mirror of https://github.com/dahall/Vanara.git
Updated AdvApi32 tests
parent
9ca4cf1720
commit
5e7350a41a
|
@ -52,7 +52,7 @@ namespace Vanara.PInvoke.Tests
|
|||
var ps = PRIVILEGE_SET.InitializeWithCapacity(10);
|
||||
var psSz = ps.SizeInBytes;
|
||||
var gm = GENERIC_MAPPING.GenericFileMapping;
|
||||
var accessMask = (uint)Kernel32.FileAccess.GENERIC_READ;
|
||||
ACCESS_MASK accessMask = ACCESS_MASK.GENERIC_READ;
|
||||
MapGenericMask(ref accessMask, gm);
|
||||
var b = AccessCheck(pSD, hTok, accessMask, gm, ref ps, ref psSz, out var access, out var status);
|
||||
if (!b) TestContext.WriteLine($"AccessCheck failed: {Win32Error.GetLastError()}");
|
||||
|
|
|
@ -0,0 +1,156 @@
|
|||
using NUnit.Framework;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Security.Principal;
|
||||
using System.Threading;
|
||||
using Vanara.InteropServices;
|
||||
using static Vanara.PInvoke.AdvApi32;
|
||||
using static Vanara.PInvoke.Kernel32;
|
||||
|
||||
namespace Vanara.PInvoke.Tests
|
||||
{
|
||||
[TestFixture()]
|
||||
public class AuditTests
|
||||
{
|
||||
private PrivBlock secPriv;
|
||||
static SafePSID pCurSid;
|
||||
static readonly Guid regAudit = new Guid("0cce921e-69ae-11d9-bed3-505054503030");
|
||||
static readonly Guid objAccAudit = new Guid("6997984a-797a-11d9-bed3-505054503030");
|
||||
|
||||
[Test()]
|
||||
public void AuditComputeEffectivePolicyBySidTest()
|
||||
{
|
||||
Assert.That(AuditComputeEffectivePolicyBySid(CurUserSid, new[] { regAudit }), Is.Not.Empty);
|
||||
}
|
||||
|
||||
[Test()]
|
||||
public void AuditComputeEffectivePolicyByTokenTest()
|
||||
{
|
||||
using (var hTok = new SafeHTOKEN(WindowsIdentity.GetCurrent().Token))
|
||||
Assert.That(AuditComputeEffectivePolicyByToken(hTok, new[] { regAudit }), Is.Not.Empty);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditEnumerateCategoriesTest()
|
||||
{
|
||||
Assert.That(Categories, Is.Not.Empty);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditEnumeratePerUserPolicyTest()
|
||||
{
|
||||
Assert.That(AuditEnumeratePerUserPolicy(out var h), Is.True);
|
||||
Assert.That(h.IsInvalid, Is.False);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditEnumerateSubCategoriesTest()
|
||||
{
|
||||
Assert.That(SubCategories, Is.Not.Empty);
|
||||
Assert.That(GetSubCategories(Categories.First()), Is.Not.Empty);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditLookupCategoryGuidFromCategoryIdTest()
|
||||
{
|
||||
Assert.That(AuditLookupCategoryGuidFromCategoryId(POLICY_AUDIT_EVENT_TYPE.AuditCategoryObjectAccess, out var guid), Is.True);
|
||||
Assert.That(guid, Is.EqualTo(objAccAudit));
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditLookupCategoryIdFromCategoryGuidTest()
|
||||
{
|
||||
Assert.That(AuditLookupCategoryIdFromCategoryGuid(objAccAudit, out var cat), Is.True);
|
||||
Assert.That(cat, Is.EqualTo(POLICY_AUDIT_EVENT_TYPE.AuditCategoryObjectAccess));
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditLookupCategoryNameTest()
|
||||
{
|
||||
Assert.That(AuditLookupCategoryName(objAccAudit, out var name), Is.True);
|
||||
Assert.That(name.ToLower(), Contains.Substring("object"));
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditLookupSubCategoryNameTest()
|
||||
{
|
||||
Assert.That(AuditLookupSubCategoryName(regAudit, out var name), Is.True);
|
||||
Assert.That(name.ToLower(), Contains.Substring("registry"));
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditQuerySetGlobalSaclTest()
|
||||
{
|
||||
Assert.That(AuditQueryGlobalSacl("Key", out var orig), Is.True);
|
||||
|
||||
var psid = SafePSID.CreateWellKnown(WELL_KNOWN_SID_TYPE.WinWorldSid);
|
||||
var explAcc = new EXPLICIT_ACCESS
|
||||
{
|
||||
grfAccessMode = ACCESS_MODE.SET_AUDIT_SUCCESS,
|
||||
grfAccessPermissions = 0x20006 /* KEY_WRITE */,
|
||||
grfInheritance = INHERIT_FLAGS.NO_INHERITANCE,
|
||||
Trustee = new TRUSTEE(psid, TRUSTEE_TYPE.TRUSTEE_IS_WELL_KNOWN_GROUP)
|
||||
};
|
||||
SetEntriesInAcl(1, new[] { explAcc }, PACL.NULL, out var newAcl).ThrowIfFailed();
|
||||
Assert.That(AuditSetGlobalSacl("Key", newAcl), Is.True);
|
||||
|
||||
Assert.That(AuditSetGlobalSacl("Key", orig), Is.True);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditQuerySetPerUserPolicyTest()
|
||||
{
|
||||
AUDIT_POLICY_INFORMATION[] orig = null;
|
||||
Assert.That(() => orig = AuditQueryPerUserPolicy(CurUserSid, new[] { regAudit }).ToArray(), Throws.Nothing);
|
||||
|
||||
var api = new AUDIT_POLICY_INFORMATION { AuditSubCategoryGuid = regAudit, AuditingInformation = AuditCondition.PER_USER_AUDIT_SUCCESS_INCLUDE };
|
||||
Assert.That(AuditSetPerUserPolicy(CurUserSid, new[] { api }, 1), Is.True);
|
||||
Assert.That(AuditQueryPerUserPolicy(CurUserSid, new[] { regAudit }).ToArray(), Has.Length.EqualTo(1));
|
||||
|
||||
if (orig.Length == 0)
|
||||
api.AuditingInformation = AuditCondition.PER_USER_AUDIT_NONE;
|
||||
else
|
||||
api = orig[0];
|
||||
Assert.That(AuditSetPerUserPolicy(CurUserSid, new[] { api }, 1), Is.True);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditQuerySetSecurityTest()
|
||||
{
|
||||
Assert.That(AuditQuerySecurity(SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, out var sd), Is.True);
|
||||
Assert.That(sd.IsInvalid, Is.False);
|
||||
Assert.That(AuditSetSecurity(SECURITY_INFORMATION.SACL_SECURITY_INFORMATION, sd), Is.True);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuditQuerySetSystemPolicyTest()
|
||||
{
|
||||
AUDIT_POLICY_INFORMATION[] api = null;
|
||||
Assert.That(api = AuditQuerySystemPolicy(SubCategories.ToArray()).ToArray(), Is.Not.Empty);
|
||||
Assert.That(AuditSetSystemPolicy(api, (uint)api.Length), Is.True);
|
||||
}
|
||||
|
||||
[OneTimeSetUp]
|
||||
public void SetupTests()
|
||||
{
|
||||
secPriv = new PrivBlock("SeSecurityPrivilege");
|
||||
}
|
||||
|
||||
[OneTimeTearDown]
|
||||
public void TearDownTests()
|
||||
{
|
||||
secPriv?.Dispose();
|
||||
}
|
||||
|
||||
public static IEnumerable<Guid> Categories => AuditEnumerateCategories();
|
||||
|
||||
public static IEnumerable<PSID> PerUserPolicy => AuditEnumeratePerUserPolicy();
|
||||
|
||||
public static IEnumerable<Guid> SubCategories => AuditEnumerateSubCategories();
|
||||
|
||||
public static IEnumerable<Guid> GetSubCategories(Guid cat) => AuditEnumerateSubCategories(cat);
|
||||
|
||||
public static SafePSID CurUserSid => pCurSid ?? (pCurSid = new SafePSID(WindowsIdentity.GetCurrent().User.GetBytes()));
|
||||
}
|
||||
}
|
|
@ -331,7 +331,20 @@ namespace Vanara.PInvoke.Tests
|
|||
}
|
||||
}
|
||||
|
||||
private class PrivBlock : IDisposable
|
||||
[Test]
|
||||
public void AuthzSetAppContainerInformationTest()
|
||||
{
|
||||
using (var hRM = GetAuthzInitializeResourceManager())
|
||||
using (var hCtx = GetCurrentUserAuthContext(hRM))
|
||||
using (var localSid = ConvertStringSidToSid("S-1-2-0"))
|
||||
{
|
||||
var sids = new SID_AND_ATTRIBUTES { Sid = localSid, Attributes = (uint)GroupAttributes.SE_GROUP_ENABLED };
|
||||
Assert.That(AuthzSetAppContainerInformation(hCtx, localSid, 1, new[] { sids }), Is.True);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
internal class PrivBlock : IDisposable
|
||||
{
|
||||
SafeCoTaskMemHandle prevState;
|
||||
SafeHTOKEN tok;
|
||||
|
@ -354,17 +367,4 @@ namespace Vanara.PInvoke.Tests
|
|||
tok.Dispose();
|
||||
}
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuthzSetAppContainerInformationTest()
|
||||
{
|
||||
using (var hRM = GetAuthzInitializeResourceManager())
|
||||
using (var hCtx = GetCurrentUserAuthContext(hRM))
|
||||
using (var localSid = ConvertStringSidToSid("S-1-2-0"))
|
||||
{
|
||||
var sids = new SID_AND_ATTRIBUTES { Sid = localSid, Attributes = (uint)GroupAttributes.SE_GROUP_ENABLED };
|
||||
Assert.That(AuthzSetAppContainerInformation(hCtx, localSid, 1, new[] { sids }), Is.True);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -21,7 +21,7 @@
|
|||
<DefineConstants>DEBUG;TRACE</DefineConstants>
|
||||
<ErrorReport>prompt</ErrorReport>
|
||||
<WarningLevel>4</WarningLevel>
|
||||
<PlatformTarget>x64</PlatformTarget>
|
||||
<PlatformTarget>AnyCPU</PlatformTarget>
|
||||
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
|
||||
</PropertyGroup>
|
||||
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
|
||||
|
@ -39,6 +39,7 @@
|
|||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Compile Include="AdvApi32\AdvApi32Tests.cs" />
|
||||
<Compile Include="AdvApi32\AuditTests.cs" />
|
||||
<Compile Include="AdvApi32\PSIDTests.cs" />
|
||||
<Compile Include="Authz\AuthzTests.cs" />
|
||||
<Compile Include="Secur32\SaslTests.cs" />
|
||||
|
@ -70,7 +71,7 @@
|
|||
<ItemGroup />
|
||||
<ItemGroup>
|
||||
<PackageReference Include="NUnit">
|
||||
<Version>3.11.0</Version>
|
||||
<Version>3.12.0</Version>
|
||||
</PackageReference>
|
||||
<PackageReference Include="NUnit3TestAdapter">
|
||||
<Version>3.13.0</Version>
|
||||
|
|
Loading…
Reference in New Issue