Updated AdvApi32 tests

UnitTests/PInvoke/Security/AdvApi32/AdvApi32Tests.cs

@@ -52,7 +52,7 @@ namespace Vanara.PInvoke.Tests
 				var ps = PRIVILEGE_SET.InitializeWithCapacity(10);
 				var psSz = ps.SizeInBytes;
 				var gm = GENERIC_MAPPING.GenericFileMapping;
-				var accessMask = (uint)Kernel32.FileAccess.GENERIC_READ;
+				ACCESS_MASK accessMask = ACCESS_MASK.GENERIC_READ;
 				MapGenericMask(ref accessMask, gm);
 				var b = AccessCheck(pSD, hTok, accessMask, gm, ref ps, ref psSz, out var access, out var status);
 				if (!b) TestContext.WriteLine($"AccessCheck failed: {Win32Error.GetLastError()}");

UnitTests/PInvoke/Security/AdvApi32/AuditTests.cs

@@ -0,0 +1,156 @@
+using NUnit.Framework;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Principal;
+using System.Threading;
+using Vanara.InteropServices;
+using static Vanara.PInvoke.AdvApi32;
+using static Vanara.PInvoke.Kernel32;
+
+namespace Vanara.PInvoke.Tests
+{
+	[TestFixture()]
+	public class AuditTests
+	{
+		private PrivBlock secPriv;
+		static SafePSID pCurSid;
+		static readonly Guid regAudit = new Guid("0cce921e-69ae-11d9-bed3-505054503030");
+		static readonly Guid objAccAudit = new Guid("6997984a-797a-11d9-bed3-505054503030");
+
+		[Test()]
+		public void AuditComputeEffectivePolicyBySidTest()
+		{
+			Assert.That(AuditComputeEffectivePolicyBySid(CurUserSid, new[] { regAudit }), Is.Not.Empty);
+		}
+
+		[Test()]
+		public void AuditComputeEffectivePolicyByTokenTest()
+		{
+			using (var hTok = new SafeHTOKEN(WindowsIdentity.GetCurrent().Token))
+				Assert.That(AuditComputeEffectivePolicyByToken(hTok, new[] { regAudit }), Is.Not.Empty);
+		}
+
+		[Test]
+		public void AuditEnumerateCategoriesTest()
+		{
+			Assert.That(Categories, Is.Not.Empty);
+		}
+
+		[Test]
+		public void AuditEnumeratePerUserPolicyTest()
+		{
+			Assert.That(AuditEnumeratePerUserPolicy(out var h), Is.True);
+			Assert.That(h.IsInvalid, Is.False);
+		}
+
+		[Test]
+		public void AuditEnumerateSubCategoriesTest()
+		{
+			Assert.That(SubCategories, Is.Not.Empty);
+			Assert.That(GetSubCategories(Categories.First()), Is.Not.Empty);
+		}
+
+		[Test]
+		public void AuditLookupCategoryGuidFromCategoryIdTest()
+		{
+			Assert.That(AuditLookupCategoryGuidFromCategoryId(POLICY_AUDIT_EVENT_TYPE.AuditCategoryObjectAccess, out var guid), Is.True);
+			Assert.That(guid, Is.EqualTo(objAccAudit));
+		}
+
+		[Test]
+		public void AuditLookupCategoryIdFromCategoryGuidTest()
+		{
+			Assert.That(AuditLookupCategoryIdFromCategoryGuid(objAccAudit, out var cat), Is.True);
+			Assert.That(cat, Is.EqualTo(POLICY_AUDIT_EVENT_TYPE.AuditCategoryObjectAccess));
+		}
+
+		[Test]
+		public void AuditLookupCategoryNameTest()
+		{
+			Assert.That(AuditLookupCategoryName(objAccAudit, out var name), Is.True);
+			Assert.That(name.ToLower(), Contains.Substring("object"));
+		}
+
+		[Test]
+		public void AuditLookupSubCategoryNameTest()
+		{
+			Assert.That(AuditLookupSubCategoryName(regAudit, out var name), Is.True);
+			Assert.That(name.ToLower(), Contains.Substring("registry"));
+		}
+
+		[Test]
+		public void AuditQuerySetGlobalSaclTest()
+		{
+			Assert.That(AuditQueryGlobalSacl("Key", out var orig), Is.True);
+
+			var psid = SafePSID.CreateWellKnown(WELL_KNOWN_SID_TYPE.WinWorldSid);
+			var explAcc = new EXPLICIT_ACCESS
+			{
+				grfAccessMode = ACCESS_MODE.SET_AUDIT_SUCCESS,
+				grfAccessPermissions = 0x20006 /* KEY_WRITE */,
+				grfInheritance = INHERIT_FLAGS.NO_INHERITANCE,
+				Trustee = new TRUSTEE(psid, TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP)
+			};
+			SetEntriesInAcl(1, new[] { explAcc }, PACL.NULL, out var newAcl).ThrowIfFailed();
+			Assert.That(AuditSetGlobalSacl("Key", newAcl), Is.True);
+
+			Assert.That(AuditSetGlobalSacl("Key", orig), Is.True);
+		}
+
+		[Test]
+		public void AuditQuerySetPerUserPolicyTest()
+		{
+			AUDIT_POLICY_INFORMATION[] orig = null;
+			Assert.That(() => orig = AuditQueryPerUserPolicy(CurUserSid, new[] { regAudit }).ToArray(), Throws.Nothing);
+
+			var api = new AUDIT_POLICY_INFORMATION { AuditSubCategoryGuid = regAudit, AuditingInformation = AuditCondition.PER_USER_AUDIT_SUCCESS_INCLUDE };
+			Assert.That(AuditSetPerUserPolicy(CurUserSid, new[] { api }, 1), Is.True);
+			Assert.That(AuditQueryPerUserPolicy(CurUserSid, new[] { regAudit }).ToArray(), Has.Length.EqualTo(1));
+
+			if (orig.Length == 0)
+				api.AuditingInformation = AuditCondition.PER_USER_AUDIT_NONE;
+			else
+				api = orig[0];
+			Assert.That(AuditSetPerUserPolicy(CurUserSid, new[] { api }, 1), Is.True);
+		}
+
+		[Test]
+		public void AuditQuerySetSecurityTest()
+		{
+			Assert.That(AuditQuerySecurity(SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, out var sd), Is.True);
+			Assert.That(sd.IsInvalid, Is.False);
+			Assert.That(AuditSetSecurity(SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, sd), Is.True);
+		}
+
+		[Test]
+		public void AuditQuerySetSystemPolicyTest()
+		{
+			AUDIT_POLICY_INFORMATION[] api = null;
+			Assert.That(api = AuditQuerySystemPolicy(SubCategories.ToArray()).ToArray(), Is.Not.Empty);
+			Assert.That(AuditSetSystemPolicy(api, (uint)api.Length), Is.True);
+		}
+
+		[OneTimeSetUp]
+		public void SetupTests()
+		{
+			secPriv = new PrivBlock("SeSecurityPrivilege");
+		}
+
+		[OneTimeTearDown]
+		public void TearDownTests()
+		{
+			secPriv?.Dispose();
+		}
+
+		public static IEnumerable<Guid> Categories => AuditEnumerateCategories();
+
+		public static IEnumerable<PSID> PerUserPolicy => AuditEnumeratePerUserPolicy();
+
+		public static IEnumerable<Guid> SubCategories => AuditEnumerateSubCategories();
+
+		public static IEnumerable<Guid> GetSubCategories(Guid cat) => AuditEnumerateSubCategories(cat);
+
+		public static SafePSID CurUserSid => pCurSid ?? (pCurSid = new SafePSID(WindowsIdentity.GetCurrent().User.GetBytes()));
+	}
+}

UnitTests/PInvoke/Security/Authz/AuthzTests.cs

@@ -331,30 +331,6 @@ namespace Vanara.PInvoke.Tests
 			}
 		}
 
-		private class PrivBlock : IDisposable
-		{
-			SafeCoTaskMemHandle prevState;
-			SafeHTOKEN tok;
-
-			public PrivBlock(string priv)
-			{
-				tok = SafeHTOKEN.FromProcess(GetCurrentProcess(), TokenAccess.TOKEN_ADJUST_PRIVILEGES | TokenAccess.TOKEN_QUERY);
-				var newPriv = new PTOKEN_PRIVILEGES(LUID.FromName(priv), PrivilegeAttributes.SE_PRIVILEGE_ENABLED);
-				prevState = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance();
-				var retLen = (uint)prevState.Size;
-				if (!AdjustTokenPrivileges(tok, false, newPriv, newPriv.SizeInBytes, prevState, ref retLen))
-					Win32Error.ThrowLastError();
-			}
-
-			public void Dispose()
-			{
-				var retLen = 0U;
-				AdjustTokenPrivileges(tok, false, prevState, (uint)prevState.Size, SafeCoTaskMemHandle.Null, ref retLen);
-				prevState.Dispose();
-				tok.Dispose();
-			}
-		}
-
 		[Test]
 		public void AuthzSetAppContainerInformationTest()
 		{
@@ -367,4 +343,28 @@ namespace Vanara.PInvoke.Tests
 			}
 		}
 	}
+
+	internal class PrivBlock : IDisposable
+	{
+		SafeCoTaskMemHandle prevState;
+		SafeHTOKEN tok;
+
+		public PrivBlock(string priv)
+		{
+			tok = SafeHTOKEN.FromProcess(GetCurrentProcess(), TokenAccess.TOKEN_ADJUST_PRIVILEGES | TokenAccess.TOKEN_QUERY);
+			var newPriv = new PTOKEN_PRIVILEGES(LUID.FromName(priv), PrivilegeAttributes.SE_PRIVILEGE_ENABLED);
+			prevState = PTOKEN_PRIVILEGES.GetAllocatedAndEmptyInstance();
+			var retLen = (uint)prevState.Size;
+			if (!AdjustTokenPrivileges(tok, false, newPriv, newPriv.SizeInBytes, prevState, ref retLen))
+				Win32Error.ThrowLastError();
+		}
+
+		public void Dispose()
+		{
+			var retLen = 0U;
+			AdjustTokenPrivileges(tok, false, prevState, (uint)prevState.Size, SafeCoTaskMemHandle.Null, ref retLen);
+			prevState.Dispose();
+			tok.Dispose();
+		}
+	}
 }

UnitTests/PInvoke/Security/Security.csproj

@@ -21,7 +21,7 @@
     <DefineConstants>DEBUG;TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
-    <PlatformTarget>x64</PlatformTarget>
+    <PlatformTarget>AnyCPU</PlatformTarget>
     <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
@@ -39,6 +39,7 @@
   </ItemGroup>
   <ItemGroup>
     <Compile Include="AdvApi32\AdvApi32Tests.cs" />
+    <Compile Include="AdvApi32\AuditTests.cs" />
     <Compile Include="AdvApi32\PSIDTests.cs" />
     <Compile Include="Authz\AuthzTests.cs" />
     <Compile Include="Secur32\SaslTests.cs" />
@@ -70,7 +71,7 @@
   <ItemGroup />
   <ItemGroup>
     <PackageReference Include="NUnit">
-      <Version>3.11.0</Version>
+      <Version>3.12.0</Version>
     </PackageReference>
     <PackageReference Include="NUnit3TestAdapter">
       <Version>3.13.0</Version>