mcs/class/corlib/Test/System.Security.Principal/SecurityIdentifierTest.cs

   1 //
   2 // SecurityIdentifierTest.cs - NUnit Test Cases for SecurityIdentifier
   3 //
   4 // Author:
   5 //      Kenneth Bell
   6 //
   7
   8 using System;
   9 using System.Security.Principal;
  10 using System.Text;
  11 using NUnit.Framework;
  12
  13 namespace MonoTests.System.Security.Principal {
  14         [TestFixture]
  15         public class SecurityIdentifierTest : Assert {
  16                 [Test]
  17                 [ExpectedException(typeof(ArgumentNullException))]
  18                 public void ConstructorNull ()
  19                 {
  20                         new SecurityIdentifier (null);
  21                 }
  22
  23                 private void CheckStringCtor (string strValue, byte[] expectedBinary)
  24                 {
  25                         SecurityIdentifier sid = new SecurityIdentifier (strValue);
  26                         byte[] buffer = new byte[sid.BinaryLength];
  27                         sid.GetBinaryForm (buffer, 0);
  28
  29                         Assert.AreEqual (expectedBinary.Length, buffer.Length, "SID length mismatch");
  30                         Assert.AreEqual (expectedBinary, buffer, "SIDs different in binary form");
  31                 }
  32
  33                 private void CheckUnqualifiedWellKnownSid (WellKnownSidType type, string sddl)
  34                 {
  35                         SecurityIdentifier sid = new SecurityIdentifier (type, null);
  36                         Assert.AreEqual (sddl, sid.Value, "Bad SID for type: " + type);
  37                 }
  38
  39                 private void CheckQualifiedWellKnownSid (WellKnownSidType type, SecurityIdentifier domain, string sddl)
  40                 {
  41                         SecurityIdentifier sid = new SecurityIdentifier (type, domain);
  42                         Assert.AreEqual (sddl, sid.Value, "Bad SID for type: " + type);
  43                 }
  44
  45                 private void CheckWellKnownSidLookup (WellKnownSidType wellKnownSidType, string name)
  46                 {
  47                         Assert.AreEqual (name, ((NTAccount)new SecurityIdentifier (wellKnownSidType, null).Translate (typeof(NTAccount))).Value);
  48                 }
  49
  50                 [Test]
  51                 public void ConstructorString ()
  52                 {
  53                         CheckStringCtor ("S-1-0-0",
  54                                          new byte[] {
  55                                 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  56                                 0x00, 0x00 });
  57                         CheckStringCtor ("S-1-5-33",
  58                                          new byte[] {
  59                                 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x21, 0x00,
  60                                 0x00, 0x00 });
  61                         CheckStringCtor ("s-1-5-334-234",
  62                                          new byte[] {
  63                                 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x4E, 0x01,
  64                                 0x00, 0x00, 0xEA, 0x00, 0x00, 0x00 });
  65                         CheckStringCtor ("S-1-5-0x3432",
  66                                          new byte[] {
  67                                 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x32, 0x34,
  68                                 0x00, 0x00 });
  69                         CheckStringCtor ("S-1-0xCBA987654321-0",
  70                                          new byte[] {
  71                                 0x01, 0x01, 0xCB, 0xA9, 0x87, 0x65, 0x43, 0x21, 0x00, 0x00,
  72                                 0x00, 0x00 });
  73                 }
  74
  75                 [Test]
  76                 public void ConstructorStringSddl ()
  77                 {
  78                         Assert.AreEqual ("S-1-5-32-545",
  79                                          new SecurityIdentifier ("BU").Value);
  80                 }
  81
  82                 [Test]
  83                 [ExpectedException(typeof(ArgumentException))]
  84                 public void ConstructorStringBadRevision ()
  85                 {
  86                         CheckStringCtor ("S-2-0-0",
  87                                          new byte[] {
  88                                 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  89                                 0x00, 0x00 });
  90                 }
  91
  92                 [Test]
  93                 [ExpectedException(typeof(ArgumentException))]
  94                 public void ConstructorInvalidString ()
  95                 {
  96                         new SecurityIdentifier ("M");
  97                 }
  98
  99                 [Test]
 100                 public void ConstructorBinary ()
 101                 {
 102                         byte[] inForm = new byte[] {
 103                                 0x01, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x4E, 0x01,
 104                                 0x00, 0x00, 0xEA, 0x00, 0x00, 0x00 };
 105                         SecurityIdentifier sid = new SecurityIdentifier (inForm, 0);
 106
 107                         byte[] outForm = new byte[inForm.Length];
 108                         sid.GetBinaryForm (outForm, 0);
 109                         Assert.AreEqual (inForm, outForm);
 110                 }
 111
 112                 [Test]
 113                 public void ConstructorWellKnownSids ()
 114                 {
 115                         CheckUnqualifiedWellKnownSid (WellKnownSidType.NullSid, "S-1-0-0");
 116                         CheckUnqualifiedWellKnownSid (WellKnownSidType.WorldSid, "S-1-1-0");
 117                         CheckUnqualifiedWellKnownSid (WellKnownSidType.LocalSid, "S-1-2-0");
 118                         CheckUnqualifiedWellKnownSid (WellKnownSidType.CreatorOwnerSid, "S-1-3-0");
 119                         CheckUnqualifiedWellKnownSid (WellKnownSidType.CreatorGroupSid, "S-1-3-1");
 120                         CheckUnqualifiedWellKnownSid (WellKnownSidType.CreatorOwnerServerSid, "S-1-3-2");
 121                         CheckUnqualifiedWellKnownSid (WellKnownSidType.CreatorGroupServerSid, "S-1-3-3");
 122                         CheckUnqualifiedWellKnownSid (WellKnownSidType.NTAuthoritySid, "S-1-5");
 123                         CheckUnqualifiedWellKnownSid (WellKnownSidType.DialupSid, "S-1-5-1");
 124                         CheckUnqualifiedWellKnownSid (WellKnownSidType.NetworkSid, "S-1-5-2");
 125                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BatchSid, "S-1-5-3");
 126                         CheckUnqualifiedWellKnownSid (WellKnownSidType.InteractiveSid, "S-1-5-4");
 127                         CheckUnqualifiedWellKnownSid (WellKnownSidType.ServiceSid, "S-1-5-6");
 128                         CheckUnqualifiedWellKnownSid (WellKnownSidType.AnonymousSid, "S-1-5-7");
 129                         CheckUnqualifiedWellKnownSid (WellKnownSidType.ProxySid, "S-1-5-8");
 130                         CheckUnqualifiedWellKnownSid (WellKnownSidType.EnterpriseControllersSid, "S-1-5-9");
 131                         CheckUnqualifiedWellKnownSid (WellKnownSidType.SelfSid, "S-1-5-10");
 132                         CheckUnqualifiedWellKnownSid (WellKnownSidType.AuthenticatedUserSid, "S-1-5-11");
 133                         CheckUnqualifiedWellKnownSid (WellKnownSidType.RestrictedCodeSid, "S-1-5-12");
 134                         CheckUnqualifiedWellKnownSid (WellKnownSidType.TerminalServerSid, "S-1-5-13");
 135                         CheckUnqualifiedWellKnownSid (WellKnownSidType.RemoteLogonIdSid, "S-1-5-14");
 136                         CheckUnqualifiedWellKnownSid (WellKnownSidType.LocalSystemSid, "S-1-5-18");
 137                         CheckUnqualifiedWellKnownSid (WellKnownSidType.LocalServiceSid, "S-1-5-19");
 138                         CheckUnqualifiedWellKnownSid (WellKnownSidType.NetworkServiceSid, "S-1-5-20");
 139                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinDomainSid, "S-1-5-32");
 140                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinAdministratorsSid, "S-1-5-32-544");
 141                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinUsersSid, "S-1-5-32-545");
 142                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinGuestsSid, "S-1-5-32-546");
 143                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPowerUsersSid, "S-1-5-32-547");
 144                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinAccountOperatorsSid, "S-1-5-32-548");
 145                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinSystemOperatorsSid, "S-1-5-32-549");
 146                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPrintOperatorsSid, "S-1-5-32-550");
 147                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinBackupOperatorsSid, "S-1-5-32-551");
 148                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinReplicatorSid, "S-1-5-32-552");
 149                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPreWindows2000CompatibleAccessSid, "S-1-5-32-554");
 150                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinRemoteDesktopUsersSid, "S-1-5-32-555");
 151                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinNetworkConfigurationOperatorsSid, "S-1-5-32-556");
 152                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountAdministratorSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-500");
 153                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountGuestSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-501");
 154                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountKrbtgtSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-502");
 155                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountDomainAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-512");
 156                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountDomainUsersSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-513");
 157                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountDomainGuestsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-514");
 158                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountComputersSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-515");
 159                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountControllersSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-516");
 160                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountCertAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-517");
 161                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountSchemaAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-518");
 162                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountEnterpriseAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-519");
 163                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountPolicyAdminsSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-520");
 164                         CheckQualifiedWellKnownSid (WellKnownSidType.AccountRasAndIasServersSid, new SecurityIdentifier ("S-1-5-21-125-3215-342"), "S-1-5-21-125-3215-342-553");
 165                         CheckUnqualifiedWellKnownSid (WellKnownSidType.NtlmAuthenticationSid, "S-1-5-64-10");
 166                         CheckUnqualifiedWellKnownSid (WellKnownSidType.DigestAuthenticationSid, "S-1-5-64-21");
 167                         CheckUnqualifiedWellKnownSid (WellKnownSidType.SChannelAuthenticationSid, "S-1-5-64-14");
 168                         CheckUnqualifiedWellKnownSid (WellKnownSidType.ThisOrganizationSid, "S-1-5-15");
 169                         CheckUnqualifiedWellKnownSid (WellKnownSidType.OtherOrganizationSid, "S-1-5-1000");
 170                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinIncomingForestTrustBuildersSid, "S-1-5-32-557");
 171                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPerformanceMonitoringUsersSid, "S-1-5-32-558");
 172                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinPerformanceLoggingUsersSid, "S-1-5-32-559");
 173                         CheckUnqualifiedWellKnownSid (WellKnownSidType.BuiltinAuthorizationAccessSid, "S-1-5-32-560");
 174                         CheckUnqualifiedWellKnownSid (WellKnownSidType.WinBuiltinTerminalServerLicenseServersSid, "S-1-5-32-561");
 175                         CheckUnqualifiedWellKnownSid (WellKnownSidType.MaxDefined, "S-1-5-32-561");
 176                 }
 177
 178                 [Test]
 179                 [ExpectedException(typeof(ArgumentException))]
 180                 public void ConstructorWellKnownSidLogonIds ()
 181                 {
 182                         CheckQualifiedWellKnownSid (WellKnownSidType.LogonIdsSid,
 183                                                     new SecurityIdentifier ("S-1-5-21-125-3215-342"),
 184                                                     "S-1-5-21-125-3215-342-3");
 185                 }
 186
 187                 [Test]
 188                 public void AccountDomainSid ()
 189                 {
 190                         Assert.AreEqual ("S-1-5-21-125-3215-342", new SecurityIdentifier ("S-1-5-21-125-3215-342-324-1000").AccountDomainSid.Value);
 191                         Assert.AreEqual ("S-1-5-21-125-3215-342", new SecurityIdentifier ("S-1-5-21-125-3215-342-1000").AccountDomainSid.Value);
 192                         Assert.AreEqual ("S-1-5-21-125-3215-1", new SecurityIdentifier ("S-1-5-21-125-3215-1").AccountDomainSid.Value);
 193                         Assert.IsNull (new SecurityIdentifier ("S-1-5-21-125-1").AccountDomainSid);
 194                         Assert.IsNull (new SecurityIdentifier ("S-1-0-0").AccountDomainSid);
 195                         Assert.IsNull (new SecurityIdentifier ("S-1-5-44-125-3215-1").AccountDomainSid);
 196                 }
 197
 198                 [Test]
 199                 public void BinaryLength ()
 200                 {
 201                         Assert.AreEqual (12, new SecurityIdentifier ("S-1-0-0").BinaryLength);
 202                 }
 203
 204                 [Test]
 205                 public void Value ()
 206                 {
 207                         Assert.AreEqual ("S-1-5-13362", new SecurityIdentifier ("s-1-5-0x3432").Value);
 208                 }
 209
 210                 [Test]
 211                 public void Equals ()
 212                 {
 213                         Assert.IsTrue (new SecurityIdentifier ("S-1-5-13362").Equals (new SecurityIdentifier ("s-1-5-0x3432")));
 214                 }
 215
 216                 [Test]
 217                 public void IsAccountSid ()
 218                 {
 219                         Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-324-1000").IsAccountSid ());
 220                         Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-1000").IsAccountSid ());
 221                         Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-1").IsAccountSid ());
 222                         Assert.IsFalse (new SecurityIdentifier ("S-1-5-21-125-1").IsAccountSid ());
 223                         Assert.IsFalse (new SecurityIdentifier ("S-1-0-0").IsAccountSid ());
 224                 }
 225
 226                 [Test]
 227                 public void IsEqualDomainSid ()
 228                 {
 229                         Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-1000").IsEqualDomainSid (new SecurityIdentifier ("S-1-5-21-125-3215-342-333")));
 230                         Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-1000").IsEqualDomainSid (new SecurityIdentifier ("S-1-5-21-125-3215-342-324-333")));
 231                         Assert.IsFalse (new SecurityIdentifier ("S-1-5-21-125-1").IsEqualDomainSid (new SecurityIdentifier ("S-1-5-21-125-2")));
 232                         Assert.IsFalse (new SecurityIdentifier ("S-1-0-0").IsEqualDomainSid (new SecurityIdentifier ("S-1-0-0")));
 233                 }
 234
 235                 [Test]
 236                 public void IsValidTargetType ()
 237                 {
 238                         Assert.IsTrue (new SecurityIdentifier ("S-1-0-0").IsValidTargetType (typeof(SecurityIdentifier)));
 239                         Assert.IsTrue (new SecurityIdentifier ("S-1-0-0").IsValidTargetType (typeof(NTAccount)));
 240                         Assert.IsFalse (new SecurityIdentifier ("S-1-0-0").IsValidTargetType (typeof(WindowsPrincipal)));
 241                         Assert.IsFalse (new SecurityIdentifier ("S-1-0-0").IsValidTargetType (typeof(WindowsIdentity)));
 242                 }
 243
 244                 [Test]
 245                 public void IsWellKnown ()
 246                 {
 247                         Assert.IsTrue (new SecurityIdentifier ("S-1-0-0").IsWellKnown (WellKnownSidType.NullSid));
 248                         Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-500").IsWellKnown (WellKnownSidType.AccountAdministratorSid));
 249                         Assert.IsTrue (new SecurityIdentifier ("S-1-5-21-125-3215-342-513").IsWellKnown (WellKnownSidType.AccountDomainUsersSid));
 250                         Assert.IsFalse (new SecurityIdentifier ("S-1-6-21-125-3215-342-513").IsWellKnown (WellKnownSidType.AccountDomainUsersSid));
 251                         Assert.IsFalse (new SecurityIdentifier ("S-1-5-22-125-3215-342-513").IsWellKnown (WellKnownSidType.AccountDomainUsersSid));
 252                 }
 253
 254                 [Test]
 255                 public void Translate ()
 256                 {
 257                         CheckWellKnownSidLookup (WellKnownSidType.NullSid, @"NULL SID");
 258                         CheckWellKnownSidLookup (WellKnownSidType.WorldSid, @"Everyone");
 259                         CheckWellKnownSidLookup (WellKnownSidType.LocalSid, @"LOCAL");
 260                         CheckWellKnownSidLookup (WellKnownSidType.CreatorOwnerSid, @"CREATOR OWNER");
 261                         CheckWellKnownSidLookup (WellKnownSidType.CreatorGroupSid, @"CREATOR GROUP");
 262                         CheckWellKnownSidLookup (WellKnownSidType.CreatorOwnerServerSid, @"CREATOR OWNER SERVER");
 263                         CheckWellKnownSidLookup (WellKnownSidType.CreatorGroupServerSid, @"CREATOR GROUP SERVER");
 264                         CheckWellKnownSidLookup (WellKnownSidType.DialupSid, @"NT AUTHORITY\DIALUP");
 265                         CheckWellKnownSidLookup (WellKnownSidType.NetworkSid, @"NT AUTHORITY\NETWORK");
 266                         CheckWellKnownSidLookup (WellKnownSidType.BatchSid, @"NT AUTHORITY\BATCH");
 267                         CheckWellKnownSidLookup (WellKnownSidType.InteractiveSid, @"NT AUTHORITY\INTERACTIVE");
 268                         CheckWellKnownSidLookup (WellKnownSidType.ServiceSid, @"NT AUTHORITY\SERVICE");
 269                         CheckWellKnownSidLookup (WellKnownSidType.AnonymousSid, @"NT AUTHORITY\ANONYMOUS LOGON");
 270                         CheckWellKnownSidLookup (WellKnownSidType.ProxySid, @"NT AUTHORITY\PROXY");
 271                         CheckWellKnownSidLookup (WellKnownSidType.EnterpriseControllersSid, @"NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS");
 272                         CheckWellKnownSidLookup (WellKnownSidType.SelfSid, @"NT AUTHORITY\SELF");
 273                         CheckWellKnownSidLookup (WellKnownSidType.AuthenticatedUserSid, @"NT AUTHORITY\Authenticated Users");
 274                         CheckWellKnownSidLookup (WellKnownSidType.RestrictedCodeSid, @"NT AUTHORITY\RESTRICTED");
 275                         CheckWellKnownSidLookup (WellKnownSidType.TerminalServerSid, @"NT AUTHORITY\TERMINAL SERVER USER");
 276                         CheckWellKnownSidLookup (WellKnownSidType.RemoteLogonIdSid, @"NT AUTHORITY\REMOTE INTERACTIVE LOGON");
 277                         CheckWellKnownSidLookup (WellKnownSidType.LocalSystemSid, @"NT AUTHORITY\SYSTEM");
 278                         CheckWellKnownSidLookup (WellKnownSidType.LocalServiceSid, @"NT AUTHORITY\LOCAL SERVICE");
 279                         CheckWellKnownSidLookup (WellKnownSidType.NetworkServiceSid, @"NT AUTHORITY\NETWORK SERVICE");
 280                         CheckWellKnownSidLookup (WellKnownSidType.BuiltinAdministratorsSid, @"BUILTIN\Administrators");
 281                         CheckWellKnownSidLookup (WellKnownSidType.BuiltinUsersSid, @"BUILTIN\Users");
 282                         CheckWellKnownSidLookup (WellKnownSidType.BuiltinGuestsSid, @"BUILTIN\Guests");
 283                         CheckWellKnownSidLookup (WellKnownSidType.NtlmAuthenticationSid, @"NT AUTHORITY\NTLM Authentication");
 284                         CheckWellKnownSidLookup (WellKnownSidType.DigestAuthenticationSid, @"NT AUTHORITY\Digest Authentication");
 285                         CheckWellKnownSidLookup (WellKnownSidType.SChannelAuthenticationSid, @"NT AUTHORITY\SChannel Authentication");
 286                         CheckWellKnownSidLookup (WellKnownSidType.ThisOrganizationSid, @"NT AUTHORITY\This Organization");
 287                         CheckWellKnownSidLookup (WellKnownSidType.OtherOrganizationSid, @"NT AUTHORITY\Other Organization");
 288                         CheckWellKnownSidLookup (WellKnownSidType.BuiltinPerformanceMonitoringUsersSid, @"BUILTIN\Performance Monitor Users");
 289                         CheckWellKnownSidLookup (WellKnownSidType.BuiltinPerformanceLoggingUsersSid, @"BUILTIN\Performance Log Users");
 290                 }
 291
 292                 [Test]
 293                 [ExpectedException(typeof(IdentityNotMappedException))]
 294                 public void TranslateUnknown ()
 295                 {
 296                         new SecurityIdentifier ("S-1-5-21-125-3215-342-513").Translate (typeof(NTAccount));
 297                 }
 298
 299                 [Test]
 300                 public void LengthLimits ()
 301                 {
 302                         Assert.AreEqual (8, SecurityIdentifier.MinBinaryLength);
 303                         Assert.AreEqual (68, SecurityIdentifier.MaxBinaryLength);
 304                 }
 305         }
 306 }