001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: /**
019: * @author Alexey V. Varlamov
020: * @version $Revision$
021: */package org.apache.harmony.security.tests.java.security;
022:
023: import java.net.URL;
024: import java.security.CodeSource;
025: import java.security.Permission;
026: import java.security.PermissionCollection;
027: import java.security.Policy;
028: import java.security.ProtectionDomain;
029: import java.security.Security;
030: import java.security.SecurityPermission;
031: import java.util.Collection;
032: import java.util.Enumeration;
033: import java.util.HashSet;
034:
035: import junit.framework.TestCase;
036:
037: import org.apache.harmony.security.tests.support.SecurityChecker;
038: import org.apache.harmony.security.tests.support.TestUtils;
039:
040: import tests.support.resource.Support_Resources;
041:
042: /**
043: * Tests for <code>Policy</code>
044: */
045: public class PolicyTest extends TestCase {
046:
047: public static final String JAVA_SECURITY_POLICY = "java.security.policy";
048:
049: public static void main(String[] args) {
050: junit.textui.TestRunner.run(PolicyTest.class);
051: }
052:
053: /**
054: * @tests java.security.Policy#setPolicy(java.security.Policy)
055: */
056: public void test_setPolicyLjava_security_Policy() {
057: SecurityManager old = System.getSecurityManager();
058: Policy oldPolicy = Policy.getPolicy();
059: try {
060: SecurityChecker checker = new SecurityChecker(
061: new SecurityPermission("setPolicy"), true);
062: System.setSecurityManager(checker);
063: Policy custom = new TestProvider();
064: Policy.setPolicy(custom);
065: assertTrue(checker.checkAsserted);
066: assertSame(custom, Policy.getPolicy());
067:
068: checker.reset();
069: checker.enableAccess = false;
070: try {
071: Policy.setPolicy(new TestProvider());
072: fail("SecurityException is intercepted");
073: } catch (SecurityException ok) {
074: }
075: } finally {
076: System.setSecurityManager(old);
077: Policy.setPolicy(oldPolicy);
078: }
079: }
080:
081: /**
082: * @tests java.security.Policy#getPolicy()
083: */
084: public void test_getPolicy() {
085: SecurityManager old = System.getSecurityManager();
086: Policy oldPolicy = Policy.getPolicy();
087: try {
088: Policy.setPolicy(new TestProvider());
089: SecurityChecker checker = new SecurityChecker(
090: new SecurityPermission("getPolicy"), true);
091: System.setSecurityManager(checker);
092: Policy.getPolicy();
093: assertTrue(checker.checkAsserted);
094:
095: checker.reset();
096: checker.enableAccess = false;
097: try {
098: Policy.getPolicy();
099: fail("SecurityException is intercepted");
100: } catch (SecurityException ok) {
101: }
102: } finally {
103: System.setSecurityManager(old);
104: Policy.setPolicy(oldPolicy);
105: }
106: }
107:
108: public static class TestProvider extends Policy {
109:
110: PermissionCollection pc;
111:
112: public PermissionCollection getPermissions(CodeSource cs) {
113: return pc;
114: }
115:
116: public void refresh() {
117: }
118: }
119:
120: /**
121: * Tests that getPermissions() does proper permission evaluation.
122: */
123: public void testGetPermissions() {
124: SecurityPermission sp = new SecurityPermission("abc");
125: SecurityPermission sp2 = new SecurityPermission("fbdf");
126: PermissionCollection spc = sp.newPermissionCollection();
127: spc.add(sp2);
128: ProtectionDomain pd = new ProtectionDomain(null, null);
129: ProtectionDomain pd2 = new ProtectionDomain(null, spc);
130: TestProvider policy = new TestProvider();
131: policy.pc = sp.newPermissionCollection();
132:
133: //case1: empty policy, no static permissions in PD
134: PermissionCollection pc4pd = policy.getPermissions(pd);
135: assertNotNull(pc4pd);
136: Enumeration en = pc4pd.elements();
137: assertFalse(en.hasMoreElements());
138:
139: //case2: empty policy, some static permissions in PD
140: pc4pd = policy.getPermissions(pd2);
141: assertNotNull(pc4pd);
142: //no check for static permissions
143:
144: //case3: non-empty policy, no static permissions in PD
145: policy.pc.add(sp);
146: pc4pd = policy.getPermissions(pd);
147: assertNotNull(pc4pd);
148: Collection c = new HashSet();
149: for (en = pc4pd.elements(); en.hasMoreElements(); c.add(en
150: .nextElement())) {
151: }
152:
153: assertTrue(c.contains(sp));
154:
155: //case4: non-empty policy, some static permissions in PD
156: pc4pd = policy.getPermissions(pd2);
157: assertNotNull(pc4pd);
158: c = new HashSet();
159: for (en = pc4pd.elements(); en.hasMoreElements(); c.add(en
160: .nextElement())) {
161: }
162:
163: assertTrue(c.contains(sp));
164: //no check for static permissions
165: }
166:
167: /**
168: * @tests java.security.Policy#getPolicy()
169: * @tests java.security.Policy#setPolicy()
170: */
171: public void testResetingPolicyToDefault() {
172:
173: Policy oldPolicy = Policy.getPolicy();
174: assertNotNull("Got a null system security policy", oldPolicy);
175:
176: try {
177:
178: Policy.setPolicy(null); // passing null resets policy
179: Policy newPolicy = Policy.getPolicy();
180:
181: assertNotNull(newPolicy);
182: assertNotSame(oldPolicy, newPolicy);
183:
184: assertEquals("Policy class name", Security
185: .getProperty("policy.provider"), newPolicy
186: .getClass().getName());
187: } finally {
188: Policy.setPolicy(oldPolicy);
189: }
190: }
191:
192: /**
193: * Test property expansion in policy files
194: */
195: public void testPropertyExpansion() throws Exception {
196:
197: // Regression for HARMONY-1963 and HARMONY-2910
198: String policyFile = Support_Resources
199: .getAbsoluteResourcePath("PolicyTest.txt");
200: String oldJavaPolicy = System.getProperty(JAVA_SECURITY_POLICY);
201: Policy oldPolicy = Policy.getPolicy();
202:
203: try {
204: System.setProperty(JAVA_SECURITY_POLICY, policyFile);
205:
206: // test: absolute paths
207: assertCodeBasePropertyExpansion("/11111/*", "/11111/-");
208: assertCodeBasePropertyExpansion("/22222/../22222/*",
209: "/22222/-");
210: assertCodeBasePropertyExpansion("/33333/*",
211: "/33333/../33333/-");
212: assertCodeBasePropertyExpansion("/44444/../44444/-",
213: "/44444/*");
214: assertCodeBasePropertyExpansion("/55555/../55555/-",
215: "/55555/../55555/-");
216: assertCodeBasePropertyExpansion("/666 66 66/-",
217: "/666 66 66/-");
218:
219: // test: relative paths
220: assertCodeBasePropertyExpansion("11111/*", "11111/-");
221: assertCodeBasePropertyExpansion("22222/../22222/*",
222: "22222/-");
223: assertCodeBasePropertyExpansion("33333/*",
224: "33333/../33333/-");
225: assertCodeBasePropertyExpansion("44444/../44444/-",
226: "44444/*");
227: assertCodeBasePropertyExpansion("55555/../55555/-",
228: "55555/../55555/-");
229: assertCodeBasePropertyExpansion("666 66 66/-",
230: "666 66 66/-");
231: } finally {
232: TestUtils.setSystemProperty(JAVA_SECURITY_POLICY,
233: oldJavaPolicy);
234: Policy.setPolicy(oldPolicy);
235: }
236: }
237:
238: /**
239: * Asserts codeBase property expansion in policy file
240: *
241: * @param codeSourceURL -
242: * code source for policy object
243: * @param codeBaseURL -
244: * system propery value for expansion in policy file
245: */
246: private void assertCodeBasePropertyExpansion(String codeSourceURL,
247: String codeBaseURL) throws Exception {
248:
249: Policy.setPolicy(null); //reset policy
250: System.setProperty("test.bin.dir", codeBaseURL);
251:
252: Policy p = Policy.getPolicy();
253: CodeSource codeSource = new CodeSource(new URL("file:"
254: + codeSourceURL),
255: (java.security.cert.Certificate[]) null);
256:
257: PermissionCollection pCollection = p.getPermissions(codeSource);
258: Enumeration<Permission> elements = pCollection.elements();
259:
260: SecurityPermission perm = new SecurityPermission(
261: "codeBaseForPolicyTest");
262:
263: while (elements.hasMoreElements()) {
264: if (elements.nextElement().equals(perm)) {
265: return; // passed
266: }
267: }
268: fail("Failed to find SecurityPermission for codeSource="
269: + codeSourceURL + ", codeBase=" + codeBaseURL);
270: }
271: }
|