dohertj2/ScadaBridge
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
5aaf9e2923729ff6f4c859a47e07091d139fcc2a
ScadaBridge/tests/ZB.MOM.WW.ScadaBridge.ConfigurationDatabase.Tests
T
History
Joseph Doherty b104760b3a feat(auth)!: ScadaBridge canonical roles + SoD collapse (Audit→Administrator, AuditReadOnly→Viewer) + config-DB migration (Task 1.7) 
Standardize role string VALUES on the canonical vocabulary
(Administrator/Designer/Deployer/Viewer; Operator/Engineer unused here):
  Admin        -> Administrator
  Design       -> Designer
  Deployment   -> Deployer
  Audit        -> Administrator   (COLLAPSE; accepted privilege escalation)
  AuditReadOnly-> Viewer          (COLLAPSE; keeps audit-read, no export)

SoD: OperationalAuditRoles = { Administrator, Viewer },
     AuditExportRoles      = { Administrator }
so Viewer reads the audit log + nav but cannot bulk-export, while
Administrator does both + holds the full admin surface (the documented,
accepted auditor/admin SoD collapse).

Atomic move across every enforcement site:
- Roles constants; AuthorizationPolicies (RequireClaim values + SoD arrays +
  honest XML-doc); RoleMapper Deployer check.
- ManagementActor.GetRequiredRole switch + the hard-coded site-scope
  admin-bypass (now Roles.Administrator at all 6 sites). Site-scoping logic
  is otherwise unchanged.
- DebugStreamHub Administrator/Deployer gates (Deployer kept case-sensitive).
- CentralUI BrowseService/BindingTester Designer guards; LdapMappingForm
  dropdown now offers canonical values (incl. Viewer).
- Config-DB seed (LdapGroupMappings Id 1-4) + EF migration CanonicalizeRoles:
  Id-keyed UpdateData for seed rows + idempotent raw catch-all UPDATEs for
  operator-added rows. Down is lossy on the collapse (documented in-file).
  No pending model changes.

Tests reworked to the collapsed model across Security/CentralUI/
ManagementService/ConfigurationDatabase/Integration suites, incl. explicit
Viewer-reads-not-exports and former-Audit-now-Administrator-escalation cases.

CHANGELOG: BREAKING security note documenting the canonicalization + SoD
collapse.
2026-06-02 08:00:47 -04:00
..
Configurations
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
Maintenance
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
Migrations
refactor: scrub residual ScadaLink refs → ScadaBridge (env vars, config keys, assembly name, SQL login)
2026-05-31 21:50:38 -04:00
Repositories
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
AuditServiceTests.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
ConcurrencyTests.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
DataProtectionTests.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
DesignTimeDbContextFactoryTests.cs
refactor: scrub residual ScadaLink refs → ScadaBridge (env vars, config keys, assembly name, SQL login)
2026-05-31 21:50:38 -04:00
EphemeralEncryptionFallbackTests.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
InboundApiRepositoryTests.cs
feat(auth)!: ScadaBridge retire SQL Server ApiKey entity + ApprovedApiKeyIds + legacy hashing; EF migration RetireInboundApiKeyStore; re-issue runbook + CHANGELOG (re-arch C5/E) — BREAKING: X-API-Key -> Bearer sbk_, keys re-issued
2026-06-02 05:39:59 -04:00
NativeAlarmSourceSchemaTests.cs
feat(configdb): EF mappings + DbSets for native alarm source entities
2026-05-29 15:52:33 -04:00
NotificationOutboxRepositoryPerSiteKpiTests.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
RepositoryCoverageTests.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
RepositoryTests.cs
feat(auth)!: ScadaBridge canonical roles + SoD collapse (Audit→Administrator, AuditReadOnly→Viewer) + config-DB migration (Task 1.7)
2026-06-02 08:00:47 -04:00
SchemaConfigurationTests.cs
feat(auth)!: ScadaBridge retire SQL Server ApiKey entity + ApprovedApiKeyIds + legacy hashing; EF migration RetireInboundApiKeyStore; re-issue runbook + CHANGELOG (re-arch C5/E) — BREAKING: X-API-Key -> Bearer sbk_, keys re-issued
2026-06-02 05:39:59 -04:00
SecretEncryptionTests.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
SeedDataTests.cs
feat(auth)!: ScadaBridge canonical roles + SoD collapse (Audit→Administrator, AuditReadOnly→Viewer) + config-DB migration (Task 1.7)
2026-06-02 08:00:47 -04:00
ServiceCollectionExtensionsTests.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
SqliteTestHelper.cs
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00
TemplateEngineRepositoryTests.cs
feat(configdb): native alarm source repository CRUD + eager-load includes
2026-05-29 15:56:35 -04:00
UnitTest1.cs
feat(auth)!: ScadaBridge canonical roles + SoD collapse (Audit→Administrator, AuditReadOnly→Viewer) + config-DB migration (Task 1.7)
2026-06-02 08:00:47 -04:00
ZB.MOM.WW.ScadaBridge.ConfigurationDatabase.Tests.csproj
refactor: rename ScadaLink → ZB.MOM.WW.ScadaBridge (code + projects + namespaces)
2026-05-28 09:37:45 -04:00