From b53ef3f172787e057f1a1df2283871d7c0c37a0d Mon Sep 17 00:00:00 2001
From: Jay Mundrawala <jdmundrawala@gmail.com>
Date: Wed, 11 Feb 2015 13:24:24 -0800
Subject: Added a test for duplicating a security token with incorrect
 permissions

---
 spec/functional/win32/security_spec.rb | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/spec/functional/win32/security_spec.rb b/spec/functional/win32/security_spec.rb
index 7ad6756a20..8c3db8e2d2 100644
--- a/spec/functional/win32/security_spec.rb
+++ b/spec/functional/win32/security_spec.rb
@@ -48,5 +48,13 @@ describe 'Chef::Win32::Security', :windows_only do
         expect{ token.duplicate_token(:SecurityImpersonation) }.not_to raise_error
       end
     end
+
+    context 'with read only rights' do
+      let(:token_rights) { Chef::ReservedNames::Win32::Security::TOKEN_READ }
+
+      it 'raises an exception when trying to duplicate' do
+        expect{ token.duplicate_token(:SecurityImpersonation) }.to raise_error(Chef::Exceptions::Win32APIError)
+      end
+    end
   end
 end
-- 
cgit v1.2.1