diff options
author | Anirudh Agnihotry <anirudhagnihotry098@gmail.com> | 2018-04-06 02:30:09 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-04-06 02:30:09 +0300 |
commit | 5d2fd5bd2dfeed003892849a8d85f2506a922c36 (patch) | |
tree | 7ff41f7e4b292c306bf1dbabab8c262114644442 | |
parent | 18d685f3b1ed8fd22601fb0bce3eb928f1c4206f (diff) |
Fixed tests for non english windows (#28865)
6 files changed, 113 insertions, 123 deletions
diff --git a/src/System.IO.FileSystem.AccessControl/tests/DirectoryObjectSecurityTests.cs b/src/System.IO.FileSystem.AccessControl/tests/DirectoryObjectSecurityTests.cs index 5cfba92691..a0777ee2ca 100644 --- a/src/System.IO.FileSystem.AccessControl/tests/DirectoryObjectSecurityTests.cs +++ b/src/System.IO.FileSystem.AccessControl/tests/DirectoryObjectSecurityTests.cs @@ -94,7 +94,6 @@ namespace System.Security.AccessControl Assert.NotNull(ruleCollection); } - [Fact] public void RemoveAuditRuleAll_InvalidObjectAuditRule() { @@ -107,18 +106,16 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new NTAccount(@"NT AUTHORITY\SYSTEM"); var customAuditRuleReadWrite = new CustomAuditRule ( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AuditFlags.Success ); var customAuditRuleSynchronize = new CustomAuditRule ( - new NTAccount(@"NT AUTHORITY\SYSTEM"), SynchronizeAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, SynchronizeAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AuditFlags.Success ); @@ -148,9 +145,8 @@ namespace System.Security.AccessControl var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); var objectTypeGuid = Guid.NewGuid(); - var identityReference = new NTAccount(@"NT AUTHORITY\SYSTEM"); var customAuditRuleReadWrite = new CustomAuditRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AuditFlags.Success ); @@ -171,16 +167,15 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); + var customAuditRuleReadWrite = new CustomAuditRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AuditFlags.Success ); var customAuditRuleWrite = new CustomAuditRule( - identityReference, WriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, WriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AuditFlags.Success ); @@ -203,16 +198,15 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - - var identity = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); var objectType = Guid.NewGuid(); + var customAuditRuleWrite = new CustomAuditRule( - identity, WriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, WriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectType, Guid.NewGuid(), AuditFlags.Success ); var customAuditRuleReadWrite = new CustomAuditRule( - identity, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectType, Guid.NewGuid(), AuditFlags.Success ); customObjectSecurity.AddAuditRule(customAuditRuleReadWrite); @@ -229,7 +223,7 @@ namespace System.Security.AccessControl existingRules.Any( x => x.AccessMaskValue == ReadAccessMask && x.AuditFlags == AuditFlags.Success && - x.IdentityReference == identity + x.IdentityReference == Helpers.s_LocalSystemNTAccount ) ); } @@ -246,11 +240,10 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); + var customAuditRuleReadWrite = new CustomAuditRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AuditFlags.Success ); @@ -313,17 +306,15 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); - + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); var customAccessRuleWrite = new CustomAccessRule( - identityReference, WriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, WriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); @@ -336,7 +327,7 @@ namespace System.Security.AccessControl Assert.NotNull(ruleCollection); Assert.Contains(ruleCollection.Cast<CustomAccessRule>(), x => - x.IdentityReference == identityReference && + x.IdentityReference == Helpers.s_LocalSystemNTAccount && x.AccessControlType == customAccessRuleReadWrite.AccessControlType && x.AccessMaskValue == ReadAccessMask ); @@ -349,15 +340,15 @@ namespace System.Security.AccessControl var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); int readDataAndAttribute = ReadAccessMask | ReadAttributeAccessMask; - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); var objectTypeGuid = Guid.NewGuid(); + var customAccessRuleReadDataAndAttribute = new CustomAccessRule( - identityReference, readDataAndAttribute, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, readDataAndAttribute, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); var customAccessRuleRead = new CustomAccessRule( - identityReference, ReadAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); @@ -368,7 +359,7 @@ namespace System.Security.AccessControl Assert.NotNull(ruleCollection); Assert.Contains(ruleCollection.Cast<CustomAccessRule>(), x => - x.IdentityReference == identityReference && + x.IdentityReference == Helpers.s_LocalSystemNTAccount && x.AccessControlType == AccessControlType.Deny && x.AccessMaskValue == ReadAttributeAccessMask ); @@ -386,12 +377,10 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new NTAccount(@"NT AUTHORITY\SYSTEM"); - + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); @@ -411,12 +400,10 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); @@ -443,16 +430,15 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new NTAccount(@"NT AUTHORITY\SYSTEM"); + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); var customAccessRuleSynchronize = new CustomAccessRule( - identityReference, SynchronizeAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, SynchronizeAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); @@ -475,11 +461,10 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new NTAccount(@"NT AUTHORITY\SYSTEM"); + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.ObjectInherit, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); @@ -492,16 +477,15 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new NTAccount(@"NT AUTHORITY\SYSTEM"); + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); var customAccessRuleSynchronize = new CustomAccessRule( - identityReference, SynchronizeAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, SynchronizeAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); @@ -531,21 +515,20 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); var customAccessRuleNetworkService = new CustomAccessRule( - new SecurityIdentifier(WellKnownSidType.NetworkServiceSid, null).Translate(typeof(NTAccount)), SynchronizeAccessMask, true, InheritanceFlags.None, + Helpers.s_NetworkServiceNTAccount, SynchronizeAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); var customAccessRuleRead = new CustomAccessRule( - new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)), ReadAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); @@ -569,21 +552,20 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); var customAccessRuleNetworkService = new CustomAccessRule( - new SecurityIdentifier(WellKnownSidType.NetworkServiceSid, null).Translate(typeof(NTAccount)), SynchronizeAccessMask, true, InheritanceFlags.None, + Helpers.s_NetworkServiceNTAccount, SynchronizeAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); var customAccessRuleWrite = new CustomAccessRule( - new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)), WriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, WriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); @@ -614,11 +596,10 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Allow ); @@ -641,11 +622,10 @@ namespace System.Security.AccessControl { var descriptor = new CommonSecurityDescriptor(true, true, string.Empty); var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); - var objectTypeGuid = Guid.NewGuid(); - var identityReference = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); + var customAccessRuleReadWrite = new CustomAccessRule( - identityReference, ReadWriteAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadWriteAccessMask, true, InheritanceFlags.None, PropagationFlags.None, objectTypeGuid, Guid.NewGuid(), AccessControlType.Deny ); @@ -677,12 +657,12 @@ namespace System.Security.AccessControl var customObjectSecurity = new CustomDirectoryObjectSecurity(descriptor); var customAccessRuleAllow = new CustomAccessRule( - new SecurityIdentifier(WellKnownSidType.NetworkServiceSid, null).Translate(typeof(NTAccount)), ReadAccessMask, true, InheritanceFlags.None, + Helpers.s_NetworkServiceNTAccount, ReadAccessMask, true, InheritanceFlags.None, PropagationFlags.None, Guid.NewGuid(), Guid.NewGuid(), AccessControlType.Allow ); var customAccessRuleDeny = new CustomAccessRule( - new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)), ReadAccessMask, true, InheritanceFlags.None, + Helpers.s_LocalSystemNTAccount, ReadAccessMask, true, InheritanceFlags.None, PropagationFlags.None, Guid.NewGuid(), Guid.NewGuid(), AccessControlType.Deny ); diff --git a/src/System.IO.FileSystem.AccessControl/tests/FileSystemAccessRuleTests.cs b/src/System.IO.FileSystem.AccessControl/tests/FileSystemAccessRuleTests.cs index 60af70435d..611a59dfdc 100644 --- a/src/System.IO.FileSystem.AccessControl/tests/FileSystemAccessRuleTests.cs +++ b/src/System.IO.FileSystem.AccessControl/tests/FileSystemAccessRuleTests.cs @@ -13,10 +13,9 @@ namespace System.IO [Fact] public void FileSystemAccessRule_Returns_Valid_Object() { - var identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null); - var accessRule = new FileSystemAccessRule(identity, FileSystemRights.AppendData, AccessControlType.Allow); + var accessRule = new FileSystemAccessRule(Helpers.s_WorldSidNTAccount, FileSystemRights.AppendData, AccessControlType.Allow); var expectedFileSystemRights = FileSystemRights.AppendData | FileSystemRights.Synchronize; - Assert.Equal(identity, accessRule.IdentityReference); + Assert.Equal(Helpers.s_WorldSidNTAccount, accessRule.IdentityReference); Assert.Equal(expectedFileSystemRights, accessRule.FileSystemRights); Assert.Equal(AccessControlType.Allow, accessRule.AccessControlType); Assert.Equal(PropagationFlags.None, accessRule.PropagationFlags); @@ -26,16 +25,14 @@ namespace System.IO [Fact] public void FileSystemAccessRule_InvalidFileSystemRights() { - var identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null); AssertExtensions.Throws<ArgumentOutOfRangeException>("fileSystemRights", () => - new FileSystemAccessRule(identity, (FileSystemRights)(-1), AccessControlType.Allow)); + new FileSystemAccessRule(Helpers.s_WorldSidNTAccount, (FileSystemRights)(-1), AccessControlType.Allow)); } [Fact] public void FileSystemAccessRule_AcessControlTypeDeny_Returns_Valid_Object() { - var identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null); - var accessRule = new FileSystemAccessRule(identity, FileSystemRights.AppendData, AccessControlType.Deny); + var accessRule = new FileSystemAccessRule(Helpers.s_WorldSidNTAccount, FileSystemRights.AppendData, AccessControlType.Deny); var expectedFileSystemRights = FileSystemRights.AppendData & ~FileSystemRights.Synchronize; Assert.Equal(expectedFileSystemRights, accessRule.FileSystemRights); Assert.Equal(AccessControlType.Deny, accessRule.AccessControlType); @@ -44,8 +41,7 @@ namespace System.IO [Fact] public void FileSystemAccessRule_FileSystemRightsFullControl_Returns_Valid_Object() { - var identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null); - var accessRule = new FileSystemAccessRule(identity, FileSystemRights.FullControl, AccessControlType.Deny); + var accessRule = new FileSystemAccessRule(Helpers.s_WorldSidNTAccount, FileSystemRights.FullControl, AccessControlType.Deny); Assert.Equal(FileSystemRights.FullControl, accessRule.FileSystemRights); Assert.Equal(AccessControlType.Deny, accessRule.AccessControlType); } @@ -66,8 +62,7 @@ namespace System.IO [Fact] public void FileSystemAccessRule_InhertianceFlag_PropagationFlag_Returns_Valid_Object() { - var identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null); - var accessRule = new FileSystemAccessRule(identity, FileSystemRights.AppendData, + var accessRule = new FileSystemAccessRule(Helpers.s_WorldSidNTAccount, FileSystemRights.AppendData, InheritanceFlags.ContainerInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow); diff --git a/src/System.IO.FileSystem.AccessControl/tests/FileSystemAuditRuleTests.cs b/src/System.IO.FileSystem.AccessControl/tests/FileSystemAuditRuleTests.cs index afb26096ab..dfd1902abd 100644 --- a/src/System.IO.FileSystem.AccessControl/tests/FileSystemAuditRuleTests.cs +++ b/src/System.IO.FileSystem.AccessControl/tests/FileSystemAuditRuleTests.cs @@ -12,9 +12,8 @@ namespace System.Security.AccessControl [Fact] public void ObjectInitialization_IdentityReference_FileSystemRights_AuditFlags_Success() { - var identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null); - var auditRule = new FileSystemAuditRule(identity, FileSystemRights.ReadData, AuditFlags.Failure); - Assert.Equal(auditRule.IdentityReference, identity); + var auditRule = new FileSystemAuditRule(Helpers.s_WorldSidNTAccount, FileSystemRights.ReadData, AuditFlags.Failure); + Assert.Equal(auditRule.IdentityReference, Helpers.s_WorldSidNTAccount); Assert.Equal(auditRule.FileSystemRights, FileSystemRights.ReadData); Assert.Equal(auditRule.AuditFlags, AuditFlags.Failure); } @@ -41,7 +40,6 @@ namespace System.Security.AccessControl public void ObjectInitialization_InvalidFileSystemRights() { var fileSystemRights = (FileSystemRights)(-1); - var identity = new SecurityIdentifier(WellKnownSidType.WorldSid, null); AssertExtensions.Throws<ArgumentOutOfRangeException>("fileSystemRights", () => new FileSystemAuditRule(@"MYDOMAIN\MyAccount", fileSystemRights, AuditFlags.Failure)); } diff --git a/src/System.IO.FileSystem.AccessControl/tests/FileSystemSecurityTests.cs b/src/System.IO.FileSystem.AccessControl/tests/FileSystemSecurityTests.cs index 0d221acf8b..d8b9baab98 100644 --- a/src/System.IO.FileSystem.AccessControl/tests/FileSystemSecurityTests.cs +++ b/src/System.IO.FileSystem.AccessControl/tests/FileSystemSecurityTests.cs @@ -25,7 +25,7 @@ namespace System.IO [Fact] public void AddAccessRule_Succeeds() { - var accessRule = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRule = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AccessControlType.Allow); var fileSecurity = new FileSecurity(); fileSecurity.AddAccessRule(accessRule); @@ -48,11 +48,11 @@ namespace System.IO [Fact] public void SetAccessRule_Succeeds() { - var accessRuleRead = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleRead = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read, AccessControlType.Allow); var fileSecurity = new FileSecurity(); fileSecurity.AddAccessRule(accessRuleRead); - var accessRuleWrite = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleWrite = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AccessControlType.Allow); //Changing the value of file system rights from "read" to "write". fileSecurity.SetAccessRule(accessRuleWrite); @@ -68,11 +68,12 @@ namespace System.IO [Fact] public void SetAccessRule_IgnoreExistingRule_Succeeds() { - var accessRuleRead = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleRead = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read, AccessControlType.Allow); var fileSecurity = new FileSecurity(); fileSecurity.AddAccessRule(accessRuleRead); - var newAccessRule = new FileSystemAccessRule(@"NT AUTHORITY\Network Service", + + var newAccessRule = new FileSystemAccessRule(Helpers.s_NetworkServiceNTAccount, FileSystemRights.Write, AccessControlType.Allow); fileSecurity.SetAccessRule(newAccessRule); @@ -83,7 +84,7 @@ namespace System.IO var existingAccessRule = (FileSystemAccessRule)rules[0]; Assert.Equal(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)), existingAccessRule.IdentityReference); existingAccessRule = (FileSystemAccessRule)rules[1]; - Assert.Equal(new NTAccount(@"NT AUTHORITY\Network Service"), existingAccessRule.IdentityReference); + Assert.Equal(Helpers.s_NetworkServiceNTAccount, existingAccessRule.IdentityReference); } [Fact] @@ -96,11 +97,11 @@ namespace System.IO [Fact] public void ResetSetAccessRule_Succeeds() { - var accessRuleRead = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleRead = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read, AccessControlType.Allow); - var accessRuleAppendData = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleAppendData = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AccessControlType.Deny); - var accessRuleWrite = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleWrite = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AccessControlType.Allow); var fileSecurity = new FileSecurity(); @@ -128,7 +129,7 @@ namespace System.IO [Fact] public void RemoveAccessRule_Succeeds() { - var accessRule = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRule = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read | FileSystemRights.Write, AccessControlType.Allow); var fileSecurity = new FileSecurity(); @@ -137,7 +138,7 @@ namespace System.IO fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)); Assert.Equal(1, rules.Count); //Removing the "write" access right. - Assert.True(fileSecurity.RemoveAccessRule(new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + Assert.True(fileSecurity.RemoveAccessRule(new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AccessControlType.Allow))); rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)); @@ -149,12 +150,12 @@ namespace System.IO [Fact] public void RemoveAccessRule_IdenticalRule_Succeeds() { - var accessRule = new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)).Value, + var accessRule = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read | FileSystemRights.Write, AccessControlType.Allow); var fileSecurity = new FileSecurity(); fileSecurity.AddAccessRule(accessRule); - Assert.True(fileSecurity.RemoveAccessRule(new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)).Value, + Assert.True(fileSecurity.RemoveAccessRule(new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read | FileSystemRights.Write, AccessControlType.Allow))); var rules = fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)); @@ -164,9 +165,9 @@ namespace System.IO [Fact] public void RemoveAccessRule_NoMatchableRules_Succeeds() { - var accessRuleAppendData = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", FileSystemRights.AppendData, + var accessRuleAppendData = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AccessControlType.Allow); - var accessRuleWrite = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleWrite = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AccessControlType.Deny); var fileSecurity = new FileSecurity(); @@ -176,7 +177,7 @@ namespace System.IO fileSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)); Assert.Equal(1, rules.Count); var remainingRule = (FileSystemAccessRule)rules[0]; - Assert.Equal(new NTAccount(@"NT AUTHORITY\SYSTEM"), accessRuleAppendData.IdentityReference); + Assert.Equal(Helpers.s_LocalSystemNTAccount, accessRuleAppendData.IdentityReference); Assert.Equal(accessRuleAppendData.FileSystemRights, remainingRule.FileSystemRights); Assert.Equal(AccessControlType.Allow, remainingRule.AccessControlType); } @@ -191,10 +192,10 @@ namespace System.IO [Fact] public void RemoveAccessRuleSpecific_NoMatchingRules_Succeeds() { - var accessRuleReadWrite = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleReadWrite = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read | FileSystemRights.Write, AccessControlType.Allow); - var accessRuleWrite = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleWrite = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AccessControlType.Allow); var fileSecurity = new FileSecurity(); @@ -211,7 +212,7 @@ namespace System.IO [Fact] public void RemoveAccessRuleSpecific_Succeeds() { - var accessRule = new FileSystemAccessRule(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)).Value, FileSystemRights.AppendData + var accessRule = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData | FileSystemRights.Write, AccessControlType.Allow); var fileSecurity = new FileSecurity(); fileSecurity.AddAccessRule(accessRule); @@ -233,15 +234,15 @@ namespace System.IO [Fact] public void RemoveAccessRuleAll_Succeeds() { - var accessRuleAppendData = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", FileSystemRights.AppendData, + var accessRuleAppendData = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AccessControlType.Allow); - var accessRuleRead = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleRead = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read, AccessControlType.Allow); - var accessRuleWrite = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleWrite = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AccessControlType.Allow); - var accessRuleReadPermissionDeny = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", + var accessRuleReadPermissionDeny = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.ReadPermissions, AccessControlType.Deny); - var accessRuleReadNetworkService = new FileSystemAccessRule(@"NT AUTHORITY\Network Service", + var accessRuleReadNetworkService = new FileSystemAccessRule(Helpers.s_NetworkServiceNTAccount, FileSystemRights.Read, AccessControlType.Allow); var fileSecurity = new FileSecurity(); @@ -260,14 +261,14 @@ namespace System.IO Assert.Equal(AccessControlType.Deny, existingAccessRule.AccessControlType); Assert.Equal(FileSystemRights.ReadPermissions, existingAccessRule.FileSystemRights); existingAccessRule = (FileSystemAccessRule)rules[1]; - Assert.Equal(new NTAccount(@"NT AUTHORITY\Network Service"), existingAccessRule.IdentityReference); + Assert.Equal(Helpers.s_NetworkServiceNTAccount, existingAccessRule.IdentityReference); Assert.Equal(AccessControlType.Allow, existingAccessRule.AccessControlType); } [Fact] public void AccessRuleType_Returns_Valid_Object() { - var accessRule = new FileSystemAccessRule(@"NT AUTHORITY\SYSTEM", FileSystemRights.AppendData, + var accessRule = new FileSystemAccessRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AccessControlType.Allow); var fileSecurity = new FileSecurity(); fileSecurity.AddAccessRule(accessRule); @@ -278,7 +279,7 @@ namespace System.IO [Fact] public void AddAuditRule_Succeeds() { - var auditRule = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + var auditRule = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AuditFlags.Success); var fileSecurity = new FileSecurity(); fileSecurity.AddAuditRule(auditRule); @@ -286,7 +287,7 @@ namespace System.IO fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount)); Assert.Equal(1, auditRules.Count); var actualAddedRule = (FileSystemAuditRule)auditRules[0]; - Assert.Equal(new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)), actualAddedRule.IdentityReference); + Assert.Equal(Helpers.s_LocalSystemNTAccount, actualAddedRule.IdentityReference); Assert.Equal(AuditFlags.Success, actualAddedRule.AuditFlags); Assert.Equal(FileSystemRights.AppendData, actualAddedRule.FileSystemRights); } @@ -294,11 +295,11 @@ namespace System.IO [Fact] public void SetAuditRule_Succeeds() { - var auditRuleAppendData = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + var auditRuleAppendData = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AuditFlags.Success); - var auditRuleNetworkService = new FileSystemAuditRule(@"NT AUTHORITY\Network Service", + var auditRuleNetworkService = new FileSystemAuditRule(Helpers.s_NetworkServiceNTAccount, FileSystemRights.CreateFiles, AuditFlags.Failure); - var auditRuleDelete = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + var auditRuleDelete = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Delete, AuditFlags.Success); var fileSecurity = new FileSecurity(); @@ -313,7 +314,7 @@ namespace System.IO Assert.Equal(AuditFlags.Success, firstAuditRule.AuditFlags); Assert.Equal(FileSystemRights.Delete, firstAuditRule.FileSystemRights); var secondAuditRule = (FileSystemAuditRule)auditRules[1]; - Assert.Equal(new NTAccount(@"NT AUTHORITY\Network Service"), secondAuditRule.IdentityReference); + Assert.Equal(Helpers.s_NetworkServiceNTAccount, secondAuditRule.IdentityReference); Assert.Equal(AuditFlags.Failure, secondAuditRule.AuditFlags); Assert.Equal(FileSystemRights.CreateFiles, secondAuditRule.FileSystemRights); } @@ -321,7 +322,7 @@ namespace System.IO [Fact] public void RemoveAuditRule_Succeeds() { - var auditRule = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + var auditRule = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Read | FileSystemRights.Write, AuditFlags.Failure); var fileSecurity = new FileSecurity(); @@ -329,7 +330,7 @@ namespace System.IO AuthorizationRuleCollection rules = fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount)); Assert.Equal(1, rules.Count); - Assert.True(fileSecurity.RemoveAuditRule(new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + Assert.True(fileSecurity.RemoveAuditRule(new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AuditFlags.Failure))); rules = fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount)); @@ -343,9 +344,9 @@ namespace System.IO [Fact] public void RemoveAuditRuleSpecific_Succeeds() { - var auditRuleReadWrite = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + var auditRuleReadWrite = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write | FileSystemRights.Read, AuditFlags.Success); - var auditRuleNetworkService = new FileSystemAuditRule(@"NT AUTHORITY\Network Service", + var auditRuleNetworkService = new FileSystemAuditRule(Helpers.s_NetworkServiceNTAccount, FileSystemRights.Read, AuditFlags.Failure); var fileSecurity = new FileSecurity(); @@ -356,7 +357,7 @@ namespace System.IO fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount)); Assert.Equal(1, rules.Count); var existingAuditRule = (FileSystemAuditRule)rules[0]; - Assert.Equal(new NTAccount(@"NT AUTHORITY\Network Service"), existingAuditRule.IdentityReference); + Assert.Equal(Helpers.s_NetworkServiceNTAccount, existingAuditRule.IdentityReference); Assert.Equal(FileSystemRights.Read, existingAuditRule.FileSystemRights); Assert.Equal(AuditFlags.Failure, existingAuditRule.AuditFlags); } @@ -364,11 +365,11 @@ namespace System.IO [Fact] public void RemoveAuditRuleSpecific_NoMatchingRules_Succeeds() { - var auditRuleReadWrite = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + var auditRuleReadWrite = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write | FileSystemRights.Read, AuditFlags.Success); var fileSecurity = new FileSecurity(); fileSecurity.AddAuditRule(auditRuleReadWrite); - fileSecurity.RemoveAuditRuleSpecific(new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + fileSecurity.RemoveAuditRuleSpecific(new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AuditFlags.Success)); AuthorizationRuleCollection rules = fileSecurity.GetAuditRules(true, true, typeof(System.Security.Principal.NTAccount)); @@ -380,11 +381,11 @@ namespace System.IO [Fact] public void RemoveAuditRuleAll_Succeeds() { - var auditRuleAppend = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", FileSystemRights.AppendData, + var auditRuleAppend = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.AppendData, AuditFlags.Success); - var auditRuleWrite = new FileSystemAuditRule(@"NT AUTHORITY\SYSTEM", + var auditRuleWrite = new FileSystemAuditRule(Helpers.s_LocalSystemNTAccount, FileSystemRights.Write, AuditFlags.Success); - var auditRuleNetworkService = new FileSystemAuditRule(@"NT AUTHORITY\Network Service", + var auditRuleNetworkService = new FileSystemAuditRule(Helpers.s_NetworkServiceNTAccount, FileSystemRights.Read, AuditFlags.Failure); var fileSecurity = new FileSecurity(); @@ -396,7 +397,7 @@ namespace System.IO Assert.Equal(1, rules.Count); var existingAuditRule = (FileSystemAuditRule)rules[0]; - Assert.Equal(new NTAccount(@"NT AUTHORITY\Network Service"), existingAuditRule.IdentityReference); + Assert.Equal(Helpers.s_NetworkServiceNTAccount, existingAuditRule.IdentityReference); Assert.Equal(FileSystemRights.Read, existingAuditRule.FileSystemRights); Assert.Equal(AuditFlags.Failure, existingAuditRule.AuditFlags); } diff --git a/src/System.IO.FileSystem.AccessControl/tests/Helpers.cs b/src/System.IO.FileSystem.AccessControl/tests/Helpers.cs new file mode 100644 index 0000000000..2c3f30e2d9 --- /dev/null +++ b/src/System.IO.FileSystem.AccessControl/tests/Helpers.cs @@ -0,0 +1,15 @@ +// Licensed to the .NET Foundation under one or more agreements. +// The .NET Foundation licenses this file to you under the MIT license. +// See the LICENSE file in the project root for more information + +using System.Security.Principal; + +namespace System.Security.AccessControl +{ + public static class Helpers + { + public static IdentityReference s_LocalSystemNTAccount = new SecurityIdentifier(WellKnownSidType.LocalSystemSid, null).Translate(typeof(NTAccount)); + public static IdentityReference s_NetworkServiceNTAccount = new SecurityIdentifier(WellKnownSidType.NetworkServiceSid, null).Translate(typeof(NTAccount)); + public static IdentityReference s_WorldSidNTAccount = new SecurityIdentifier(WellKnownSidType.WorldSid, null); + } +} diff --git a/src/System.IO.FileSystem.AccessControl/tests/System.IO.FileSystem.AccessControl.Tests.csproj b/src/System.IO.FileSystem.AccessControl/tests/System.IO.FileSystem.AccessControl.Tests.csproj index 3a42f3e7b1..e8c6c3acd4 100644 --- a/src/System.IO.FileSystem.AccessControl/tests/System.IO.FileSystem.AccessControl.Tests.csproj +++ b/src/System.IO.FileSystem.AccessControl/tests/System.IO.FileSystem.AccessControl.Tests.csproj @@ -20,6 +20,7 @@ </Compile> <Compile Include="FileSystemAuditRuleTests.cs" /> <Compile Include="FileSystemSecurityTests.cs" /> + <Compile Include="Helpers.cs" /> </ItemGroup> <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildThisFileDirectory), dir.targets))\dir.targets" /> </Project>
\ No newline at end of file |