1 // FileSecurityTest.cs - NUnit Test Cases for FileSecurity
4 // James Bellinger (jfb@zer7.com)
8 using System.Security.AccessControl;
9 using System.Security.Principal;
10 using NUnit.Framework;
12 namespace MonoTests.System.Security.AccessControl
15 public class FileSecurityTest
18 public void ChangeGroupToEveryone ()
20 FileSecurity security;
21 if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
25 string path = Path.GetTempFileName ();
27 SecurityIdentifier worldSid = new SecurityIdentifier ("WD");
29 security = File.GetAccessControl (path);
30 security.SetGroup (worldSid);
31 File.SetAccessControl (path, security);
33 security = File.GetAccessControl (path);
34 Assert.AreEqual (worldSid, security.GetGroup (typeof(SecurityIdentifier)));
41 public void ChangeAccessRules ()
43 FileSecurity security;
44 if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
48 string path = Path.GetTempFileName ();
50 // Add 'Everyone' to the access list.
51 SecurityIdentifier worldSid = new SecurityIdentifier ("WD");
53 security = File.GetAccessControl (path);
54 FileSystemAccessRule rule = new FileSystemAccessRule (worldSid,
55 FileSystemRights.FullControl,
56 AccessControlType.Allow);
57 security.AddAccessRule (rule);
58 File.SetAccessControl (path, security);
60 // Make sure 'Everyone' is *on* the access list.
61 // Let's use the SafeHandle overload to check it.
62 AuthorizationRuleCollection rules;
63 using (FileStream file = File.Open (path, FileMode.Open, FileAccess.Read)) {
64 security = file.GetAccessControl ();
65 rules = security.GetAccessRules (true, false, typeof (SecurityIdentifier));
67 Assert.AreEqual (1, rules.Count);
68 Assert.AreEqual (worldSid, rules[0].IdentityReference);
69 Assert.AreEqual (InheritanceFlags.None, rules[0].InheritanceFlags);
70 Assert.AreEqual (PropagationFlags.None, rules[0].PropagationFlags);
71 Assert.IsFalse (rules[0].IsInherited);
74 // Remove 'Everyone' from the access list.
75 security.RemoveAccessRuleSpecific (rule);
76 File.SetAccessControl (path, security);
78 // Make sure our non-inherited access control list is now empty.
79 security = File.GetAccessControl (path);
80 rules = security.GetAccessRules (true, false, typeof (SecurityIdentifier));
82 Assert.AreEqual (0, rules.Count);
88 [Test, ExpectedException (typeof (InvalidOperationException))]
89 public void EveryoneMayNotBeOwner ()
91 FileSecurity security;
92 if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
96 string path = Path.GetTempFileName ();
98 security = File.GetAccessControl (path);
99 security.SetOwner (new SecurityIdentifier ("WD"));
100 File.SetAccessControl (path, security);
101 // If we don't get an InvalidOperationException it could be that we are running
102 // with administrator privileges. Don't fail the test if that is the case.
103 WindowsIdentity identity = WindowsIdentity.GetCurrent ();
104 WindowsPrincipal principal = new WindowsPrincipal (identity);
105 if (principal.IsInRole (WindowsBuiltInRole.Administrator)) {
106 Assert.Ignore ("Running as Administrator");