2016-02-17 10:59:48 +01:00
|
|
|
|
using System.Collections.Generic;
|
|
|
|
|
|
using System.Web.Http;
|
|
|
|
|
|
using Moq;
|
|
|
|
|
|
using NUnit.Framework;
|
|
|
|
|
|
using Umbraco.Core.Models;
|
2018-01-15 11:32:30 +01:00
|
|
|
|
using Umbraco.Core.Models.Entities;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
using Umbraco.Core.Models.Membership;
|
|
|
|
|
|
using Umbraco.Core.Services;
|
|
|
|
|
|
using Umbraco.Web.Editors;
|
|
|
|
|
|
|
2017-09-14 19:29:12 +02:00
|
|
|
|
namespace Umbraco.Tests.Web.Controllers
|
2016-02-17 10:59:48 +01:00
|
|
|
|
{
|
|
|
|
|
|
[TestFixture]
|
|
|
|
|
|
public class ContentControllerUnitTests
|
|
|
|
|
|
{
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void Access_Allowed_By_Path()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(9);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List<string>()) });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
var contentMock = new Mock<IContent>();
|
|
|
|
|
|
contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
|
|
|
|
|
|
var content = contentMock.Object;
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
contentServiceMock.Setup(x => x.GetById(1234)).Returns(content);
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
|
|
|
|
|
var userService = userServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, 1234);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsTrue(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void Throws_Exception_When_No_Content_Found()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(9);
|
|
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
var contentMock = new Mock<IContent>();
|
|
|
|
|
|
contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
|
|
|
|
|
|
var content = contentMock.Object;
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
contentServiceMock.Setup(x => x.GetById(0)).Returns(content);
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2017-07-20 11:21:28 +02:00
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissions = new EntityPermissionCollection();
|
|
|
|
|
|
var permissionSet = new EntityPermissionSet(1234, permissions);
|
|
|
|
|
|
userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var userService = userServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
2017-07-20 11:21:28 +02:00
|
|
|
|
|
2016-02-17 10:59:48 +01:00
|
|
|
|
//act/assert
|
2017-09-14 19:29:12 +02:00
|
|
|
|
Assert.Throws<HttpResponseException>(() => ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, 1234, new[] { 'F' }));
|
2016-02-17 10:59:48 +01:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void No_Access_By_Path()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(9);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.StartContentIds).Returns(new[] { 9876 });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
var contentMock = new Mock<IContent>();
|
|
|
|
|
|
contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
|
|
|
|
|
|
var content = contentMock.Object;
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
contentServiceMock.Setup(x => x.GetById(1234)).Returns(content);
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2017-07-20 11:21:28 +02:00
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissions = new EntityPermissionCollection();
|
|
|
|
|
|
var permissionSet = new EntityPermissionSet(1234, permissions);
|
|
|
|
|
|
userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234")).Returns(permissionSet);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var userService = userServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
entityServiceMock.Setup(x => x.GetAllPaths(It.IsAny<UmbracoObjectTypes>(), It.IsAny<int[]>()))
|
2018-01-10 12:48:51 +01:00
|
|
|
|
.Returns(new[] { Mock.Of<TreeEntityPath>(entity => entity.Id == 9876 && entity.Path == "-1,9876") });
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityService = entityServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, 1234, new[] { 'F' });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsFalse(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void No_Access_By_Permission()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(9);
|
|
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
var contentMock = new Mock<IContent>();
|
|
|
|
|
|
contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
|
|
|
|
|
|
var content = contentMock.Object;
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
contentServiceMock.Setup(x => x.GetById(1234)).Returns(content);
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2017-07-20 11:21:28 +02:00
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissions = new EntityPermissionCollection
|
2016-02-17 10:59:48 +01:00
|
|
|
|
{
|
2017-09-14 19:29:12 +02:00
|
|
|
|
new EntityPermission(9876, 1234, new string[]{ "A", "B", "C" })
|
2016-02-17 10:59:48 +01:00
|
|
|
|
};
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissionSet = new EntityPermissionSet(1234, permissions);
|
|
|
|
|
|
userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var userService = userServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, 1234, new[] { 'F' });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsFalse(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void Access_Allowed_By_Permission()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(9);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List<string>()) });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
var contentMock = new Mock<IContent>();
|
|
|
|
|
|
contentMock.Setup(c => c.Path).Returns("-1,1234,5678");
|
|
|
|
|
|
var content = contentMock.Object;
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
contentServiceMock.Setup(x => x.GetById(1234)).Returns(content);
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissions = new EntityPermissionCollection
|
2016-02-17 10:59:48 +01:00
|
|
|
|
{
|
2017-09-14 19:29:12 +02:00
|
|
|
|
new EntityPermission(9876, 1234, new string[]{ "A", "F", "C" })
|
2016-02-17 10:59:48 +01:00
|
|
|
|
};
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissionSet = new EntityPermissionSet(1234, permissions);
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
|
|
|
|
|
userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1,1234,5678")).Returns(permissionSet);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var userService = userServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, 1234, new[] { 'F' });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsTrue(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void Access_To_Root_By_Path()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(0);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List<string>()) });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
|
|
|
|
|
var userService = userServiceMock.Object;
|
|
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
2017-07-20 11:21:28 +02:00
|
|
|
|
|
2016-02-17 10:59:48 +01:00
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, -1);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsTrue(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void Access_To_Recycle_Bin_By_Path()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(0);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List<string>()) });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
|
|
|
|
|
var userService = userServiceMock.Object;
|
|
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
2017-07-20 11:21:28 +02:00
|
|
|
|
|
2016-02-17 10:59:48 +01:00
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, -20);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsTrue(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void No_Access_To_Recycle_Bin_By_Path()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(0);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.StartContentIds).Returns(new[] { 1234 });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
|
|
|
|
|
var userService = userServiceMock.Object;
|
|
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
entityServiceMock.Setup(x => x.GetAllPaths(It.IsAny<UmbracoObjectTypes>(), It.IsAny<int[]>()))
|
2018-01-10 12:48:51 +01:00
|
|
|
|
.Returns(new[] { Mock.Of<TreeEntityPath>(entity => entity.Id == 1234 && entity.Path == "-1,1234") });
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityService = entityServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, -20);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsFalse(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void No_Access_To_Root_By_Path()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(0);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.StartContentIds).Returns(new[] { 1234 });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
|
|
|
|
|
var userService = userServiceMock.Object;
|
|
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
entityServiceMock.Setup(x => x.GetAllPaths(It.IsAny<UmbracoObjectTypes>(), It.IsAny<int[]>()))
|
2018-01-10 12:48:51 +01:00
|
|
|
|
.Returns(new[] { Mock.Of<TreeEntityPath>(entity => entity.Id == 1234 && entity.Path == "-1,1234") });
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityService = entityServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, -1);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsFalse(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void Access_To_Root_By_Permission()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(0);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List<string>()) });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissions = new EntityPermissionCollection
|
2016-02-17 10:59:48 +01:00
|
|
|
|
{
|
2017-09-14 19:29:12 +02:00
|
|
|
|
new EntityPermission(9876, 1234, new string[]{ "A" })
|
2016-02-17 10:59:48 +01:00
|
|
|
|
};
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissionSet = new EntityPermissionSet(1234, permissions);
|
|
|
|
|
|
userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1")).Returns(permissionSet);
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var userService = userServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
|
|
|
|
|
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, -1, new[] { 'A' });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsTrue(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void No_Access_To_Root_By_Permission()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(0);
|
|
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissions = new EntityPermissionCollection
|
2016-02-17 10:59:48 +01:00
|
|
|
|
{
|
2017-09-14 19:29:12 +02:00
|
|
|
|
new EntityPermission(9876, 1234, new string[]{ "A" })
|
2016-02-17 10:59:48 +01:00
|
|
|
|
};
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissionSet = new EntityPermissionSet(1234, permissions);
|
|
|
|
|
|
userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-1")).Returns(permissionSet);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var userService = userServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, -1, new[] { 'B' });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsFalse(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void Access_To_Recycle_Bin_By_Permission()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(0);
|
2017-09-14 19:29:12 +02:00
|
|
|
|
userMock.Setup(u => u.Groups).Returns(new[] { new ReadOnlyUserGroup(1, "admin", "", -1, -1, "admin", new string[0], new List<string>()) });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissions = new EntityPermissionCollection
|
|
|
|
|
|
{
|
|
|
|
|
|
new EntityPermission(9876, 1234, new string[]{ "A" })
|
|
|
|
|
|
};
|
|
|
|
|
|
var permissionSet = new EntityPermissionSet(-20, permissions);
|
|
|
|
|
|
|
|
|
|
|
|
userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var userService = userServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, -20, new[] { 'A' });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsTrue(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Test]
|
|
|
|
|
|
public void No_Access_To_Recycle_Bin_By_Permission()
|
|
|
|
|
|
{
|
|
|
|
|
|
//arrange
|
|
|
|
|
|
var userMock = new Mock<IUser>();
|
|
|
|
|
|
userMock.Setup(u => u.Id).Returns(0);
|
|
|
|
|
|
var user = userMock.Object;
|
|
|
|
|
|
|
|
|
|
|
|
var userServiceMock = new Mock<IUserService>();
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissions = new EntityPermissionCollection
|
2016-02-17 10:59:48 +01:00
|
|
|
|
{
|
2017-09-14 19:29:12 +02:00
|
|
|
|
new EntityPermission(9876, 1234, new string[]{ "A" })
|
2016-02-17 10:59:48 +01:00
|
|
|
|
};
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var permissionSet = new EntityPermissionSet(1234, permissions);
|
|
|
|
|
|
userServiceMock.Setup(x => x.GetPermissionsForPath(user, "-20")).Returns(permissionSet);
|
2016-02-17 10:59:48 +01:00
|
|
|
|
var userService = userServiceMock.Object;
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var entityServiceMock = new Mock<IEntityService>();
|
|
|
|
|
|
var entityService = entityServiceMock.Object;
|
|
|
|
|
|
var contentServiceMock = new Mock<IContentService>();
|
|
|
|
|
|
var contentService = contentServiceMock.Object;
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//act
|
2017-09-14 19:29:12 +02:00
|
|
|
|
var result = ContentController.CheckPermissions(new Dictionary<string, object>(), user, userService, contentService, entityService, -20, new[] { 'B' });
|
2016-02-17 10:59:48 +01:00
|
|
|
|
|
|
|
|
|
|
//assert
|
|
|
|
|
|
Assert.IsFalse(result);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//NOTE: The below self hosted stuff does work so need to get some tests written. Some are not possible atm because
|
|
|
|
|
|
// of the legacy SQL calls like checking permissions.
|
|
|
|
|
|
|
|
|
|
|
|
//[TestFixture]
|
|
|
|
|
|
//public class ContentControllerHostedTests : BaseRoutingTest
|
|
|
|
|
|
//{
|
|
|
|
|
|
|
|
|
|
|
|
// protected override DatabaseBehavior DatabaseTestBehavior
|
|
|
|
|
|
// {
|
|
|
|
|
|
// get { return DatabaseBehavior.NoDatabasePerFixture; }
|
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
|
|
// public override void TearDown()
|
|
|
|
|
|
// {
|
|
|
|
|
|
// base.TearDown();
|
|
|
|
|
|
// UmbracoAuthorizeAttribute.Enable = true;
|
|
|
|
|
|
// UmbracoApplicationAuthorizeAttribute.Enable = true;
|
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
|
|
// /// <summary>
|
|
|
|
|
|
// /// Tests to ensure that the response filter works so that any items the user
|
|
|
|
|
|
// /// doesn't have access to are removed
|
|
|
|
|
|
// /// </summary>
|
|
|
|
|
|
// [Test]
|
|
|
|
|
|
// public async void Get_By_Ids_Response_Filtered()
|
|
|
|
|
|
// {
|
|
|
|
|
|
// UmbracoAuthorizeAttribute.Enable = false;
|
|
|
|
|
|
// UmbracoApplicationAuthorizeAttribute.Enable = false;
|
|
|
|
|
|
|
|
|
|
|
|
// var baseUrl = string.Format("http://{0}:9876", Environment.MachineName);
|
|
|
|
|
|
// var url = baseUrl + "/api/Content/GetByIds?ids=1&ids=2";
|
|
|
|
|
|
|
|
|
|
|
|
// var routingCtx = GetRoutingContext(url, 1234, null, true);
|
|
|
|
|
|
|
|
|
|
|
|
// var config = new HttpSelfHostConfiguration(baseUrl);
|
|
|
|
|
|
// using (var server = new HttpSelfHostServer(config))
|
|
|
|
|
|
// {
|
|
|
|
|
|
// var route = config.Routes.MapHttpRoute("test", "api/Content/GetByIds",
|
|
|
|
|
|
// new
|
|
|
|
|
|
// {
|
|
|
|
|
|
// controller = "Content",
|
|
|
|
|
|
// action = "GetByIds",
|
|
|
|
|
|
// id = RouteParameter.Optional
|
|
|
|
|
|
// });
|
|
|
|
|
|
// route.DataTokens["Namespaces"] = new string[] { "Umbraco.Web.Editors" };
|
|
|
|
|
|
|
|
|
|
|
|
// var client = new HttpClient(server);
|
|
|
|
|
|
|
|
|
|
|
|
// var request = new HttpRequestMessage
|
|
|
|
|
|
// {
|
|
|
|
|
|
// RequestUri = new Uri(url),
|
|
|
|
|
|
// Method = HttpMethod.Get
|
|
|
|
|
|
// };
|
|
|
|
|
|
|
|
|
|
|
|
// var result = await client.SendAsync(request);
|
|
|
|
|
|
// }
|
2017-07-20 11:21:28 +02:00
|
|
|
|
|
2016-02-17 10:59:48 +01:00
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
|
|
//}
|
|
|
|
|
|
}
|
