public void SetAuditRule_Succeeds()
{
var auditRuleAppendData = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount,
FileSystemRights.AppendData, AuditFlags.Success);
var auditRuleNetworkService = new FileSystemAuditRule(Helpers.s_NetworkServiceNTAccount,
FileSystemRights.CreateFiles, AuditFlags.Failure);
var auditRuleDelete = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount,
FileSystemRights.Delete, AuditFlags.Success);
var fileSecurity = new FileSecurity();
fileSecurity.AddAuditRule(auditRuleNetworkService);
fileSecurity.AddAuditRule(auditRuleAppendData);
fileSecurity.SetAuditRule(auditRuleDelete);
var auditRules = fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount));
Assert.Equal(2, auditRules.Count);
var firstAuditRule = (FileSystemAuditRule)auditRules[0];
Assert.Equal(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)), firstAuditRule.IdentityReference);
Assert.Equal(AuditFlags.Success, firstAuditRule.AuditFlags);
Assert.Equal(FileSystemRights.Delete, firstAuditRule.FileSystemRights);
var secondAuditRule = (FileSystemAuditRule)auditRules[1];
Assert.Equal(Helpers.s_NetworkServiceNTAccount, secondAuditRule.IdentityReference);
Assert.Equal(AuditFlags.Failure, secondAuditRule.AuditFlags);
Assert.Equal(FileSystemRights.CreateFiles, secondAuditRule.FileSystemRights);
}
public void SetAuditRule_Succeeds()
{
var auditRuleAppendData = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM",
FileSystemRights.AppendData, AuditFlags.Success);
var auditRuleNetworkService = new FileSystemAuditRule(@"NT AUTHORITY\Network Service",
FileSystemRights.CreateFiles, AuditFlags.Failure);
var auditRuleDelete = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM",
FileSystemRights.Delete, AuditFlags.Success);
var fileSecurity = new FileSecurity();
fileSecurity.AddAuditRule(auditRuleNetworkService);
fileSecurity.AddAuditRule(auditRuleAppendData);
fileSecurity.SetAuditRule(auditRuleDelete);
var auditRules = fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount));
Assert.Equal(2, auditRules.Count);
var firstAuditRule = (FileSystemAuditRule)auditRules[0];
Assert.Equal(new NTAccount(@"NT AUTHORITY\SYSTEM"), firstAuditRule.IdentityReference);
Assert.Equal(AuditFlags.Success, firstAuditRule.AuditFlags);
Assert.Equal(FileSystemRights.Delete, firstAuditRule.FileSystemRights);
var secondAuditRule = (FileSystemAuditRule)auditRules[1];
Assert.Equal(new NTAccount(@"NT AUTHORITY\Network Service"), secondAuditRule.IdentityReference);
Assert.Equal(AuditFlags.Failure, secondAuditRule.AuditFlags);
Assert.Equal(FileSystemRights.CreateFiles, secondAuditRule.FileSystemRights);
}
