1 // RegistrySecurityTest.cs - NUnit Test Cases for RegistrySecurity
4 // James Bellinger (jfb@zer7.com)
8 using System.Security.AccessControl;
9 using System.Security.Principal;
10 using Microsoft.Win32;
11 using NUnit.Framework;
13 namespace MonoTests.System.Security.AccessControl
16 public class RegistrySecurityTest
19 public void ChangeGroupToEveryone ()
21 string keyName = @"SOFTWARE\Mono RegistrySecurityTest ChangeGroupToEveryone";
23 RegistrySecurity security;
24 if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
25 Assert.Ignore (); return;
29 using (RegistryKey key = Registry.CurrentUser.CreateSubKey (keyName)) {
30 // Before we begin manipulating this, make sure we're in the right spot.
31 Assert.AreEqual (key.Name, @"HKEY_CURRENT_USER\" + keyName);
33 // Set the group to Everyone.
34 SecurityIdentifier worldSid = new SecurityIdentifier ("WD");
36 security = key.GetAccessControl ();
37 security.SetGroup (worldSid);
38 key.SetAccessControl (security);
40 // Make sure it actually became Everyone.
41 security = key.GetAccessControl ();
42 Assert.AreEqual (worldSid, security.GetGroup (typeof(SecurityIdentifier)));
45 Registry.CurrentUser.DeleteSubKey (keyName);
50 public void EveryoneCanRead ()
52 string keyName = @"Software\Mono RegistrySecurityTest EveryoneCanRead";
54 RegistrySecurity security;
55 if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
56 Assert.Ignore (); return;
60 using (RegistryKey key = Registry.CurrentUser.CreateSubKey (keyName)) {
61 AuthorizationRuleCollection explicitRules, inheritedRules;
63 // Before we begin manipulating this, make sure we're in the right spot.
64 Assert.AreEqual (key.Name, @"HKEY_CURRENT_USER\" + keyName);
66 // Let's add Everyone to the read list.
67 SecurityIdentifier worldSid = new SecurityIdentifier ("WD");
69 security = key.GetAccessControl ();
70 inheritedRules = security.GetAccessRules (false, true, typeof (SecurityIdentifier));
71 Assert.AreNotEqual (0, inheritedRules.Count);
72 explicitRules = security.GetAccessRules (true, false, typeof (SecurityIdentifier));
73 Assert.AreEqual (0, explicitRules.Count);
75 security.AddAccessRule (new RegistryAccessRule (worldSid,
76 RegistryRights.FullControl,
77 AccessControlType.Allow));
78 key.SetAccessControl (security);
80 // Verify that we have our permission!
81 security = key.GetAccessControl ();
82 inheritedRules = security.GetAccessRules (false, true, typeof (SecurityIdentifier));
83 Assert.AreNotEqual (0, inheritedRules.Count);
84 explicitRules = security.GetAccessRules (true, false, typeof (SecurityIdentifier));
85 Assert.AreEqual (1, explicitRules.Count);
87 RegistryAccessRule rule = (RegistryAccessRule)explicitRules [0];
88 Assert.AreEqual (AccessControlType.Allow, rule.AccessControlType);
89 Assert.AreEqual (worldSid, rule.IdentityReference);
90 Assert.AreEqual (InheritanceFlags.None, rule.InheritanceFlags);
91 Assert.AreEqual (PropagationFlags.None, rule.PropagationFlags);
92 Assert.AreEqual (RegistryRights.FullControl, rule.RegistryRights);
93 Assert.IsFalse (rule.IsInherited);
96 Registry.CurrentUser.DeleteSubKey (keyName);