Example 6 with SystemPermission
use of org.apache.derby.shared.common.security.SystemPermission in project derby by apache.
the class SystemPrivilegesPermissionTest method createSyspermNoCheck.
/**
* Create a new SystemPermission object without checking that the name
* and actions are valid.
*
* @param name the name of the permission
* @param actions the actions of the permission
* @return a SystemPermission instance
*/
private static SystemPermission createSyspermNoCheck(String name, String actions) {
// First create a valid permission object, so that the checks in
// the constructor are happy.
SystemPermission sysperm = new SystemPermission("server", "control");
// Then use reflection to override the values of the fields with
// potentially invalid values.
setField(Permission.class, "name", sysperm, name);
setField(SystemPermission.class, "actions", sysperm, actions);
return sysperm;
}
Also used :
SystemPermission(org.apache.derby.shared.common.security.SystemPermission)
Example 7 with SystemPermission
use of org.apache.derby.shared.common.security.SystemPermission in project derby by apache.
the class SystemPrivilegesPermissionTest method testSystemPermissionSerialization.
/**
* Test serialization and deserialization of SystemPermission objects.
*/
private void testSystemPermissionSerialization() throws IOException {
// serialize and deserialize.
for (String name : VALID_SYSPERM_NAMES) {
for (String action : VALID_SYSPERM_ACTIONS) {
// Actions are case-insensitive, so test both lower-case
// and upper-case.
SystemPermission pl = new SystemPermission(name, action.toLowerCase(Locale.US));
SystemPermission pu = new SystemPermission(name, action.toUpperCase(Locale.US));
assertEquals(pl, serializeDeserialize(pl, null));
assertEquals(pu, serializeDeserialize(pu, null));
}
}
// A permission can specify multiple actions ...
SystemPermission sp = new SystemPermission("server", "control,monitor,shutdown");
assertEquals(sp, serializeDeserialize(sp, null));
// ... but only a single name, so this should fail.
// (Did not fail before DERBY-3476.)
serializeDeserialize(createSyspermNoCheck("server,jmx", "control"), IllegalArgumentException.class);
// Invalid and duplicate actions should be ignored.
sp = serializeDeserialize(createSyspermNoCheck(VALID_SYSPERM_NAMES[0], "control,invalid,control,,shutdown"), null);
// The next assert failed before DERBY-3476.
assertEquals("control,shutdown", sp.getActions());
// Empty action is allowed.
sp = new SystemPermission(VALID_SYSPERM_NAMES[0], "");
assertEquals(sp, serializeDeserialize(sp, null));
// Name is case-sensitive, so this should fail.
// (Did not fail before DERBY-3476.)
serializeDeserialize(createSyspermNoCheck(VALID_SYSPERM_NAMES[0].toUpperCase(Locale.US), VALID_SYSPERM_ACTIONS[0]), IllegalArgumentException.class);
// Empty name is not allowed.
serializeDeserialize(createSyspermNoCheck("", VALID_SYSPERM_ACTIONS[0]), IllegalArgumentException.class);
// Null name is not allowed.
serializeDeserialize(createSyspermNoCheck(null, VALID_SYSPERM_ACTIONS[0]), NullPointerException.class);
// Null action is not allowed.
// (Did not fail before DERBY-3476.)
serializeDeserialize(createSyspermNoCheck(VALID_SYSPERM_NAMES[0], null), NullPointerException.class);
// Test serialization of SystemPermission collections.
// Serialization should work on empty collection.
PermissionCollection collection = sp.newPermissionCollection();
PermissionCollection readCollection = serializeDeserialize(collection, null);
assertFalse(readCollection.elements().hasMoreElements());
// Serialization should work on non-empty collection.
sp = new SystemPermission(VALID_SYSPERM_NAMES[0], VALID_SYSPERM_ACTIONS[0]);
collection = sp.newPermissionCollection();
collection.add(sp);
readCollection = serializeDeserialize(collection, null);
assertEquals(Arrays.asList(sp), Collections.list(readCollection.elements()));
// Deserialization should fail if the collection contains a
// permission with invalid name.
collection.add(createSyspermNoCheck("invalid_name", "control"));
serializeDeserialize(collection, IllegalArgumentException.class);
// Deserialization should fail if the collection contains a
// permission that is not a SystemPermission.
collection = sp.newPermissionCollection();
HashMap<String, Permission> permissions = new HashMap<String, Permission>();
permissions.put("engine", new AllPermission());
setField(collection.getClass(), "permissions", collection, permissions);
serializeDeserialize(collection, ClassCastException.class);
}
Also used :
SystemPermission(org.apache.derby.shared.common.security.SystemPermission)
PermissionCollection(java.security.PermissionCollection)
HashMap(java.util.HashMap)
SystemPermission(org.apache.derby.shared.common.security.SystemPermission)
AllPermission(java.security.AllPermission)
DatabasePermission(org.apache.derby.security.DatabasePermission)
Permission(java.security.Permission)
AllPermission(java.security.AllPermission)
Aggregations
SystemPermission (org.apache.derby.shared.common.security.SystemPermission)7
AllPermission (java.security.AllPermission)4
Permission (java.security.Permission)4
DatabasePermission (org.apache.derby.security.DatabasePermission)3
PermissionCollection (java.security.PermissionCollection)2
AccessControlException (java.security.AccessControlException)1
Permissions (java.security.Permissions)1
PrivilegedActionException (java.security.PrivilegedActionException)1
SQLException (java.sql.SQLException)1
SQLFeatureNotSupportedException (java.sql.SQLFeatureNotSupportedException)1
HashMap (java.util.HashMap)1
ExecutionException (java.util.concurrent.ExecutionException)1
TimeoutException (java.util.concurrent.TimeoutException)1
ObjectName (javax.management.ObjectName)1
RuntimeMBeanException (javax.management.RuntimeMBeanException)1
SystemPrincipal (org.apache.derby.authentication.SystemPrincipal)1
StandardException (org.apache.derby.shared.common.error.StandardException)1
