public void FolderPermission_AccessDeny_GroupSid() { _SID sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azGroup01Name, testConfig.UserName, testConfig.UserPassword); object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None); SetSecurityDescriptorOnShare(ace); BaseTestSite.Assert.IsFalse( AccessShare(), "ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to access the share.", DtypUtility.ToSddlString(sid)); }
public void FilePermission_AccessDeny_GroupSid() { _SID sid = sutCommonControlAdapterAccessor.GetGroupSid(azGroup01Name); object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None); SetSecurityDescriptorOnFile(ace); BaseTestSite.Assert.IsFalse( TryReadFile(), "ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to read the file.", DtypUtility.ToSddlString(sid)); }
public void FilePermission_AccessDeny_UserSid() { _SID sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name, testConfig.UserName, testConfig.UserPassword); object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None); SetSecurityDescriptorOnFile(ace); BaseTestSite.Assert.IsFalse( TryReadFile(), "ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to read the file.", DtypUtility.ToSddlString(sid)); }
public void FolderPermission_AccessDeny_UserSid() { _SID sid = sutCommonControlAdapterAccessor.GetUserSid(azUser01Name); object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_GENERIC_READ, ACE_FLAGS.None); SetSecurityDescriptorOnShare(ace); BaseTestSite.Assert.IsFalse( AccessShare(), "ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to access the share.", DtypUtility.ToSddlString(sid)); }
public void SharePermission_AccessDeny_UserSid() { _SID sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name); string shareName; if (dynamicallyConfigurableShareExist) { object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_STANDARD_RIGHTS_ALL | DtypUtility.ACCESS_MASK_SPECIFIC_RIGHTS_ALL, ACE_FLAGS.None); SetSecurityDescriptorOnDynamicallyConfigurableShare(ace); shareName = dynamicallyConfigurableShareName; } else { shareName = "AzShare03"; } bool result = AccessShare(shareName); BaseTestSite.Assert.IsFalse(result, "ACCESS_DENIED_ACE with user SID ({0}) exists in folder Security Descriptor. User should not be able to access the share.", DtypUtility.ToSddlString(sid)); }
public void SharePermission_AccessDeny_UserSidWithoutReadPermission() { _SID sid = DtypUtility.GetSidFromAccount(TestConfig.DomainName, azUser01Name); string shareName; if (dynamicallyConfigurableShareExist) { object ace = DtypUtility.CreateAccessDeniedAce(sid, 0, ACE_FLAGS.None); SetSecurityDescriptorOnDynamicallyConfigurableShare(ace); shareName = dynamicallyConfigurableShareName; } else { shareName = "AzShare06"; } BaseTestSite.Assert.IsFalse( AccessShare(shareName), "ACCESS_ALLOWED_ACE with user SID ({0}) without READ permission in folder Security Descriptor. User should not be able to access the share.", DtypUtility.ToSddlString(sid)); }
public void SharePermission_AccessDeny_GroupSid() { _SID sid = sutCommonControlAdapterAccessor.GetGroupSid(azGroup01Name); string shareName; if (dynamicallyConfigurableShareExist) { object ace = DtypUtility.CreateAccessDeniedAce(sid, DtypUtility.ACCESS_MASK_STANDARD_RIGHTS_ALL | DtypUtility.ACCESS_MASK_SPECIFIC_RIGHTS_ALL, ACE_FLAGS.None); SetSecurityDescriptorOnDynamicallyConfigurableShare(ace); shareName = dynamicallyConfigurableShareName; } else { shareName = "AzShare04"; } BaseTestSite.Assert.IsFalse( AccessShare(shareName), "ACCESS_DENIED_ACE with user's group SID ({0}) exists in file Security Descriptor. User should be not able to access the share.", DtypUtility.ToSddlString(sid)); }