public void SetAuditRule_Succeeds() { var auditRuleAppendData = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AuditFlags.Success); var auditRuleNetworkService = new FileSystemAuditRule(Helpers.s_NetworkServiceNTAccount, FileSystemRights.CreateFiles, AuditFlags.Failure); var auditRuleDelete = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Delete, AuditFlags.Success); var fileSecurity = new FileSecurity(); fileSecurity.AddAuditRule(auditRuleNetworkService); fileSecurity.AddAuditRule(auditRuleAppendData); fileSecurity.SetAuditRule(auditRuleDelete); var auditRules = fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount)); Assert.Equal(2, auditRules.Count); var firstAuditRule = (FileSystemAuditRule)auditRules[0]; Assert.Equal(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)), firstAuditRule.IdentityReference); Assert.Equal(AuditFlags.Success, firstAuditRule.AuditFlags); Assert.Equal(FileSystemRights.Delete, firstAuditRule.FileSystemRights); var secondAuditRule = (FileSystemAuditRule)auditRules[1]; Assert.Equal(Helpers.s_NetworkServiceNTAccount, secondAuditRule.IdentityReference); Assert.Equal(AuditFlags.Failure, secondAuditRule.AuditFlags); Assert.Equal(FileSystemRights.CreateFiles, secondAuditRule.FileSystemRights); }
public void SetAuditRule_Succeeds() { var auditRuleAppendData = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", FileSystemRights.AppendData, AuditFlags.Success); var auditRuleNetworkService = new FileSystemAuditRule(@"NT AUTHORITY\Network Service", FileSystemRights.CreateFiles, AuditFlags.Failure); var auditRuleDelete = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", FileSystemRights.Delete, AuditFlags.Success); var fileSecurity = new FileSecurity(); fileSecurity.AddAuditRule(auditRuleNetworkService); fileSecurity.AddAuditRule(auditRuleAppendData); fileSecurity.SetAuditRule(auditRuleDelete); var auditRules = fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount)); Assert.Equal(2, auditRules.Count); var firstAuditRule = (FileSystemAuditRule)auditRules[0]; Assert.Equal(new NTAccount(@"NT AUTHORITY\SYSTEM"), firstAuditRule.IdentityReference); Assert.Equal(AuditFlags.Success, firstAuditRule.AuditFlags); Assert.Equal(FileSystemRights.Delete, firstAuditRule.FileSystemRights); var secondAuditRule = (FileSystemAuditRule)auditRules[1]; Assert.Equal(new NTAccount(@"NT AUTHORITY\Network Service"), secondAuditRule.IdentityReference); Assert.Equal(AuditFlags.Failure, secondAuditRule.AuditFlags); Assert.Equal(FileSystemRights.CreateFiles, secondAuditRule.FileSystemRights); }