Permalink
Browse files

- Updated sample application to use RequireAnyRolePolicy instead of R…

…equireRolePolicy.

- Updated release notes.
  • Loading branch information...
1 parent f6bfd57 commit ad97ae5b1e24f045f9378d252ae2b1e9732d7be7 Kristoffer Ahl committed Nov 29, 2012
@@ -9,6 +9,8 @@
- ( **Removed** ) Removed PolicyViolationException\<TSecurityPolicy\> as exceptions should be created based on PolicyResult.
- ( **Removed** ) Removed PolicyExecutionMode and changed the default policy execution behavior to "stop on first violation".
- ( **Removed** ) Removed PolicyAppender property from IPolicyContainer interface as it's not really useful to anyone.
+- ( **Change** ) Created RequireAnyRolePolicy and marked RequireRolePolicy as deprecated.
+- ( **Change** ) Created RequireAnyRole extension and marked RequireRole extension as deprecated.
- ( **Change** ) Moved IgnoreMissingConfiguration option to Advanced property.
- ( **Change** ) Method HandleSecurityFor on ISecurityHandler now takes an instance of ISecurityContext as the last parameter.
- ( **Change** ) Moved SecurityContextWrapper to the FluentSecurity.Policy.Contexts namespace.
@@ -27,11 +27,11 @@ public void Should_be_configured_correctly()
expectations.Expect<ExampleController>(x => x.DenyAnonymousAccess()).Has<DenyAnonymousAccessPolicy>();
expectations.Expect<ExampleController>(x => x.DenyAuthenticatedAccess()).Has<DenyAuthenticatedAccessPolicy>();
- expectations.Expect<ExampleController>(x => x.RequireAdministratorRole()).Has<RequireRolePolicy>(p =>
+ expectations.Expect<ExampleController>(x => x.RequireAdministratorRole()).Has<RequireAnyRolePolicy>(p =>
p.RolesRequired.Contains(UserRole.Administrator) &&
p.RolesRequired.Count() == 1
);
- expectations.Expect<ExampleController>(x => x.RequirePublisherRole()).Has<RequireRolePolicy>(p =>
+ expectations.Expect<ExampleController>(x => x.RequirePublisherRole()).Has<RequireAnyRolePolicy>(p =>
p.RolesRequired.Contains(UserRole.Publisher) &&
p.RolesRequired.Count() == 1
);
@@ -40,13 +40,13 @@ public void Should_be_configured_correctly()
expectations.Expect<AdminController>(x => x.Delete()).Has<DelegatePolicy>(p => p.Name == "LocalOnlyPolicy");
expectations.Expect<Areas.ExampleArea.Controllers.HomeController>(x => x.Index()).Has<DenyAnonymousAccessPolicy>();
- expectations.Expect<Areas.ExampleArea.Controllers.HomeController>(x => x.AdministratorsOnly()).Has(new RequireRolePolicy(UserRole.Administrator));
- expectations.Expect<Areas.ExampleArea.Controllers.HomeController>(x => x.PublishersOnly()).Has(new RequireRolePolicy(UserRole.Publisher));
+ expectations.Expect<Areas.ExampleArea.Controllers.HomeController>(x => x.AdministratorsOnly()).Has(new RequireAnyRolePolicy(UserRole.Administrator));
+ expectations.Expect<Areas.ExampleArea.Controllers.HomeController>(x => x.PublishersOnly()).Has(new RequireAnyRolePolicy(UserRole.Publisher));
expectations.Expect<BlogPostController>().Has<DenyAnonymousAccessPolicy>();
expectations.Expect<BlogPostController>(x => x.Index()).Has<IgnorePolicy>().DoesNotHave<DenyAnonymousAccessPolicy>();
expectations.Expect<BlogPostController>(x => x.Details()).Has<IgnorePolicy>().DoesNotHave<DenyAnonymousAccessPolicy>();
- expectations.Expect<BlogPostController>(x => x.Delete()).Has(new RequireRolePolicy(UserRole.Administrator)).DoesNotHave<DenyAnonymousAccessPolicy>();
+ expectations.Expect<BlogPostController>(x => x.Delete()).Has(new RequireAnyRolePolicy(UserRole.Administrator)).DoesNotHave<DenyAnonymousAccessPolicy>();
});
// Assert
@@ -23,11 +23,11 @@ public void Should_be_configured_correctly()
expectations.For<ExampleController>(x => x.DenyAnonymousAccess()).Has<DenyAnonymousAccessPolicy>();
expectations.For<ExampleController>(x => x.DenyAuthenticatedAccess()).Has<DenyAuthenticatedAccessPolicy>();
- expectations.For<ExampleController>(x => x.RequireAdministratorRole()).Has<RequireRolePolicy>(p =>
+ expectations.For<ExampleController>(x => x.RequireAdministratorRole()).Has<RequireAnyRolePolicy>(p =>
p.RolesRequired.Contains(UserRole.Administrator) &&
p.RolesRequired.Count() == 1
);
- expectations.For<ExampleController>(x => x.RequirePublisherRole()).Has<RequireRolePolicy>(p =>
+ expectations.For<ExampleController>(x => x.RequirePublisherRole()).Has<RequireAnyRolePolicy>(p =>
p.RolesRequired.Contains(UserRole.Publisher) &&
p.RolesRequired.Count() == 1
);
@@ -36,13 +36,13 @@ public void Should_be_configured_correctly()
expectations.For<AdminController>(x => x.Delete()).Has<DelegatePolicy>(p => p.Name == "LocalOnlyPolicy");
expectations.For<Areas.ExampleArea.Controllers.HomeController>(x => x.Index()).Has<DenyAnonymousAccessPolicy>();
- expectations.For<Areas.ExampleArea.Controllers.HomeController>(x => x.AdministratorsOnly()).Has(new RequireRolePolicy(UserRole.Administrator));
- expectations.For<Areas.ExampleArea.Controllers.HomeController>(x => x.PublishersOnly()).Has(new RequireRolePolicy(UserRole.Publisher));
+ expectations.For<Areas.ExampleArea.Controllers.HomeController>(x => x.AdministratorsOnly()).Has(new RequireAnyRolePolicy(UserRole.Administrator));
+ expectations.For<Areas.ExampleArea.Controllers.HomeController>(x => x.PublishersOnly()).Has(new RequireAnyRolePolicy(UserRole.Publisher));
expectations.For<BlogPostController>().Has<DenyAnonymousAccessPolicy>();
expectations.For<BlogPostController>(x => x.Index()).Has<IgnorePolicy>().DoesNotHave<DenyAnonymousAccessPolicy>();
expectations.For<BlogPostController>(x => x.Details()).Has<IgnorePolicy>().DoesNotHave<DenyAnonymousAccessPolicy>();
- expectations.For<BlogPostController>(x => x.Delete()).Has(new RequireRolePolicy(UserRole.Administrator)).DoesNotHave<DenyAnonymousAccessPolicy>();
+ expectations.For<BlogPostController>(x => x.Delete()).Has(new RequireAnyRolePolicy(UserRole.Administrator)).DoesNotHave<DenyAnonymousAccessPolicy>();
var results = expectations.VerifyAll(Bootstrapper.SetupFluentSecurity());
@@ -7,7 +7,7 @@ public class AdministratorPolicy : ISecurityPolicy
{
public PolicyResult Enforce(ISecurityContext context)
{
- var innerPolicy = new RequireRolePolicy(UserRole.Administrator);
+ var innerPolicy = new RequireAllRolesPolicy(UserRole.Administrator);
var result = innerPolicy.Enforce(context);
return result.ViolationOccured ? PolicyResult.CreateFailureResult(this, result.Message) : PolicyResult.CreateSuccessResult(this);
@@ -8,8 +8,8 @@ public class ExampleAreaSecurityProfile : SecurityProfile
public override void Configure()
{
For<Controllers.HomeController>().DenyAnonymousAccess();
- For<Controllers.HomeController>(x => x.PublishersOnly()).RequireRole(UserRole.Publisher);
- For<Controllers.HomeController>(x => x.AdministratorsOnly()).RequireRole(UserRole.Administrator);
+ For<Controllers.HomeController>(x => x.PublishersOnly()).RequireAnyRole(UserRole.Publisher);
+ For<Controllers.HomeController>(x => x.AdministratorsOnly()).RequireAnyRole(UserRole.Administrator);
}
}
}
@@ -26,8 +26,8 @@ public static ISecurityConfiguration SetupFluentSecurity()
configuration.For<ExampleController>(x => x.DenyAnonymousAccess()).DenyAnonymousAccess();
configuration.For<ExampleController>(x => x.DenyAuthenticatedAccess()).DenyAuthenticatedAccess();
- configuration.For<ExampleController>(x => x.RequireAdministratorRole()).RequireRole(UserRole.Administrator);
- configuration.For<ExampleController>(x => x.RequirePublisherRole()).RequireRole(UserRole.Publisher);
+ configuration.For<ExampleController>(x => x.RequireAdministratorRole()).RequireAnyRole(UserRole.Administrator);
+ configuration.For<ExampleController>(x => x.RequirePublisherRole()).RequireAnyRole(UserRole.Publisher);
configuration.For<AdminController>().AddPolicy(new AdministratorPolicy());
configuration.For<AdminController>(x => x.Delete()).DelegatePolicy("LocalOnlyPolicy",
@@ -9,7 +9,7 @@ public class CrudControllerProfile : SecurityProfile
public override void Configure()
{
ForAllControllersInheriting<CrudController>().DenyAnonymousAccess();
- ForAllControllersInheriting<CrudController>(x => x.Delete()).RequireRole(UserRole.Administrator);
+ ForAllControllersInheriting<CrudController>(x => x.Delete()).RequireAnyRole(UserRole.Administrator);
For<BlogPostController>(x => x.Index()).Ignore();
For<BlogPostController>(x => x.Details()).Ignore();

0 comments on commit ad97ae5

Please sign in to comment.