nim-stew/tests/test_winacl.nim

# Copyright (c) 2020-2022 Status Research & Development GmbH
# Licensed and distributed under either of
#   * MIT license: http://opensource.org/licenses/MIT
#   * Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
# at your option. This file may not be copied, modified, or distributed except according to those terms.

{.used.}

import unittest2

when defined(windows):
  import ../stew/windows/acl
  const TestsCount = 50

suite "Windows security descriptor tests suite":
  test "File/Folder user-only ACL create/verify test":
    when defined(windows):
      proc performTest(path1: string, path2: string): IoResult[bool] =
        let path3 = path1 & "\\" & path1
        let path4 = path1 & "\\" & path2
        var sdd = ? createFoldersUserOnlySecurityDescriptor()
        var sdf = ? createFilesUserOnlySecurityDescriptor()
        # Create directory
        ? createPath(path1, secDescriptor = sdd.getDescriptor())
        # Create file outside of directory
        ? writeFile(path2, "TESTBLOB", secDescriptor = sdf.getDescriptor())
        # Create directory inside of directory
        ? createPath(path3, secDescriptor = sdd.getDescriptor())
        # Create file inside of directory
        ? writeFile(path4, "TESTLBOB", secDescriptor = sdf.getDescriptor())
        let res1 = ? checkCurrentUserOnlyACL(path1)
        let res2 = ? checkCurrentUserOnlyACL(path2)
        let res3 = ? checkCurrentUserOnlyACL(path3)
        let res4 = ? checkCurrentUserOnlyACL(path4)
        ? removeFile(path4)
        ? removeDir(path3)
        ? removeFile(path2)
        ? removeDir(path1)
        free(sdd)
        free(sdf)
        if res1 and res2 and res3 and res4:
          ok(true)
        else:
          err(IoErrorCode(UserErrorCode))
      check:
        performTest("testblob14", "testblob15").isOk()
    else:
      skip()

  test "Create/Verify multiple folders in user/config home directory":
    when defined(windows):
      proc performTest(directory: string): IoResult[void] =
        var sdd = ? createFoldersUserOnlySecurityDescriptor()
        var results = newSeq[bool](TestsCount)
        for i in 0 ..< TestsCount:
          let path = directory & "\\" & "ACLTEST" & $i
          ? createPath(path, secDescriptor = sdd.getDescriptor())
          results[i] = ? checkCurrentUserOnlyACL(path)
          ? removeDir(path)
        free(sdd)
        for chk in results:
          if not(chk):
            return err(IoErrorCode(UserErrorCode))
        ok()
      check:
        performTest(getHomePath().get()).isOk()
        performTest(getConfigPath().get()).isOk()
    else:
      skip()