106 lines
3.4 KiB
C#
106 lines
3.4 KiB
C#
// RegistrySecurityTest.cs - NUnit Test Cases for RegistrySecurity
|
|
//
|
|
// Authors:
|
|
// James Bellinger (jfb@zer7.com)
|
|
|
|
#if !MOBILE
|
|
|
|
using System;
|
|
using System.IO;
|
|
using System.Security.AccessControl;
|
|
using System.Security.Principal;
|
|
using Microsoft.Win32;
|
|
using NUnit.Framework;
|
|
|
|
namespace MonoTests.System.Security.AccessControl
|
|
{
|
|
[TestFixture]
|
|
public class RegistrySecurityTest
|
|
{
|
|
[Test]
|
|
public void ChangeGroupToEveryone ()
|
|
{
|
|
string keyName = @"SOFTWARE\Mono RegistrySecurityTest ChangeGroupToEveryone";
|
|
|
|
RegistrySecurity security;
|
|
if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
|
|
Assert.Ignore ();
|
|
}
|
|
|
|
try {
|
|
using (RegistryKey key = Registry.CurrentUser.CreateSubKey (keyName)) {
|
|
// Before we begin manipulating this, make sure we're in the right spot.
|
|
Assert.AreEqual (key.Name, @"HKEY_CURRENT_USER\" + keyName);
|
|
|
|
// Set the group to Everyone.
|
|
SecurityIdentifier worldSid = new SecurityIdentifier ("WD");
|
|
|
|
security = key.GetAccessControl ();
|
|
security.SetGroup (worldSid);
|
|
key.SetAccessControl (security);
|
|
|
|
// Make sure it actually became Everyone.
|
|
security = key.GetAccessControl ();
|
|
Assert.AreEqual (worldSid, security.GetGroup (typeof(SecurityIdentifier)));
|
|
}
|
|
} finally {
|
|
Registry.CurrentUser.DeleteSubKey (keyName);
|
|
}
|
|
}
|
|
|
|
[Test]
|
|
public void EveryoneCanRead ()
|
|
{
|
|
string keyName = @"Software\Mono RegistrySecurityTest EveryoneCanRead";
|
|
|
|
RegistrySecurity security;
|
|
if (PlatformID.Win32NT != Environment.OSVersion.Platform) {
|
|
Assert.Ignore ();
|
|
}
|
|
|
|
try {
|
|
using (RegistryKey key = Registry.CurrentUser.CreateSubKey (keyName)) {
|
|
AuthorizationRuleCollection explicitRules, inheritedRules;
|
|
|
|
// Before we begin manipulating this, make sure we're in the right spot.
|
|
Assert.AreEqual (key.Name, @"HKEY_CURRENT_USER\" + keyName);
|
|
|
|
// Let's add Everyone to the read list.
|
|
SecurityIdentifier worldSid = new SecurityIdentifier ("WD");
|
|
|
|
security = key.GetAccessControl ();
|
|
inheritedRules = security.GetAccessRules (false, true, typeof (SecurityIdentifier));
|
|
Assert.AreNotEqual (0, inheritedRules.Count);
|
|
explicitRules = security.GetAccessRules (true, false, typeof (SecurityIdentifier));
|
|
Assert.AreEqual (0, explicitRules.Count);
|
|
|
|
security.AddAccessRule (new RegistryAccessRule (worldSid,
|
|
RegistryRights.FullControl,
|
|
AccessControlType.Allow));
|
|
key.SetAccessControl (security);
|
|
|
|
// Verify that we have our permission!
|
|
security = key.GetAccessControl ();
|
|
inheritedRules = security.GetAccessRules (false, true, typeof (SecurityIdentifier));
|
|
Assert.AreNotEqual (0, inheritedRules.Count);
|
|
explicitRules = security.GetAccessRules (true, false, typeof (SecurityIdentifier));
|
|
Assert.AreEqual (1, explicitRules.Count);
|
|
|
|
RegistryAccessRule rule = (RegistryAccessRule)explicitRules [0];
|
|
Assert.AreEqual (AccessControlType.Allow, rule.AccessControlType);
|
|
Assert.AreEqual (worldSid, rule.IdentityReference);
|
|
Assert.AreEqual (InheritanceFlags.None, rule.InheritanceFlags);
|
|
Assert.AreEqual (PropagationFlags.None, rule.PropagationFlags);
|
|
Assert.AreEqual (RegistryRights.FullControl, rule.RegistryRights);
|
|
Assert.IsFalse (rule.IsInherited);
|
|
}
|
|
} finally {
|
|
Registry.CurrentUser.DeleteSubKey (keyName);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
#endif
|
|
|