public static void TestSetSystemAclProtection(bool isContainer, bool isDS, string sddl, bool isProtected, bool preserveInheritance, string verifierSddl)
{
CommonSecurityDescriptor commonSecurityDescriptor = null;
string resultSddl = null;
commonSecurityDescriptor = new CommonSecurityDescriptor(isContainer, isDS, sddl);
commonSecurityDescriptor.SetSystemAclProtection(isProtected, preserveInheritance);
resultSddl = commonSecurityDescriptor.GetSddlForm(AccessControlSections.All);
if (!isProtected && (commonSecurityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) == 0)
{
Assert.False(resultSddl != verifierSddl);
}
else if (isProtected && (commonSecurityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) != 0)
{
Assert.False(resultSddl != verifierSddl);
}
}
public static void TestSetSystemAclProtection(bool isContainer, bool isDS, string sddl, bool isProtected, bool preserveInheritance, string verifierSddl)
{
CommonSecurityDescriptor commonSecurityDescriptor = null;
string resultSddl = null;
commonSecurityDescriptor = new CommonSecurityDescriptor(isContainer, isDS, sddl);
commonSecurityDescriptor.SetSystemAclProtection(isProtected, preserveInheritance);
resultSddl = commonSecurityDescriptor.GetSddlForm(AccessControlSections.All);
if (!isProtected && (commonSecurityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) == 0)
{
Assert.False(resultSddl != verifierSddl);
}
else if (isProtected && (commonSecurityDescriptor.ControlFlags & ControlFlags.SystemAclProtected) != 0)
{
Assert.False(resultSddl != verifierSddl);
}
}
public void ProtectionChangesFlags()
{
SecurityIdentifier userSid = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null);
SecurityIdentifier groupSid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null);
CommonSecurityDescriptor csd;
csd = new CommonSecurityDescriptor
(false, false, ControlFlags.None, userSid, groupSid, null, null);
Assert.AreEqual(ControlFlags.DiscretionaryAclPresent
| ControlFlags.SelfRelative, csd.ControlFlags);
csd.SetDiscretionaryAclProtection(true, false);
Assert.AreEqual(ControlFlags.DiscretionaryAclPresent
| ControlFlags.DiscretionaryAclProtected
| ControlFlags.SelfRelative, csd.ControlFlags);
csd.SetSystemAclProtection(true, false); // despite not being *present*
Assert.AreEqual(ControlFlags.DiscretionaryAclPresent
| ControlFlags.DiscretionaryAclProtected
| ControlFlags.SystemAclProtected
| ControlFlags.SelfRelative, csd.ControlFlags);
}
public static void AdditionalTestCases()
{
CommonSecurityDescriptor sd = null;
// test case 1: SACL is null, isProtected is true, preserveInheritance is true
sd = new CommonSecurityDescriptor(true, false, (ControlFlags)0, null, null, null, null);
sd.SetSystemAclProtection(true, true);
Assert.True((sd.ControlFlags & ControlFlags.SystemAclProtected) != 0);
// test case 2: SACL is null, isProtected is true, preserveInheritance is false
sd = new CommonSecurityDescriptor(true, false, (ControlFlags)0, null, null, null, null);
sd.SetSystemAclProtection(true, false);
Assert.True((sd.ControlFlags & ControlFlags.SystemAclProtected) != 0);
// test case 3: SACL is null, isProtected is false, preserveInheritance is true
sd = new CommonSecurityDescriptor(true, false, (ControlFlags)0, null, null, null, null);
sd.SetSystemAclProtection(false, true);
Assert.True((sd.ControlFlags & ControlFlags.SystemAclProtected) == 0);
// test case 4: SACL is null, isProtected is false, preserveInheritance is false
sd = new CommonSecurityDescriptor(true, false, (ControlFlags)0, null, null, null, null);
sd.SetSystemAclProtection(false, false);
Assert.True((sd.ControlFlags & ControlFlags.SystemAclProtected) == 0);
}
public static void AdditionalTestCases()
{
CommonSecurityDescriptor sd = null;
// test case 1: SACL is null, isProtected is true, preserveInheritance is true
sd = new CommonSecurityDescriptor(true, false, (ControlFlags)0, null, null, null, null);
sd.SetSystemAclProtection(true, true);
Assert.True((sd.ControlFlags & ControlFlags.SystemAclProtected) != 0);
// test case 2: SACL is null, isProtected is true, preserveInheritance is false
sd = new CommonSecurityDescriptor(true, false, (ControlFlags)0, null, null, null, null);
sd.SetSystemAclProtection(true, false);
Assert.True((sd.ControlFlags & ControlFlags.SystemAclProtected) != 0);
// test case 3: SACL is null, isProtected is false, preserveInheritance is true
sd = new CommonSecurityDescriptor(true, false, (ControlFlags)0, null, null, null, null);
sd.SetSystemAclProtection(false, true);
Assert.True((sd.ControlFlags & ControlFlags.SystemAclProtected) == 0);
// test case 4: SACL is null, isProtected is false, preserveInheritance is false
sd = new CommonSecurityDescriptor(true, false, (ControlFlags)0, null, null, null, null);
sd.SetSystemAclProtection(false, false);
Assert.True((sd.ControlFlags & ControlFlags.SystemAclProtected) == 0);
}
