public FileEffectiveRightsProberTests()
{
var fakeItemType = new fileeffectiverights_item();
this.FakeItemsToBeGenerateByItemTypeGenerator = new ItemType[] { fakeItemType };
this.FakeCollectedItemsToBeReturnedByObjectCollector = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(fakeItemType) };
this.OvalDefinitionsSample = ProbeHelper.GetFakeOvalDefinitions("definitionsSimple");
var objectSample = OvalDefinitionsSample.objects.OfType<fileeffectiverights53_object>().Where(obj => obj.Items.Count() > 1).First();
this.FakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(new OVAL.Definitions.ObjectType[] { objectSample }, null, null);
}
private void AssertCreatedItemType(fileeffectiverights_item itemToAssert, string filepath, string trusteeSID)
{
var path = System.IO.Path.GetDirectoryName(filepath);
var filename = System.IO.Path.GetFileName(filepath);
Assert.AreEqual(filepath, itemToAssert.filepath.Value, string.Format(UNEXPECTED_ENTITY_VALUE_FOUND, "filepath"));
Assert.AreEqual(path, itemToAssert.path.Value, string.Format(UNEXPECTED_ENTITY_VALUE_FOUND, "path"));
Assert.AreEqual(filename, itemToAssert.filename.Value, string.Format(UNEXPECTED_ENTITY_VALUE_FOUND, "filename"));
Assert.AreEqual(trusteeSID, itemToAssert.trustee_sid.Value, string.Format(UNEXPECTED_ENTITY_VALUE_FOUND, "trustee_sid"));
}
private void AssertCreatedItemTypeAgainstSourceObjectType(
fileeffectiverights53_object sourceObjectType, fileeffectiverights_item createdItemType)
{
var sourceFilePath = sourceObjectType.GetAllObjectEntities()[fileeffectiverights53_object_ItemsChoices.filepath.ToString()];
var sourcePath = sourceObjectType.GetAllObjectEntities()[fileeffectiverights53_object_ItemsChoices.path.ToString()];
var sourceFileName = sourceObjectType.GetAllObjectEntities()[fileeffectiverights53_object_ItemsChoices.filename.ToString()];
var sourceTrusteeSID = sourceObjectType.GetAllObjectEntities()[fileeffectiverights53_object_ItemsChoices.trustee_sid.ToString()];
this.assertGeneratedEntityItem(createdItemType.filepath, sourceFilePath, "filepath");
this.assertGeneratedEntityItem(createdItemType.path, sourcePath, "path");
this.assertGeneratedEntityItem(createdItemType.filename, sourceFileName, "filename");
this.assertGeneratedEntityItem(createdItemType.trustee_sid, sourceTrusteeSID, "trusteeSID");
}
private CollectedItem createFakeCollectedItem(Definitions::ObjectType fileEffectiveRightsObject)
{
var allEntities = OvalHelper.GetFileEffectiveRightsFromObjectType((fileeffectiverights_object)fileEffectiveRightsObject);
fileeffectiverights_item newItem = new fileeffectiverights_item()
{
id = fileEffectiveRightsObject.id,
path = this.createInitialItemEntity(allEntities, fileeffectiverights_object_ItemsChoices.path.ToString()),
filename = this.createInitialItemEntity(allEntities, fileeffectiverights_object_ItemsChoices.filename.ToString()),
trustee_name = this.createInitialItemEntity(allEntities, fileeffectiverights_object_ItemsChoices.trustee_name.ToString()),
trustee_sid = this.createItemEntityWithStringValue("12345"),
standard_delete = this.createItemEntityWithBooleanValue("1"),
generic_read = this.createItemEntityWithBooleanValue("0")
};
return ProbeHelper.CreateFakeCollectedItem(newItem);
}
private void AssertGeneratedItem(
fileeffectiverights_item itemToAssert,
string expectedFilepath,
string expectedPath,
string expectedFilename,
string expectedTrusteeSID)
{
ItemTypeEntityChecker.AssertItemTypeEntity(itemToAssert.filepath, expectedFilepath, "filepath");
ItemTypeEntityChecker.AssertItemTypeEntity(itemToAssert.path, expectedPath, "path");
if (expectedFilename != null)
ItemTypeEntityChecker.AssertItemTypeEntity(itemToAssert.filename, expectedFilename, "filename");
ItemTypeEntityChecker.AssertItemTypeEntity(itemToAssert.trustee_sid, expectedTrusteeSID, "trustee_sid");
}
private ItemType CreateItemTypeForCollect(string path, string fileName, string trustee)
{
var newFileEffectiveRightsItem = new fileeffectiverights_item();
newFileEffectiveRightsItem.path = OvalHelper.CreateItemEntityWithStringValue(path);
newFileEffectiveRightsItem.filename = OvalHelper.CreateItemEntityWithStringValue(fileName);
var completeFilepath = string.Format(@"{0}\{1}", path, fileName);
newFileEffectiveRightsItem.filepath = OvalHelper.CreateItemEntityWithStringValue(completeFilepath);
if (this.SourceObjectType == SourceObjectTypes.FileEffectiveRights)
newFileEffectiveRightsItem.trustee_name = OvalHelper.CreateItemEntityWithStringValue(trustee);
else
{
newFileEffectiveRightsItem.trustee_sid = OvalHelper.CreateItemEntityWithStringValue(trustee);
newFileEffectiveRightsItem.trustee_name = OvalHelper.CreateItemEntityWithStringValue(newFileEffectiveRightsItem.trustee_sid.Value);
}
return newFileEffectiveRightsItem;
}
public virtual bool IsThereUserACLInFileSecurityDescriptor(string path, string filename, string userSID)
{
var filepath = Path.Combine(path, filename);
var invokeMethodInfo = CreateInvokeMethodInfo(filepath);
object managementACEs = null;
try
{
managementACEs = this.WmiDataProvider.InvokeMethodByWmiPath(invokeMethodInfo);
}
catch
{
return false;
}
if (managementACEs == null)
return false;
var item = new fileeffectiverights_item() { trustee_name = OvalHelper.CreateItemEntityWithStringValue(userSID) };
try
{
FillCollectedItemFromUserWinACEs(item, managementACEs);
return true;
}
catch (ACLNotFoundException)
{
return false;
}
catch (UserNotFoundException)
{
return false;
}
}
private void FillCollectedItemFromUserWinACEs(
fileeffectiverights_item fileEffectiveRightsItem,
object managementWinACEs)
{
var userTrusteeName = fileEffectiveRightsItem.trustee_name.Value;
var daclDisassembler = new WindowsSecurityDescriptorDisassembler(SecurityDescriptorType.DACL);
var userDACLs = daclDisassembler.GetSecurityDescriptorsFromManagementObject(managementWinACEs, userTrusteeName, this.WmiDataProvider);
var userEffectiveRights = this.CalculateUserEffectiveRightsForItem(userDACLs);
if (userEffectiveRights == null)
throw new UserNotFoundException();
this.AdjustGenericRights(userEffectiveRights);
fileEffectiveRightsItem.trustee_name = null;
fileEffectiveRightsItem.trustee_sid = OvalHelper.CreateItemEntityWithStringValue(userEffectiveRights.Trustee.SIDString);
#region Setting File Effective Rights Entities
fileEffectiveRightsItem.access_system_security = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.ACCESS_SYSTEM_SECURITY);
fileEffectiveRightsItem.file_append_data = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_APPEND_DATA);
fileEffectiveRightsItem.file_delete_child = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_DELETE_CHILD);
fileEffectiveRightsItem.file_execute = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_EXECUTE);
fileEffectiveRightsItem.file_read_attributes = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_READ_ATTRIBUTES);
fileEffectiveRightsItem.file_read_data = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_READ_DATA);
fileEffectiveRightsItem.file_read_ea = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_READ_EA);
fileEffectiveRightsItem.file_write_attributes = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_WRITE_ATTRIBUTES);
fileEffectiveRightsItem.file_write_data = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_WRITE_DATA);
fileEffectiveRightsItem.file_write_ea = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_WRITE_EA);
fileEffectiveRightsItem.generic_all = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.GENERIC_ALL);
fileEffectiveRightsItem.generic_execute = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.GENERIC_EXECUTE);
fileEffectiveRightsItem.generic_read = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.GENERIC_READ);
fileEffectiveRightsItem.generic_write = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.GENERIC_WRITE);
fileEffectiveRightsItem.standard_delete = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.DELETE);
fileEffectiveRightsItem.standard_read_control = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.READ_CONTROL);
fileEffectiveRightsItem.standard_synchronize = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.SYNCHRONIZE);
fileEffectiveRightsItem.standard_write_dac = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.WRITE_DAC);
fileEffectiveRightsItem.standard_write_owner = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.WRITE_OWNER);
#endregion
}
private void FillCollectedItem(fileeffectiverights_item item, IEnumerable<WMIWinACE> userDACLs)
{
try
{
FillCollectedItemFromUserWinACEs(item, userDACLs);
item.status = StatusEnumeration.exists;
}
catch (InvalidInvokeMethodFilterException)
{
item.status = StatusEnumeration.doesnotexist;
}
catch (ACLNotFoundException)
{
item.status = StatusEnumeration.doesnotexist;
}
catch (UserNotFoundException)
{
item.status = StatusEnumeration.doesnotexist;
}
catch (InvalidInvokeMethodException)
{
item.status = StatusEnumeration.doesnotexist;
}
catch (Exception ex)
{
// ConfigureItemWithError(itemToCollect, ex.Message);
}
}
private fileeffectiverights_item CloneItemType(fileeffectiverights_item sourceItem)
{
return new fileeffectiverights_item()
{
status = sourceItem.status,
message = CloneItemMessages(sourceItem.message),
filepath = CloneStringEntity(sourceItem.filepath),
path = CloneStringEntity(sourceItem.path),
filename = CloneStringEntity(sourceItem.filename),
trustee_sid = CloneStringEntity(sourceItem.trustee_sid),
trustee_name = CloneStringEntity(sourceItem.trustee_name),
access_system_security = CloneEntity(sourceItem.access_system_security),
file_append_data = CloneEntity(sourceItem.file_append_data),
file_delete_child = CloneEntity(sourceItem.file_delete_child),
file_execute = CloneEntity(sourceItem.file_execute),
file_read_attributes = CloneEntity(sourceItem.file_read_attributes),
file_read_data = CloneEntity(sourceItem.file_read_data),
file_read_ea = CloneEntity(sourceItem.file_read_ea),
file_write_attributes = CloneEntity(sourceItem.file_write_attributes),
file_write_data = CloneEntity(sourceItem.file_write_data),
file_write_ea = CloneEntity(sourceItem.file_write_ea),
generic_all = CloneEntity(sourceItem.generic_all),
generic_execute = CloneEntity(sourceItem.generic_execute),
generic_read = CloneEntity(sourceItem.generic_read),
generic_write = CloneEntity(sourceItem.generic_write),
standard_delete = CloneEntity(sourceItem.standard_delete),
standard_read_control = CloneEntity(sourceItem.standard_read_control),
standard_synchronize = CloneEntity(sourceItem.standard_synchronize),
standard_write_dac = CloneEntity(sourceItem.standard_write_dac),
standard_write_owner = CloneEntity(sourceItem.standard_write_owner)
};
}
private void AddToFlatCache(string filepath, string trustee, fileeffectiverights_item collectedItem)
{
var cacheItemKey = String.Format("{0}#{1}", filepath, trustee);
if (!this.FlatCache.ContainsKey(cacheItemKey))
this.FlatCache.Add(cacheItemKey, collectedItem);
}
