changeset 26367:5da963ed0720

8055776: Add tests to exercise SQLPermissions for DriverManager & SyncFactory Reviewed-by: rriggs
author lancea
date Thu, 04 Sep 2014 12:23:01 -0400
parents 13499e3d43df
children dfdf7c92f55e 5853628b0e63
files jdk/test/java/sql/test/sql/DriverManagerPermissionsTests.java jdk/test/java/sql/util/BaseTest.java jdk/test/java/sql/util/TestPolicy.java jdk/test/javax/sql/testng/test/rowset/spi/SyncFactoryPermissionsTests.java jdk/test/javax/sql/testng/util/BaseTest.java jdk/test/javax/sql/testng/util/TestPolicy.java
diffstat 6 files changed, 547 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/sql/test/sql/DriverManagerPermissionsTests.java	Thu Sep 04 12:23:01 2014 -0400
@@ -0,0 +1,154 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package test.sql;
+
+import java.security.AccessControlException;
+import java.security.Policy;
+import java.sql.DriverManager;
+import java.sql.SQLException;
+import org.testng.annotations.AfterClass;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+import util.BaseTest;
+import util.StubDriver;
+import util.TestPolicy;
+
+public class DriverManagerPermissionsTests extends BaseTest {
+
+    private  static Policy policy;
+    private static SecurityManager sm;
+
+    /*
+     * Install a SecurityManager along with a base Policy to allow testNG to run
+     */
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+        setPolicy(new TestPolicy());
+        System.setSecurityManager(new SecurityManager());
+    }
+
+    /*
+     * Install the original Policy and SecurityManager
+     */
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+        System.setSecurityManager(sm);
+        setPolicy(policy);
+    }
+
+    /*
+     * Save off the original Policy and SecurityManager
+     */
+    public DriverManagerPermissionsTests() {
+        policy = Policy.getPolicy();
+        sm = System.getSecurityManager();
+    }
+
+    /*
+     * Validate that AccessControlException is thrown if SQLPermission("setLog")
+     * has not been granted
+     */
+    @Test(expectedExceptions = AccessControlException.class)
+    public void test() {
+        setPolicy(new TestPolicy());
+        DriverManager.setLogStream(null);
+    }
+
+    /*
+     * Validate that setLogStream succeeds if SQLPermission("setLog") has been
+     * granted
+     */
+    @Test
+    public void test1() {
+        Policy.setPolicy(new TestPolicy("setLog"));
+        DriverManager.setLogStream(null);
+    }
+
+    /*
+     * Validate that setLogStream succeeds if AllPermissions has been granted
+     */
+    @Test
+    public void test2() {
+        setPolicy(new TestPolicy("all"));
+        DriverManager.setLogStream(null);
+    }
+
+    /*
+     * Validate that AccessControlException is thrown if SQLPermission("setLog")
+     * has not been granted
+     */
+    @Test(expectedExceptions = AccessControlException.class)
+    public void test4() {
+        setPolicy(new TestPolicy());
+        DriverManager.setLogWriter(null);
+    }
+
+    /*
+     * Validate that setLogWriter succeeds if SQLPermission("setLog") has been
+     * granted
+     */
+    @Test
+    public void test5() {
+        setPolicy(new TestPolicy("setLog"));
+        DriverManager.setLogWriter(null);
+    }
+
+    /*
+     * Validate that setLogWriter succeeds if AllPermissions has been granted
+     */
+    @Test
+    public void test6() {
+        setPolicy(new TestPolicy("all"));
+        DriverManager.setLogWriter(null);
+    }
+
+    /*
+     * Validate that AccessControlException is thrown if
+     * SQLPermission("deregisterDriver") has not been granted
+     */
+    @Test(expectedExceptions = AccessControlException.class)
+    public void test7() throws SQLException {
+        setPolicy(new TestPolicy());
+        DriverManager.deregisterDriver(new StubDriver());
+    }
+
+    /*
+     * Validate that deregisterDriver succeeds if
+     * SQLPermission("deregisterDriver") has been granted
+     */
+    @Test
+    public void test8() throws SQLException {
+        setPolicy(new TestPolicy("deregisterDriver"));
+        DriverManager.deregisterDriver(new StubDriver());
+    }
+
+    /*
+     * Validate that deregisterDriver succeeds if AllPermissions has been
+     * granted
+     */
+    @Test
+    public void test9() throws SQLException {
+        setPolicy(new TestPolicy("all"));
+        DriverManager.deregisterDriver(new StubDriver());
+    }
+}
--- a/jdk/test/java/sql/util/BaseTest.java	Thu Sep 04 00:32:43 2014 -0700
+++ b/jdk/test/java/sql/util/BaseTest.java	Thu Sep 04 12:23:01 2014 -0400
@@ -27,6 +27,7 @@
 import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
+import java.security.Policy;
 import java.sql.SQLException;
 import org.testng.annotations.AfterClass;
 import org.testng.annotations.AfterMethod;
@@ -88,4 +89,11 @@
         }
         return o1;
     }
+
+    /*
+     * Utility Method used to set the current Policy
+     */
+    protected static void setPolicy(Policy p) {
+        Policy.setPolicy(p);
+    }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/sql/util/TestPolicy.java	Thu Sep 04 12:23:01 2014 -0400
@@ -0,0 +1,135 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package util;
+
+import java.io.FilePermission;
+import java.security.AllPermission;
+import java.security.CodeSource;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
+import java.security.Policy;
+import java.security.ProtectionDomain;
+import java.security.SecurityPermission;
+import java.sql.SQLPermission;
+import java.util.Enumeration;
+import java.util.PropertyPermission;
+import java.util.StringJoiner;
+
+/*
+ * Simple Policy class that supports the required Permissions to validate the
+ * JDBC concrete classes
+ */
+public class TestPolicy extends Policy {
+
+    final PermissionCollection permissions = new Permissions();
+
+    /**
+     * Constructor which sets the minimum permissions allowing testNG to work
+     * with a SecurityManager
+     */
+    public TestPolicy() {
+        setMinimalPermissions();
+    }
+
+    /*
+     * Constructor which determines which permissions are defined for this
+     * Policy used by the JDBC tests Possible values are: all (ALLPermissions),
+     * setLog (SQLPemission("setLog"), deregisterDriver
+     * (SQLPermission("deregisterDriver") (SQLPermission("deregisterDriver"),
+     * and setSyncFactory(SQLPermission(setSyncFactory),
+     *
+     * @param policy Permissions to set
+     */
+    public TestPolicy(String policy) {
+
+        switch (policy) {
+            case "all":
+                permissions.add(new AllPermission());
+                break;
+            case "setLog":
+                setMinimalPermissions();
+                permissions.add(new SQLPermission("setLog"));
+                break;
+            case "deregisterDriver":
+                setMinimalPermissions();
+                permissions.add(new SQLPermission("deregisterDriver"));
+                break;
+            case "setSyncFactory":
+                setMinimalPermissions();
+                permissions.add(new SQLPermission("setSyncFactory"));
+                break;
+            default:
+                setMinimalPermissions();
+        }
+    }
+
+    /*
+     * Defines the minimal permissions required by testNG when running these
+     * tests
+     */
+    private void setMinimalPermissions() {
+        permissions.add(new SecurityPermission("getPolicy"));
+        permissions.add(new SecurityPermission("setPolicy"));
+        permissions.add(new RuntimePermission("getClassLoader"));
+        permissions.add(new RuntimePermission("setSecurityManager"));
+        permissions.add(new RuntimePermission("createSecurityManager"));
+        permissions.add(new PropertyPermission("testng.show.stack.frames",
+                "read"));
+        permissions.add(new PropertyPermission("line.separator", "read"));
+        permissions.add(new PropertyPermission("fileStringBuffer", "read"));
+        permissions.add(new PropertyPermission("dataproviderthreadcount", "read"));
+        permissions.add(new PropertyPermission("java.io.tmpdir", "read"));
+        permissions.add(new FilePermission("<<ALL FILES>>",
+                "read, write, delete"));
+    }
+
+    /*
+     * Overloaded methods from the Policy class
+     */
+    @Override
+    public String toString() {
+        StringJoiner sj = new StringJoiner("\n", "policy: ", "");
+        Enumeration<Permission> perms = permissions.elements();
+        while (perms.hasMoreElements()) {
+            sj.add(perms.nextElement().toString());
+        }
+        return sj.toString();
+
+    }
+
+    @Override
+    public PermissionCollection getPermissions(ProtectionDomain domain) {
+        return permissions;
+    }
+
+    @Override
+    public PermissionCollection getPermissions(CodeSource codesource) {
+        return permissions;
+    }
+
+    @Override
+    public boolean implies(ProtectionDomain domain, Permission perm) {
+        return permissions.implies(perm);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/sql/testng/test/rowset/spi/SyncFactoryPermissionsTests.java	Thu Sep 04 12:23:01 2014 -0400
@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package test.rowset.spi;
+
+import java.security.AccessControlException;
+import java.security.Policy;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import javax.sql.rowset.spi.SyncFactory;
+import org.testng.annotations.AfterClass;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+import util.BaseTest;
+import util.TestPolicy;
+
+public class SyncFactoryPermissionsTests extends BaseTest {
+
+    Context ctx;
+    private static Policy policy;
+    private static SecurityManager sm;
+
+    /*
+     * Install a SeeurityManager along with a base Policy to allow testNG to run
+     */
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+        setPolicy(new TestPolicy());
+        System.setSecurityManager(new SecurityManager());
+    }
+
+    /*
+     * Install the original Policy and SecurityManager
+     */
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+        System.setSecurityManager(sm);
+        setPolicy(policy);
+    }
+
+    /*
+     * Initialize a Context to be used in our tests.
+     * Save off the original Policy and SecurityManager
+     */
+    public SyncFactoryPermissionsTests() {
+        policy = Policy.getPolicy();
+        sm = System.getSecurityManager();
+
+        try {
+            ctx = new InitialContext();
+        } catch (NamingException ex) {
+            Logger.getLogger(SyncFactoryPermissionsTests.class.getName()).
+                    log(Level.SEVERE, null, ex);
+        }
+    }
+
+    /*
+     * Validate that AccessControlException is thrown if
+     * SQLPermission("setSyncFactory") has not been granted
+     */
+    @Test(expectedExceptions = AccessControlException.class)
+    public void test() throws Exception {
+        setPolicy(new TestPolicy());
+        SyncFactory.setJNDIContext(ctx);
+    }
+
+    /*
+     * Validate that setJNDIContext succeeds if SQLPermission("setSyncFactory")
+     * has been granted
+     */
+    @Test
+    public void test1() throws Exception {
+        Policy.setPolicy(new TestPolicy("setSyncFactory"));
+        SyncFactory.setJNDIContext(ctx);
+    }
+
+    /*
+     * Validate that setJNDIContext succeeds if AllPermissions has been granted
+     */
+    @Test
+    public void test2() throws Exception {
+        setPolicy(new TestPolicy("all"));
+        SyncFactory.setJNDIContext(ctx);
+    }
+}
--- a/jdk/test/javax/sql/testng/util/BaseTest.java	Thu Sep 04 00:32:43 2014 -0700
+++ b/jdk/test/javax/sql/testng/util/BaseTest.java	Thu Sep 04 12:23:01 2014 -0400
@@ -27,6 +27,7 @@
 import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
+import java.security.Policy;
 import java.sql.SQLException;
 import org.testng.annotations.AfterClass;
 import org.testng.annotations.AfterMethod;
@@ -88,4 +89,11 @@
         }
         return o1;
     }
+
+    /*
+     * Utility Method used to set the current Policy
+     */
+    protected static void setPolicy(Policy p) {
+        Policy.setPolicy(p);
+    }
 }
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/sql/testng/util/TestPolicy.java	Thu Sep 04 12:23:01 2014 -0400
@@ -0,0 +1,135 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package util;
+
+import java.io.FilePermission;
+import java.security.AllPermission;
+import java.security.CodeSource;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
+import java.security.Policy;
+import java.security.ProtectionDomain;
+import java.security.SecurityPermission;
+import java.sql.SQLPermission;
+import java.util.Enumeration;
+import java.util.PropertyPermission;
+import java.util.StringJoiner;
+
+/*
+ * Simple Policy class that supports the required Permissions to validate the
+ * JDBC concrete classes
+ */
+public class TestPolicy extends Policy {
+
+    final PermissionCollection permissions = new Permissions();
+
+    /**
+     * Constructor which sets the minimum permissions allowing testNG to work
+     * with a SecurityManager
+     */
+    public TestPolicy() {
+        setMinimalPermissions();
+    }
+
+    /*
+     * Constructor which determines which permissions are defined for this
+     * Policy used by the JDBC tests Possible values are: all (ALLPermissions),
+     * setLog (SQLPemission("setLog"), deregisterDriver
+     * (SQLPermission("deregisterDriver") (SQLPermission("deregisterDriver"),
+     * and setSyncFactory(SQLPermission(setSyncFactory),
+     *
+     * @param policy Permissions to set
+     */
+    public TestPolicy(String policy) {
+
+        switch (policy) {
+            case "all":
+                permissions.add(new AllPermission());
+                break;
+            case "setLog":
+                setMinimalPermissions();
+                permissions.add(new SQLPermission("setLog"));
+                break;
+            case "deregisterDriver":
+                setMinimalPermissions();
+                permissions.add(new SQLPermission("deregisterDriver"));
+                break;
+            case "setSyncFactory":
+                setMinimalPermissions();
+                permissions.add(new SQLPermission("setSyncFactory"));
+                break;
+            default:
+                setMinimalPermissions();
+        }
+    }
+
+    /*
+     * Defines the minimal permissions required by testNG when running these
+     * tests
+     */
+    private void setMinimalPermissions() {
+        permissions.add(new SecurityPermission("getPolicy"));
+        permissions.add(new SecurityPermission("setPolicy"));
+        permissions.add(new RuntimePermission("getClassLoader"));
+        permissions.add(new RuntimePermission("setSecurityManager"));
+        permissions.add(new RuntimePermission("createSecurityManager"));
+        permissions.add(new PropertyPermission("testng.show.stack.frames",
+                "read"));
+        permissions.add(new PropertyPermission("line.separator", "read"));
+        permissions.add(new PropertyPermission("fileStringBuffer", "read"));
+        permissions.add(new PropertyPermission("dataproviderthreadcount", "read"));
+        permissions.add(new PropertyPermission("java.io.tmpdir", "read"));
+        permissions.add(new FilePermission("<<ALL FILES>>",
+                "read, write, delete"));
+    }
+
+    /*
+     * Overloaded methods from the Policy class
+     */
+    @Override
+    public String toString() {
+        StringJoiner sj = new StringJoiner("\n", "policy: ", "");
+        Enumeration<Permission> perms = permissions.elements();
+        while (perms.hasMoreElements()) {
+            sj.add(perms.nextElement().toString());
+        }
+        return sj.toString();
+
+    }
+
+    @Override
+    public PermissionCollection getPermissions(ProtectionDomain domain) {
+        return permissions;
+    }
+
+    @Override
+    public PermissionCollection getPermissions(CodeSource codesource) {
+        return permissions;
+    }
+
+    @Override
+    public boolean implies(ProtectionDomain domain, Permission perm) {
+        return permissions.implies(perm);
+    }
+}