public void FolderPermission_AccessDeny_GroupSid()
{
_SID sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azGroup01Name, testConfig.UserName, testConfig.UserPassword);
object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None);
SetSecurityDescriptorOnShare(ace);
BaseTestSite.Assert.IsFalse(
AccessShare(),
"ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to access the share.",
DtypUtility.ToSddlString(sid));
}
public void FilePermission_AccessDeny_GroupSid()
{
_SID sid = sutCommonControlAdapterAccessor.GetGroupSid(azGroup01Name);
object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None);
SetSecurityDescriptorOnFile(ace);
BaseTestSite.Assert.IsFalse(
TryReadFile(),
"ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to read the file.",
DtypUtility.ToSddlString(sid));
}
public void FilePermission_AccessDeny_UserSid()
{
_SID sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name, testConfig.UserName, testConfig.UserPassword);
object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None);
SetSecurityDescriptorOnFile(ace);
BaseTestSite.Assert.IsFalse(
TryReadFile(),
"ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to read the file.",
DtypUtility.ToSddlString(sid));
}
public void FolderPermission_AccessDeny_UserSid()
{
_SID sid = sutCommonControlAdapterAccessor.GetUserSid(azUser01Name);
object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None);
SetSecurityDescriptorOnShare(ace);
BaseTestSite.Assert.IsFalse(
AccessShare(),
"ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to access the share.",
DtypUtility.ToSddlString(sid));
}
public void SharePermission_AccessDeny_UserSid()
{
_SID sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name);
string shareName;
if (dynamicallyConfigurableShareExist)
{
object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_STANDARD_RIGHTS_ALL | DtypUtility.ACCESS_MASK_SPECIFIC_RIGHTS_ALL, ACE_FLAGS.None);
SetSecurityDescriptorOnDynamicallyConfigurableShare(ace);
shareName = dynamicallyConfigurableShareName;
}
else
{
shareName = "AzShare03";
}
bool result = AccessShare(shareName);
BaseTestSite.Assert.IsFalse(result, "ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to access the share.", DtypUtility.ToSddlString(sid));
}
public void SharePermission_AccessDeny_UserSidWithoutReadPermission()
{
_SID sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name);
string shareName;
if (dynamicallyConfigurableShareExist)
{
object ace = DtypUtility.CreateAccessDeniedAce(sid, 0, ACE_FLAGS.None);
SetSecurityDescriptorOnDynamicallyConfigurableShare(ace);
shareName = dynamicallyConfigurableShareName;
}
else
{
shareName = "AzShare06";
}
BaseTestSite.Assert.IsFalse(
AccessShare(shareName),
"ACCESS_ALLOWED_ACE with user SID ({0}) without READ permission in folder Security Descriptor. User should not be able to access the share.",
DtypUtility.ToSddlString(sid));
}
public void SharePermission_AccessDeny_GroupSid()
{
_SID sid = sutCommonControlAdapterAccessor.GetGroupSid(azGroup01Name);
string shareName;
if (dynamicallyConfigurableShareExist)
{
object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_STANDARD_RIGHTS_ALL | DtypUtility.ACCESS_MASK_SPECIFIC_RIGHTS_ALL, ACE_FLAGS.None);
SetSecurityDescriptorOnDynamicallyConfigurableShare(ace);
shareName = dynamicallyConfigurableShareName;
}
else
{
shareName = "AzShare04";
}
BaseTestSite.Assert.IsFalse(
AccessShare(shareName),
"ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to access the share.",
DtypUtility.ToSddlString(sid));
}
