Alpha 191119 / AssignedRoles test
parent
897a774e77
commit
5a7540a2b5
|
@ -0,0 +1,33 @@
|
||||||
|
using System;
|
||||||
|
namespace ln.identities
|
||||||
|
{
|
||||||
|
public class AssignedRole
|
||||||
|
{
|
||||||
|
IIdentityProvider identityProvider;
|
||||||
|
public IIdentityProvider IdentityProvider => identityProvider;
|
||||||
|
|
||||||
|
readonly Guid identityUniqueID;
|
||||||
|
public Identity Identity => IdentityProvider.GetIdentity(identityUniqueID);
|
||||||
|
|
||||||
|
public Role Role { get; set; }
|
||||||
|
|
||||||
|
protected AssignedRole(IIdentityProvider identityProvider)
|
||||||
|
{
|
||||||
|
this.identityProvider = identityProvider;
|
||||||
|
}
|
||||||
|
|
||||||
|
public AssignedRole(IIdentityProvider identityProvider, Identity identity) : this(identityProvider, identity, 0) { }
|
||||||
|
public AssignedRole(IIdentityProvider identityProvider,Identity identity,Role role) :this(identityProvider)
|
||||||
|
{
|
||||||
|
identityUniqueID = identity.UniqueID;
|
||||||
|
Role = role;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override string ToString() => String.Format("[AssignedRole Identity={0} Role={1}]",Identity.IdentityName,Role);
|
||||||
|
|
||||||
|
public override int GetHashCode() => identityUniqueID.GetHashCode();
|
||||||
|
public override bool Equals(object obj) => (obj is AssignedRole you) && (identityUniqueID.Equals(you.identityUniqueID));
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,37 @@
|
||||||
|
using System;
|
||||||
|
using System.Collections;
|
||||||
|
using System.Collections.Generic;
|
||||||
|
namespace ln.identities
|
||||||
|
{
|
||||||
|
public class AssignedRoles : IEnumerable<AssignedRole>
|
||||||
|
{
|
||||||
|
IIdentityProvider identityProvider;
|
||||||
|
public IIdentityProvider IdentityProvider => identityProvider;
|
||||||
|
|
||||||
|
Dictionary<Guid, AssignedRole> assignedRoles = new Dictionary<Guid, AssignedRole>();
|
||||||
|
|
||||||
|
public AssignedRoles(IIdentityProvider identityProvider)
|
||||||
|
{
|
||||||
|
this.identityProvider = identityProvider;
|
||||||
|
}
|
||||||
|
|
||||||
|
public AssignedRole this[Identity identity]
|
||||||
|
{
|
||||||
|
get
|
||||||
|
{
|
||||||
|
if (!assignedRoles.ContainsKey(identity.UniqueID))
|
||||||
|
{
|
||||||
|
assignedRoles.Add(identity.UniqueID, new AssignedRole(identityProvider, identity));
|
||||||
|
}
|
||||||
|
return assignedRoles[identity.UniqueID];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerator<AssignedRole> GetEnumerator()
|
||||||
|
{
|
||||||
|
return assignedRoles.Values.GetEnumerator();
|
||||||
|
}
|
||||||
|
|
||||||
|
IEnumerator IEnumerable.GetEnumerator() => GetEnumerator();
|
||||||
|
}
|
||||||
|
}
|
|
@ -30,5 +30,44 @@ namespace ln.identities
|
||||||
public abstract bool Save(Identity identity);
|
public abstract bool Save(Identity identity);
|
||||||
|
|
||||||
public virtual Identity GetIdentity(string identityName) => GetIdentity(GetIdentities().FirstOrDefault((kvp) => identityName.Equals(kvp.Value)).Key);
|
public virtual Identity GetIdentity(string identityName) => GetIdentity(GetIdentities().FirstOrDefault((kvp) => identityName.Equals(kvp.Value)).Key);
|
||||||
|
|
||||||
|
public abstract IEnumerable<RoleAssignment> GetRoleAssignments(Identity identity);
|
||||||
|
|
||||||
|
public virtual AssignedRoles GetAssignedRoles(Identity identity)
|
||||||
|
{
|
||||||
|
AssignedRoles assignedRoles = new AssignedRoles(this);
|
||||||
|
GetAssignedRoles(identity, assignedRoles);
|
||||||
|
return assignedRoles;
|
||||||
|
}
|
||||||
|
|
||||||
|
public virtual void GetAssignedRoles(Identity identity,AssignedRoles assignedRoles)
|
||||||
|
{
|
||||||
|
assignedRoles[identity].Role |= Role.BE;
|
||||||
|
|
||||||
|
foreach (RoleAssignment roleAssignment in identity.RoleAssignments)
|
||||||
|
{
|
||||||
|
foreach (AssignedRole foreignRole in roleAssignment.EffectiveIdentity.AssignedRoles)
|
||||||
|
{
|
||||||
|
if (roleAssignment.Role.HasFlag(Role.IMPERSONATE) || foreignRole.Identity.Equals(roleAssignment.EffectiveIdentity))
|
||||||
|
{
|
||||||
|
AssignedRole currentRole = assignedRoles[foreignRole.Identity];
|
||||||
|
currentRole.Role |= (foreignRole.Role & roleAssignment.Role);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,5 +14,8 @@ namespace ln.identities
|
||||||
bool Save(Identity identity);
|
bool Save(Identity identity);
|
||||||
|
|
||||||
Identity Authenticate(AuthenticationProve authenticationProve);
|
Identity Authenticate(AuthenticationProve authenticationProve);
|
||||||
|
|
||||||
|
AssignedRoles GetAssignedRoles(Identity identity);
|
||||||
|
IEnumerable<RoleAssignment> GetRoleAssignments(Identity identity);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
48
Identity.cs
48
Identity.cs
|
@ -6,24 +6,37 @@ namespace ln.identities
|
||||||
{
|
{
|
||||||
public class Identity
|
public class Identity
|
||||||
{
|
{
|
||||||
public Guid UniqueID { get; private set; }
|
private IIdentityProvider identityProvider;
|
||||||
|
public IIdentityProvider IdentityProvider => identityProvider;
|
||||||
|
|
||||||
|
public Guid UniqueID { get; private set; }
|
||||||
public String IdentityName { get; set; }
|
public String IdentityName { get; set; }
|
||||||
|
|
||||||
List<SecureAttribute> secureAttributes = new List<SecureAttribute>();
|
List<SecureAttribute> secureAttributes = new List<SecureAttribute>();
|
||||||
List<RoleAssignment> roleAssignments = new List<RoleAssignment>();
|
AssignedRoles assignedRoles;
|
||||||
|
|
||||||
private Identity()
|
List<RoleAssignment> cachedRoleAssignments;
|
||||||
|
|
||||||
|
private Identity(IIdentityProvider identityProvider)
|
||||||
{
|
{
|
||||||
|
this.identityProvider = identityProvider;
|
||||||
}
|
}
|
||||||
|
|
||||||
private Identity(Guid uniqueID,string identityName)
|
private Identity(IIdentityProvider identityProvider,Guid uniqueID,string identityName)
|
||||||
|
:this(identityProvider)
|
||||||
{
|
{
|
||||||
UniqueID = uniqueID;
|
UniqueID = uniqueID;
|
||||||
IdentityName = identityName;
|
IdentityName = identityName;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Identity(string identityName) : this(Guid.NewGuid(),identityName){}
|
public Identity(IIdentityProvider identityProvider,string identityName) : this(identityProvider,Guid.NewGuid(),identityName){}
|
||||||
|
|
||||||
|
public void ResetCaches()
|
||||||
|
{
|
||||||
|
cachedRoleAssignments = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
public SecureAttribute GetSecureAttribute(Guid uniqueID)
|
public SecureAttribute GetSecureAttribute(Guid uniqueID)
|
||||||
{
|
{
|
||||||
|
@ -54,8 +67,33 @@ namespace ln.identities
|
||||||
public void AddSecureAttribute(SecureAttribute secureAttribute) => secureAttributes.Add(secureAttribute);
|
public void AddSecureAttribute(SecureAttribute secureAttribute) => secureAttributes.Add(secureAttribute);
|
||||||
public void RemoveSecureAttribute(SecureAttribute secureAttribute) => secureAttributes.Remove(secureAttribute);
|
public void RemoveSecureAttribute(SecureAttribute secureAttribute) => secureAttributes.Remove(secureAttribute);
|
||||||
|
|
||||||
|
public void ClearAssignedRolesCache() => assignedRoles = null;
|
||||||
|
public AssignedRoles AssignedRoles
|
||||||
|
{
|
||||||
|
get {
|
||||||
|
if (assignedRoles == null)
|
||||||
|
{
|
||||||
|
assignedRoles = IdentityProvider.GetAssignedRoles(this);
|
||||||
|
}
|
||||||
|
return assignedRoles;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public IEnumerable<RoleAssignment> RoleAssignments
|
||||||
|
{
|
||||||
|
get
|
||||||
|
{
|
||||||
|
if (cachedRoleAssignments == null)
|
||||||
|
{
|
||||||
|
cachedRoleAssignments = new List<RoleAssignment>(IdentityProvider.GetRoleAssignments(this));
|
||||||
|
}
|
||||||
|
return cachedRoleAssignments;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public override bool Equals(object obj) => (obj is Identity other) && other.UniqueID.Equals(UniqueID);
|
public override bool Equals(object obj) => (obj is Identity other) && other.UniqueID.Equals(UniqueID);
|
||||||
public override int GetHashCode() => UniqueID.GetHashCode();
|
public override int GetHashCode() => UniqueID.GetHashCode();
|
||||||
|
|
||||||
|
public override string ToString() => String.Format("[Identity UniqueID={0} IdentityName={1}]",UniqueID,IdentityName);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,6 +6,8 @@ using System.Linq;
|
||||||
using ln.types.btree;
|
using ln.types.btree;
|
||||||
using ln.types.collections;
|
using ln.types.collections;
|
||||||
using System.Security.Principal;
|
using System.Security.Principal;
|
||||||
|
using ln.types.odb.ng.mappings;
|
||||||
|
using System.Reflection;
|
||||||
namespace ln.identities
|
namespace ln.identities
|
||||||
{
|
{
|
||||||
public class ODBIdentityProvider : BaseIdentityProvider
|
public class ODBIdentityProvider : BaseIdentityProvider
|
||||||
|
@ -20,6 +22,13 @@ namespace ln.identities
|
||||||
StorageContainer = storageContainer;
|
StorageContainer = storageContainer;
|
||||||
mapper = new Mapper(storageContainer);
|
mapper = new Mapper(storageContainer);
|
||||||
|
|
||||||
|
ClassMapping identityClassMapping = new ClassMapping(
|
||||||
|
typeof(Identity),
|
||||||
|
(Mapper arg1, Document arg2) => new Identity(this,""),
|
||||||
|
(fieldInfo) => !fieldInfo.Name.Equals("identityProvider")
|
||||||
|
);
|
||||||
|
mapper.RegisterMapping(identityClassMapping.MappedType,identityClassMapping);
|
||||||
|
|
||||||
mapper.EnsureIndex<Identity>("UniqueID");
|
mapper.EnsureIndex<Identity>("UniqueID");
|
||||||
mapper.EnsureIndex<Identity>("IdentityName");
|
mapper.EnsureIndex<Identity>("IdentityName");
|
||||||
}
|
}
|
||||||
|
@ -54,7 +63,7 @@ namespace ln.identities
|
||||||
|
|
||||||
public override Identity CreateIdentity(string identityName)
|
public override Identity CreateIdentity(string identityName)
|
||||||
{
|
{
|
||||||
Identity identity = new Identity(identityName);
|
Identity identity = new Identity(this,identityName);
|
||||||
identityCache.Add(identity.UniqueID, identity);
|
identityCache.Add(identity.UniqueID, identity);
|
||||||
return identity;
|
return identity;
|
||||||
}
|
}
|
||||||
|
@ -74,5 +83,9 @@ namespace ln.identities
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public override IEnumerable<RoleAssignment> GetRoleAssignments(Identity identity)
|
||||||
|
{
|
||||||
|
throw new NotImplementedException();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
58
Role.cs
58
Role.cs
|
@ -1,27 +1,51 @@
|
||||||
using System;
|
using System;
|
||||||
namespace ln.identities
|
namespace ln.identities
|
||||||
{
|
{
|
||||||
public class Role
|
[Flags]
|
||||||
|
public enum Role : int
|
||||||
{
|
{
|
||||||
public static readonly Role SuperUser = new Role(Guid.Parse("{eefca5e2-2295-44d5-9b24-000000000000}"),"SuperUser");
|
/* Bits 0..15: Rolleneigenschaften */
|
||||||
public static readonly Role Owner = new Role(Guid.Parse("{eefca5e2-2295-44d5-9b24-000000000001}"), "Owner");
|
VIEW = (1<<0), // Authentifizierte Identität darf die effektive Identität und ihre Eigenschaften sehen
|
||||||
public static readonly Role Editor = new Role(Guid.Parse("{eefca5e2-2295-44d5-9b24-000000000002}"), "Editor");
|
USE = VIEW | (1 << 1), // Authentifizierte Identität darf die effektive Identität nutzen (z.B. Dateien einer Webpräsenz pflegen)
|
||||||
|
CONTROL = VIEW | (1<<2), // Authentifizierte Identität darf die effektive Identität steuern (z.B. einen Dienst starten / stoppen)
|
||||||
|
MANAGE = VIEW | CONTROL | (1<<3), // Authentifizierte Identität darf die Eigenschaften der effektiven Identität verändern ("Konfiguration")
|
||||||
|
|
||||||
public Guid UniqueID { get; }
|
ADMIN = 0x0000FFFF,
|
||||||
public String Name { get; set; }
|
/* Bits 16..23: */
|
||||||
|
MANAGEROLES = (1<<16),
|
||||||
|
|
||||||
private Role()
|
/* Bits 24..31: Vererbung, Superuser */
|
||||||
{}
|
IMPERSONATE = (1<<24), // FLAG: Identität erhält alle maskierten Rollen der effektiven Identität, welche direkt assoziiert sind
|
||||||
|
|
||||||
public Role(string roleName):this(Guid.NewGuid(),roleName){}
|
OWN = 0x0FFFFFFF,
|
||||||
public Role(Guid uniqueID,string roleName)
|
|
||||||
{
|
|
||||||
UniqueID = uniqueID;
|
|
||||||
Name = roleName;
|
|
||||||
}
|
|
||||||
|
|
||||||
public override bool Equals(object obj) => (obj is Role other) && other.UniqueID.Equals(UniqueID);
|
|
||||||
public override int GetHashCode() => UniqueID.GetHashCode();
|
|
||||||
|
|
||||||
|
BE = 0x0000FFFF,
|
||||||
|
SUPER = 0x7FFFFFFF, // SuperUser
|
||||||
}
|
}
|
||||||
|
//public class Role
|
||||||
|
//{
|
||||||
|
// public static readonly Role SuperUser = new Role(Guid.Parse("{eefca5e2-2295-44d5-9b24-000000000000}"),"SuperUser");
|
||||||
|
// public static readonly Role Owner = new Role(Guid.Parse("{eefca5e2-2295-44d5-9b24-000000000001}"), "Owner");
|
||||||
|
// public static readonly Role Editor = new Role(Guid.Parse("{eefca5e2-2295-44d5-9b24-000000000002}"), "Editor");
|
||||||
|
// public static readonly Role Reader = new Role(Guid.Parse("{eefca5e2-2295-44d5-9b24-000000000004}"), "Reader");
|
||||||
|
// public static readonly Role Writer = new Role(Guid.Parse("{eefca5e2-2295-44d5-9b24-000000000008}"), "Writer");
|
||||||
|
|
||||||
|
|
||||||
|
// public Guid UniqueID { get; }
|
||||||
|
// public String Name { get; set; }
|
||||||
|
|
||||||
|
// private Role()
|
||||||
|
// {}
|
||||||
|
|
||||||
|
// public Role(string roleName):this(Guid.NewGuid(),roleName){}
|
||||||
|
// public Role(Guid uniqueID,string roleName)
|
||||||
|
// {
|
||||||
|
// UniqueID = uniqueID;
|
||||||
|
// Name = roleName;
|
||||||
|
// }
|
||||||
|
|
||||||
|
// public override bool Equals(object obj) => (obj is Role other) && other.UniqueID.Equals(UniqueID);
|
||||||
|
// public override int GetHashCode() => UniqueID.GetHashCode();
|
||||||
|
|
||||||
|
//}
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,11 +3,44 @@ namespace ln.identities
|
||||||
{
|
{
|
||||||
public class RoleAssignment
|
public class RoleAssignment
|
||||||
{
|
{
|
||||||
public Identity EffectiveIdentity { get; }
|
IIdentityProvider identityProvider;
|
||||||
public Role Role { get; }
|
public IIdentityProvider IdentityProvider => identityProvider;
|
||||||
|
|
||||||
private RoleAssignment()
|
Guid identityUniqueID;
|
||||||
|
Guid effectiveIdentityUniqueID;
|
||||||
|
|
||||||
|
public Identity Identity => IdentityProvider.GetIdentity(identityUniqueID); // Identity this Role is assigned to
|
||||||
|
public Identity EffectiveIdentity => IdentityProvider.GetIdentity(effectiveIdentityUniqueID); // Identity for that this Role is valid
|
||||||
|
public Role Role { get; } // Role that is assigned
|
||||||
|
|
||||||
|
private RoleAssignment(IIdentityProvider identityProvider)
|
||||||
{
|
{
|
||||||
|
this.identityProvider = identityProvider;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public RoleAssignment(IIdentityProvider identityProvider,Identity identity,Identity effectiveIdentity,Role role)
|
||||||
|
:this(identityProvider)
|
||||||
|
{
|
||||||
|
identityUniqueID = identity.UniqueID;
|
||||||
|
effectiveIdentityUniqueID = effectiveIdentity.UniqueID;
|
||||||
|
Role = role;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override int GetHashCode()
|
||||||
|
{
|
||||||
|
return EffectiveIdentity.GetHashCode() ^ Role.GetHashCode();
|
||||||
|
}
|
||||||
|
|
||||||
|
public override bool Equals(object obj)
|
||||||
|
{
|
||||||
|
return (obj is RoleAssignment you) &&
|
||||||
|
(identityUniqueID.Equals(you.identityUniqueID) && effectiveIdentityUniqueID.Equals(you.effectiveIdentityUniqueID) && Role.Equals(you.Role));
|
||||||
|
}
|
||||||
|
|
||||||
|
public override string ToString()
|
||||||
|
{
|
||||||
|
return string.Format("[RoleAssigment Identity={0} EffectiveIdentity={1} Role={2}]",Identity.IdentityName,EffectiveIdentity.IdentityName,Role);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,15 +28,12 @@ namespace ln.identities
|
||||||
using (SHA256 sha256 = SHA256.Create())
|
using (SHA256 sha256 = SHA256.Create())
|
||||||
{
|
{
|
||||||
byte[] passwordBytes = Encoding.UTF8.GetBytes(password);
|
byte[] passwordBytes = Encoding.UTF8.GetBytes(password);
|
||||||
Console.WriteLine("PasswordBytes={0}", passwordBytes.ToHexString());
|
|
||||||
Console.WriteLine("Seed={0}", Seed.ToHexString());
|
|
||||||
|
|
||||||
sha256.TransformBlock(Seed, 0, Seed.Length, null, 0);
|
sha256.TransformBlock(Seed, 0, Seed.Length, null, 0);
|
||||||
sha256.TransformBlock(passwordBytes, 0, passwordBytes.Length, null, 0);
|
sha256.TransformBlock(passwordBytes, 0, passwordBytes.Length, null, 0);
|
||||||
sha256.TransformFinalBlock(Seed, 0, Seed.Length);
|
sha256.TransformFinalBlock(Seed, 0, Seed.Length);
|
||||||
|
|
||||||
secretBytes = sha256.Hash;
|
secretBytes = sha256.Hash;
|
||||||
Console.WriteLine("SecretBytes={0}", secretBytes.ToHexString());
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -28,6 +28,9 @@
|
||||||
</PropertyGroup>
|
</PropertyGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<Reference Include="System" />
|
<Reference Include="System" />
|
||||||
|
<Reference Include="nunit.framework">
|
||||||
|
<Package>nunit</Package>
|
||||||
|
</Reference>
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<Compile Include="Properties\AssemblyInfo.cs" />
|
<Compile Include="Properties\AssemblyInfo.cs" />
|
||||||
|
@ -42,6 +45,9 @@
|
||||||
<Compile Include="AuthenticationRequest.cs" />
|
<Compile Include="AuthenticationRequest.cs" />
|
||||||
<Compile Include="AuthenticationChallenges.cs" />
|
<Compile Include="AuthenticationChallenges.cs" />
|
||||||
<Compile Include="BaseIdentityProvider.cs" />
|
<Compile Include="BaseIdentityProvider.cs" />
|
||||||
|
<Compile Include="test\IdentityTests.cs" />
|
||||||
|
<Compile Include="AssignedRole.cs" />
|
||||||
|
<Compile Include="AssignedRoles.cs" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
<ItemGroup>
|
<ItemGroup>
|
||||||
<ProjectReference Include="..\ln.types\ln.types.csproj">
|
<ProjectReference Include="..\ln.types\ln.types.csproj">
|
||||||
|
@ -49,5 +55,8 @@
|
||||||
<Name>ln.types</Name>
|
<Name>ln.types</Name>
|
||||||
</ProjectReference>
|
</ProjectReference>
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
<ItemGroup>
|
||||||
|
<Folder Include="test\" />
|
||||||
|
</ItemGroup>
|
||||||
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
|
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
|
||||||
</Project>
|
</Project>
|
|
@ -0,0 +1,88 @@
|
||||||
|
using NUnit.Framework;
|
||||||
|
using System;
|
||||||
|
using System.Collections.Generic;
|
||||||
|
using System.Linq;
|
||||||
|
|
||||||
|
namespace ln.identities.test
|
||||||
|
{
|
||||||
|
|
||||||
|
public class TestIdentityProvider : BaseIdentityProvider
|
||||||
|
{
|
||||||
|
List<Identity> identities = new List<Identity>();
|
||||||
|
List<RoleAssignment> roleAssignments = new List<RoleAssignment>();
|
||||||
|
|
||||||
|
public TestIdentityProvider()
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
public override Identity CreateIdentity(string identityName)
|
||||||
|
{
|
||||||
|
Identity identity = new Identity(this, identityName);
|
||||||
|
identities.Add(identity);
|
||||||
|
return identity;
|
||||||
|
}
|
||||||
|
|
||||||
|
public override IEnumerable<KeyValuePair<Guid, string>> GetIdentities() => identities.Select((Identity arg) => new KeyValuePair<Guid, string>(arg.UniqueID, arg.IdentityName));
|
||||||
|
public override Identity GetIdentity(Guid uniqueID)
|
||||||
|
{
|
||||||
|
foreach (Identity identity in identities)
|
||||||
|
if (identity.UniqueID.Equals(uniqueID))
|
||||||
|
return identity;
|
||||||
|
throw new KeyNotFoundException();
|
||||||
|
}
|
||||||
|
public override IEnumerable<RoleAssignment> GetRoleAssignments(Identity identity) => roleAssignments.Where((RoleAssignment arg) => arg.Identity.Equals(identity));
|
||||||
|
public override bool Save(Identity identity)
|
||||||
|
{
|
||||||
|
throw new NotImplementedException();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void AddRoleAssignment(RoleAssignment roleAssignment) => roleAssignments.Add(roleAssignment);
|
||||||
|
}
|
||||||
|
|
||||||
|
[TestFixture()]
|
||||||
|
public class IdentityTests
|
||||||
|
{
|
||||||
|
[Test()]
|
||||||
|
public void TestCase()
|
||||||
|
{
|
||||||
|
TestIdentityProvider identityProvider = new TestIdentityProvider();
|
||||||
|
|
||||||
|
Identity idService = identityProvider.CreateIdentity("Service");
|
||||||
|
Identity idOrg = identityProvider.CreateIdentity("Organization");
|
||||||
|
Identity idManager = identityProvider.CreateIdentity("Manager");
|
||||||
|
Identity idEmpA = identityProvider.CreateIdentity("EmployeeA");
|
||||||
|
Identity idEmpB = identityProvider.CreateIdentity("EmployeeB");
|
||||||
|
Identity idEmpC = identityProvider.CreateIdentity("EmployeeC");
|
||||||
|
Identity idEmpD = identityProvider.CreateIdentity("EmployeeD");
|
||||||
|
|
||||||
|
identityProvider.AddRoleAssignment(new RoleAssignment(identityProvider,idOrg,idService,Role.OWN));
|
||||||
|
identityProvider.AddRoleAssignment(new RoleAssignment(identityProvider, idManager, idOrg, Role.OWN));
|
||||||
|
identityProvider.AddRoleAssignment(new RoleAssignment(identityProvider, idEmpA, idOrg, Role.IMPERSONATE | Role.CONTROL));
|
||||||
|
identityProvider.AddRoleAssignment(new RoleAssignment(identityProvider, idEmpB, idEmpA, Role.IMPERSONATE | Role.ADMIN));
|
||||||
|
identityProvider.AddRoleAssignment(new RoleAssignment(identityProvider, idEmpC, idOrg, Role.IMPERSONATE | Role.CONTROL));
|
||||||
|
identityProvider.AddRoleAssignment(new RoleAssignment(identityProvider, idEmpD, idEmpC, Role.ADMIN));
|
||||||
|
|
||||||
|
DumpRoleAssigments(idService);
|
||||||
|
DumpRoleAssigments(idOrg);
|
||||||
|
DumpRoleAssigments(idManager);
|
||||||
|
DumpRoleAssigments(idEmpA);
|
||||||
|
DumpRoleAssigments(idEmpB);
|
||||||
|
DumpRoleAssigments(idEmpC);
|
||||||
|
DumpRoleAssigments(idEmpD);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void DumpRoleAssigments(Identity identity)
|
||||||
|
{
|
||||||
|
Console.WriteLine("Identity: {0}", identity.IdentityName);
|
||||||
|
foreach (RoleAssignment roleAssignment in identity.RoleAssignments)
|
||||||
|
{
|
||||||
|
Console.WriteLine(" {0}", roleAssignment);
|
||||||
|
}
|
||||||
|
foreach (AssignedRole assignedRole in identity.AssignedRoles)
|
||||||
|
{
|
||||||
|
Console.WriteLine(" {0}", assignedRole);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue