upd security path restriction service (#514)

Luxoft · Oct 16, 2024 · b472a37 · b472a37
1 parent 616a5fb
commit b472a37
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 26 deletions.
diff --git a/src/Framework.SecuritySystem.DiTests/MainTests.SecurityPathTests.cs b/src/Framework.SecuritySystem.DiTests/MainTests.SecurityPathTests.cs
@@ -54,12 +54,12 @@ public void TryApplyOverflowRestriction_ResultPathIsEmpty()
     public void TryApplyKeyedRestriction_SecurityPathCorrect()
     {
         //Arrange
-        var key = "Alt";
+        var key = nameof(Employee.AltBusinessUnit);
 
         var service = this.rootServiceProvider.GetRequiredService<ISecurityPathRestrictionService>();
 
         var baseSecurityPath = SecurityPath<Employee>.Create(employee => employee.BusinessUnit);
-        var altSecurityPath = SecurityPath<Employee>.Create(employee => employee.BusinessUnit, key: key);
+        var altSecurityPath = SecurityPath<Employee>.Create(employee => employee.AltBusinessUnit, key: key);
         var testSecurityPath = baseSecurityPath.And(altSecurityPath);
 
         var restriction = SecurityPathRestriction.Create<Location>().Add<BusinessUnit>(key: key);
@@ -72,15 +72,15 @@ public void TryApplyKeyedRestriction_SecurityPathCorrect()
     }
 
     [Fact]
-    public void AutoShrinkSecurityPathByRoleWithoutRestriction_SecurityPathCorrect()
+    public void EmptySecurityPathRestriction_SecurityPathNotModified()
     {
         //Arrange
-        var key = "Alt";
+        var key = nameof(Employee.AltBusinessUnit);
 
         var service = this.rootServiceProvider.GetRequiredService<ISecurityPathRestrictionService>();
 
         var baseSecurityPath = SecurityPath<Employee>.Create(employee => employee.BusinessUnit);
-        var altSecurityPath = SecurityPath<Employee>.Create(employee => employee.BusinessUnit, key: key);
+        var altSecurityPath = SecurityPath<Employee>.Create(employee => employee.AltBusinessUnit, key: key);
 
         var testSecurityPath = baseSecurityPath.And(altSecurityPath);
 
@@ -90,6 +90,6 @@ public void AutoShrinkSecurityPathByRoleWithoutRestriction_SecurityPathCorrect()
         var result = service.ApplyRestriction(testSecurityPath, restriction);
 
         //Assert
-        result.Should().Be(baseSecurityPath);
+        result.Should().Be(testSecurityPath);
     }
 }
diff --git a/src/Framework.SecuritySystem/SecurityPath/SecurityPath.cs b/src/Framework.SecuritySystem/SecurityPath/SecurityPath.cs
@@ -11,8 +11,6 @@ namespace Framework.SecuritySystem;
 /// <typeparam name="TDomainObject"></typeparam>
 public abstract record SecurityPath<TDomainObject>
 {
-    public abstract bool HasKey { get; }
-
     public IEnumerable<Type> GetUsedTypes() => this.GetInternalUsedTypes().Distinct();
 
     public abstract SecurityPath<TNewDomainObject> OverrideInput<TNewDomainObject>(
@@ -87,8 +85,6 @@ public static SecurityPath<TDomainObject> CreateNested<TNestedObject>(
 
     public record ConditionPath(Expression<Func<TDomainObject, bool>> SecurityFilter) : SecurityPath<TDomainObject>
     {
-        public override bool HasKey { get; } = false;
-
         protected override IEnumerable<Type> GetInternalUsedTypes() => [];
 
         public override SecurityPath<TNewDomainObject> OverrideInput<TNewDomainObject>(
@@ -105,8 +101,6 @@ public virtual bool Equals(ConditionPath? other) =>
     public abstract record BinarySecurityPath(SecurityPath<TDomainObject> Left, SecurityPath<TDomainObject> Right)
         : SecurityPath<TDomainObject>
     {
-        public override bool HasKey { get; } = Left.HasKey || Right.HasKey;
-
         protected override IEnumerable<Type> GetInternalUsedTypes() =>
             this.Left.GetUsedTypes().Concat(this.Right.GetUsedTypes());
     }
@@ -133,8 +127,6 @@ public record SingleSecurityPath<TSecurityContext>(
         string? Key) : SecurityPath<TDomainObject>, IContextSecurityPath
         where TSecurityContext : ISecurityContext
     {
-        public override bool HasKey { get; } = Key != null;
-
         Type IContextSecurityPath.SecurityContextType => typeof(TSecurityContext);
 
         protected override IEnumerable<Type> GetInternalUsedTypes() => [typeof(TSecurityContext)];
@@ -162,8 +154,6 @@ public record ManySecurityPath<TSecurityContext>(
         string? Key) : SecurityPath<TDomainObject>, IContextSecurityPath
         where TSecurityContext : ISecurityContext
     {
-        public override bool HasKey { get; } = Key != null;
-
         Type IContextSecurityPath.SecurityContextType => typeof(TSecurityContext);
 
         public Expression<Func<TDomainObject, IQueryable<TSecurityContext>>>? SecurityPathQ { get; } =
@@ -204,8 +194,6 @@ public record NestedManySecurityPath<TNestedObject>(
         SecurityPath<TNestedObject> NestedSecurityPath,
         ManySecurityPathMode Mode) : SecurityPath<TDomainObject>
     {
-        public override bool HasKey { get; } = NestedSecurityPath.HasKey;
-
         protected override IEnumerable<Type> GetInternalUsedTypes() => this.NestedSecurityPath.GetUsedTypes();
 
         public override SecurityPath<TNewDomainObject> OverrideInput<TNewDomainObject>(

diff --git a/src/Framework.SecuritySystem/SecurityPath/SecurityPathRestrictionService.cs b/src/Framework.SecuritySystem/SecurityPath/SecurityPathRestrictionService.cs
@@ -26,7 +26,7 @@ private SecurityPath<TDomainObject> VisitSecurityContexts<TDomainObject>(
         SecurityPath<TDomainObject> securityPath,
         SecurityPathRestriction restriction)
     {
-        if (restriction.SecurityContextRestrictions == null && !securityPath.HasKey)
+        if (restriction.SecurityContextRestrictions == null)
         {
             return securityPath;
         }
@@ -82,7 +82,7 @@ private SecurityPath<TDomainObject> TryAddRelativeCondition<TDomainObject>(
 
     private SecurityPath<TDomainObject> Visit<TDomainObject>(
         SecurityPath<TDomainObject> securityPath,
-        IReadOnlyList<SecurityContextRestriction>? securityContextRestrictions)
+        IReadOnlyList<SecurityContextRestriction> securityContextRestrictions)
     {
         var pathType = securityPath.GetType();
 
@@ -92,10 +92,9 @@ private SecurityPath<TDomainObject> Visit<TDomainObject>(
         }
         else if (securityPath is IContextSecurityPath contextSecurityPath)
         {
-            var containsKey = securityContextRestrictions?.Any(
+            var containsKey = securityContextRestrictions.Any(
                                   restriction => restriction.Type == contextSecurityPath.SecurityContextType
-                                                 && restriction.Key == contextSecurityPath.Key)
-                              ?? contextSecurityPath.Key == null;
+                                                 && restriction.Key == contextSecurityPath.Key);
 
             return containsKey ? securityPath : SecurityPath<TDomainObject>.Empty;
         }

diff --git a/src/__SolutionItems/CommonAssemblyInfo.cs b/src/__SolutionItems/CommonAssemblyInfo.cs
@@ -4,9 +4,9 @@
 [assembly: AssemblyCompany("Luxoft")]
 [assembly: AssemblyCopyright("Copyright © Luxoft 2009-2024")]
 
-[assembly: AssemblyVersion("22.4.4.0")]
-[assembly: AssemblyFileVersion("22.4.4.0")]
-[assembly: AssemblyInformationalVersion("22.4.4.0")]
+[assembly: AssemblyVersion("22.4.5.0")]
+[assembly: AssemblyFileVersion("22.4.5.0")]
+[assembly: AssemblyInformationalVersion("22.4.5.0")]
 
 #if DEBUG
 [assembly: AssemblyConfiguration("Debug")]