2 // SecurityIdentifierTest.cs - NUnit Test Cases for SecurityIdentifier
9 using System.Security.Principal;
11 using NUnit.Framework;
13 namespace MonoTests.System.Security.Principal {
15 public class SecurityIdentifierTest : Assert {
17 [ExpectedException(typeof(ArgumentNullException))]
18 public void ConstructorNull ()
20 new SecurityIdentifier (null);
23 private void CheckStringCtor (string strValue, byte[] expectedBinary)
25 SecurityIdentifier sid = new SecurityIdentifier (strValue);
26 byte[] buffer = new byte[sid.BinaryLength];
27 sid.GetBinaryForm (buffer, 0);
29 Assert.AreEqual (expectedBinary.Length, buffer.Length, "SID length mismatch");
30 Assert.AreEqual (expectedBinary, buffer, "SIDs different in binary form");
33 private void CheckUnqualifiedWellKnownSid (WellKnownSidType type, string sddl)
35 SecurityIdentifier sid = new SecurityIdentifier (type, null);
36 Assert.AreEqual (sddl, sid.Value, "Bad SID for type: " + type);
39 private void CheckQualifiedWellKnownSid (WellKnownSidType type, SecurityIdentifier domain, string sddl)
41 SecurityIdentifier sid = new SecurityIdentifier (type, domain);
42 Assert.AreEqual (sddl, sid.Value, "Bad SID for type: " + type);
45 private void CheckWellKnownSidLookup (WellKnownSidType wellKnownSidType, string name)
47 Assert.AreEqual (name, ((NTAccount)new SecurityIdentifier (wellKnownSidType, null).Translate (typeof(NTAccount))).Value);
51 public void ConstructorString ()
53 CheckStringCtor ("S-1-0-0",
55 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
57 CheckStringCtor ("S-1-5-33",
59 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x21, 0x00,
61 CheckStringCtor ("s-1-5-334-234",
63 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x4E, 0x01,
64 0x00, 0x00, 0xEA, 0x00, 0x00, 0x00 });
65 CheckStringCtor ("S-1-5-0x3432",
67 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x32, 0x34,
69 CheckStringCtor ("S-1-0xCBA987654321-0",
71 0x01, 0x01, 0xCB, 0xA9, 0x87, 0x65, 0x43, 0x21, 0x00, 0x00,
76 public void ConstructorStringSddl ()
78 Assert.AreEqual ("S-1-5-32-545",
79 new SecurityIdentifier ("BU").Value);
83 [ExpectedException(typeof(ArgumentException))]
84 public void ConstructorStringBadRevision ()
86 CheckStringCtor ("S-2-0-0",
88 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
93 [ExpectedException(typeof(ArgumentException))]
94 public void ConstructorInvalidString ()
96 new SecurityIdentifier ("M");
100 public void ConstructorBinary ()
102 byte[] inForm = new byte[] {
103 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x4E, 0x01,
104 0x00, 0x00, 0xEA, 0x00, 0x00, 0x00 };
105 SecurityIdentifier sid = new SecurityIdentifier (inForm, 0);
107 byte[] outForm = new byte[inForm.Length];
108 sid.GetBinaryForm (outForm, 0);
109 Assert.AreEqual (inForm, outForm);
113 public void ConstructorWellKnownSids ()
115 CheckUnqualifiedWellKnownSid (WellKnownSidType.NullSid, "S-1-0-0");
116 CheckUnqualifiedWellKnownSid (WellKnownSidType.WorldSid, "S-1-1-0");
117 CheckUnqualifiedWellKnownSid (WellKnownSidType.LocalSid, "S-1-2-0");
118 CheckUnqualifiedWellKnownSid (WellKnownSidType.CreatorOwnerSid, "S-1-3-0");
119 CheckUnqualifiedWellKnownSid (WellKnownSidType.CreatorGroupSid, "S-1-3-1");
120 CheckUnqualifiedWellKnownSid (WellKnownSidType.CreatorOwnerServerSid, "S-1-3-2");
121 CheckUnqualifiedWellKnownSid (WellKnownSidType.CreatorGroupServerSid, "S-1-3-3");
122 CheckUnqualifiedWellKnownSid (WellKnownSidType.NTAuthoritySid, "S-1-5");
123 CheckUnqualifiedWellKnownSid (WellKnownSidType.DialupSid, "S-1-5-1");
124 CheckUnqualifiedWellKnownSid (WellKnownSidType.NetworkSid, "S-1-5-2");
125 CheckUnqualifiedWellKnownSid (WellKnownSidType.BatchSid, "S-1-5-3");
126 CheckUnqualifiedWellKnownSid (WellKnownSidType.InteractiveSid, "S-1-5-4");
127 CheckUnqualifiedWellKnownSid (WellKnownSidType.ServiceSid, "S-1-5-6");
128 CheckUnqualifiedWellKnownSid (WellKnownSidType.AnonymousSid, "S-1-5-7");
129 CheckUnqualifiedWellKnownSid (WellKnownSidType.ProxySid, "S-1-5-8");
130 CheckUnqualifiedWellKnownSid (WellKnownSidType.EnterpriseControllersSid, "S-1-5-9");
131 CheckUnqualifiedWellKnownSid (WellKnownSidType.SelfSid, "S-1-5-10");
132 CheckUnqualifiedWellKnownSid (WellKnownSidType.AuthenticatedUserSid, "S-1-5-11");
133 CheckUnqualifiedWellKnownSid (WellKnownSidType.RestrictedCodeSid, "S-1-5-12");
134 CheckUnqualifiedWellKnownSid (WellKnownSidType.TerminalServerSid, "S-1-5-13");
135 CheckUnqualifiedWellKnownSid (WellKnownSidType.RemoteLogonIdSid, "S-1-5-14");
136 CheckUnqualifiedWellKnownSid (WellKnownSidType.LocalSystemSid, "S-1-5-18");
137 CheckUnqualifiedWellKnownSid (WellKnownSidType.LocalServiceSid, "S-1-5-19");
138 CheckUnqualifiedWellKnownSid (WellKnownSidType.NetworkServiceSid, "S-1-5-20");
139 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinDomainSid, "S-1-5-32");
140 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinAdministratorsSid, "S-1-5-32-544");
141 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinUsersSid, "S-1-5-32-545");
142 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinGuestsSid, "S-1-5-32-546");
143 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPowerUsersSid, "S-1-5-32-547");
144 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinAccountOperatorsSid, "S-1-5-32-548");
145 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinSystemOperatorsSid, "S-1-5-32-549");
146 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPrintOperatorsSid, "S-1-5-32-550");
147 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinBackupOperatorsSid, "S-1-5-32-551");
148 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinReplicatorSid, "S-1-5-32-552");
149 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPreWindows2000CompatibleAccessSid, "S-1-5-32-554");
150 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinRemoteDesktopUsersSid, "S-1-5-32-555");
151 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinNetworkConfigurationOperatorsSid, "S-1-5-32-556");
152 CheckQualifiedWellKnownSid (WellKnownSidType.AccountAdministratorSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-500");
153 CheckQualifiedWellKnownSid (WellKnownSidType.AccountGuestSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-501");
154 CheckQualifiedWellKnownSid (WellKnownSidType.AccountKrbtgtSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-502");
155 CheckQualifiedWellKnownSid (WellKnownSidType.AccountDomainAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-512");
156 CheckQualifiedWellKnownSid (WellKnownSidType.AccountDomainUsersSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-513");
157 CheckQualifiedWellKnownSid (WellKnownSidType.AccountDomainGuestsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-514");
158 CheckQualifiedWellKnownSid (WellKnownSidType.AccountComputersSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-515");
159 CheckQualifiedWellKnownSid (WellKnownSidType.AccountControllersSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-516");
160 CheckQualifiedWellKnownSid (WellKnownSidType.AccountCertAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-517");
161 CheckQualifiedWellKnownSid (WellKnownSidType.AccountSchemaAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-518");
162 CheckQualifiedWellKnownSid (WellKnownSidType.AccountEnterpriseAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-519");
163 CheckQualifiedWellKnownSid (WellKnownSidType.AccountPolicyAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-520");
164 CheckQualifiedWellKnownSid (WellKnownSidType.AccountRasAndIasServersSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-553");
165 CheckUnqualifiedWellKnownSid (WellKnownSidType.NtlmAuthenticationSid, "S-1-5-64-10");
166 CheckUnqualifiedWellKnownSid (WellKnownSidType.DigestAuthenticationSid, "S-1-5-64-21");
167 CheckUnqualifiedWellKnownSid (WellKnownSidType.SChannelAuthenticationSid, "S-1-5-64-14");
168 CheckUnqualifiedWellKnownSid (WellKnownSidType.ThisOrganizationSid, "S-1-5-15");
169 CheckUnqualifiedWellKnownSid (WellKnownSidType.OtherOrganizationSid, "S-1-5-1000");
170 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinIncomingForestTrustBuildersSid, "S-1-5-32-557");
171 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPerformanceMonitoringUsersSid, "S-1-5-32-558");
172 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPerformanceLoggingUsersSid, "S-1-5-32-559");
173 CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinAuthorizationAccessSid, "S-1-5-32-560");
174 CheckUnqualifiedWellKnownSid (WellKnownSidType.WinBuiltinTerminalServerLicenseServersSid, "S-1-5-32-561");
175 CheckUnqualifiedWellKnownSid (WellKnownSidType.MaxDefined, "S-1-5-32-561");
179 [ExpectedException(typeof(ArgumentException))]
180 public void ConstructorWellKnownSidLogonIds ()
182 CheckQualifiedWellKnownSid (WellKnownSidType.LogonIdsSid,
183 new SecurityIdentifier ("S-1-5-21-125-3215-342"),
184 "S-1-5-21-125-3215-342-3");
188 public void AccountDomainSid ()
190 Assert.AreEqual ("S-1-5-21-125-3215-342", new SecurityIdentifier ("S-1-5-21-125-3215-342-324-1000").AccountDomainSid.Value);
191 Assert.AreEqual ("S-1-5-21-125-3215-342", new SecurityIdentifier ("S-1-5-21-125-3215-342-1000").AccountDomainSid.Value);
192 Assert.AreEqual ("S-1-5-21-125-3215-1", new SecurityIdentifier ("S-1-5-21-125-3215-1").AccountDomainSid.Value);
193 Assert.IsNull (new SecurityIdentifier ("S-1-5-21-125-1").AccountDomainSid);
194 Assert.IsNull (new SecurityIdentifier ("S-1-0-0").AccountDomainSid);
195 Assert.IsNull (new SecurityIdentifier ("S-1-5-44-125-3215-1").AccountDomainSid);
199 public void BinaryLength ()
201 Assert.AreEqual (12, new SecurityIdentifier ("S-1-0-0").BinaryLength);
207 Assert.AreEqual ("S-1-5-13362", new SecurityIdentifier ("s-1-5-0x3432").Value);
211 public void Equals ()
213 Assert.IsTrue (new SecurityIdentifier ("S-1-5-13362").Equals (new SecurityIdentifier ("s-1-5-0x3432")));
217 public void IsAccountSid ()
219 Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-324-1000").IsAccountSid ());
220 Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-1000").IsAccountSid ());
221 Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-1").IsAccountSid ());
222 Assert.IsFalse (new SecurityIdentifier ("S-1-5-21-125-1").IsAccountSid ());
223 Assert.IsFalse (new SecurityIdentifier ("S-1-0-0").IsAccountSid ());
227 public void IsEqualDomainSid ()
229 Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-1000").IsEqualDomainSid (new SecurityIdentifier ("S-1-5-21-125-3215-342-333")));
230 Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-1000").IsEqualDomainSid (new SecurityIdentifier ("S-1-5-21-125-3215-342-324-333")));
231 Assert.IsFalse (new SecurityIdentifier ("S-1-5-21-125-1").IsEqualDomainSid (new SecurityIdentifier ("S-1-5-21-125-2")));
232 Assert.IsFalse (new SecurityIdentifier ("S-1-0-0").IsEqualDomainSid (new SecurityIdentifier ("S-1-0-0")));
236 public void IsValidTargetType ()
238 Assert.IsTrue (new SecurityIdentifier ("S-1-0-0").IsValidTargetType (typeof(SecurityIdentifier)));
239 Assert.IsTrue (new SecurityIdentifier ("S-1-0-0").IsValidTargetType (typeof(NTAccount)));
240 Assert.IsFalse (new SecurityIdentifier ("S-1-0-0").IsValidTargetType (typeof(WindowsPrincipal)));
241 Assert.IsFalse (new SecurityIdentifier ("S-1-0-0").IsValidTargetType (typeof(WindowsIdentity)));
245 public void IsWellKnown ()
247 Assert.IsTrue (new SecurityIdentifier ("S-1-0-0").IsWellKnown (WellKnownSidType.NullSid));
248 Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-500").IsWellKnown (WellKnownSidType.AccountAdministratorSid));
249 Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-513").IsWellKnown (WellKnownSidType.AccountDomainUsersSid));
250 Assert.IsFalse (new SecurityIdentifier ("S-1-6-21-125-3215-342-513").IsWellKnown (WellKnownSidType.AccountDomainUsersSid));
251 Assert.IsFalse (new SecurityIdentifier ("S-1-5-22-125-3215-342-513").IsWellKnown (WellKnownSidType.AccountDomainUsersSid));
255 public void Translate ()
257 CheckWellKnownSidLookup (WellKnownSidType.NullSid, @"NULL SID");
258 CheckWellKnownSidLookup (WellKnownSidType.WorldSid, @"Everyone");
259 CheckWellKnownSidLookup (WellKnownSidType.LocalSid, @"LOCAL");
260 CheckWellKnownSidLookup (WellKnownSidType.CreatorOwnerSid, @"CREATOR OWNER");
261 CheckWellKnownSidLookup (WellKnownSidType.CreatorGroupSid, @"CREATOR GROUP");
262 CheckWellKnownSidLookup (WellKnownSidType.CreatorOwnerServerSid, @"CREATOR OWNER SERVER");
263 CheckWellKnownSidLookup (WellKnownSidType.CreatorGroupServerSid, @"CREATOR GROUP SERVER");
264 CheckWellKnownSidLookup (WellKnownSidType.DialupSid, @"NT AUTHORITY\DIALUP");
265 CheckWellKnownSidLookup (WellKnownSidType.NetworkSid, @"NT AUTHORITY\NETWORK");
266 CheckWellKnownSidLookup (WellKnownSidType.BatchSid, @"NT AUTHORITY\BATCH");
267 CheckWellKnownSidLookup (WellKnownSidType.InteractiveSid, @"NT AUTHORITY\INTERACTIVE");
268 CheckWellKnownSidLookup (WellKnownSidType.ServiceSid, @"NT AUTHORITY\SERVICE");
269 CheckWellKnownSidLookup (WellKnownSidType.AnonymousSid, @"NT AUTHORITY\ANONYMOUS LOGON");
270 CheckWellKnownSidLookup (WellKnownSidType.ProxySid, @"NT AUTHORITY\PROXY");
271 CheckWellKnownSidLookup (WellKnownSidType.EnterpriseControllersSid, @"NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS");
272 CheckWellKnownSidLookup (WellKnownSidType.SelfSid, @"NT AUTHORITY\SELF");
273 CheckWellKnownSidLookup (WellKnownSidType.AuthenticatedUserSid, @"NT AUTHORITY\Authenticated Users");
274 CheckWellKnownSidLookup (WellKnownSidType.RestrictedCodeSid, @"NT AUTHORITY\RESTRICTED");
275 CheckWellKnownSidLookup (WellKnownSidType.TerminalServerSid, @"NT AUTHORITY\TERMINAL SERVER USER");
276 CheckWellKnownSidLookup (WellKnownSidType.RemoteLogonIdSid, @"NT AUTHORITY\REMOTE INTERACTIVE LOGON");
277 CheckWellKnownSidLookup (WellKnownSidType.LocalSystemSid, @"NT AUTHORITY\SYSTEM");
278 CheckWellKnownSidLookup (WellKnownSidType.LocalServiceSid, @"NT AUTHORITY\LOCAL SERVICE");
279 CheckWellKnownSidLookup (WellKnownSidType.NetworkServiceSid, @"NT AUTHORITY\NETWORK SERVICE");
280 CheckWellKnownSidLookup (WellKnownSidType.BuiltinAdministratorsSid, @"BUILTIN\Administrators");
281 CheckWellKnownSidLookup (WellKnownSidType.BuiltinUsersSid, @"BUILTIN\Users");
282 CheckWellKnownSidLookup (WellKnownSidType.BuiltinGuestsSid, @"BUILTIN\Guests");
283 CheckWellKnownSidLookup (WellKnownSidType.NtlmAuthenticationSid, @"NT AUTHORITY\NTLM Authentication");
284 CheckWellKnownSidLookup (WellKnownSidType.DigestAuthenticationSid, @"NT AUTHORITY\Digest Authentication");
285 CheckWellKnownSidLookup (WellKnownSidType.SChannelAuthenticationSid, @"NT AUTHORITY\SChannel Authentication");
286 CheckWellKnownSidLookup (WellKnownSidType.ThisOrganizationSid, @"NT AUTHORITY\This Organization");
287 CheckWellKnownSidLookup (WellKnownSidType.OtherOrganizationSid, @"NT AUTHORITY\Other Organization");
288 CheckWellKnownSidLookup (WellKnownSidType.BuiltinPerformanceMonitoringUsersSid, @"BUILTIN\Performance Monitor Users");
289 CheckWellKnownSidLookup (WellKnownSidType.BuiltinPerformanceLoggingUsersSid, @"BUILTIN\Performance Log Users");
293 [ExpectedException(typeof(IdentityNotMappedException))]
294 public void TranslateUnknown ()
296 new SecurityIdentifier ("S-1-5-21-125-3215-342-513").Translate (typeof(NTAccount));
300 public void LengthLimits ()
302 Assert.AreEqual (8, SecurityIdentifier.MinBinaryLength);
303 Assert.AreEqual (68, SecurityIdentifier.MaxBinaryLength);