windows-nt/Source/XPSP1/NT/com/oleutest/accctrl/tstsuite/test7.in

51 lines
1.2 KiB
Plaintext
Raw Permalink Normal View History

2020-09-26 03:20:57 -05:00
# -
# This test makes sure that DENY_ACCESS ACE has a higher precedence over GRANT_ACCESS ACE
# -
# Initialize a new ACL
Exec InitNewACL
# Set the current trustee to rayland\actest1 and add it to the local access request list
Set TrusteeName rayland\actest1
ToggleAccessPerm COM_RIGHTS_EXECUTE
AddTrustee AccessRequestList
# Call GrantAccessRights
Exec GrantAccessRights
# Chicage client's security context
SwitchClientCtx
actest1
rayland
# Call IsAccessPermitted
Exec IsAccessPermitted
# Call IsAccessPermitted again to see if the caching mechanism works
Exec IsAccessPermitted
# Destroy the old access request list
Destroy AccessRequestList
# Set the current trustee to rayland\actestgroup1 and add it to the local access request list
Set TrusteeName rayland\actestgroup1
Set TrusteeType TRUSTEE_IS_GROUP
AddTrustee AccessRequestList
# Call DenyAccessRights
Exec DenyAccessRights
# Change the current trustee back to rayland\actest1
Set TrusteeName rayland\actest1
Set TrusteeType TRUSTEE_IS_USER
# Call IsAccessPermitted, rayland\actest1 should eb denied access by now
Exec IsAccessPermitted
# Retrieve the ACL fromt he IAccessControl object
Exec GetExplicitAccessRights
# Kill the server
Quit