• Home
  • History
  • Annotate
  • Line#
  • Navigate
  • Raw
  • Download
  • only in /asuswrt-rt-n18u-9.0.0.4.380.2695/release/src/router/samba-3.5.8/source4/libcli/security/tests/
1#!/usr/bin/python
2
3# Unix SMB/CIFS implementation.
4# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
5#
6# This program is free software; you can redistribute it and/or modify
7# it under the terms of the GNU General Public License as published by
8# the Free Software Foundation; either version 3 of the License, or
9# (at your option) any later version.
10#
11# This program is distributed in the hope that it will be useful,
12# but WITHOUT ANY WARRANTY; without even the implied warranty of
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14# GNU General Public License for more details.
15#
16# You should have received a copy of the GNU General Public License
17# along with this program.  If not, see <http://www.gnu.org/licenses/>.
18#
19
20import unittest
21from samba.dcerpc import security
22
23class SecurityTokenTests(unittest.TestCase):
24    def setUp(self):
25        self.token = security.token()
26
27    def test_is_system(self):
28        self.assertFalse(self.token.is_system())
29
30    def test_is_anonymous(self):
31        self.assertFalse(self.token.is_anonymous())
32
33    def test_has_builtin_administrators(self):
34        self.assertFalse(self.token.has_builtin_administrators())
35
36    def test_has_nt_authenticated_users(self):
37        self.assertFalse(self.token.has_nt_authenticated_users())
38
39    def test_has_priv(self):
40        self.assertFalse(self.token.has_privilege(security.SEC_PRIV_SHUTDOWN))
41
42    def test_set_priv(self):
43        self.assertFalse(self.token.has_privilege(security.SEC_PRIV_SHUTDOWN))
44        self.assertFalse(self.token.set_privilege(security.SEC_PRIV_SHUTDOWN))
45        self.assertTrue(self.token.has_privilege(security.SEC_PRIV_SHUTDOWN))
46
47
48class SecurityDescriptorTests(unittest.TestCase):
49    def setUp(self):
50        self.descriptor = security.descriptor()
51
52    def test_from_sddl(self):
53        desc = security.descriptor.from_sddl("O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)", security.dom_sid("S-2-0-0"))
54        self.assertEquals(desc.group_sid, security.dom_sid('S-2-0-0-512'))
55        self.assertEquals(desc.owner_sid, security.dom_sid('S-1-5-32-548'))
56        self.assertEquals(desc.revision, 1)
57        self.assertEquals(desc.sacl, None)
58        self.assertEquals(desc.type, 0x8004)
59
60    def test_from_sddl_invalidsddl(self):
61        self.assertRaises(TypeError,security.descriptor.from_sddl, "foo",security.dom_sid("S-2-0-0"))
62
63    def test_from_sddl_invalidtype1(self):
64        self.assertRaises(TypeError,security.descriptor.from_sddl, security.dom_sid('S-2-0-0-512'),security.dom_sid("S-2-0-0"))
65
66    def test_from_sddl_invalidtype1(self):
67        sddl = "O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)"
68        self.assertRaises(TypeError,security.descriptor.from_sddl, sddl,"S-2-0-0")
69
70    def test_as_sddl(self):
71        text = "O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)"
72        dom = security.dom_sid("S-2-0-0")
73        desc1 = security.descriptor.from_sddl(text, dom)
74        desc2 = security.descriptor.from_sddl(desc1.as_sddl(dom), dom)
75        self.assertEquals(desc1.group_sid, desc2.group_sid)
76        self.assertEquals(desc1.owner_sid, desc2.owner_sid)
77        self.assertEquals(desc1.sacl, desc2.sacl)
78        self.assertEquals(desc1.type, desc2.type)
79
80    def test_as_sddl_invalid(self):
81        text = "O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)"
82        dom = security.dom_sid("S-2-0-0")
83        desc1 = security.descriptor.from_sddl(text, dom)
84        self.assertRaises(TypeError, desc1.as_sddl,text)
85
86
87    def test_as_sddl_no_domainsid(self):
88        dom = security.dom_sid("S-2-0-0")
89        text = "O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)"
90        desc1 = security.descriptor.from_sddl(text, dom)
91        desc2 = security.descriptor.from_sddl(desc1.as_sddl(), dom)
92        self.assertEquals(desc1.group_sid, desc2.group_sid)
93        self.assertEquals(desc1.owner_sid, desc2.owner_sid)
94        self.assertEquals(desc1.sacl, desc2.sacl)
95        self.assertEquals(desc1.type, desc2.type)
96
97    def test_domsid_nodomsid_as_sddl(self):
98        dom = security.dom_sid("S-2-0-0")
99        text = "O:AOG:DAD:(A;;RPWPCCDCLCSWRCWDWOGA;;;S-1-0-0)"
100        desc1 = security.descriptor.from_sddl(text, dom)
101        self.assertNotEqual(desc1.as_sddl(), desc1.as_sddl(dom))
102
103
104class DomSidTests(unittest.TestCase):
105    def test_parse_sid(self):
106        sid = security.dom_sid("S-1-5-21")
107        self.assertEquals("S-1-5-21", str(sid))
108
109    def test_sid_equal(self):
110        sid1 = security.dom_sid("S-1-5-21")
111        sid2 = security.dom_sid("S-1-5-21")
112        self.assertEquals(sid1, sid1)
113        self.assertEquals(sid1, sid2)
114
115    def test_random(self):
116        sid = security.random_sid()
117        self.assertTrue(str(sid).startswith("S-1-5-21-"))
118
119    def test_repr(self):
120        sid = security.random_sid()
121        self.assertTrue(repr(sid).startswith("dom_sid('S-1-5-21-"))
122
123
124class PrivilegeTests(unittest.TestCase):
125    def test_privilege_name(self):
126        self.assertEquals("SeShutdownPrivilege", security.privilege_name(security.SEC_PRIV_SHUTDOWN))
127
128    def test_privilege_id(self):
129        self.assertEquals(security.SEC_PRIV_SHUTDOWN, security.privilege_id("SeShutdownPrivilege"))
130
131