Skip to content
Browse files

Merge pull request #7 from DatalogicSolutions/operations

Added method signatures on PermissionsService to accept arrays of operation names
  • Loading branch information...
2 parents 1991647 + 6f380a6 commit bb98729e2af55fa0b4dd0baa071e22fc3205194c @nrstott nrstott committed Oct 10, 2012
View
4 Rhino.Security.Tests/AuthorizationRepositoryFixture.cs
@@ -592,7 +592,7 @@ public void WhenCreatingNestedOperation_WillLinkToParentOperation()
var parentOperation = authorizationRepository.GetOperationByName("/Account");
Assert.NotNull(parentOperation); // was created in setup
- Assert.Equal(2, parentOperation.Children.Count); // /Edit, /Delete
+ Assert.Equal(3, parentOperation.Children.Count); // /Edit, /Disable, /Delete
}
[Fact]
@@ -773,7 +773,7 @@ public void CanRemoveNestedOperation()
var parent = authorizationRepository.GetOperationByName("/Account");
- Assert.Equal(0, parent.Children.Count);
+ Assert.Equal(1, parent.Children.Count); // /Disable
}
[Fact]
View
2 Rhino.Security.Tests/DatabaseFixture.cs
@@ -99,7 +99,7 @@ private void SetupEntities()
authorizationRepository.CreateUsersGroup("Administrators");
authorizationRepository.CreateEntitiesGroup("Important Accounts");
authorizationRepository.CreateOperation("/Account/Edit");
-
+ authorizationRepository.CreateOperation("/Account/Disable");
authorizationRepository.AssociateUserWith(user, "Administrators");
authorizationRepository.AssociateEntityWith(account, "Important Accounts");
View
125 Rhino.Security.Tests/PermissionsServiceFixture.cs
@@ -129,7 +129,7 @@ public void CanGetPermissionsByUserAndOperationName_WhenParentOperationWasGrante
}
[Fact]
- public void CanGetPermissionsByUserAndOpernationName_WhenPermissionOnEverything()
+ public void CanGetPermissionsByUserAndOperationName_WhenPermissionOnEverything()
{
permissionsBuilderService
.Allow("/Account")
@@ -144,6 +144,42 @@ public void CanGetPermissionsByUserAndOpernationName_WhenPermissionOnEverything(
}
[Fact]
+ public void CanGetPermissionsByUserAndMultipleOperationNames_WhenPermissionOnEverything()
+ {
+ permissionsBuilderService
+ .Allow("/Account/Edit")
+ .For(user)
+ .OnEverything()
+ .DefaultLevel()
+ .Save();
+ permissionsBuilderService
+ .Allow("/Account/Disable")
+ .For(user)
+ .OnEverything()
+ .DefaultLevel()
+ .Save();
+ session.Flush();
+
+ Permission[] permissions = permissionService.GetGlobalPermissionsFor(user, new string[] { "/Account/Edit", "/Account/Disable" });
+ Assert.Equal(2, permissions.Length);
+ }
+
+ [Fact]
+ public void CanGetPermissionsByUserAndMultipleOperationNames_WhenPermissionOnASingleOperation()
+ {
+ permissionsBuilderService
+ .Allow("/Account/Edit")
+ .For(user)
+ .OnEverything()
+ .DefaultLevel()
+ .Save();
+ session.Flush();
+
+ Permission[] permissions = permissionService.GetGlobalPermissionsFor(user, new string[] { "/Account/Edit", "/Account/Disable" });
+ Assert.Equal(1, permissions.Length);
+ }
+
+ [Fact]
public void CanGetPermissionByUserEntityAndOperation()
{
permissionsBuilderService
@@ -159,6 +195,42 @@ public void CanGetPermissionByUserEntityAndOperation()
}
[Fact]
+ public void CanGetPermissionByUserEntityAndMultipleOperations()
+ {
+ permissionsBuilderService
+ .Allow("/Account/Edit")
+ .For(user)
+ .On("Important Accounts")
+ .DefaultLevel()
+ .Save();
+ session.Flush();
+
+ Permission[] permissions = permissionService.GetPermissionsFor(user, account, new string[] { "/Account/Edit", "/Account/Disable" });
+ Assert.Equal(1, permissions.Length);
+ }
+
+ [Fact]
+ public void CanGetPermissionsByUserEntityAndMultipleOperations()
+ {
+ permissionsBuilderService
+ .Allow("/Account/Edit")
+ .For(user)
+ .On("Important Accounts")
+ .DefaultLevel()
+ .Save();
+ permissionsBuilderService
+ .Allow("/Account/Disable")
+ .For(user)
+ .On("Important Accounts")
+ .DefaultLevel()
+ .Save();
+ session.Flush();
+
+ Permission[] permissions = permissionService.GetPermissionsFor(user, account, new string[] { "/Account/Edit", "/Account/Disable" });
+ Assert.Equal(2, permissions.Length);
+ }
+
+ [Fact]
public void CanGetPermissionByOperation()
{
permissionsBuilderService
@@ -174,6 +246,42 @@ public void CanGetPermissionByOperation()
}
[Fact]
+ public void CanGetPermissionByMultipleOperations()
+ {
+ permissionsBuilderService
+ .Allow("/Account/Edit")
+ .For(user)
+ .On(account)
+ .DefaultLevel()
+ .Save();
+ session.Flush();
+
+ Permission[] permissions = permissionService.GetPermissionsFor(new string[] { "/Account/Edit", "/Account/Disable" });
+ Assert.Equal(1, permissions.Length);
+ }
+
+ [Fact]
+ public void CanGetPermissionsByMultipleOperations()
+ {
+ permissionsBuilderService
+ .Allow("/Account/Edit")
+ .For(user)
+ .On(account)
+ .DefaultLevel()
+ .Save();
+ permissionsBuilderService
+ .Allow("/Account/Disable")
+ .For(user)
+ .On(account)
+ .DefaultLevel()
+ .Save();
+ session.Flush();
+
+ Permission[] permissions = permissionService.GetPermissionsFor(new string[] { "/Account/Edit", "/Account/Disable" });
+ Assert.Equal(2, permissions.Length);
+ }
+
+ [Fact]
public void CanGetPermissionByOperation_WhenParentOperationWasGranted()
{
permissionsBuilderService
@@ -189,6 +297,21 @@ public void CanGetPermissionByOperation_WhenParentOperationWasGranted()
}
[Fact]
+ public void CanGetPermissionByMultipleOperations_WhenParentOperationWasGranted()
+ {
+ permissionsBuilderService
+ .Allow("/Account")
+ .For(user)
+ .On(account)
+ .DefaultLevel()
+ .Save();
+ session.Flush();
+
+ Permission[] permissions = permissionService.GetPermissionsFor(new string[] { "/Account/Edit", "/Account/Disable" });
+ Assert.Equal(1, permissions.Length);
+ }
+
+ [Fact]
public void PermissionsAreOrderedByLevelAndThenByDenyOrAllow()
{
permissionsBuilderService
View
13 Rhino.Security/Impl/Util/Strings.cs
@@ -1,4 +1,5 @@
using System.Collections.Generic;
+using System.Linq;
using System.Text;
using Rhino.Security.Model;
using Rhino.Security.Properties;
@@ -41,6 +42,18 @@ public static string[] GetHierarchicalOperationNames(string operationName)
return names.ToArray();
}
+ /// <summary>
+ /// Gets the names of all the parent operations (including the current one)
+ /// </summary>
+ /// <param name="operationNames">Names of the operations.</param>
+ /// <remarks>
+ /// Assumes that there is a '/' in the string
+ /// </remarks>
+ public static string[] GetHierarchicalOperationNames(string[] operationNames)
+ {
+ return operationNames.SelectMany<string,string>(GetHierarchicalOperationNames).Distinct().ToArray();
+ }
+
/// <summary>
/// Joins the names of all the specified entities.
/// </summary>
View
31 Rhino.Security/Interfaces/IPermissionsService.cs
@@ -30,14 +30,29 @@ public interface IPermissionsService
/// <param name="user">The user.</param>
/// <param name="operationName">Name of the operation.</param>
/// <returns></returns>
- Permission[] GetGlobalPermissionsFor(IUser user, string operationName) ;
+ Permission[] GetGlobalPermissionsFor(IUser user, string operationName);
+
+ /// <summary>
+ /// Gets the permissions for the specified operations
+ /// </summary>
+ /// <param name="user">The user.</param>
+ /// <param name="operationNames">Names of the operations.</param>
+ /// <returns></returns>
+ Permission[] GetGlobalPermissionsFor(IUser user, string[] operationNames);
/// <summary>
/// Gets all permissions for the specified operation
/// </summary>
/// <param name="operationName">Name of the operation.</param>
/// <returns></returns>
- Permission[] GetPermissionsFor(string operationName) ;
+ Permission[] GetPermissionsFor(string operationName);
+
+ /// <summary>
+ /// Gets all permissions for the specified operations
+ /// </summary>
+ /// <param name="operationNames">Names of the operations.</param>
+ /// <returns></returns>
+ Permission[] GetPermissionsFor(string[] operationNames);
/// <summary>
/// Gets the permissions for the specified entity
@@ -47,7 +62,17 @@ public interface IPermissionsService
/// <param name="entity">The entity.</param>
/// <param name="operationName">Name of the operation.</param>
/// <returns></returns>
- Permission[] GetPermissionsFor<TEntity>(IUser user, TEntity entity, string operationName) where TEntity : class;
+ Permission[] GetPermissionsFor<TEntity>(IUser user, TEntity entity, string operationName) where TEntity : class;
+
+ /// <summary>
+ /// Gets the permissions for the specified entity
+ /// </summary>
+ /// <typeparam name="TEntity">The type of the entity.</typeparam>
+ /// <param name="user">The user.</param>
+ /// <param name="entity">The entity.</param>
+ /// <param name="operationNames">Names of the operations.</param>
+ /// <returns></returns>
+ Permission[] GetPermissionsFor<TEntity>(IUser user, TEntity entity, string[] operationNames) where TEntity : class;
/// <summary>
/// Gets the permissions for the specified entity
View
90 Rhino.Security/Services/PermissionsService.cs
@@ -56,18 +56,32 @@ public Permission[] GetPermissionsFor(IUser user)
/// <returns></returns>
public Permission[] GetGlobalPermissionsFor(IUser user, string operationName)
{
- string[] operationNames = Strings.GetHierarchicalOperationNames(operationName);
- DetachedCriteria criteria = DetachedCriteria.For<Permission>()
- .Add(Expression.Eq("User", user)
- || Subqueries.PropertyIn("UsersGroup.Id",
- SecurityCriterions.AllGroups(user).SetProjection(Projections.Id())))
+ return this.GetGlobalPermissionsFor(user, new string[] { operationName });
+ }
+
+ /// <summary>
+ /// Gets the permissions for the specified operations
+ /// </summary>
+ /// <param name="user">The user.</param>
+ /// <param name="operationNames">Names of the operations.</param>
+ /// <returns></returns>
+ public Permission[] GetGlobalPermissionsFor(IUser user, string[] operationNames)
+ {
+ if (operationNames == null)
+ throw new ArgumentNullException("operationNames");
+
+ string[] allOperationNames = Strings.GetHierarchicalOperationNames(operationNames);
+ DetachedCriteria criteria = DetachedCriteria.For<Permission>()
+ .Add(Expression.Eq("User", user)
+ || Subqueries.PropertyIn("UsersGroup.Id",
+ SecurityCriterions.AllGroups(user).SetProjection(Projections.Id())))
.Add(Expression.IsNull("EntitiesGroup"))
.Add(Expression.IsNull("EntitySecurityKey"))
.CreateAlias("Operation", "op")
- .Add(Expression.In("op.Name", operationNames));
+ .Add(Expression.In("op.Name", allOperationNames));
- return FindResults(criteria);
- }
+ return FindResults(criteria);
+ }
/// <summary>
/// Gets all permissions for the specified operation
@@ -76,10 +90,23 @@ public Permission[] GetGlobalPermissionsFor(IUser user, string operationName)
/// <returns></returns>
public Permission[] GetPermissionsFor(string operationName)
{
- string[] operationNames = Strings.GetHierarchicalOperationNames(operationName);
+ return this.GetPermissionsFor(new string[] {operationName});
+ }
+
+ /// <summary>
+ /// Gets all permissions for the specified operations
+ /// </summary>
+ /// <param name="operationNames">Names of the operations.</param>
+ /// <returns></returns>
+ public Permission[] GetPermissionsFor(string[] operationNames)
+ {
+ if (operationNames == null)
+ throw new ArgumentNullException("operationNames");
+
+ string[] allOperationNames = Strings.GetHierarchicalOperationNames(operationNames);
DetachedCriteria criteria = DetachedCriteria.For<Permission>()
.CreateAlias("Operation", "op")
- .Add(Restrictions.In("op.Name", operationNames));
+ .Add(Restrictions.In("op.Name", allOperationNames));
return this.FindResults(criteria);
}
@@ -115,25 +142,36 @@ public Permission[] GetPermissionsFor(string operationName)
/// <returns></returns>
public Permission[] GetPermissionsFor<TEntity>(IUser user, TEntity entity, string operationName) where TEntity : class
{
- Guid key = Security.ExtractKey(entity);
- string[] operationNames = Strings.GetHierarchicalOperationNames(operationName);
- EntitiesGroup[] entitiesGroups = authorizationRepository.GetAssociatedEntitiesGroupsFor(entity);
+ return this.GetPermissionsFor(user, entity, new string[] { operationName });
+ }
- //UsersGroup[] usersGroups = authorizationRepository.GetAssociatedUsersGroupFor(user);
+ /// <summary>
+ /// Gets the permissions for the specified entity
+ /// </summary>
+ /// <typeparam name="TEntity">The type of the entity.</typeparam>
+ /// <param name="user">The user.</param>
+ /// <param name="entity">The entity.</param>
+ /// <param name="operationNames">Names of the operations.</param>
+ /// <returns></returns>
+ public Permission[] GetPermissionsFor<TEntity>(IUser user, TEntity entity, string[] operationNames) where TEntity : class
+ {
+ Guid key = Security.ExtractKey(entity);
+ string[] allOperationNames = Strings.GetHierarchicalOperationNames(operationNames);
+ EntitiesGroup[] entitiesGroups = authorizationRepository.GetAssociatedEntitiesGroupsFor(entity);
- AbstractCriterion onCriteria =
- (Restrictions.Eq("EntitySecurityKey", key) || Restrictions.In("EntitiesGroup", entitiesGroups)) ||
- (Restrictions.IsNull("EntitiesGroup") && Restrictions.IsNull("EntitySecurityKey"));
- DetachedCriteria criteria = DetachedCriteria.For<Permission>()
- .Add(Restrictions.Eq("User", user)
- || Subqueries.PropertyIn("UsersGroup.Id",
- SecurityCriterions.AllGroups(user).SetProjection(Projections.Id())))
- .Add(onCriteria)
- .CreateAlias("Operation", "op")
- .Add(Restrictions.In("op.Name", operationNames));
+ AbstractCriterion onCriteria =
+ (Restrictions.Eq("EntitySecurityKey", key) || Restrictions.In("EntitiesGroup", entitiesGroups)) ||
+ (Restrictions.IsNull("EntitiesGroup") && Restrictions.IsNull("EntitySecurityKey"));
+ DetachedCriteria criteria = DetachedCriteria.For<Permission>()
+ .Add(Restrictions.Eq("User", user)
+ || Subqueries.PropertyIn("UsersGroup.Id",
+ SecurityCriterions.AllGroups(user).SetProjection(Projections.Id())))
+ .Add(onCriteria)
+ .CreateAlias("Operation", "op")
+ .Add(Restrictions.In("op.Name", allOperationNames));
- return FindResults(criteria);
- }
+ return FindResults(criteria);
+ }
/// <summary>
/// Gets the permissions for the specified entity

0 comments on commit bb98729

Please sign in to comment.
Something went wrong with that request. Please try again.