public void RemoveAuditRuleSpecific_NoMatchingRules_Succeeds()
{
var auditRuleReadWrite = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount,
FileSystemRights.Write | FileSystemRights.Read, AuditFlags.Success);
var fileSecurity = new FileSecurity();
fileSecurity.AddAuditRule(auditRuleReadWrite);
fileSecurity.RemoveAuditRuleSpecific(new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount,
FileSystemRights.Write, AuditFlags.Success));
AuthorizationRuleCollection rules =
fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount));
Assert.Equal(1, rules.Count);
var existingRule = (FileSystemAuditRule)rules[0];
Assert.Equal(FileSystemRights.Write | FileSystemRights.Read, existingRule.FileSystemRights);
}
public void RemoveAuditRuleSpecific_Succeeds()
{
var auditRuleReadWrite = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount,
FileSystemRights.Write | FileSystemRights.Read, AuditFlags.Success);
var auditRuleNetworkService = new FileSystemAuditRule(Helpers.s_NetworkServiceNTAccount,
FileSystemRights.Read, AuditFlags.Failure);
var fileSecurity = new FileSecurity();
fileSecurity.AddAuditRule(auditRuleReadWrite);
fileSecurity.AddAuditRule(auditRuleNetworkService);
fileSecurity.RemoveAuditRuleSpecific(auditRuleReadWrite);
AuthorizationRuleCollection rules =
fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount));
Assert.Equal(1, rules.Count);
var existingAuditRule = (FileSystemAuditRule)rules[0];
Assert.Equal(Helpers.s_NetworkServiceNTAccount, existingAuditRule.IdentityReference);
Assert.Equal(FileSystemRights.Read, existingAuditRule.FileSystemRights);
Assert.Equal(AuditFlags.Failure, existingAuditRule.AuditFlags);
}
