save work

microsoft · ryfu-msft · Jun 14, 2024 · May 15, 2024 · May 15, 2024 · May 15, 2024
commit 7c20b63fda7548b98a81fb2df167c8c2c11748f7
@@ -15,19 +15,19 @@ namespace AppInstaller::CLI::ConfigurationRemoting
     namespace anonymous
     {
 #ifndef DISABLE_TEST_HOOKS
-        constexpr std::wstring_view DisableRunAsGuid = L"1e62d683-2999-44e7-81f7-6f8f35e8d731";
-        constexpr std::wstring_view DisableSerialization = L"02f64b7d-6c2e-43fa-87dd-1f265800681d";
+        constexpr std::wstring_view DisableRunAsTestGuid = L"1e62d683-2999-44e7-81f7-6f8f35e8d731";
+        constexpr std::wstring_view DisableHighIntegritySetSerializationTestGuid = L"02f64b7d-6c2e-43fa-87dd-1f265800681d";
 
-        // Checks for a specific guid to control the behavior of a specific flow.
-        bool GetBehaviorForTestGuid(ConfigurationSet configurationSet, const std::wstring_view& testGuid)
+        // Checks the configuration set metadata for a specific test guid that controls the behavior flow.
+        bool GetTestBehavior(const ConfigurationSet& configurationSet, const std::wstring_view& testGuid)
         {
-            auto disableRunAsBehavior = configurationSet.Metadata().TryLookup(testGuid);
-            if (disableRunAsBehavior)
+            auto testBehavior = configurationSet.Metadata().TryLookup(testGuid);
+            if (testBehavior)
             {
-                auto disableRunAsProperty = disableRunAsBehavior.try_as<IPropertyValue>();
-                if (disableRunAsProperty && disableRunAsProperty.Type() == PropertyType::Boolean)
+                auto testBehaviorProperty = testBehavior.try_as<IPropertyValue>();
+                if (testBehaviorProperty && testBehaviorProperty.Type() == PropertyType::Boolean)
                 {
-                    return disableRunAsProperty.GetBoolean();
+                    return testBehaviorProperty.GetBoolean();
                 }
             }
 
@@ -161,7 +161,13 @@ namespace AppInstaller::CLI::ConfigurationRemoting
 
                 for (auto unit : units) 
                 {
-                    if (unit.IsActive() && GetIntegrityLevelForUnit(unit) == Security::IntegrityLevel::High)
+                    if (unit.IsActive() && GetIntegrityLevelForUnit(unit) == Security::IntegrityLevel::High &&
+#ifndef DISABLE_TEST_HOOKS
+                        !GetTestBehavior(m_configurationSet, DisableHighIntegritySetSerializationTestGuid)
+#elif
+                        true
+#endif
+                        )
                     {
                         highIntegrityUnits.emplace_back(unit);
                     }
@@ -196,7 +202,7 @@ namespace AppInstaller::CLI::ConfigurationRemoting
                     bool useRunAs = true;
 
 #ifndef DISABLE_TEST_HOOKS
-                    if (GetBehaviorForTestGuid(m_configurationSet, DisableRunAsGuid))
+                    if (GetTestBehavior(m_configurationSet, DisableRunAsTestGuid))
                     {
                         useRunAs = false;
                     }

diff --git a/src/AppInstallerCLICore/ConfigurationSetProcessorFactoryRemoting.cpp b/src/AppInstallerCLICore/ConfigurationSetProcessorFactoryRemoting.cpp
@@ -190,16 +190,9 @@ namespace AppInstaller::CLI::ConfigurationRemoting
                 execInfo.lpParameters = arguments.c_str();
                 execInfo.nShow = SW_HIDE;
 
-                if (useRunAs &&
-#ifndef DISABLE_TEST_HOOKS // Always set to false so that userunAs is never included for unit tests.
-                    true
-#elif
-                    true
-#endif
-                )
+                if (useRunAs)
                 {
                     execInfo.lpVerb = L"runas";
-                    AICLI_LOG(Config, Verbose, << "Process set with runas verb.");
                 }
 
                 THROW_LAST_ERROR_IF(!ShellExecuteExW(&execInfo) || !execInfo.hProcess);
@@ -332,6 +325,7 @@ namespace AppInstaller::CLI::ConfigurationRemoting
 
     IConfigurationSetProcessorFactory CreateOutOfProcessFactory(bool useRunAs, const std::string& properties, const std::string& restrictions)
     {
+        AICLI_LOG(CLI, Info, << restrictions);
         return winrt::make<RemoteFactory>(useRunAs, properties, restrictions);
     }
 }

diff --git a/src/AppInstallerCLITests/TestHooks.h b/src/AppInstallerCLITests/TestHooks.h
@@ -234,4 +234,4 @@ namespace TestHook
     private:
         AppInstaller::Authentication::AuthenticationResult m_authResult;
     };
-}
+}
@@ -1,4 +1,4 @@
-// -----------------------------------------------------------------------------
+// -----------------------------------------------------------------------------
 // <copyright file="Constants.cs" company="Microsoft Corporation">
 //     Copyright (c) Microsoft Corporation. Licensed under the MIT License.
 // </copyright>
@@ -20,5 +20,20 @@ public class Constants
         /// The namespace where xUnit traits will be defined.
         /// </summary>
         public const string NamespaceNameForTraits = "Microsoft.Management.Configuration.UnitTests.Helpers";
+
+        /// <summary>
+        /// The dynamic runtime factory handler identifier.
+        /// </summary>
+        public const string DynamicRuntimeHandlerIdentifier = "{73fea39f-6f4a-41c9-ba94-6fd14d633e40}";
+
+        /// <summary>
+        /// Test guid for disabling the dynamic factory from setting the 'RunAs' start process verb.
+        /// </summary>
+        public const string DisableRunAsTestGuid = "1e62d683-2999-44e7-81f7-6f8f35e8d731";
+
+        /// <summary>
+        /// Test guid for disabling the serialization of high integrity units.
+        /// </summary>
+        public const string DisableHighIntegriySerializationTestGuid = "02f64b7d-6c2e-43fa-87dd-1f265800681d";
     }
 }
@@ -7,13 +7,7 @@
 namespace Microsoft.Management.Configuration.UnitTests.Tests
 {
     using System;
-    using System.Collections.Generic;
-    using System.IO;
-    using System.Linq;
-    using System.Threading;
     using System.Threading.Tasks;
-    using Microsoft.CodeAnalysis;
-    using Microsoft.Management.Configuration.Processor.Set;
     using Microsoft.Management.Configuration.UnitTests.Fixtures;
     using Microsoft.Management.Configuration.UnitTests.Helpers;
     using Microsoft.VisualBasic;
@@ -54,34 +48,43 @@ public async Task ApplyUnitsWithMixedElevation()
             Version version = new Version("0.0.0.1");
 
             ConfigurationSet configurationSet = this.ConfigurationSet();
+            configurationSet.Metadata.Add(Helpers.Constants.DisableRunAsTestGuid, true);
 
-            ConfigurationUnit configurationUnit1 = this.ConfigurationUnit();
-            configurationUnit1.Metadata.Add("securityContext", "elevated");
-            configurationUnit1.Metadata.Add("version", version.ToString());
-            configurationUnit1.Metadata.Add("module", moduleName);
-            configurationUnit1.Metadata.Add("secretCode", "123456789");
-            configurationUnit1.Type = resourceName;
-            configurationUnit1.Intent = ConfigurationUnitIntent.Apply;
+            ConfigurationUnit elevationRequiredUnit = this.ConfigurationUnit();
+            elevationRequiredUnit.Metadata.Add("securityContext", "elevated");
+            elevationRequiredUnit.Metadata.Add("version", version.ToString());
+            elevationRequiredUnit.Metadata.Add("module", moduleName);
+            elevationRequiredUnit.Metadata.Add("secretCode", "123456789");
+            elevationRequiredUnit.Type = resourceName;
+            elevationRequiredUnit.Intent = ConfigurationUnitIntent.Apply;
 
-            ConfigurationUnit configurationUnit2 = this.ConfigurationUnit();
-            configurationUnit2.Metadata.Add("version", version.ToString());
-            configurationUnit2.Metadata.Add("module", moduleName);
-            configurationUnit2.Metadata.Add("secretCode", "123456789");
-            configurationUnit2.Type = resourceName;
-            configurationUnit2.Intent = ConfigurationUnitIntent.Apply;
+            ConfigurationUnit unit = this.ConfigurationUnit();
+            unit.Metadata.Add("version", version.ToString());
+            unit.Metadata.Add("module", moduleName);
+            unit.Metadata.Add("secretCode", "123456789");
+            unit.Type = resourceName;
+            unit.Intent = ConfigurationUnitIntent.Apply;
 
-            configurationSet.Units = new ConfigurationUnit[] { configurationUnit1, configurationUnit2 };
+            configurationSet.Units = new ConfigurationUnit[] { elevationRequiredUnit, unit };
 
-            IConfigurationSetProcessorFactory dynamicFactory = await this.fixture.ConfigurationStatics.CreateConfigurationSetProcessorFactoryAsync("{73fea39f-6f4a-41c9-ba94-6fd14d633e40}");
+            IConfigurationSetProcessorFactory dynamicFactory = await this.fixture.ConfigurationStatics.CreateConfigurationSetProcessorFactoryAsync(Helpers.Constants.DynamicRuntimeHandlerIdentifier);
 
             ConfigurationProcessor processor = this.CreateConfigurationProcessorWithDiagnostics(dynamicFactory);
 
-            TestConfigurationSetResult result = processor.TestSet(configurationSet);
+            ApplyConfigurationSetResult result = processor.ApplySet(configurationSet, ApplyConfigurationSetFlags.None);
             Assert.NotNull(result);
-            Assert.Equal(1, result.UnitResults.Count);
-
-            ApplyConfigurationSetResult applyResult = processor.ApplySet(configurationSet, ApplyConfigurationSetFlags.None);
-            Assert.NotNull(applyResult);
+            Assert.Null(result.ResultCode);
+            Assert.Equal(2, result.UnitResults.Count);
+
+            foreach (var unitResult in result.UnitResults)
+            {
+                Assert.NotNull(unitResult);
+                Assert.False(unitResult.PreviouslyInDesiredState);
+                Assert.False(unitResult.RebootRequired);
+                Assert.NotNull(unitResult.ResultInformation);
+                Assert.Null(unitResult.ResultInformation.ResultCode);
+                Assert.Equal(ConfigurationUnitResultSource.None, unitResult.ResultInformation.ResultSource);
+            }
         }
 
         /// <summary>
@@ -96,34 +99,35 @@ public async Task ApplyUnitNotInLimitationSet()
             Version version = new Version("0.0.0.1");
 
             ConfigurationSet configurationSet = this.ConfigurationSet();
+            configurationSet.Metadata.Add(Helpers.Constants.DisableRunAsTestGuid, true);
+            configurationSet.Metadata.Add(Helpers.Constants.DisableHighIntegriySerializationTestGuid, true);
 
-            ConfigurationUnit configurationUnit1 = this.ConfigurationUnit();
-            configurationUnit1.Metadata.Add("securityContext", "elevated");
-            configurationUnit1.Metadata.Add("version", version.ToString());
-            configurationUnit1.Metadata.Add("module", moduleName);
-            configurationUnit1.Metadata.Add("secretCode", "123456789");
-            configurationUnit1.Type = resourceName;
-            configurationUnit1.Intent = ConfigurationUnitIntent.Apply;
+            ConfigurationUnit elevationRequiredUnit1 = this.ConfigurationUnit();
+            elevationRequiredUnit1.Metadata.Add("securityContext", "elevated");
+            elevationRequiredUnit1.Metadata.Add("version", version.ToString());
+            elevationRequiredUnit1.Metadata.Add("module", moduleName);
+            elevationRequiredUnit1.Metadata.Add("secretCode", "123456789");
+            elevationRequiredUnit1.Type = resourceName;
+            elevationRequiredUnit1.Intent = ConfigurationUnitIntent.Apply;
 
-            ConfigurationUnit configurationUnit2 = this.ConfigurationUnit();
-            configurationUnit2.Metadata.Add("version", version.ToString());
-            configurationUnit2.Metadata.Add("module", moduleName);
-            configurationUnit2.Metadata.Add("secretCode", "123456789");
-            configurationUnit2.Type = resourceName;
-            configurationUnit2.Intent = ConfigurationUnitIntent.Apply;
+            //ConfigurationUnit elevationRequiredUnit2 = this.ConfigurationUnit();
+            //elevationRequiredUnit2.Metadata.Add("securityContext", "elevated");
+            //elevationRequiredUnit2.Metadata.Add("version", version.ToString());
+            //elevationRequiredUnit2.Metadata.Add("module", moduleName);
+            //elevationRequiredUnit2.Metadata.Add("secretCode", "123456789");
+            //elevationRequiredUnit2.Type = resourceName;
+            //elevationRequiredUnit2.Intent = ConfigurationUnitIntent.Apply;
 
-            configurationSet.Units = new ConfigurationUnit[] { configurationUnit1, configurationUnit2 };
+            configurationSet.Units = new ConfigurationUnit[] { elevationRequiredUnit1 };
 
-            IConfigurationSetProcessorFactory dynamicFactory = await this.fixture.ConfigurationStatics.CreateConfigurationSetProcessorFactoryAsync("{73fea39f-6f4a-41c9-ba94-6fd14d633e40}");
+            IConfigurationSetProcessorFactory dynamicFactory = await this.fixture.ConfigurationStatics.CreateConfigurationSetProcessorFactoryAsync(Helpers.Constants.DynamicRuntimeHandlerIdentifier);
 
             ConfigurationProcessor processor = this.CreateConfigurationProcessorWithDiagnostics(dynamicFactory);
 
-            TestConfigurationSetResult result = processor.TestSet(configurationSet);
+            ApplyConfigurationSetResult result = processor.ApplySet(configurationSet, ApplyConfigurationSetFlags.None);
             Assert.NotNull(result);
-            Assert.Equal(1, result.UnitResults.Count);
-
-            ApplyConfigurationSetResult applyResult = processor.ApplySet(configurationSet, ApplyConfigurationSetFlags.None);
-            Assert.NotNull(applyResult);
+            Assert.Null(result.ResultCode);
+            Assert.Equal(2, result.UnitResults.Count);
         }
     }
 }