public void DeniedRight(FileSystemRights deniedRight)
{
AddFileDenyACE(TestFile.FullName, CurrentIdentity, deniedRight);
var rights = EffectiveAccess.ComputeAccess(TestFile.FullName, CurrentIdentity);
Assert.False(rights.HasFlag(deniedRight));
}
public void WhenGroupIsDeniedWrite()
{
IdentityRights rights = new IdentityRights {
Identity = Group, Rights = FileSystemRights.FullControl
};
var descriptor = CreateSecurityDescriptor(null, denyRights: new[] { rights });
var access = EffectiveAccess.ComputeAccess(descriptor, CurrentIdentity);
Assert.False(access.HasFlag(ACCESS_MASK.STANDARD_RIGHTS_ALL));
}
public void WhenGroupHasAllStandardRights()
{
var rights = new IdentityRights {
Identity = Group, Rights = FileSystemRights.FullControl
};
var descriptor = CreateSecurityDescriptor(new[] { rights });
var access = EffectiveAccess.ComputeAccess(descriptor, CurrentIdentity);
Assert.True(access.HasFlag(ACCESS_MASK.STANDARD_RIGHTS_ALL));
}
public void FullControlOfOwnedFile()
{
var rights = EffectiveAccess.ComputeAccess(TestFile.FullName, CurrentIdentity);
Assert.True(rights.HasFlag(FileSystemRights.FullControl));
}
