mirror of https://github.com/dahall/Vanara.git
Merge branch 'master' of https://github.com/dahall/Vanara
commit
67046abd5a
|
@ -134,7 +134,10 @@ namespace Vanara.IO
|
|||
/// <summary>Checks if the current user has administrator rights.</summary>
|
||||
internal static bool IsCurrentUserAdministrator()
|
||||
{
|
||||
var wp = new WindowsPrincipal(WindowsIdentity.GetCurrent());
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
|
||||
var wp = new WindowsPrincipal(identity);
|
||||
|
||||
return wp.IsInRole(WindowsBuiltInRole.Administrator);
|
||||
}
|
||||
|
||||
|
|
|
@ -4,6 +4,7 @@ using System.Collections.Generic;
|
|||
using System.Diagnostics;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Security.Principal;
|
||||
using Vanara.Extensions;
|
||||
using Vanara.InteropServices;
|
||||
using static Vanara.PInvoke.Kernel32;
|
||||
|
@ -54,7 +55,15 @@ namespace Vanara.PInvoke
|
|||
|
||||
/// <summary>Gets the SID for the current user</summary>
|
||||
/// <value>The current user's SID.</value>
|
||||
public static SafePSID Current => new SafePSID(System.Security.Principal.WindowsIdentity.GetCurrent().User);
|
||||
public static SafePSID Current
|
||||
{
|
||||
get
|
||||
{
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
|
||||
return new SafePSID(identity.User);
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>A SID representing the Everyone Group (S-1-1-0).</summary>
|
||||
public static SafePSID Everyone => CreateWellKnown(WELL_KNOWN_SID_TYPE.WinWorldSid);
|
||||
|
|
|
@ -308,7 +308,17 @@ namespace Vanara.Security.AccessControl
|
|||
/// <param name="userName">Name of the user.</param>
|
||||
public AccountPrivileges(SystemSecurity parent, string userName = null)
|
||||
{
|
||||
ctrl = parent; user = userName ?? WindowsIdentity.GetCurrent().Name;
|
||||
ctrl = parent;
|
||||
|
||||
if (!string.IsNullOrEmpty(userName))
|
||||
user = userName;
|
||||
|
||||
else
|
||||
{
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
|
||||
user = identity.Name;
|
||||
}
|
||||
}
|
||||
|
||||
/// <summary>Gets or sets the enablement of the specified privilege.</summary>
|
||||
|
@ -356,7 +366,18 @@ namespace Vanara.Security.AccessControl
|
|||
/// <param name="userName">Name of the user.</param>
|
||||
public LogonRights(SystemSecurity parent, string userName = null)
|
||||
{
|
||||
ctrl = parent; user = userName ?? WindowsIdentity.GetCurrent().Name;
|
||||
ctrl = parent;
|
||||
|
||||
if (!string.IsNullOrEmpty(userName))
|
||||
user = userName;
|
||||
|
||||
else
|
||||
{
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
|
||||
user = identity.Name;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/// <summary>Gets the logon rights for the current user.</summary>
|
||||
|
|
|
@ -8,19 +8,22 @@ namespace Vanara.Security
|
|||
{
|
||||
public static bool IsAdmin(this WindowsIdentity id) => new WindowsPrincipal(id).IsInRole(WindowsBuiltInRole.Administrator);
|
||||
|
||||
|
||||
public static bool IsServiceAccount(this WindowsIdentity id)
|
||||
{
|
||||
try
|
||||
{
|
||||
var acct = new NTAccount(id.Name);
|
||||
var si = (SecurityIdentifier)acct.Translate(typeof(SecurityIdentifier));
|
||||
return (si.IsWellKnown(WellKnownSidType.LocalSystemSid) || si.IsWellKnown(WellKnownSidType.NetworkServiceSid) ||
|
||||
si.IsWellKnown(WellKnownSidType.LocalServiceSid));
|
||||
|
||||
var si = (SecurityIdentifier) acct.Translate(typeof(SecurityIdentifier));
|
||||
|
||||
return si.IsWellKnown(WellKnownSidType.LocalSystemSid) || si.IsWellKnown(WellKnownSidType.NetworkServiceSid) || si.IsWellKnown(WellKnownSidType.LocalServiceSid) || si.IsWellKnown(WellKnownSidType.ServiceSid);
|
||||
}
|
||||
catch { }
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/// <summary>Runs the specified function as the impersonated Windows identity.</summary>
|
||||
/// <param name="identity">The impersonated identity under which to run the function.</param>
|
||||
/// <param name="func">The System.Func to run.</param>
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
using NUnit.Framework;
|
||||
using System;
|
||||
using System.Security.Principal;
|
||||
|
||||
namespace Vanara.IO.Tests
|
||||
{
|
||||
|
@ -89,7 +90,9 @@ namespace Vanara.IO.Tests
|
|||
Assert.That(() => job.OnDemand = true, Throws.Nothing);
|
||||
Assert.That(job.OnDemand, Is.EqualTo(true));
|
||||
|
||||
Assert.That(job.Owner, Is.EqualTo(System.Security.Principal.WindowsIdentity.GetCurrent().User));
|
||||
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
Assert.That(job.Owner, Is.EqualTo(identity.User));
|
||||
|
||||
Assert.That(job.OwnerIntegrityLevel, Is.EqualTo(8192));
|
||||
|
||||
|
|
|
@ -149,7 +149,10 @@ namespace Vanara.PInvoke.Tests
|
|||
Assert.That(() => e.First(i => i.lgrpi0_name == val), Throws.Nothing);
|
||||
var info = NetLocalGroupGetInfo<LOCALGROUP_INFO_1>(null, val);
|
||||
Assert.That(info.lgrpi1_name, Is.EqualTo(val));
|
||||
var sidmem = new SafeHGlobalHandle(System.Security.Principal.WindowsIdentity.GetCurrent().User.GetBytes());
|
||||
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
var sidmem = new SafeHGlobalHandle(identity.User.GetBytes());
|
||||
|
||||
NetLocalGroupAddMembers(null, val, new[] { new LOCALGROUP_MEMBERS_INFO_0 { lgrmi0_sid = (IntPtr)sidmem } });
|
||||
var m = NetLocalGroupGetMembers<LOCALGROUP_MEMBERS_INFO_3>(null, val);
|
||||
Assert.That(m, Is.Not.Empty);
|
||||
|
|
|
@ -17,7 +17,21 @@ namespace Vanara.PInvoke.Tests
|
|||
|
||||
public static IEnumerable<Guid> Categories => AuditEnumerateCategories();
|
||||
|
||||
public static SafePSID CurUserSid => pCurSid ?? (pCurSid = new SafePSID(WindowsIdentity.GetCurrent().User.GetBytes()));
|
||||
|
||||
public static SafePSID CurUserSid
|
||||
{
|
||||
get
|
||||
{
|
||||
if (null != pCurSid)
|
||||
return pCurSid;
|
||||
|
||||
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
|
||||
return pCurSid = new SafePSID(identity.User.GetBytes());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
public static IEnumerable<PSID> PerUserPolicy => AuditEnumeratePerUserPolicy();
|
||||
|
||||
|
@ -46,8 +60,11 @@ namespace Vanara.PInvoke.Tests
|
|||
[Test()]
|
||||
public void AuditComputeEffectivePolicyByTokenTest()
|
||||
{
|
||||
using (var hTok = new SafeHTOKEN(WindowsIdentity.GetCurrent().Token))
|
||||
Assert.That(AuditComputeEffectivePolicyByToken(hTok, new[] { regAudit }), Is.Not.Empty);
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
|
||||
using var hTok = new SafeHTOKEN(identity.Token);
|
||||
|
||||
Assert.That(AuditComputeEffectivePolicyByToken(hTok, new[] { regAudit }), Is.Not.Empty);
|
||||
}
|
||||
|
||||
[Test]
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
using NUnit.Framework;
|
||||
using System;
|
||||
using static Vanara.PInvoke.AdvApi32;
|
||||
using static Vanara.PInvoke.Kernel32;
|
||||
using static Vanara.PInvoke.UserEnv;
|
||||
|
||||
namespace Vanara.PInvoke.Tests
|
||||
{
|
||||
public partial class UserEnvTests
|
||||
{
|
||||
[Test]
|
||||
public void CreateEnvironmentBlockTest_And_DestroyEnvironmentBlockTest()
|
||||
{
|
||||
SafeHTOKEN hToken;
|
||||
|
||||
using (hToken = SafeHTOKEN.FromProcess(GetCurrentProcess(), TokenAccess.TOKEN_IMPERSONATE | TokenAccess.TOKEN_DUPLICATE | TokenAccess.TOKEN_READ).Duplicate(SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation))
|
||||
{
|
||||
Assert.IsFalse(hToken.IsClosed);
|
||||
|
||||
Assert.That(CreateEnvironmentBlock(out var environmentBlock, hToken, false), ResultIs.Successful);
|
||||
|
||||
|
||||
// Test all environment variables.
|
||||
|
||||
var allEnvironmentVariables = Environment.GetEnvironmentVariables();
|
||||
|
||||
foreach (var envVar in environmentBlock)
|
||||
{
|
||||
var envVarName = envVar.Split('=')[0];
|
||||
|
||||
if (allEnvironmentVariables.Contains(envVarName))
|
||||
{
|
||||
var envVarValue = Environment.GetEnvironmentVariable(envVarName);
|
||||
|
||||
Assert.AreEqual(allEnvironmentVariables[envVarName], envVarValue);
|
||||
|
||||
TestContext.WriteLine(envVar);
|
||||
}
|
||||
|
||||
else
|
||||
{
|
||||
TestContext.WriteLine();
|
||||
TestContext.WriteLine($"*** UNAVAILABLE: {envVar}");
|
||||
TestContext.WriteLine();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Assert.IsTrue(hToken.IsClosed);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -44,6 +44,7 @@
|
|||
</PackageReference>
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Compile Include="CreateEnvironmentBlockTest_And_DestroyEnvironmentBlockTest.cs" />
|
||||
<Compile Include="UserEnvTests.cs" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
|
|
|
@ -1,19 +1,9 @@
|
|||
using NUnit.Framework;
|
||||
using static Vanara.PInvoke.AdvApi32;
|
||||
using static Vanara.PInvoke.Kernel32;
|
||||
using static Vanara.PInvoke.UserEnv;
|
||||
|
||||
namespace Vanara.PInvoke.Tests
|
||||
{
|
||||
public class UserEnvTests
|
||||
[TestFixture()]
|
||||
public partial class UserEnvTests
|
||||
{
|
||||
[Test]
|
||||
public void CreateDestroyEnvironmentBlockTest()
|
||||
{
|
||||
using var hTok = SafeHTOKEN.FromProcess(GetCurrentProcess(), TokenAccess.TOKEN_IMPERSONATE | TokenAccess.TOKEN_DUPLICATE | TokenAccess.TOKEN_READ).Duplicate(SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation);
|
||||
Assert.That(CreateEnvironmentBlock(out var env, hTok, false), ResultIs.Successful);
|
||||
Assert.That(env, Has.Exactly(1).StartsWith("Path="));
|
||||
TestContext.Write(string.Join("\r\n", env));
|
||||
}
|
||||
}
|
||||
}
|
|
@ -62,7 +62,11 @@ namespace Vanara.Security.AccessControl.Tests
|
|||
using (ss = new SystemSecurity(SystemSecurity.DesiredAccess.LookupNames))
|
||||
{
|
||||
IList<SystemSecurity.SystemAccountInfo> sa = null;
|
||||
Assert.That(() => sa = ss.GetAccountInfo(false, false, WindowsIdentity.GetCurrent().User, new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null)), Throws.Nothing);
|
||||
|
||||
using var identity = WindowsIdentity.GetCurrent();
|
||||
|
||||
Assert.That(() => sa = ss.GetAccountInfo(false, false, identity.User, new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null)), Throws.Nothing);
|
||||
|
||||
foreach (var sai in sa)
|
||||
TestContext.WriteLine($"{sai.SidType}:{sai.Name}");
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue