Fixed errors in roles.txt and permissions

JonPSmith · Jun 28, 2019 · bc2c43c · bc2c43c
1 parent 65f4b85
commit bc2c43c
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 5 deletions.
diff --git a/PermissionAccessControl2/Views/Shared/_Layout.cshtml b/PermissionAccessControl2/Views/Shared/_Layout.cshtml
@@ -43,7 +43,10 @@
                                     </a>
                                     <div class="dropdown-menu" aria-labelledby="dropdown1MenuButton">
                                         <a class="nav-link text-dark" asp-area="" asp-controller="Shop" asp-action="Stock">Stock</a>
-                                        <a class="nav-link text-dark" asp-area="" asp-controller="Shop" asp-action="Sales">Sales</a>
+                                        @if (User.UserHasThisPermission(Permissions.SalesRead))
+                                        {
+                                            <a class="nav-link text-dark" asp-area="" asp-controller="Shop" asp-action="Sales">Sales</a>
+                                        }
                                     </div>
                                 </div>
                             </li>

diff --git a/PermissionAccessControl2/wwwroot/SeedData/Roles.txt b/PermissionAccessControl2/wwwroot/SeedData/Roles.txt
@@ -1,5 +1,5 @@
 Director: EmployeeRead
 AreaManager: StockRead, SalesRead
-SalesAssistant: StockRead, SalesRead, SalesSell
+SalesAssistant: StockRead, SalesSell
 StoreManager: StockRead, StockAddNew, StockRemove, SalesRead, SalesSell, SalesReturn
 UserAdmin: UserRead, UserChange, RoleRead
diff --git a/PermissionParts/Permissions.cs b/PermissionParts/Permissions.cs
@@ -21,9 +21,9 @@ public enum Permissions : short
         [Display(GroupName = "Sales", Name = "Read", Description = "Can delete a stock item")]
         SalesRead = 20,
         [Display(GroupName = "Sales", Name = "Sell", Description = "Can sell items from stock")]
-        SalesSell = 20,
+        SalesSell = 21,
         [Display(GroupName = "Sales", Name = "Return", Description = "Can return an item to stock")]
-        SalesReturn = 12,
+        SalesReturn = 22,
 
         [Display(GroupName = "Employees", Name = "Read", Description = "Can read company employees")]
         EmployeeRead = 30,

diff --git a/Test/TestData/SeedData/Roles.txt b/Test/TestData/SeedData/Roles.txt
@@ -1,5 +1,5 @@
 Director: EmployeeRead
 AreaManager: StockRead, SalesRead
-SalesAssistant: StockRead, SalesRead, SalesSell
+SalesAssistant: StockRead, SalesSell
 StoreManager: StockRead, StockAddNew, StockRemove, SalesRead, SalesSell, SalesReturn
 UserAdmin: UserRead, UserChange, RoleRead
diff --git a/Test/UnitTests/SecurityChecks/CheckPermissions.cs b/Test/UnitTests/SecurityChecks/CheckPermissions.cs
@@ -0,0 +1,27 @@
+// Copyright (c) 2019 Jon P Smith, GitHub: JonPSmith, web: http://www.thereformedprogrammer.net/
+// Licensed under MIT license. See License.txt in the project root for license information.
+
+using System;
+using System.Linq;
+using PermissionParts;
+using Xunit;
+using Xunit.Extensions.AssertExtensions;
+
+namespace Test.UnitTests.SecurityChecks
+{
+    public class CheckPermissions
+    {
+        //Its VERY important that you don't have duplicate Permission numbers as it could cause a security breach
+        [Fact]
+        public void CheckPermissionsHaveUniqueNumberOk()
+        {
+            //SETUP
+
+            //ATTEMPT    
+            var nums = Enum.GetValues(typeof(Permissions)).Cast<Permissions>().Select(x => (int)x).ToList(); 
+
+            //VERIFY
+            nums.Count.ShouldEqual(nums.Distinct().Count());
+        }
+    }
+}