1 // FileSecurityTest.cs - NUnit Test Cases for FileSecurity
4 // James Bellinger (jfb@zer7.com)
8 using System
.Security
.AccessControl
;
9 using System
.Security
.Principal
;
10 using NUnit
.Framework
;
12 namespace MonoTests
.System
.Security
.AccessControl
15 public class FileSecurityTest
18 public void ChangeGroupToEveryone ()
20 FileSecurity security
;
21 if (PlatformID
.Win32NT
!= Environment
.OSVersion
.Platform
) {
25 string path
= Path
.GetTempFileName ();
27 SecurityIdentifier worldSid
= new SecurityIdentifier ("WD");
29 security
= File
.GetAccessControl (path
);
30 security
.SetGroup (worldSid
);
31 File
.SetAccessControl (path
, security
);
33 security
= File
.GetAccessControl (path
);
34 Assert
.AreEqual (worldSid
, security
.GetGroup (typeof(SecurityIdentifier
)));
41 public void ChangeAccessRules ()
43 FileSecurity security
;
44 if (PlatformID
.Win32NT
!= Environment
.OSVersion
.Platform
) {
48 string path
= Path
.GetTempFileName ();
50 // Add 'Everyone' to the access list.
51 SecurityIdentifier worldSid
= new SecurityIdentifier ("WD");
53 security
= File
.GetAccessControl (path
);
54 FileSystemAccessRule rule
= new FileSystemAccessRule (worldSid
,
55 FileSystemRights
.FullControl
,
56 AccessControlType
.Allow
);
57 security
.AddAccessRule (rule
);
58 File
.SetAccessControl (path
, security
);
60 // Make sure 'Everyone' is *on* the access list.
61 // Let's use the SafeHandle overload to check it.
62 AuthorizationRuleCollection rules
;
63 using (FileStream file
= File
.Open (path
, FileMode
.Open
, FileAccess
.Read
)) {
64 security
= file
.GetAccessControl ();
65 rules
= security
.GetAccessRules (true, false, typeof (SecurityIdentifier
));
67 Assert
.AreEqual (1, rules
.Count
);
68 Assert
.AreEqual (worldSid
, rules
[0].IdentityReference
);
69 Assert
.AreEqual (InheritanceFlags
.None
, rules
[0].InheritanceFlags
);
70 Assert
.AreEqual (PropagationFlags
.None
, rules
[0].PropagationFlags
);
71 Assert
.IsFalse (rules
[0].IsInherited
);
74 // Remove 'Everyone' from the access list.
75 security
.RemoveAccessRuleSpecific (rule
);
76 File
.SetAccessControl (path
, security
);
78 // Make sure our non-inherited access control list is now empty.
79 security
= File
.GetAccessControl (path
);
80 rules
= security
.GetAccessRules (true, false, typeof (SecurityIdentifier
));
82 Assert
.AreEqual (0, rules
.Count
);
88 [Test
, ExpectedException (typeof (UnauthorizedAccessException
))]
89 public void EveryoneMayNotBeOwner ()
91 FileSecurity security
;
92 if (PlatformID
.Win32NT
!= Environment
.OSVersion
.Platform
) {
96 string path
= Path
.GetTempFileName ();
98 security
= File
.GetAccessControl (path
);
99 security
.SetOwner (new SecurityIdentifier ("WD"));
100 File
.SetAccessControl (path
, security
);
101 // If we don't get an InvalidOperationException it could be that we are running
102 // with administrator privileges. Don't fail the test if that is the case.
103 WindowsIdentity identity
= WindowsIdentity
.GetCurrent ();
104 WindowsPrincipal principal
= new WindowsPrincipal (identity
);
105 if (principal
.IsInRole (WindowsBuiltInRole
.Administrator
)) {
106 Assert
.Ignore ("Running as Administrator");