public void FolderPermission_AccessDeny_GroupSid()
        {
            _SID   sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azGroup01Name, testConfig.UserName, testConfig.UserPassword);
            object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None);

            SetSecurityDescriptorOnShare(ace);

            BaseTestSite.Assert.IsFalse(
                AccessShare(),
                "ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to access the share.",
                DtypUtility.ToSddlString(sid));
        }
Esempio n. 2
0
        public void FilePermission_AccessDeny_GroupSid()
        {
            _SID   sid = sutCommonControlAdapterAccessor.GetGroupSid(azGroup01Name);
            object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None);

            SetSecurityDescriptorOnFile(ace);

            BaseTestSite.Assert.IsFalse(
                TryReadFile(),
                "ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to read the file.",
                DtypUtility.ToSddlString(sid));
        }
        public void FilePermission_AccessDeny_UserSid()
        {
            _SID   sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name, testConfig.UserName, testConfig.UserPassword);
            object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None);

            SetSecurityDescriptorOnFile(ace);

            BaseTestSite.Assert.IsFalse(
                TryReadFile(),
                "ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to read the file.",
                DtypUtility.ToSddlString(sid));
        }
Esempio n. 4
0
        public void FolderPermission_AccessDeny_UserSid()
        {
            _SID   sid = sutCommonControlAdapterAccessor.GetUserSid(azUser01Name);
            object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None);

            SetSecurityDescriptorOnShare(ace);

            BaseTestSite.Assert.IsFalse(
                AccessShare(),
                "ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to access the share.",
                DtypUtility.ToSddlString(sid));
        }
        public void SharePermission_AccessDeny_UserSid()
        {
            _SID   sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name);
            string shareName;

            if (dynamicallyConfigurableShareExist)
            {
                object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_STANDARD_RIGHTS_ALL | DtypUtility.ACCESS_MASK_SPECIFIC_RIGHTS_ALL, ACE_FLAGS.None);
                SetSecurityDescriptorOnDynamicallyConfigurableShare(ace);
                shareName = dynamicallyConfigurableShareName;
            }
            else
            {
                shareName = "AzShare03";
            }

            bool result = AccessShare(shareName);

            BaseTestSite.Assert.IsFalse(result, "ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to access the share.", DtypUtility.ToSddlString(sid));
        }
        public void SharePermission_AccessDeny_UserSidWithoutReadPermission()
        {
            _SID   sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name);
            string shareName;

            if (dynamicallyConfigurableShareExist)
            {
                object ace = DtypUtility.CreateAccessDeniedAce(sid, 0, ACE_FLAGS.None);
                SetSecurityDescriptorOnDynamicallyConfigurableShare(ace);
                shareName = dynamicallyConfigurableShareName;
            }
            else
            {
                shareName = "AzShare06";
            }

            BaseTestSite.Assert.IsFalse(
                AccessShare(shareName),
                "ACCESS_ALLOWED_ACE with user SID ({0}) without READ permission in folder Security Descriptor. User should not be able to access the share.",
                DtypUtility.ToSddlString(sid));
        }
Esempio n. 7
0
        public void SharePermission_AccessDeny_GroupSid()
        {
            _SID   sid = sutCommonControlAdapterAccessor.GetGroupSid(azGroup01Name);
            string shareName;

            if (dynamicallyConfigurableShareExist)
            {
                object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_STANDARD_RIGHTS_ALL | DtypUtility.ACCESS_MASK_SPECIFIC_RIGHTS_ALL, ACE_FLAGS.None);
                SetSecurityDescriptorOnDynamicallyConfigurableShare(ace);
                shareName = dynamicallyConfigurableShareName;
            }
            else
            {
                shareName = "AzShare04";
            }

            BaseTestSite.Assert.IsFalse(
                AccessShare(shareName),
                "ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to access the share.",
                DtypUtility.ToSddlString(sid));
        }