1 // CommonObjectSecurityTest.cs - NUnit Test Cases for CommonObjectSecurity
4 // James Bellinger <jfb@zer7.com>
6 // Copyright (C) 2012 James Bellinger
9 using System.Collections.Generic;
10 using System.Security.AccessControl;
11 using System.Security.Principal;
12 using NUnit.Framework;
14 namespace MonoTests.System.Security.AccessControl
17 public class CommonObjectSecurityTest
20 public void Defaults ()
22 TestSecurity security;
24 security = new TestSecurity (false);
25 Assert.IsFalse (security.IsContainerTest);
26 Assert.IsFalse (security.IsDSTest);
28 security = new TestSecurity (true);
29 Assert.IsTrue (security.IsContainerTest);
30 Assert.IsFalse (security.IsDSTest);
34 public void AddAndGetAccessRulesWorkAndMergeCorrectly ()
36 var security = new TestSecurity (false);
38 // CommonObjectSecurity does not appear to care at all about types on MS.NET.
39 // It just uses AccessMask, and then GetAccessRules uses the factory methods.
40 // So, the whole API is a mess of strong typing and repeated code backed by nothing.
41 Assert.IsFalse (security.modify_access_called);
43 SecurityIdentifier sid = new SecurityIdentifier (WellKnownSidType.WorldSid, null);
44 security.AddAccessRuleTest (new AccessRule<int> (sid, 2, AccessControlType.Allow));
45 security.AddAccessRuleTest (new AccessRule<TestRights> (sid, TestRights.One, AccessControlType.Allow));
46 security.AddAccessRuleTest (new AccessRule<int> (sid, 4, AccessControlType.Allow));
48 Assert.IsTrue (security.modify_access_called);
49 Assert.IsFalse (security.modify_access_rule_called);
50 Assert.IsFalse (security.modify_audit_called);
52 Assert.IsFalse (security.access_rule_factory_called);
53 AuthorizationRuleCollection rules1 = security.GetAccessRules (false, true, typeof (SecurityIdentifier));
54 Assert.IsFalse (security.access_rule_factory_called);
55 Assert.AreEqual (0, rules1.Count);
57 Assert.IsFalse (security.access_rule_factory_called);
58 AuthorizationRuleCollection rules2 = security.GetAccessRules (true, true, typeof (SecurityIdentifier));
59 Assert.IsTrue (security.access_rule_factory_called);
60 Assert.AreEqual (1, rules2.Count);
62 Assert.IsInstanceOfType (typeof (AccessRule<TestRights>), rules2[0]);
63 AccessRule<TestRights> rule = (AccessRule<TestRights>)rules2[0];
64 Assert.AreEqual ((TestRights)7, rule.Rights);
68 public void AddAndPurgeWorks ()
70 TestSecurity security = new TestSecurity (false);
72 NTAccount nta1 = new NTAccount(@"BUILTIN\Users");
73 NTAccount nta2 = new NTAccount(@"BUILTIN\Administrators");
74 security.AddAccessRuleTest (new AccessRule<TestRights> (nta1, TestRights.One, AccessControlType.Allow));
75 security.AddAccessRuleTest (new AccessRule<TestRights> (nta2, TestRights.One, AccessControlType.Allow));
77 AuthorizationRuleCollection rules1 = security.GetAccessRules (true, true, typeof (NTAccount));
78 Assert.AreEqual (2, rules1.Count);
80 security.PurgeAccessRules (nta1);
81 AuthorizationRuleCollection rules2 = security.GetAccessRules (true, true, typeof (NTAccount));
82 Assert.AreEqual (1, rules2.Count);
83 Assert.IsInstanceOfType (typeof (AccessRule<TestRights>), rules2[0]);
84 AccessRule<TestRights> rule = (AccessRule<TestRights>)rules2[0];
85 Assert.AreEqual (nta2, rule.IdentityReference);
89 public void ResetAccessRuleCausesExactlyOneModifyAccessCall ()
91 TestSecurity security = new TestSecurity (false);
92 SecurityIdentifier sid = new SecurityIdentifier ("WD");
93 security.ResetAccessRuleTest (new AccessRule<TestRights> (sid, TestRights.One, AccessControlType.Allow));
94 Assert.AreEqual (1, security.modify_access_called_count);
102 class TestSecurity : CommonObjectSecurity
104 public bool access_rule_factory_called;
105 public bool audit_rule_factory_called;
106 public bool modify_access_called;
107 public int modify_access_called_count;
108 public bool modify_access_rule_called;
109 public bool modify_audit_called;
110 public bool modify_audit_rule_called;
112 public TestSecurity (bool isContainer)
117 public bool IsContainerTest {
118 get { return IsContainer; }
121 public bool IsDSTest {
125 public void AddAccessRuleTest (AccessRule rule)
127 AddAccessRule (rule);
130 public void AddAuditRuleTest (AuditRule rule)
135 public bool RemoveAccessRuleTest (AccessRule rule)
137 return RemoveAccessRule (rule);
140 public void RemoveAccessRuleAllTest (AccessRule rule)
142 RemoveAccessRuleAll (rule);
145 public void RemoveAccessRuleSpecificTest (AccessRule rule)
147 RemoveAccessRuleSpecific (rule);
150 public void ResetAccessRuleTest (AccessRule rule)
152 ResetAccessRule (rule);
155 public override AccessRule AccessRuleFactory (IdentityReference identityReference,
156 int accessMask, bool isInherited,
157 InheritanceFlags inheritanceFlags,
158 PropagationFlags propagationFlags,
159 AccessControlType type)
161 access_rule_factory_called = true;
162 return new AccessRule<TestRights> (identityReference, (TestRights)accessMask,
163 inheritanceFlags, propagationFlags, type);
166 public override AuditRule AuditRuleFactory (IdentityReference identityReference,
167 int accessMask, bool isInherited,
168 InheritanceFlags inheritanceFlags,
169 PropagationFlags propagationFlags,
172 audit_rule_factory_called = true;
173 return new AuditRule<TestRights> (identityReference, (TestRights)accessMask,
174 inheritanceFlags, propagationFlags, flags);
177 public override bool ModifyAccessRule (AccessControlModification modification,
178 AccessRule rule, out bool modified)
180 modify_access_rule_called = true;
181 return base.ModifyAccessRule (modification, rule, out modified);
184 protected override bool ModifyAccess (AccessControlModification modification,
185 AccessRule rule, out bool modified)
187 modify_access_called = true;
188 modify_access_called_count ++;
189 return base.ModifyAccess (modification, rule, out modified);
192 public override bool ModifyAuditRule (AccessControlModification modification,
193 AuditRule rule, out bool modified)
195 modify_audit_rule_called = true;
196 return base.ModifyAuditRule (modification, rule, out modified);
199 protected override bool ModifyAudit (AccessControlModification modification,
200 AuditRule rule, out bool modified)
202 modify_audit_called = true;
203 return base.ModifyAudit (modification, rule, out modified);
206 public override Type AccessRightType {
207 get { return typeof (TestRights); }
210 public override Type AccessRuleType {
211 get { return typeof (AccessRule<TestRights>); }
214 public override Type AuditRuleType {
215 get { return typeof (AuditRule<TestRights>); }