Search in sources :

Example 31 with FilePermission

use of java.io.FilePermission in project rt.equinox.framework by eclipse.

the class SecurityAdminUnitTests method testAccessControlContext07.

public void testAccessControlContext07() {
    // test ! signer condition
    ConditionalPermissionUpdate update = cpa.newConditionalPermissionUpdate();
    List rows = update.getConditionalPermissionInfos();
    rows.add(cpa.newConditionalPermissionInfo(null, new ConditionInfo[] { NOT_SIGNER_CONDITION1 }, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    // $NON-NLS-1$
    assertTrue("failed to commit", update.commit());
    // $NON-NLS-1$
    AccessControlContext acc = cpa.getAccessControlContext(new String[] { "cn=t1,c=FR;cn=test1,c=US" });
    try {
        // $NON-NLS-1$ //$NON-NLS-2$
        acc.checkPermission(new FilePermission("test", "write"));
        // $NON-NLS-1$
        fail("expecting AccessControlExcetpion");
    } catch (AccessControlException e) {
    // expected
    }
    try {
        // $NON-NLS-1$ //$NON-NLS-2$
        acc.checkPermission(new FilePermission("test", "read"));
        // $NON-NLS-1$
        fail("expecting AccessControlExcetpion");
    } catch (AccessControlException e) {
    // expected
    }
    // $NON-NLS-1$
    acc = cpa.getAccessControlContext(new String[] { "cn=t1,c=FR;cn=test2,c=US" });
    try {
        // $NON-NLS-1$ //$NON-NLS-2$
        acc.checkPermission(new FilePermission("test", "write"));
        // $NON-NLS-1$
        fail("expecting AccessControlExcetpion");
    } catch (AccessControlException e) {
    // expected
    }
    try {
        // $NON-NLS-1$ //$NON-NLS-2$
        acc.checkPermission(new FilePermission("test", "read"));
    } catch (AccessControlException e) {
        // $NON-NLS-1$
        fail("Unexpected AccessControlExcetpion", e);
    }
}
Also used : FilePermission(java.io.FilePermission)

Example 32 with FilePermission

use of java.io.FilePermission in project rt.equinox.framework by eclipse.

the class SecurityAdminUnitTests method testMultipleLocationConditions02.

public void testMultipleLocationConditions02() {
    Bundle test = installTestBundle(TEST_BUNDLE);
    AccessControlContext pd = test.adapt(AccessControlContext.class);
    // $NON-NLS-1$
    ConditionalPermissionInfo condPermInfo1 = cpa.addConditionalPermissionInfo(getLocationConditions("xxx", false), SOCKET_INFOS);
    ConditionalPermissionInfo condPermInfo2 = cpa.addConditionalPermissionInfo(ALLLOCATION_CONDS, READONLY_INFOS);
    ConditionalPermissionInfo condPermInfo3 = cpa.addConditionalPermissionInfo(getLocationConditions(test.getLocation(), false), RUNTIME_INFOS);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new SocketPermission("localhost", "accept"), false);
    // $NON-NLS-1$
    testPermission(pd, new RuntimePermission("exitVM", null), true);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new FilePermission("test", "write"), false);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new FilePermission("test", "read"), true);
    condPermInfo1.delete();
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new SocketPermission("localhost", "accept"), false);
    // $NON-NLS-1$
    testPermission(pd, new RuntimePermission("exitVM", null), true);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new FilePermission("test", "write"), false);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new FilePermission("test", "read"), true);
    condPermInfo2.delete();
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new SocketPermission("localhost", "accept"), false);
    // $NON-NLS-1$
    testPermission(pd, new RuntimePermission("exitVM", null), true);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new FilePermission("test", "write"), false);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new FilePermission("test", "read"), false);
    condPermInfo3.delete();
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new SocketPermission("localhost", "accept"), true);
    // $NON-NLS-1$
    testPermission(pd, new RuntimePermission("exitVM", null), true);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new FilePermission("test", "write"), true);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(pd, new FilePermission("test", "read"), true);
}
Also used : SocketPermission(java.net.SocketPermission) FilePermission(java.io.FilePermission)

Example 33 with FilePermission

use of java.io.FilePermission in project rt.equinox.framework by eclipse.

the class SecurityAdminUnitTests method testPostponedConditions05.

public void testPostponedConditions05() {
    installConditionBundle();
    TestCondition.clearConditions();
    Bundle test1 = installTestBundle(TEST_BUNDLE);
    Bundle test2 = installTestBundle(TEST2_BUNDLE);
    ProtectionDomain pd1 = test1.adapt(ProtectionDomain.class);
    ProtectionDomain pd2 = test2.adapt(ProtectionDomain.class);
    ProtectionDomain[] pds = new ProtectionDomain[] { pd1, pd2 };
    ConditionalPermissionUpdate update = cpa.newConditionalPermissionUpdate();
    List rows = update.getConditionalPermissionInfos();
    rows.add(cpa.newConditionalPermissionInfo(null, new ConditionInfo[] { POST_MUT_SAT }, READONLY_INFOS, ConditionalPermissionInfo.DENY));
    rows.add(cpa.newConditionalPermissionInfo(null, new ConditionInfo[] { POST_MUT_UNSAT }, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    rows.add(cpa.newConditionalPermissionInfo(null, new ConditionInfo[] { POST_MUT_SAT }, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    rows.add(cpa.newConditionalPermissionInfo(null, new ConditionInfo[] { POST_MUT_UNSAT }, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    rows.add(cpa.newConditionalPermissionInfo(null, ALLLOCATION_CONDS, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    // $NON-NLS-1$);
    assertTrue("failed to commit", update.commit());
    // $NON-NLS-1$ //$NON-NLS-2$
    testSMPermission(pds, new FilePermission("test", "read"), false);
    // $NON-NLS-1$
    TestCondition tc1sat = TestCondition.getTestCondition("POST_MUT_SAT_" + test1.getBundleId());
    // $NON-NLS-1$
    TestCondition tc2sat = TestCondition.getTestCondition("POST_MUT_SAT_" + test2.getBundleId());
    // $NON-NLS-1$
    TestCondition tc1unsat = TestCondition.getTestCondition("POST_MUT_UNSAT_" + test1.getBundleId());
    // $NON-NLS-1$
    TestCondition tc2unsat = TestCondition.getTestCondition("POST_MUT_UNSAT_" + test2.getBundleId());
    // $NON-NLS-1$
    assertNotNull("tc1sat", tc1sat);
    // $NON-NLS-1$
    assertNotNull("tc2sat", tc2sat);
    // $NON-NLS-1$
    assertNotNull("tc1unsat", tc1unsat);
    // $NON-NLS-1$
    assertNotNull("tc2unsat", tc2unsat);
    tc1sat.setSatisfied(false);
    tc2sat.setSatisfied(false);
    // $NON-NLS-1$ //$NON-NLS-2$
    testSMPermission(pds, new FilePermission("test", "read"), true);
}
Also used : TestCondition(ext.framework.b.TestCondition) FilePermission(java.io.FilePermission)

Example 34 with FilePermission

use of java.io.FilePermission in project rt.equinox.framework by eclipse.

the class SecurityAdminUnitTests method testPostponedConditions03.

public void testPostponedConditions03() {
    installConditionBundle();
    TestCondition.clearConditions();
    Bundle test1 = installTestBundle(TEST_BUNDLE);
    Bundle test2 = installTestBundle(TEST2_BUNDLE);
    ProtectionDomain pd1 = test1.adapt(ProtectionDomain.class);
    ProtectionDomain pd2 = test2.adapt(ProtectionDomain.class);
    ProtectionDomain[] pds = new ProtectionDomain[] { pd1, pd2 };
    ConditionalPermissionUpdate update = cpa.newConditionalPermissionUpdate();
    List rows = update.getConditionalPermissionInfos();
    rows.add(cpa.newConditionalPermissionInfo(null, new ConditionInfo[] { POST_MUT_SAT }, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    rows.add(cpa.newConditionalPermissionInfo(null, new ConditionInfo[] { POST_MUT_SAT }, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    rows.add(cpa.newConditionalPermissionInfo(null, new ConditionInfo[] { POST_MUT_UNSAT }, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    rows.add(cpa.newConditionalPermissionInfo(null, ALLLOCATION_CONDS, READONLY_INFOS, ConditionalPermissionInfo.ALLOW));
    // $NON-NLS-1$);
    assertTrue("failed to commit", update.commit());
    // $NON-NLS-1$ //$NON-NLS-2$
    testSMPermission(pds, new FilePermission("test", "read"), true);
    // $NON-NLS-1$
    TestCondition tc1sat = TestCondition.getTestCondition("POST_MUT_SAT_" + test1.getBundleId());
    // $NON-NLS-1$
    TestCondition tc2sat = TestCondition.getTestCondition("POST_MUT_SAT_" + test2.getBundleId());
    // $NON-NLS-1$
    TestCondition tc1unsat = TestCondition.getTestCondition("POST_MUT_UNSAT_" + test1.getBundleId());
    // $NON-NLS-1$
    TestCondition tc2unsat = TestCondition.getTestCondition("POST_MUT_UNSAT_" + test2.getBundleId());
    // $NON-NLS-1$
    assertNotNull("tc1sat", tc1sat);
    // $NON-NLS-1$
    assertNotNull("tc2sat", tc2sat);
    // $NON-NLS-1$
    assertNotNull("tc1unsat", tc1unsat);
    // $NON-NLS-1$
    assertNotNull("tc2unsat", tc2unsat);
    tc1sat.setSatisfied(false);
    tc2sat.setSatisfied(false);
    tc1unsat.setSatisfied(true);
    tc2unsat.setSatisfied(true);
    // $NON-NLS-1$ //$NON-NLS-2$
    testSMPermission(pds, new FilePermission("test", "read"), true);
}
Also used : TestCondition(ext.framework.b.TestCondition) FilePermission(java.io.FilePermission)

Example 35 with FilePermission

use of java.io.FilePermission in project rt.equinox.framework by eclipse.

the class SecurityAdminUnitTests method testLocationPermission01.

public void testLocationPermission01() {
    Bundle test = installTestBundle(TEST_BUNDLE);
    AccessControlContext acc = test.adapt(AccessControlContext.class);
    pa.setPermissions(test.getLocation(), READONLY_INFOS);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(acc, new FilePermission("test", "write"), false);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(acc, new FilePermission("test", "read"), true);
    testPermission(acc, new AllPermission(), false);
    pa.setPermissions(test.getLocation(), null);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(acc, new FilePermission("test", "write"), true);
    // $NON-NLS-1$ //$NON-NLS-2$
    testPermission(acc, new FilePermission("test", "read"), true);
    testPermission(acc, new AllPermission(), true);
}
Also used : FilePermission(java.io.FilePermission)

Aggregations

FilePermission (java.io.FilePermission)88 IOException (java.io.IOException)16 File (java.io.File)14 URL (java.net.URL)14 SocketPermission (java.net.SocketPermission)13 Permission (java.security.Permission)13 Test (org.junit.Test)12 PermissionCollection (java.security.PermissionCollection)11 Permissions (java.security.Permissions)10 CodeSource (java.security.CodeSource)7 PropertyPermission (java.util.PropertyPermission)7 Path (java.nio.file.Path)6 Deployment (org.jboss.arquillian.container.test.api.Deployment)6 TestCondition (ext.framework.b.TestCondition)5 Policy (java.security.Policy)5 URLClassLoader (java.net.URLClassLoader)4 ProtectionDomain (java.security.ProtectionDomain)4 Properties (java.util.Properties)4 WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)4 FileInputStream (java.io.FileInputStream)3