Joseph Doherty
b104760b3a
Standardize role string VALUES on the canonical vocabulary
(Administrator/Designer/Deployer/Viewer; Operator/Engineer unused here):
Admin -> Administrator
Design -> Designer
Deployment -> Deployer
Audit -> Administrator (COLLAPSE; accepted privilege escalation)
AuditReadOnly-> Viewer (COLLAPSE; keeps audit-read, no export)
SoD: OperationalAuditRoles = { Administrator, Viewer },
AuditExportRoles = { Administrator }
so Viewer reads the audit log + nav but cannot bulk-export, while
Administrator does both + holds the full admin surface (the documented,
accepted auditor/admin SoD collapse).
Atomic move across every enforcement site:
- Roles constants; AuthorizationPolicies (RequireClaim values + SoD arrays +
honest XML-doc); RoleMapper Deployer check.
- ManagementActor.GetRequiredRole switch + the hard-coded site-scope
admin-bypass (now Roles.Administrator at all 6 sites). Site-scoping logic
is otherwise unchanged.
- DebugStreamHub Administrator/Deployer gates (Deployer kept case-sensitive).
- CentralUI BrowseService/BindingTester Designer guards; LdapMappingForm
dropdown now offers canonical values (incl. Viewer).
- Config-DB seed (LdapGroupMappings Id 1-4) + EF migration CanonicalizeRoles:
Id-keyed UpdateData for seed rows + idempotent raw catch-all UPDATEs for
operator-added rows. Down is lossy on the collapse (documented in-file).
No pending model changes.
Tests reworked to the collapsed model across Security/CentralUI/
ManagementService/ConfigurationDatabase/Integration suites, incl. explicit
Viewer-reads-not-exports and former-Audit-now-Administrator-escalation cases.
CHANGELOG: BREAKING security note documenting the canonicalization + SoD
collapse.
112 lines
4.1 KiB
C#
112 lines
4.1 KiB
C#
using System.Security.Claims;
|
|
using ZB.MOM.WW.ScadaBridge.Security;
|
|
using Bunit;
|
|
using Microsoft.AspNetCore.Components.Authorization;
|
|
using Microsoft.Extensions.DependencyInjection;
|
|
using NSubstitute;
|
|
using ZB.MOM.WW.ScadaBridge.CentralUI.Components.Shared;
|
|
using ZB.MOM.WW.ScadaBridge.Commons.Entities.Notifications;
|
|
using ZB.MOM.WW.ScadaBridge.Commons.Interfaces.Repositories;
|
|
using NotificationListsPage = ZB.MOM.WW.ScadaBridge.CentralUI.Components.Pages.Notifications.NotificationLists;
|
|
|
|
namespace ZB.MOM.WW.ScadaBridge.CentralUI.Tests.Pages;
|
|
|
|
/// <summary>
|
|
/// bUnit rendering tests for the standalone Notification Lists page (Task 7).
|
|
/// </summary>
|
|
public class NotificationListsPageTests : BunitContext
|
|
{
|
|
private void WireAuthAndDialog()
|
|
{
|
|
Services.AddSingleton<IDialogService>(new AlwaysConfirmDialogService());
|
|
|
|
var claims = new[]
|
|
{
|
|
new Claim(JwtTokenService.UsernameClaimType, "tester"),
|
|
new Claim(JwtTokenService.RoleClaimType, "Designer"),
|
|
};
|
|
var user = new ClaimsPrincipal(new ClaimsIdentity(claims, "TestAuth"));
|
|
Services.AddSingleton<AuthenticationStateProvider>(new TestAuthStateProvider(user));
|
|
Services.AddAuthorizationCore();
|
|
}
|
|
|
|
[Fact]
|
|
public void RendersNotificationListRows()
|
|
{
|
|
var repo = Substitute.For<INotificationRepository>();
|
|
repo.GetAllNotificationListsAsync()
|
|
.Returns(Task.FromResult<IReadOnlyList<NotificationList>>(
|
|
new List<NotificationList> { new("Ops On-Call") { Id = 1 } }));
|
|
repo.GetRecipientsByListIdAsync(1)
|
|
.Returns(Task.FromResult<IReadOnlyList<NotificationRecipient>>(
|
|
new List<NotificationRecipient> { new("Jane", "jane@example.com") }));
|
|
Services.AddSingleton(repo);
|
|
WireAuthAndDialog();
|
|
|
|
var cut = Render<NotificationListsPage>();
|
|
|
|
cut.WaitForAssertion(() =>
|
|
{
|
|
Assert.Contains("Ops On-Call", cut.Markup);
|
|
Assert.Contains("jane@example.com", cut.Markup);
|
|
});
|
|
}
|
|
|
|
[Fact]
|
|
public void ShowsEmptyState_WhenNoLists()
|
|
{
|
|
var repo = Substitute.For<INotificationRepository>();
|
|
repo.GetAllNotificationListsAsync()
|
|
.Returns(Task.FromResult<IReadOnlyList<NotificationList>>(
|
|
new List<NotificationList>()));
|
|
Services.AddSingleton(repo);
|
|
WireAuthAndDialog();
|
|
|
|
var cut = Render<NotificationListsPage>();
|
|
|
|
cut.WaitForAssertion(() =>
|
|
Assert.Contains("No notification lists", cut.Markup));
|
|
}
|
|
|
|
[Fact]
|
|
public void DeleteList_ConfirmsThenDeletesAndReloads()
|
|
{
|
|
var repo = Substitute.For<INotificationRepository>();
|
|
repo.GetAllNotificationListsAsync()
|
|
.Returns(Task.FromResult<IReadOnlyList<NotificationList>>(
|
|
new List<NotificationList> { new("Ops On-Call") { Id = 1 } }));
|
|
repo.GetRecipientsByListIdAsync(1)
|
|
.Returns(Task.FromResult<IReadOnlyList<NotificationRecipient>>(
|
|
new List<NotificationRecipient>()));
|
|
Services.AddSingleton(repo);
|
|
WireAuthAndDialog();
|
|
|
|
var cut = Render<NotificationListsPage>();
|
|
|
|
cut.WaitForState(() => cut.Markup.Contains("Ops On-Call"));
|
|
|
|
var deleteButton = cut.FindAll("tbody tr button")
|
|
.First(b => b.TextContent.Contains("Delete"));
|
|
deleteButton.Click();
|
|
|
|
cut.WaitForAssertion(() =>
|
|
{
|
|
repo.Received().DeleteNotificationListAsync(1);
|
|
repo.Received().SaveChangesAsync();
|
|
// Reload re-invokes the list query (once on init, once after delete).
|
|
repo.Received(2).GetAllNotificationListsAsync();
|
|
});
|
|
}
|
|
|
|
/// <summary>A dialog service that auto-confirms, so action paths run end-to-end.</summary>
|
|
private sealed class AlwaysConfirmDialogService : IDialogService
|
|
{
|
|
public Task<bool> ConfirmAsync(string title, string message, bool danger = false)
|
|
=> Task.FromResult(true);
|
|
|
|
public Task<string?> PromptAsync(
|
|
string title, string label, string initialValue = "", string? placeholder = null)
|
|
=> Task.FromResult<string?>(null);
|
|
}
|
|
}
|