001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: /**
019: * @author Alexey V. Varlamov
020: * @version $Revision$
021: */package org.apache.harmony.security;
022:
023: import java.io.IOException;
024: import java.io.Reader;
025: import java.io.StreamTokenizer;
026: import java.io.StringReader;
027: import java.util.ArrayList;
028: import java.util.Collection;
029: import java.util.Iterator;
030: import java.util.List;
031:
032: import org.apache.harmony.security.DefaultPolicyScanner;
033: import junit.framework.TestCase;
034:
035: /**
036: * TODO Put your class description here
037: *
038: */
039:
040: public class DefaultPolicyScannerTest extends TestCase {
041:
042: public static void main(String[] args) {
043: junit.textui.TestRunner.run(DefaultPolicyScannerTest.class);
044: }
045:
046: private static String IO_ERROR = "Failed intentionally";
047:
048: private DefaultPolicyScanner scanner;
049:
050: private static StreamTokenizer getST(String sample) {
051: return new StreamTokenizer(new StringReader(sample));
052: }
053:
054: private static StreamTokenizer getFailingST(String sample) {
055: return new StreamTokenizer(new StringReader(sample)) {
056:
057: public int nextToken() throws IOException {
058: throw new IOException(IO_ERROR);
059: }
060: };
061: }
062:
063: protected void setUp() throws Exception {
064: super .setUp();
065: scanner = new DefaultPolicyScanner();
066: }
067:
068: /**
069: * Tests tokenization of valid policy sample with all possible elements.
070: */
071: public void testScanStream_Complex() throws Exception {
072: List grants = new ArrayList();
073: List keys = new ArrayList();
074: Reader r = new StringReader(
075: "keystore \"url1\";grant{}KeyStore \"url2\", \"type2\""
076: + "keystore \"url3\"\nGRANT signedby \"duke,Li\", "
077: + "codebase\"\", principal a.b.c \"alias\"{permission XXX \"YYY\", SignedBy \"ZZZ\" \n \t };;;");
078: scanner.scanStream(r, grants, keys);
079:
080: assertEquals("3 keystores expected", 3, keys.size());
081: String[] urls = new String[] { "url1", "url2", "url3" };
082: String[] types = new String[] { null, "type2", null };
083: for (int i = 0; i < 3; i++) {
084: DefaultPolicyScanner.KeystoreEntry key = (DefaultPolicyScanner.KeystoreEntry) keys
085: .get(i);
086: assertEquals(urls[i], key.url);
087: assertEquals(types[i], key.type);
088: }
089: assertEquals("2 grants expected", 2, grants.size());
090: DefaultPolicyScanner.GrantEntry ge = (DefaultPolicyScanner.GrantEntry) grants
091: .get(0);
092: assertTrue(ge.codebase == null && ge.signers == null
093: && ge.principals == null && ge.permissions.size() == 0);
094:
095: ge = (DefaultPolicyScanner.GrantEntry) grants.get(1);
096: assertTrue(ge.codebase.equals("")
097: && ge.signers.equals("duke,Li")
098: && ge.principals.size() == 1
099: && ge.permissions.size() == 1);
100:
101: DefaultPolicyScanner.PrincipalEntry pn = (DefaultPolicyScanner.PrincipalEntry) ge.principals
102: .iterator().next();
103: assertTrue(pn.klass.equals("a.b.c") && pn.name.equals("alias"));
104:
105: DefaultPolicyScanner.PermissionEntry pe = (DefaultPolicyScanner.PermissionEntry) ge.permissions
106: .iterator().next();
107: assertTrue(pe.klass.equals("XXX") && pe.name.equals("YYY")
108: && pe.actions == null && pe.signers.equals("ZZZ"));
109: }
110:
111: public void testScanStream_Empty() throws Exception {
112: scanner.scanStream(new StringReader(""), new ArrayList(),
113: new ArrayList());
114: }
115:
116: /**
117: * Tests that scanStream() throws InvalidFormatException on invalid
118: * keywords.
119: */
120: public void testScanStream_Invalid() throws Exception {
121: List grants = new ArrayList();
122: List keys = new ArrayList();
123: try {
124: scanner.scanStream(new StringReader(
125: "keystore \"url1\"; granted{} grant{}"), grants,
126: keys);
127: fail("InvalidFormatException is not thrown");
128: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
129: assertTrue(keys.size() == 1 && grants.size() == 0);
130:
131: }
132:
133: try {
134: scanner
135: .scanStream(
136: new StringReader(
137: "grant{} grant{} keyshop \"url1\"; keystore \"url1\";"),
138: grants, keys);
139: fail("InvalidFormatException is not thrown 2");
140: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
141: assertTrue(keys.size() == 1 && grants.size() == 2);
142:
143: }
144: }
145:
146: /**
147: * Tests that scanStream() throws IOException if stream fails.
148: */
149: public void testScanStream_IOException() throws Exception {
150: try {
151: scanner.scanStream(new Reader() {
152:
153: public void close() throws IOException {
154: }
155:
156: public int read(char[] cbuf, int off, int count)
157: throws IOException {
158: throw new IOException(IO_ERROR);
159: }
160: }, new ArrayList(), new ArrayList());
161: fail("IOException is intercepted");
162: } catch (IOException ok) {
163: assertEquals(IO_ERROR, ok.getMessage());
164: }
165: }
166:
167: /**
168: * Tests that both handleUnexpectedToken() methods throw proper
169: * InvalidFormatException exception.
170: */
171: public void testHandleUnexpectedToken() {
172: try {
173: scanner.handleUnexpectedToken(getST(""));
174: fail("InvalidFormatException is not thrown");
175: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
176:
177: }
178:
179: String message = "bla-bli-blu";
180: try {
181: scanner.handleUnexpectedToken(getST(""), message);
182: fail("InvalidFormatException is not thrown 2");
183: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
184: assertNotNull(ok.getMessage());
185: assertTrue(ok.getMessage().indexOf(message) >= 0);
186: }
187: }
188:
189: /**
190: * Tests readKeystoreEntry() for tokenizing all valid syntax variants.
191: */
192: public void testReadKeystoreEntry() throws Exception {
193: DefaultPolicyScanner.KeystoreEntry ke = scanner
194: .readKeystoreEntry(getST("\"URL1\""));
195: assertEquals("URL1", ke.url);
196: assertNull(ke.type);
197:
198: ke = scanner.readKeystoreEntry(getST("\"URL2\",\"TYPE2\""));
199: assertEquals("URL2", ke.url);
200: assertEquals("TYPE2", ke.type);
201:
202: ke = scanner.readKeystoreEntry(getST("\"URL3\" \"TYPE3\""));
203: assertEquals("URL3", ke.url);
204: assertEquals("TYPE3", ke.type);
205: }
206:
207: /**
208: * Tests that readKeystoreEntry() throws IOException if stream fails.
209: */
210: public void testReadKeystoreEntry_IOException() throws Exception {
211: try {
212: scanner.readKeystoreEntry(getFailingST(""));
213: fail("IOException is intercepted");
214: } catch (IOException ok) {
215: assertEquals(IO_ERROR, ok.getMessage());
216: }
217: }
218:
219: /**
220: * Tests that readKeystoreEntry() throws InvalidFormatException on invalid
221: * input
222: */
223: public void testReadKeystoreEntry_Invalid() throws Exception {
224: try {
225: scanner.readKeystoreEntry(getST(""));
226: fail("InvalidFormatException is not thrown 1");
227: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
228:
229: }
230: try {
231: scanner.readKeystoreEntry(getST(" ;"));
232: fail("InvalidFormatException is not thrown 2");
233: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
234:
235: }
236: try {
237: scanner.readKeystoreEntry(getST("URL"));
238: fail("InvalidFormatException is not thrown 3");
239: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
240:
241: }
242: }
243:
244: /**
245: * Tests readPrincipalEntry() for tokenizing all valid syntax variants.
246: */
247: public void testReadPrincipalEntry() throws Exception {
248: DefaultPolicyScanner.PrincipalEntry pe = scanner
249: .readPrincipalEntry(getST("\"name1\""));
250: assertEquals("name1", pe.name);
251: assertNull(pe.klass);
252:
253: pe = scanner.readPrincipalEntry(getST("a.b.c.d\"name 2\""));
254: assertEquals("name 2", pe.name);
255: assertEquals("a.b.c.d", pe.klass);
256:
257: pe = scanner.readPrincipalEntry(getST("* *"));
258: assertEquals(DefaultPolicyScanner.PrincipalEntry.WILDCARD,
259: pe.name);
260: assertEquals(DefaultPolicyScanner.PrincipalEntry.WILDCARD,
261: pe.klass);
262:
263: pe = scanner.readPrincipalEntry(getST("* \"name3\""));
264: assertEquals("name3", pe.name);
265: assertEquals(DefaultPolicyScanner.PrincipalEntry.WILDCARD,
266: pe.klass);
267:
268: pe = scanner.readPrincipalEntry(getST("clazz *"));
269: assertEquals(DefaultPolicyScanner.PrincipalEntry.WILDCARD,
270: pe.name);
271: assertEquals("clazz", pe.klass);
272: }
273:
274: /**
275: * Tests that readPrincipalEntry() throws InvalidFormatException on invalid
276: * input
277: */
278: public void testReadPrincipalEntry_Invalid() throws Exception {
279: try {
280: scanner.readPrincipalEntry(getST(""));
281: fail("InvalidFormatException is not thrown 1");
282: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
283:
284: }
285: try {
286: scanner.readPrincipalEntry(getST(" ;"));
287: fail("InvalidFormatException is not thrown 2");
288: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
289:
290: }
291: try {
292: scanner.readPrincipalEntry(getST("class"));
293: fail("InvalidFormatException is not thrown 3");
294: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
295:
296: }
297: try {
298: scanner.readPrincipalEntry(getST("class name"));
299: fail("InvalidFormatException is not thrown 4");
300: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
301:
302: }
303: try {
304: scanner.readPrincipalEntry(getST("class, \"name\""));
305: fail("InvalidFormatException is not thrown 5");
306: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
307:
308: }
309: try {
310: scanner.readPrincipalEntry(getST("* name"));
311: fail("InvalidFormatException is not thrown 6");
312: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
313:
314: }
315: }
316:
317: /**
318: * Tests that readPrincipalEntry() throws IOException if stream fails.
319: */
320: public void testReadPrincipalEntry_IOException() throws Exception {
321: try {
322: scanner.readPrincipalEntry(getFailingST(""));
323: fail("IOException is intercepted");
324: } catch (IOException ok) {
325: assertEquals(IO_ERROR, ok.getMessage());
326: }
327: }
328:
329: /**
330: * Tests readPermissionEntries() for tokenizing empty list of permissions.
331: */
332: public void testReadPermissionEntries_Empty() throws Exception {
333: Collection perms = scanner.readPermissionEntries(getST("}"));
334: assertNotNull(perms);
335: assertEquals(0, perms.size());
336: }
337:
338: /**
339: * Tests readPermissionEntries() for tokenizing all valid syntax variants,
340: * for just one permission.
341: */
342: public void testReadPermissionEntries_Single() throws Exception {
343: Collection perms = scanner
344: .readPermissionEntries(getST("permission a.b.c; }"));
345: assertEquals(1, perms.size());
346: DefaultPolicyScanner.PermissionEntry pe = (DefaultPolicyScanner.PermissionEntry) perms
347: .iterator().next();
348: assertEquals("a.b.c", pe.klass);
349: assertNull(pe.name);
350: assertNull(pe.actions);
351: assertNull(pe.signers);
352:
353: perms = scanner
354: .readPermissionEntries(getST("permission a.b.c \"name1\" }"));
355: assertEquals(1, perms.size());
356: pe = (DefaultPolicyScanner.PermissionEntry) perms.iterator()
357: .next();
358: assertEquals("a.b.c", pe.klass);
359: assertEquals("name1", pe.name);
360: assertNull(pe.actions);
361: assertNull(pe.signers);
362:
363: perms = scanner
364: .readPermissionEntries(getST("permission a.b.c \"name2\", \"action2\"}"));
365: assertEquals(1, perms.size());
366: pe = (DefaultPolicyScanner.PermissionEntry) perms.iterator()
367: .next();
368: assertEquals("a.b.c", pe.klass);
369: assertEquals("name2", pe.name);
370: assertEquals("action2", pe.actions);
371: assertNull(pe.signers);
372:
373: perms = scanner
374: .readPermissionEntries(getST("permission a.b.c \"name3\" signedby \"\"}"));
375: assertEquals(1, perms.size());
376: pe = (DefaultPolicyScanner.PermissionEntry) perms.iterator()
377: .next();
378: assertEquals("a.b.c", pe.klass);
379: assertEquals("name3", pe.name);
380: assertNull(pe.actions);
381: assertEquals("", pe.signers);
382:
383: perms = scanner
384: .readPermissionEntries(getST("permission a.b.c4 ,\"actions4\" SignedBy \"sig4\"}"));
385: assertEquals(1, perms.size());
386: pe = (DefaultPolicyScanner.PermissionEntry) perms.iterator()
387: .next();
388: assertEquals("a.b.c4", pe.klass);
389: assertNull(pe.name);
390: assertEquals("actions4", pe.actions);
391: assertEquals("sig4", pe.signers);
392:
393: perms = scanner
394: .readPermissionEntries(getST("permission a.b.c5 \"name5\",\"actions5\",signedby \"sig5\";}"));
395: assertEquals(1, perms.size());
396: pe = (DefaultPolicyScanner.PermissionEntry) perms.iterator()
397: .next();
398: assertEquals("a.b.c5", pe.klass);
399: assertEquals("name5", pe.name);
400: assertEquals("actions5", pe.actions);
401: assertEquals("sig5", pe.signers);
402: }
403:
404: /**
405: * Tests readPermissionEntries() for tokenizing valid syntax for a list of
406: * permissions.
407: */
408: public void testReadPermissionEntries_List() throws Exception {
409: Collection perms = scanner
410: .readPermissionEntries(getST("permission a.b.c"
411: + " permission qwerty ,\"aaa\";"
412: + "permission zzz signedby \"xxx\"}"));
413: assertEquals(3, perms.size());
414:
415: for (Iterator it = perms.iterator(); it.hasNext();) {
416: DefaultPolicyScanner.PermissionEntry pe = (DefaultPolicyScanner.PermissionEntry) it
417: .next();
418: if ("a.b.c".equals(pe.klass)) {
419: assertNull(pe.name);
420: assertNull(pe.actions);
421: assertNull(pe.signers);
422: } else if ("qwerty".equals(pe.klass)) {
423: assertNull(pe.name);
424: assertEquals("aaa", pe.actions);
425: assertNull(pe.signers);
426: } else if ("zzz".equals(pe.klass)) {
427: assertNull(pe.name);
428: assertNull(pe.actions);
429: assertEquals("xxx", pe.signers);
430: } else {
431: fail("Unknown permission reported: " + pe.klass);
432: }
433: }
434: }
435:
436: /**
437: * Tests that readPermissionEntries() throws InvalidFormatException on
438: * invalid input
439: */
440: public void testReadPermissionEntries_Invalid() throws Exception {
441: try {
442: scanner.readPermissionEntries(getST("permission a.b.c"));
443: fail("InvalidFormatException is not thrown 1");
444: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
445:
446: }
447: try {
448: scanner.readPermissionEntries(getST("permission;}"));
449: fail("InvalidFormatException is not thrown 2");
450: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
451:
452: }
453: try {
454: scanner
455: .readPermissionEntries(getST("permission class name}"));
456: fail("InvalidFormatException is not thrown 3");
457: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
458:
459: }
460: try {
461: scanner
462: .readPermissionEntries(getST("permission class ,,}"));
463: fail("InvalidFormatException is not thrown 4");
464: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
465:
466: }
467: try {
468: scanner
469: .readPermissionEntries(getST("permission class \"name\", signedby signers}"));
470: fail("InvalidFormatException is not thrown 5");
471: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
472:
473: }
474: }
475:
476: /**
477: * Tests that readPermissionEntries() throws IOException if stream fails.
478: */
479: public void testReadPermissionEntries_IOException()
480: throws Exception {
481: try {
482: scanner.readPermissionEntries(getFailingST(""));
483: fail("IOException is intercepted");
484: } catch (IOException ok) {
485: assertEquals(IO_ERROR, ok.getMessage());
486: }
487: }
488:
489: /**
490: * Tests readGrantEntry() for tokenizing all valid syntax variants.
491: */
492: public void testReadGrantEntry_Empty() throws Exception {
493: DefaultPolicyScanner.GrantEntry ge = scanner
494: .readGrantEntry(getST(""));
495: assertNull(ge.codebase);
496: assertNull(ge.codebase);
497: assertNull(ge.principals);
498: assertTrue(ge.permissions == null || ge.permissions.isEmpty());
499:
500: ge = scanner.readGrantEntry(getST("{}"));
501: assertNull(ge.codebase);
502: assertNull(ge.codebase);
503: assertNull(ge.principals);
504: assertTrue(ge.permissions == null || ge.permissions.isEmpty());
505: }
506:
507: /**
508: * Tests readGrantEntry() for tokenizing all valid syntax variants.
509: */
510: public void testReadGrantEntry() throws Exception {
511: DefaultPolicyScanner.GrantEntry ge = scanner
512: .readGrantEntry(getST("codebase \"u1\" signedby \"s1\";"));
513: assertEquals("u1", ge.codebase);
514: assertEquals("s1", ge.signers);
515: assertNull(ge.principals);
516:
517: ge = scanner
518: .readGrantEntry(getST("signedby \"s2\" codebase \"u2\";"));
519: assertEquals("u2", ge.codebase);
520: assertEquals("s2", ge.signers);
521: assertNull(ge.principals);
522:
523: ge = scanner
524: .readGrantEntry(getST("signedby \"s2\",signedby \"s3\" "
525: + " codebase \"u2\",codebase \"u3\";"));
526: assertEquals("u3", ge.codebase);
527: assertEquals("s3", ge.signers);
528: assertNull(ge.principals);
529:
530: ge = scanner
531: .readGrantEntry(getST("principal \"a1\" signedby \"s4\" "
532: + "principal \"a2\", codebase \"u4\";"));
533: assertEquals("u4", ge.codebase);
534: assertEquals("s4", ge.signers);
535: assertNotNull(ge.principals);
536: assertEquals(2, ge.principals.size());
537:
538: ge = scanner
539: .readGrantEntry(getST("principal * *, principal bbb \"b2\""
540: + ", principal ccc \"c2\" codebase \"u5\";"));
541: assertEquals("u5", ge.codebase);
542: assertNull(ge.signers);
543: assertNotNull(ge.principals);
544: assertEquals(3, ge.principals.size());
545:
546: ge = scanner.readGrantEntry(getST("principal * *"
547: + ", signedby \"s6\";"));
548: assertNull(ge.codebase);
549: assertEquals("s6", ge.signers);
550: assertNotNull(ge.principals);
551: assertEquals(1, ge.principals.size());
552: }
553:
554: /**
555: * Tests that readGrantEntry() throws InvalidFormatException on invalid
556: * input
557: */
558: public void testReadGrantEntry_Invalid() throws Exception {
559: try {
560: scanner.readGrantEntry(getST("codebase"));
561: fail("InvalidFormatException is not thrown 1");
562: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
563:
564: }
565: try {
566: scanner.readGrantEntry(getST("signedby"));
567: fail("InvalidFormatException is not thrown 2");
568: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
569:
570: }
571: try {
572: scanner.readGrantEntry(getST("signedby *"));
573: fail("InvalidFormatException is not thrown 3");
574: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
575:
576: }
577: try {
578: scanner.readGrantEntry(getST("codebase file://URL"));
579: fail("InvalidFormatException is not thrown 4");
580: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
581:
582: }
583: try {
584: scanner
585: .readGrantEntry(getST("codebase \"a2\", signedby \"a2\", "
586: + "principal a \"a2\", b \"b2\" "));
587: fail("InvalidFormatException is not thrown 5");
588: } catch (DefaultPolicyScanner.InvalidFormatException ok) {
589:
590: }
591: }
592:
593: /**
594: * Tests that readGrantEntry() throws IOException if stream fails.
595: */
596: public void testReadGrantEntry_IOException() throws Exception {
597: try {
598: scanner.readGrantEntry(getFailingST(""));
599: fail("IOException is intercepted");
600: } catch (IOException ok) {
601: assertEquals(IO_ERROR, ok.getMessage());
602: }
603: }
604: }
|