File: FileSecurityTest.cs

package info (click to toggle)

mono 6.14.1%2Bds2-1

links: PTS, VCS
area: main
in suites: forky, sid
size: 1,282,732 kB
sloc: cs: 11,182,461; xml: 2,850,281; ansic: 699,123; cpp: 122,919; perl: 58,604; javascript: 30,841; asm: 21,845; makefile: 19,602; sh: 10,973; python: 4,772; pascal: 925; sql: 859; sed: 16; php: 1

file content (116 lines) | stat: -rw-r--r-- 3,565 bytes

parent folder | download | duplicates (5)

// FileSecurityTest.cs - NUnit Test Cases for FileSecurity
//
// Authors:
//	James Bellinger (jfb@zer7.com)

using System;
using System.IO;
using System.Security.AccessControl;
using System.Security.Principal;
using NUnit.Framework;

namespace MonoTests.System.Security.AccessControl
{
	[TestFixture]
	public class FileSecurityTest
	{
		[Test]
		public void ChangeGroupToEveryone ()
		{
			FileSecurity security;
			if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
				Assert.Ignore ();
			}

			string path = Path.GetTempFileName ();
			try {
				SecurityIdentifier worldSid = new SecurityIdentifier ("WD");

				security = File.GetAccessControl (path);
				security.SetGroup (worldSid);
				File.SetAccessControl (path, security);

				security = File.GetAccessControl (path);
				Assert.AreEqual (worldSid, security.GetGroup (typeof(SecurityIdentifier)));
			} finally {
				File.Delete (path);
			}
		}

		[Test]
		public void ChangeAccessRules ()
		{
			FileSecurity security;
			if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
				Assert.Ignore ();
			}

			string path = Path.GetTempFileName ();
			try {
				// Add 'Everyone' to the access list.
				SecurityIdentifier worldSid = new SecurityIdentifier ("WD");

				security = File.GetAccessControl (path);
				FileSystemAccessRule rule = new FileSystemAccessRule (worldSid,
				                                                      FileSystemRights.FullControl,
				                                                      AccessControlType.Allow);
				security.AddAccessRule (rule);
				File.SetAccessControl (path, security);

				// Make sure 'Everyone' is *on* the access list.
				// Let's use the SafeHandle overload to check it.
				AuthorizationRuleCollection rules;
				using (FileStream file = File.Open (path, FileMode.Open, FileAccess.Read)) {
					security = file.GetAccessControl ();
					rules = security.GetAccessRules (true, false, typeof (SecurityIdentifier));

					Assert.AreEqual (1, rules.Count);
					Assert.AreEqual (worldSid, rules[0].IdentityReference);
					Assert.AreEqual (InheritanceFlags.None, rules[0].InheritanceFlags);
					Assert.AreEqual (PropagationFlags.None, rules[0].PropagationFlags);
					Assert.IsFalse (rules[0].IsInherited);
				}

				// Remove 'Everyone' from the access list.
				security.RemoveAccessRuleSpecific (rule);
				File.SetAccessControl (path, security);

				// Make sure our non-inherited access control list is now empty.
				security = File.GetAccessControl (path);
				rules = security.GetAccessRules (true, false, typeof (SecurityIdentifier));

				Assert.AreEqual (0, rules.Count);
			} finally {
				File.Delete (path);
			}
		}

		[Test, ExpectedException (typeof (UnauthorizedAccessException))]
		public void EveryoneMayNotBeOwner ()
		{
			FileSecurity security;
			if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
				Assert.Ignore ();
			}

			string path = Path.GetTempFileName ();
			try {
				security = File.GetAccessControl (path);
				security.SetOwner (new SecurityIdentifier ("WD"));
				File.SetAccessControl (path, security);
				// If we don't get an InvalidOperationException it could be that we are running
				// with administrator privileges. Don't fail the test if that is the case.
				WindowsIdentity identity = WindowsIdentity.GetCurrent ();
				WindowsPrincipal principal = new WindowsPrincipal (identity);
				if (principal.IsInRole (WindowsBuiltInRole.Administrator)) {
					Assert.Ignore ("Running as Administrator");
				}
			} finally {
				File.Delete (path);
			}
		}

	}
}