コード例 #1
0
        public void AddAndPurgeWorks()
        {
            TestSecurity security = new TestSecurity(false);

            NTAccount nta1 = new NTAccount(@"BUILTIN\Users");
            NTAccount nta2 = new NTAccount(@"BUILTIN\Administrators");

            security.AddAccessRuleTest(new TestAccessRule <TestRights> (nta1, TestRights.One,
                                                                        AccessControlType.Allow));
            security.AddAccessRuleTest(new TestAccessRule <TestRights> (nta2, TestRights.One,
                                                                        AccessControlType.Allow));

            AuthorizationRuleCollection rules1 = security.GetAccessRules(true, true, typeof(NTAccount));

            Assert.AreEqual(2, rules1.Count);

            security.PurgeAccessRules(nta1);
            AuthorizationRuleCollection rules2 = security.GetAccessRules(true, true, typeof(NTAccount));

            Assert.AreEqual(1, rules2.Count);
            Assert.IsInstanceOfType(typeof(TestAccessRule <TestRights>), rules2[0]);
            TestAccessRule <TestRights> rule = (TestAccessRule <TestRights>)rules2[0];

            Assert.AreEqual(nta2, rule.IdentityReference);
        }
コード例 #2
0
        public void AddAndGetAccessRulesWorkAndMergeCorrectly()
        {
            var security = new TestSecurity(false);

            // CommonObjectSecurity does not appear to care at all about types on MS.NET.
            // It just uses AccessMask, and then GetAccessRules uses the factory methods.
            // So, the whole API is a mess of strong typing and repeated code backed by nothing.
            Assert.IsFalse(security.modify_access_called);

            SecurityIdentifier sid = new SecurityIdentifier(WellKnownSidType.WorldSid, null);

            security.AddAccessRuleTest(new TestAccessRule <int> (sid, 2, AccessControlType.Allow));
            security.AddAccessRuleTest(new TestAccessRule <TestRights> (sid, TestRights.One, AccessControlType.Allow));
            security.AddAccessRuleTest(new TestAccessRule <int> (sid, 4, AccessControlType.Allow));

            Assert.IsTrue(security.modify_access_called);
            Assert.IsFalse(security.modify_access_rule_called);
            Assert.IsFalse(security.modify_audit_called);

            Assert.IsFalse(security.access_rule_factory_called);
            AuthorizationRuleCollection rules1 = security.GetAccessRules(false, true, typeof(SecurityIdentifier));

            Assert.IsFalse(security.access_rule_factory_called);
            Assert.AreEqual(0, rules1.Count);

            Assert.IsFalse(security.access_rule_factory_called);
            AuthorizationRuleCollection rules2 = security.GetAccessRules(true, true, typeof(SecurityIdentifier));

            Assert.IsTrue(security.access_rule_factory_called);
            Assert.AreEqual(1, rules2.Count);

            Assert.IsInstanceOfType(typeof(TestAccessRule <TestRights>), rules2[0]);
            TestAccessRule <TestRights> rule = (TestAccessRule <TestRights>)rules2[0];

            Assert.AreEqual((TestRights)7, rule.Rights);
        }
コード例 #3
0
        TestSecurity FactoryCallTest(bool objectAce)
        {
            SecurityIdentifier sid  = new SecurityIdentifier("WD");
            DiscretionaryAcl   dacl = new DiscretionaryAcl(true, true, 1);

            dacl.AddAccess(AccessControlType.Allow, sid, 1,
                           InheritanceFlags.None, PropagationFlags.None,
                           objectAce ? ObjectAceFlags.ObjectAceTypePresent : ObjectAceFlags.None,
                           Guid.NewGuid(), Guid.Empty);

            CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor
                                                      (true, true, ControlFlags.None, null, null, null, dacl);

            TestSecurity security = new TestSecurity(descriptor);

            security.GetAccessRules(true, true, typeof(SecurityIdentifier));
            return(security);
        }
コード例 #4
0
        [Category("NotWorking")]          // Mono does not have a working CustomAce implementation yet.
        public void ObjectSecurityRemovesWhatItCannotCreate()
        {
            RawAcl acl = new RawAcl(GenericAcl.AclRevision, 1);

            acl.InsertAce(0, new CustomAce((AceType)255, AceFlags.None, new byte[4]));

            DiscretionaryAcl dacl = new DiscretionaryAcl(true, true, acl);

            Assert.AreEqual(1, dacl.Count);

            CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor
                                                      (true, true, ControlFlags.None, null, null, null, dacl);

            TestSecurity security             = new TestSecurity(descriptor);
            AuthorizationRuleCollection rules = security.GetAccessRules(true, true, typeof(SecurityIdentifier));

            Assert.AreEqual(0, rules.Count);
        }
コード例 #5
0
		TestSecurity FactoryCallTest (bool objectAce)
		{
			SecurityIdentifier sid = new SecurityIdentifier ("WD");
			DiscretionaryAcl dacl = new DiscretionaryAcl (true, true, 1);
			dacl.AddAccess (AccessControlType.Allow, sid, 1,
			                InheritanceFlags.None, PropagationFlags.None,
			                objectAce ? ObjectAceFlags.ObjectAceTypePresent : ObjectAceFlags.None,
			                Guid.NewGuid (), Guid.Empty);

			CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor
				(true, true, ControlFlags.None, null, null, null, dacl);

			TestSecurity security = new TestSecurity (descriptor);
			security.GetAccessRules (true, true, typeof (SecurityIdentifier));
			return security;
		}
コード例 #6
0
		[Category ("NotWorking")] // Mono does not have a working CustomAce implementation yet.
		public void ObjectSecurityRemovesWhatItCannotCreate ()
		{
			RawAcl acl = new RawAcl (GenericAcl.AclRevision, 1);
			acl.InsertAce (0, new CustomAce ((AceType)255, AceFlags.None, new byte[4]));

			DiscretionaryAcl dacl = new DiscretionaryAcl (true, true, acl);
			Assert.AreEqual (1, dacl.Count);

			CommonSecurityDescriptor descriptor = new CommonSecurityDescriptor
				(true, true, ControlFlags.None, null, null, null, dacl);

			TestSecurity security = new TestSecurity (descriptor);
			AuthorizationRuleCollection rules = security.GetAccessRules (true, true, typeof (SecurityIdentifier));
			Assert.AreEqual (0, rules.Count);
		}