Merge branch 'master' of https://github.com/dahall/Vanara

BITS/BackgroundCopyManager.cs

@@ -134,7 +134,10 @@ namespace Vanara.IO
 		/// <summary>Checks if the current user has administrator rights.</summary>
 		internal static bool IsCurrentUserAdministrator()
 		{
-			var wp = new WindowsPrincipal(WindowsIdentity.GetCurrent());
+			using var identity = WindowsIdentity.GetCurrent();
+
+			var wp = new WindowsPrincipal(identity);
+
 			return wp.IsInRole(WindowsBuiltInRole.Administrator);
 		}
 

PInvoke/Security/AdvApi32/PSID.cs

@@ -4,6 +4,7 @@ using System.Collections.Generic;
 using System.Diagnostics;
 using System.Linq;
 using System.Runtime.InteropServices;
+using System.Security.Principal;
 using Vanara.Extensions;
 using Vanara.InteropServices;
 using static Vanara.PInvoke.Kernel32;
@@ -54,7 +55,15 @@ namespace Vanara.PInvoke
 
 			/// <summary>Gets the SID for the current user</summary>
 			/// <value>The current user's SID.</value>
-			public static SafePSID Current => new SafePSID(System.Security.Principal.WindowsIdentity.GetCurrent().User);
+			public static SafePSID Current
+			{
+				get
+				{
+					using var identity = WindowsIdentity.GetCurrent();
+
+					return new SafePSID(identity.User);
+				}
+			}
 
 			/// <summary>A SID representing the Everyone Group (S-1-1-0).</summary>
 			public static SafePSID Everyone => CreateWellKnown(WELL_KNOWN_SID_TYPE.WinWorldSid);

Security/AccessControl/SystemSecurity.cs

@@ -308,7 +308,17 @@ namespace Vanara.Security.AccessControl
 			/// <param name="userName">Name of the user.</param>
 			public AccountPrivileges(SystemSecurity parent, string userName = null)
 			{
-				ctrl = parent; user = userName ?? WindowsIdentity.GetCurrent().Name;
+				ctrl = parent;
+
+				if (!string.IsNullOrEmpty(userName))
+					user = userName;
+
+				else
+				{
+					using var identity = WindowsIdentity.GetCurrent();
+
+					user = identity.Name;
+				}
 			}
 
 			/// <summary>Gets or sets the enablement of the specified privilege.</summary>
@@ -356,7 +366,18 @@ namespace Vanara.Security.AccessControl
 			/// <param name="userName">Name of the user.</param>
 			public LogonRights(SystemSecurity parent, string userName = null)
 			{
-				ctrl = parent; user = userName ?? WindowsIdentity.GetCurrent().Name;
+				ctrl = parent;
+
+				if (!string.IsNullOrEmpty(userName))
+					user = userName;
+
+				else
+				{
+					using var identity = WindowsIdentity.GetCurrent();
+
+					user = identity.Name;
+				}
+
 			}
 
 			/// <summary>Gets the logon rights for the current user.</summary>

Security/AccountUtils.cs

@@ -8,19 +8,22 @@ namespace Vanara.Security
 	{
 		public static bool IsAdmin(this WindowsIdentity id) => new WindowsPrincipal(id).IsInRole(WindowsBuiltInRole.Administrator);
 
+
 		public static bool IsServiceAccount(this WindowsIdentity id)
 		{
 			try
 			{
 				var acct = new NTAccount(id.Name);
-				var si = (SecurityIdentifier)acct.Translate(typeof(SecurityIdentifier));
-				return (si.IsWellKnown(WellKnownSidType.LocalSystemSid) || si.IsWellKnown(WellKnownSidType.NetworkServiceSid) ||
-						si.IsWellKnown(WellKnownSidType.LocalServiceSid));
+
+				var si = (SecurityIdentifier) acct.Translate(typeof(SecurityIdentifier));
+
+				return si.IsWellKnown(WellKnownSidType.LocalSystemSid) || si.IsWellKnown(WellKnownSidType.NetworkServiceSid) || si.IsWellKnown(WellKnownSidType.LocalServiceSid) || si.IsWellKnown(WellKnownSidType.ServiceSid);
 			}
 			catch { }
 			return false;
 		}
 
+
 		/// <summary>Runs the specified function as the impersonated Windows identity.</summary>
 		/// <param name="identity">The impersonated identity under which to run the function.</param>
 		/// <param name="func">The System.Func to run.</param>

UnitTests/BITS/JobPropTest.cs

@@ -1,5 +1,6 @@
 using NUnit.Framework;
 using System;
+using System.Security.Principal;
 
 namespace Vanara.IO.Tests
 {
@@ -89,7 +90,9 @@ namespace Vanara.IO.Tests
 			Assert.That(() => job.OnDemand = true, Throws.Nothing);
 			Assert.That(job.OnDemand, Is.EqualTo(true));
 
-			Assert.That(job.Owner, Is.EqualTo(System.Security.Principal.WindowsIdentity.GetCurrent().User));
+
+			using var identity = WindowsIdentity.GetCurrent();
+			Assert.That(job.Owner, Is.EqualTo(identity.User));
 
 			Assert.That(job.OwnerIntegrityLevel, Is.EqualTo(8192));
 

UnitTests/PInvoke/NetApi32/NetApi32Tests.cs

@@ -149,7 +149,10 @@ namespace Vanara.PInvoke.Tests
 			Assert.That(() => e.First(i => i.lgrpi0_name == val), Throws.Nothing);
 			var info = NetLocalGroupGetInfo<LOCALGROUP_INFO_1>(null, val);
 			Assert.That(info.lgrpi1_name, Is.EqualTo(val));
-			var sidmem = new SafeHGlobalHandle(System.Security.Principal.WindowsIdentity.GetCurrent().User.GetBytes());
+
+			using var identity = WindowsIdentity.GetCurrent();
+			var sidmem = new SafeHGlobalHandle(identity.User.GetBytes());
+
 			NetLocalGroupAddMembers(null, val, new[] { new LOCALGROUP_MEMBERS_INFO_0 { lgrmi0_sid = (IntPtr)sidmem } });
 			var m = NetLocalGroupGetMembers<LOCALGROUP_MEMBERS_INFO_3>(null, val);
 			Assert.That(m, Is.Not.Empty);

UnitTests/PInvoke/Security/AdvApi32/AuditTests.cs

@@ -17,7 +17,21 @@ namespace Vanara.PInvoke.Tests
 
 		public static IEnumerable<Guid> Categories => AuditEnumerateCategories();
 
-		public static SafePSID CurUserSid => pCurSid ?? (pCurSid = new SafePSID(WindowsIdentity.GetCurrent().User.GetBytes()));
+
+		public static SafePSID CurUserSid
+		{
+			get
+			{
+				if (null != pCurSid)
+					return pCurSid;
+
+
+				using var identity = WindowsIdentity.GetCurrent();
+
+				return pCurSid = new SafePSID(identity.User.GetBytes());
+			}
+		}
+
 
 		public static IEnumerable<PSID> PerUserPolicy => AuditEnumeratePerUserPolicy();
 
@@ -46,8 +60,11 @@ namespace Vanara.PInvoke.Tests
 		[Test()]
 		public void AuditComputeEffectivePolicyByTokenTest()
 		{
-			using (var hTok = new SafeHTOKEN(WindowsIdentity.GetCurrent().Token))
-				Assert.That(AuditComputeEffectivePolicyByToken(hTok, new[] { regAudit }), Is.Not.Empty);
+			using var identity = WindowsIdentity.GetCurrent();
+
+			using var hTok = new SafeHTOKEN(identity.Token);
+
+			Assert.That(AuditComputeEffectivePolicyByToken(hTok, new[] { regAudit }), Is.Not.Empty);
 		}
 
 		[Test]

UnitTests/PInvoke/UserEnv/CreateEnvironmentBlockTest_And_DestroyEnvironmentBlockTest.cs

@@ -0,0 +1,53 @@
+using NUnit.Framework;
+using System;
+using static Vanara.PInvoke.AdvApi32;
+using static Vanara.PInvoke.Kernel32;
+using static Vanara.PInvoke.UserEnv;
+
+namespace Vanara.PInvoke.Tests
+{
+	public partial class UserEnvTests
+	{
+		[Test]
+		public void CreateEnvironmentBlockTest_And_DestroyEnvironmentBlockTest()
+		{
+			SafeHTOKEN hToken;
+
+			using (hToken = SafeHTOKEN.FromProcess(GetCurrentProcess(), TokenAccess.TOKEN_IMPERSONATE | TokenAccess.TOKEN_DUPLICATE | TokenAccess.TOKEN_READ).Duplicate(SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation))
+			{
+				Assert.IsFalse(hToken.IsClosed);
+
+				Assert.That(CreateEnvironmentBlock(out var environmentBlock, hToken, false), ResultIs.Successful);
+
+
+				// Test all environment variables.
+
+				var allEnvironmentVariables = Environment.GetEnvironmentVariables();
+
+				foreach (var envVar in environmentBlock)
+				{
+					var envVarName = envVar.Split('=')[0];
+
+					if (allEnvironmentVariables.Contains(envVarName))
+					{
+						var envVarValue = Environment.GetEnvironmentVariable(envVarName);
+
+						Assert.AreEqual(allEnvironmentVariables[envVarName], envVarValue);
+
+						TestContext.WriteLine(envVar);
+					}
+
+					else
+					{
+						TestContext.WriteLine();
+						TestContext.WriteLine($"*** UNAVAILABLE: {envVar}");
+						TestContext.WriteLine();
+					}
+				}
+			}
+
+
+			Assert.IsTrue(hToken.IsClosed);
+		}
+	}
+}

UnitTests/PInvoke/UserEnv/UserEnv.csproj

@@ -44,6 +44,7 @@
     </PackageReference>
   </ItemGroup>
   <ItemGroup>
+    <Compile Include="CreateEnvironmentBlockTest_And_DestroyEnvironmentBlockTest.cs" />
     <Compile Include="UserEnvTests.cs" />
   </ItemGroup>
   <ItemGroup>

UnitTests/PInvoke/UserEnv/UserEnvTests.cs

@@ -1,19 +1,9 @@
 using NUnit.Framework;
-using static Vanara.PInvoke.AdvApi32;
-using static Vanara.PInvoke.Kernel32;
-using static Vanara.PInvoke.UserEnv;
 
 namespace Vanara.PInvoke.Tests
 {
-	public class UserEnvTests
+	[TestFixture()]
+	public partial class UserEnvTests
 	{
-		[Test]
-		public void CreateDestroyEnvironmentBlockTest()
-		{
-			using var hTok = SafeHTOKEN.FromProcess(GetCurrentProcess(), TokenAccess.TOKEN_IMPERSONATE | TokenAccess.TOKEN_DUPLICATE | TokenAccess.TOKEN_READ).Duplicate(SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation);
-			Assert.That(CreateEnvironmentBlock(out var env, hTok, false), ResultIs.Successful);
-			Assert.That(env, Has.Exactly(1).StartsWith("Path="));
-			TestContext.Write(string.Join("\r\n", env));
-		}
 	}
-}
+}

UnitTests/Security/AccessControl/SystemSecurityTests.cs

@@ -62,7 +62,11 @@ namespace Vanara.Security.AccessControl.Tests
 			using (ss = new SystemSecurity(SystemSecurity.DesiredAccess.LookupNames))
 			{
 				IList<SystemSecurity.SystemAccountInfo> sa = null;
-				Assert.That(() => sa = ss.GetAccountInfo(false, false, WindowsIdentity.GetCurrent().User, new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null)), Throws.Nothing);
+
+				using var identity = WindowsIdentity.GetCurrent();
+
+				Assert.That(() => sa = ss.GetAccountInfo(false, false, identity.User, new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null)), Throws.Nothing);
+
 				foreach (var sai in sa)
 					TestContext.WriteLine($"{sai.SidType}:{sai.Name}");
 			}