def test_security_SD ():
hFile = handle (TEST_FILE)
try:
sa = win32security.GetSecurityInfo (hFile, win32security.SE_FILE_OBJECT, OPTIONS)
assert equal (sa, security.security (sa, options=OPTIONS))
finally:
hFile.Close ()
def test_Security_set_sacl_none(self):
s = security.security()
s.sacl = None
assert s.pyobject().GetSecurityDescriptorSacl() is None
sd = win32security.SECURITY_DESCRIPTOR()
sd.SetSecurityDescriptorSacl(1, None, 0)
assert equal(sd, s)
def test_Security_set_sacl_none (): s = security.security () s.sacl = None assert s.pyobject ().GetSecurityDescriptorSacl () is None sd = win32security.SECURITY_DESCRIPTOR () sd.SetSecurityDescriptorSacl (1, None, 0) assert equal (sd, s)
def test_Security_set_owner ():
administrator = security.principal ("Administrator")
s = security.security ()
s.owner = "Administrator"
assert s.owner == administrator
sd = win32security.SECURITY_DESCRIPTOR ()
sd.SetSecurityDescriptorOwner (administrator.pyobject (), 0)
assert equal (sd, s)
def test_Security_set_group ():
everyone = security.principal ("Everyone")
s = security.security ()
s.group = "Everyone"
assert s.group == everyone
sd = win32security.SECURITY_DESCRIPTOR ()
sd.SetSecurityDescriptorGroup (everyone.pyobject (), 0)
assert equal (sd, s)
def test_security_SD():
hFile = handle(TEST_FILE)
try:
sa = win32security.GetSecurityInfo(hFile, win32security.SE_FILE_OBJECT,
OPTIONS)
assert equal(sa, security.security(sa, options=OPTIONS))
finally:
hFile.Close()
def test_Security_set_owner(self):
administrator = security.principal("Administrator")
s = security.security()
s.owner = "Administrator"
assert s.owner == administrator
sd = win32security.SECURITY_DESCRIPTOR()
sd.SetSecurityDescriptorOwner(administrator.pyobject(), 0)
assert equal(sd, s)
def test_Security_set_group(self):
everyone = security.principal("Everyone")
s = security.security()
s.group = "Everyone"
assert s.group == everyone
sd = win32security.SECURITY_DESCRIPTOR()
sd.SetSecurityDescriptorGroup(everyone.pyobject(), 0)
assert equal(sd, s)
def test_security_string_event ():
hEvent = win32event.CreateEvent (None, 0, 0, GUID)
try:
assert equal (
win32security.GetNamedSecurityInfo (GUID, win32security.SE_KERNEL_OBJECT, OPTIONS),
security.security (GUID, security.SE_OBJECT_TYPE.KERNEL_OBJECT, options=OPTIONS)
)
finally:
hEvent.Close ()
def test_security_HANDLE_no_type ():
hFile = handle (TEST_FILE)
try:
assert equal (
win32security.GetSecurityInfo (hFile, win32security.SE_FILE_OBJECT, OPTIONS),
security.security (hFile, options=OPTIONS)
)
finally:
hFile.Close ()
def test_Security_set_sacl_empty (): s = security.security () s.sacl = [] assert len (s.sacl) == 0 assert s.pyobject ().GetSecurityDescriptorSacl ().GetAceCount () == 0 sd = win32security.SECURITY_DESCRIPTOR () acl = win32security.ACL () sd.SetSecurityDescriptorSacl (1, acl, 0) assert equal (sd, s)
def test_Security_break_sacl_inheritance_no_copy (): s = security.security (TEST_FILE, options=OPTIONS) assert s.sacl.inherited s.break_inheritance (copy_first=False, break_dacl=False, break_sacl=True) s.to_object () sd = win32security.GetNamedSecurityInfo (TEST_FILE, win32security.SE_FILE_OBJECT, OPTIONS) assert (sd.GetSecurityDescriptorControl ()[0] & win32security.SE_SACL_PROTECTED) assert (not sd.GetSecurityDescriptorControl ()[0] & win32security.SE_DACL_PROTECTED) assert sd.GetSecurityDescriptorSacl ().GetAceCount () == 0
def test_Security_set_sacl_empty(self):
s = security.security()
s.sacl = []
assert len(s.sacl) == 0
assert s.pyobject().GetSecurityDescriptorSacl().GetAceCount() == 0
sd = win32security.SECURITY_DESCRIPTOR()
acl = win32security.ACL()
sd.SetSecurityDescriptorSacl(1, acl, 0)
assert equal(sd, s)
def test_security_HANDLE_no_type():
hFile = handle(TEST_FILE)
try:
assert equal(
win32security.GetSecurityInfo(hFile, win32security.SE_FILE_OBJECT,
OPTIONS),
security.security(hFile, options=OPTIONS))
finally:
hFile.Close()
def test_security_HANDLE_file_type(self):
with self.test_file() as TEST_FILE:
hFile = handle(TEST_FILE)
try:
assert equal(
win32security.GetSecurityInfo(hFile, win32security.SE_FILE_OBJECT, OPTIONS),
security.security(hFile, security.SE_OBJECT_TYPE.FILE_OBJECT, options=OPTIONS)
)
finally:
hFile.Close()
def test_security_string_event(self):
hEvent = win32event.CreateEvent(None, 0, 0, self.GUID)
try:
assert equal(
win32security.GetNamedSecurityInfo(
self.GUID, win32security.SE_KERNEL_OBJECT, OPTIONS),
security.security(self.GUID,
security.SE_OBJECT_TYPE.KERNEL_OBJECT,
options=OPTIONS))
finally:
hEvent.Close()
def test_Security_break_dacl_inheritance_copy(self):
with self.test_file() as TEST_FILE:
s = security.security(TEST_FILE, options=OPTIONS)
n_aces = len(s.dacl)
assert s.dacl.inherited
s.break_inheritance(copy_first=True, break_dacl=True, break_sacl=False)
s.to_object()
sd = win32security.GetNamedSecurityInfo(TEST_FILE, win32security.SE_FILE_OBJECT, OPTIONS)
assert(sd.GetSecurityDescriptorControl()[0] & win32security.SE_DACL_PROTECTED)
assert(not sd.GetSecurityDescriptorControl()[0] & win32security.SE_SACL_PROTECTED)
assert sd.GetSecurityDescriptorDacl().GetAceCount() == n_aces
def test_Security_add_to_dacl_simple():
administrator = security.principal("Administrator")
s = security.security()
s.dacl = []
s.dacl.append(("Administrator", "F", "ALLOW"))
sd = win32security.SECURITY_DESCRIPTOR()
dacl = win32security.ACL()
dacl.AddAccessAllowedAceEx(win32security.ACL_REVISION_DS,
security.DACE.FLAGS, ntsecuritycon.GENERIC_ALL,
administrator.pyobject())
sd.SetSecurityDescriptorDacl(1, dacl, 0)
assert equal(sd, s)
def test_Security_add_to_sacl_simple():
administrator = security.principal("Administrator")
s = security.security()
s.sacl = []
s.sacl.append(("Administrator", "F", "SUCCESS"))
sd = win32security.SECURITY_DESCRIPTOR()
sacl = win32security.ACL()
sacl.AddAuditAccessAceEx(win32security.ACL_REVISION_DS,
security.SACE.FLAGS, ntsecuritycon.GENERIC_ALL,
administrator.pyobject(), 1, 0)
sd.SetSecurityDescriptorSacl(1, sacl, 0)
assert equal(sd, s)
def test_Security_break_dacl_inheritance_no_copy (): filepath = test_file () print "AceCount before", win32security.GetNamedSecurityInfo (filepath, win32security.SE_FILE_OBJECT, OPTIONS).GetSecurityDescriptorDacl ().GetAceCount () s = security.security (filepath, options=OPTIONS) assert s.dacl.inherited s.break_inheritance (copy_first=False, break_dacl=True, break_sacl=False) print "dacl", s.dacl.dumped () s.to_object () sd = win32security.GetNamedSecurityInfo (filepath, win32security.SE_FILE_OBJECT, OPTIONS) print "AceCount", sd.GetSecurityDescriptorDacl ().GetAceCount () assert (sd.GetSecurityDescriptorControl ()[0] & win32security.SE_DACL_PROTECTED) assert (not sd.GetSecurityDescriptorControl ()[0] & win32security.SE_SACL_PROTECTED) assert sd.GetSecurityDescriptorDacl ().GetAceCount () == 0
def test_Security_break_sacl_inheritance_no_copy():
s = security.security(TEST_FILE, options=OPTIONS)
assert s.sacl.inherited
s.break_inheritance(copy_first=False, break_dacl=False, break_sacl=True)
s.to_object()
sd = win32security.GetNamedSecurityInfo(TEST_FILE,
win32security.SE_FILE_OBJECT,
OPTIONS)
assert (sd.GetSecurityDescriptorControl()[0]
& win32security.SE_SACL_PROTECTED)
assert (not sd.GetSecurityDescriptorControl()[0]
& win32security.SE_DACL_PROTECTED)
assert sd.GetSecurityDescriptorSacl().GetAceCount() == 0
def test_security_HANDLE_file_type(self):
with self.test_file() as TEST_FILE:
hFile = handle(TEST_FILE)
try:
assert equal(
win32security.GetSecurityInfo(hFile,
win32security.SE_FILE_OBJECT,
OPTIONS),
security.security(hFile,
security.SE_OBJECT_TYPE.FILE_OBJECT,
options=OPTIONS))
finally:
hFile.Close()
def test_Security_break_dacl_inheritance_no_copy(self):
with self.test_file() as filepath:
s = security.security(filepath, options=OPTIONS)
assert s.dacl.inherited
s.break_inheritance(copy_first=False,
break_dacl=True,
break_sacl=False)
s.to_object()
sd = win32security.GetNamedSecurityInfo(
filepath, win32security.SE_FILE_OBJECT, OPTIONS)
assert (sd.GetSecurityDescriptorControl()[0]
& win32security.SE_DACL_PROTECTED)
assert (not sd.GetSecurityDescriptorControl()[0]
& win32security.SE_SACL_PROTECTED)
assert sd.GetSecurityDescriptorDacl().GetAceCount() == 0
def test_Security_add_to_dacl_simple ():
administrator = security.principal ("Administrator")
s = security.security ()
s.dacl = []
s.dacl.append (("Administrator", "F", "ALLOW"))
sd = win32security.SECURITY_DESCRIPTOR ()
dacl = win32security.ACL ()
dacl.AddAccessAllowedAceEx (
win32security.ACL_REVISION_DS,
security.DACE.FLAGS,
ntsecuritycon.GENERIC_ALL,
administrator.pyobject ()
)
sd.SetSecurityDescriptorDacl (1, dacl, 0)
assert equal (sd, s)
def test_Security_break_dacl_inheritance_no_copy(self):
#
# This is currently failing because, within the test folder,
# the file created doesn't have inherited ACEs at the point
# at which the inheritance is broken. Since unherited ACEs are
# copied regardless, the test fails.
#
with self.test_file() as filepath:
s = security.security(filepath, options=OPTIONS)
assert s.dacl.inherited
s.break_inheritance(copy_first=False, break_dacl=True, break_sacl=False)
s.to_object()
sd = win32security.GetNamedSecurityInfo(filepath, win32security.SE_FILE_OBJECT, OPTIONS)
self.assertTrue(sd.GetSecurityDescriptorControl()[0] & win32security.SE_DACL_PROTECTED)
self.assertTrue(not sd.GetSecurityDescriptorControl()[0] & win32security.SE_SACL_PROTECTED)
self.assertEqual(sd.GetSecurityDescriptorDacl().GetAceCount(), 0)
def test_Security_add_to_sacl_simple ():
administrator = security.principal ("Administrator")
s = security.security ()
s.sacl = []
s.sacl.append (("Administrator", "F", "SUCCESS"))
sd = win32security.SECURITY_DESCRIPTOR ()
sacl = win32security.ACL ()
sacl.AddAuditAccessAceEx (
win32security.ACL_REVISION_DS,
security.SACE.FLAGS,
ntsecuritycon.GENERIC_ALL,
administrator.pyobject (),
1, 0
)
sd.SetSecurityDescriptorSacl (1, sacl, 0)
assert equal (sd, s)
def test_Security_break_dacl_inheritance_no_copy(self):
#
# This is currently failing because, within the test folder,
# the file created doesn't have inherited ACEs at the point
# at which the inheritance is broken. Since unherited ACEs are
# copied regardless, the test fails.
#
with self.test_file() as filepath:
s = security.security(filepath, options=OPTIONS)
assert s.dacl.inherited
s.break_inheritance(copy_first=False,
break_dacl=True,
break_sacl=False)
s.to_object()
sd = win32security.GetNamedSecurityInfo(
filepath, win32security.SE_FILE_OBJECT, OPTIONS)
self.assertTrue(sd.GetSecurityDescriptorControl()[0]
& win32security.SE_DACL_PROTECTED)
self.assertTrue(not sd.GetSecurityDescriptorControl()[0]
& win32security.SE_SACL_PROTECTED)
self.assertEqual(sd.GetSecurityDescriptorDacl().GetAceCount(), 0)
def test_Security_set_owner_none (): s = security.security () s.owner = None s.owner
def test_Security_set_group_none (): s = security.security () s.group = None s.group
def test_Security_set_group_none():
s = security.security()
s.group = None
s.group
def test_security_string_no_type(self):
with self.test_file() as TEST_FILE:
assert equal(
win32security.GetNamedSecurityInfo(
TEST_FILE, win32security.SE_FILE_OBJECT, OPTIONS),
security.security(TEST_FILE, options=OPTIONS))
def test_security_Security(self):
s = security.Security()
assert security.security(s) is s
def test_security_None(self):
assert security.security(None) is None
def test_Security_set_owner_none(self):
with self.assertRaises(security.x_value_not_set):
s = security.security()
s.owner = None
s.owner
def test_security_nonsense(self):
with self.assertRaises(security.x_security):
security.security(object)
def test_security_string_no_type ():
assert equal (
win32security.GetNamedSecurityInfo (TEST_FILE, win32security.SE_FILE_OBJECT, OPTIONS),
security.security (TEST_FILE, options=OPTIONS)
)
def test_Security_no_sacl(self):
with self.assertRaises(security.x_value_not_set):
security.security().sacl
def test_security_None (): assert security.security (None) is None
def test_security_Security (): s = security.Security () assert security.security (s) is s
def test_Security_no_sacl (): security.security ().sacl
from winsys import dialogs, security
[filename] = dialogs.dialog("Choose file", ("Filename", ""))
security.security(filename).dump()
def test_security_nonsense (): security.security (object)
def test_security_default(self):
assert security.security() == security.Security()
def test_Security_set_group_none(self):
with self.assertRaises(security.x_value_not_set):
s = security.security()
s.group = None
s.group
def test_Security_no_dacl (): security.security ().dacl
def test_Security_no_group (): security.security ().group
def test_security_nonsense():
security.security(object)
def test_security_default (): assert security.security () == security.Security ()
def test_Security_no_sacl(self):
with self.assertRaises(security.x_value_not_set):
security.security().sacl
def test_Security_no_owner():
security.security().owner
def test_Security_set_group_none(self):
with self.assertRaises(security.x_value_not_set):
s = security.security()
s.group = None
s.group
def test_Security_no_group():
security.security().group
def test_Security_no_dacl():
security.security().dacl
def test_Security_no_sacl():
security.security().sacl
def test_Security_set_owner_none(self):
with self.assertRaises(security.x_value_not_set):
s = security.security()
s.owner = None
s.owner
def test_Security_set_owner_none():
s = security.security()
s.owner = None
s.owner
import sys
from winsys import fs, security
for dace in security.security(sys.executable).dacl:
print dace.trustee, fs.FILE_ACCESS.names_from_value(dace.access)
def test_Security_no_owner (): security.security ().owner