: AuthTests.cs:407
Csla.Test.Authorization.AuthTests.TestAuthRuleSetsOnStaticHasPermissionMethodsWhenAddingAuthzRuleSetExplicitly
void TestAuthRuleSetsOnStaticHasPermissionMethodsWhenAddingAuthzRuleSetExplicitly()
Definition: AuthTests.cs:378
Csla.Test.Authorization.AuthTests.ClassInitialize
static void ClassInitialize(TestContext context)
Definition: AuthTests.cs:55
Csla.Test.Authorization.AuthTests.TestAuthRulesCleanupAndAddAgainWhenExceptionIsThrownInAddObjectBusinessRules
void TestAuthRulesCleanupAndAddAgainWhenExceptionIsThrownInAddObjectBusinessRules()
Definition: AuthTests.cs:441
Csla.Test.Authorization.ChildItem.AddBusinessRules
override void AddBusinessRules()
Definition: AuthTests.cs:651
Csla.Test.Authorization.PerTypeAuthDPActivator.ResolveType
Type ResolveType(Type requestedType)
Gets the actual business domain class type based on the requested type (which might be an interface).
Definition: AuthTests.cs:607
Csla.Test.Authorization.PerTypeAuthDPActivator.FinalizeInstance
void FinalizeInstance(object obj)
Finalizes an existing business object instance.
Definition: AuthTests.cs:599
Csla.Test.Authorization.PerTypeAuthDPActivator.InitializeInstance
void InitializeInstance(object obj)
Initializes an existing business object instance.
Definition: AuthTests.cs:603
Csla.Test.Authorization.PerTypeAuthDPActivator.CreateInstance
object CreateInstance(Type requestedType)
Gets a new instance of the requested type.
Definition: AuthTests.cs:594
Csla.Test.TestResults
Static dictionary-like class that offers similar functionality to GlobalContext This is used in tests...
Definition: TestResults.cs:21
Csla.Test.TestResults.Reinitialise
static void Reinitialise()
Reinitialise the dictionary, clearing any existing results, ready for the next test
Definition: TestResults.cs:69
Csla.TestHelpers.TestDIContext
Type to carry context information for DI in unit tests
Definition: TestDIContext.cs:19
Csla.IChildDataPortal
Interface defining the members of the child data portal type.
Definition: IChildDataPortalT.cs:17
Csla.IDataPortal
Interface defining the members of the data portal type.
Definition: IDataPortalT.cs:17
Csla.IDataPortal.Create
object Create(params object[] criteria)
Called by a factory method in a business class to create a new object, which is loaded with default v...
Csla.Rules.IAuthorizationContext
Implemented by objects which provide context information to an authorization rule when it is invoked.
Definition: IAuthorizationContext.cs:20
Csla.Rules.IAuthorizationContext.HasPermission
bool HasPermission
Gets or sets a value indicating whether the current user has permission to perform the requested acti...
Definition: IAuthorizationContext.cs:41
Csla.Rules.AuthorizationActions
AuthorizationActions
Authorization actions.
Definition: AuthorizationActions.cs:19
Csla.TransactionIsolationLevel.Serializable
@ Serializable
Prevents updating or inserting until the transaction is complete.
Csla.DataPortalOperations.Execute
@ Execute
Execute operation.