public void AddGroup_UsersRead()
{
using (var cleaner = new TestFileCleaner())
{
using (var handle = Storage.CreateFile(cleaner.GetTestPath(), CreationDisposition.CreateNew,
DesiredAccess.GenericReadWrite | DesiredAccess.WriteDac))
{
handle.IsInvalid.Should().BeFalse();
SID usersGroup = Security.CreateWellKnownSid(WellKnownSID.Users);
handle.ChangeAccess(usersGroup, FileAccessRights.GenericRead, AccessMode.Grant);
using (SecurityDescriptor descriptor = Storage.GetAccessControlList(handle))
{
List <ExplicitAccess> access = descriptor.GetExplicitEntriesFromAcl().ToList();
access.Count.Should().Be(1);
ExplicitAccess ea = access[0];
// Here you can see what the generic rights get translated to
((FileAccessRights)ea.Permissions).Should()
.Be(FileAccessRights.ReadData | FileAccessRights.ReadAttributes | FileAccessRights.ReadExtendedAttributes
| FileAccessRights.Synchronize | FileAccessRights.ReadControl);
ea.Inheritance.Should().Be(Inheritance.NoInheritance);
ea.Mode.Should().Be(AccessMode.Grant);
}
}
}
}
public void GetDiscrectionaryAclForCreatedFile()
{
using (var cleaner = new TestFileCleaner())
{
using (var handle = Storage.CreateFile(cleaner.GetTestPath(), CreationDisposition.CreateNew))
{
handle.IsInvalid.Should().BeFalse();
using (SecurityDescriptor descriptor = Storage.GetAccessControlList(handle))
{
List <ExplicitAccess> access = descriptor.GetExplicitEntriesFromAcl().ToList();
access.Count.Should().Be(0);
}
}
}
}
