private static ReportedFileAccessData CreateReportedFileAccessData(ReportedFileAccess data, PathTable pathTable)
{
return(new ReportedFileAccessData
{
Path = string.IsNullOrWhiteSpace(data.Path) ? CreateString(data.ManifestPath, pathTable) : data.Path,
RequestedAccess = CreateString(data.RequestedAccess),
CreationDisposition = CreateString(data.CreationDisposition),
DesiredAccess = CreateString(data.DesiredAccess),
ShareMode = CreateString(data.ShareMode),
Status = CreateString(data.Status),
Operation = CreateString(data.Operation),
FlagsAndAttributes = CreateString(data.FlagsAndAttributes),
Error = data.Error,
Usn = data.Usn.Value,
ManifestPath = CreateString(data.ManifestPath, pathTable),
Process = data.Process.ProcessId,
ExplicitlyReported = data.ExplicitlyReported,
EnumeratePattern = data.EnumeratePattern,
IsOpenedHandleDirectory = data.IsOpenedHandleDirectory(),
OpenedFileOrDirectoryAttributes = CreateString(data.OpenedFileOrDirectoryAttributes)
});
}
public void ReportedFileAccessCreate()
{
var pathTable = new PathTable();
AbsolutePath file1 = AbsolutePath.Create(pathTable, A("t", "file1.txt"));
var process = new ReportedProcess(0, string.Empty);
ReportedFileAccess rfa1 = ReportedFileAccess.Create(
ReportedFileOperation.CreateFile,
process,
RequestedAccess.Read,
FileAccessStatus.Allowed,
true,
0,
ReportedFileAccess.NoUsn,
DesiredAccess.GENERIC_READ,
ShareMode.FILE_SHARE_NONE,
CreationDisposition.OPEN_ALWAYS,
FlagsAndAttributes.FILE_ATTRIBUTE_NORMAL,
file1);
XAssert.AreEqual(rfa1.Status, FileAccessStatus.Allowed);
XAssert.AreEqual(rfa1.ManifestPath, file1);
XAssert.AreEqual(rfa1.Path, null);
XAssert.AreEqual(A("t", "file1.txt"), rfa1.GetPath(pathTable));
XAssert.AreEqual(rfa1.OpenedFileOrDirectoryAttributes, (FlagsAndAttributes)FlagsAndAttributesConstants.InvalidFileAttributes);
XAssert.IsFalse(rfa1.IsOpenedHandleDirectory());
ReportedFileAccess rfa2 = ReportedFileAccess.Create(
ReportedFileOperation.CreateFile,
process,
RequestedAccess.Read,
FileAccessStatus.CannotDeterminePolicy,
true,
0,
new Usn(0),
DesiredAccess.GENERIC_READ,
ShareMode.FILE_SHARE_NONE,
CreationDisposition.OPEN_ALWAYS,
FlagsAndAttributes.FILE_ATTRIBUTE_NORMAL,
FlagsAndAttributes.FILE_ATTRIBUTE_DIRECTORY,
pathTable,
A("t", "file1.txt"));
XAssert.AreEqual(rfa2.Status, FileAccessStatus.CannotDeterminePolicy);
XAssert.AreEqual(rfa2.ManifestPath, file1);
XAssert.AreEqual(rfa2.Path, null);
XAssert.AreEqual(A("t", "file1.txt"), rfa2.GetPath(pathTable));
XAssert.AreEqual(rfa2.OpenedFileOrDirectoryAttributes, FlagsAndAttributes.FILE_ATTRIBUTE_DIRECTORY);
XAssert.IsTrue(rfa2.IsOpenedHandleDirectory());
ReportedFileAccess rfa3 = ReportedFileAccess.Create(
ReportedFileOperation.CreateFile,
process,
RequestedAccess.Read,
FileAccessStatus.Denied,
true,
0,
ReportedFileAccess.NoUsn,
DesiredAccess.GENERIC_READ,
ShareMode.FILE_SHARE_NONE,
CreationDisposition.OPEN_ALWAYS,
FlagsAndAttributes.FILE_ATTRIBUTE_NORMAL,
FlagsAndAttributes.FILE_ATTRIBUTE_NORMAL,
pathTable,
A("t", "file2.txt"));
XAssert.AreEqual(rfa3.Status, FileAccessStatus.Denied);
XAssert.AreEqual(rfa3.ManifestPath, AbsolutePath.Invalid);
XAssert.AreEqual(rfa3.Path, A("t", "file2.txt"));
XAssert.AreEqual(A("t", "file2.txt"), rfa3.GetPath(pathTable));
XAssert.AreEqual(rfa3.OpenedFileOrDirectoryAttributes, FlagsAndAttributes.FILE_ATTRIBUTE_NORMAL);
XAssert.IsFalse(rfa3.IsOpenedHandleDirectory());
}
