SecurityTest


1   package groovy.security;
2   
3   import groovy.lang.GroovyCodeSource;
4   
5   import java.io.File  ;
6   import java.io.IOException  ;
7   import java.net.URL  ;
8   import java.security.Security  ;
9   import java.util.PropertyPermission  ;
10  
11  import org.codehaus.groovy.control.CompilationFailedException;
12  
13  import junit.framework.Test;
14  import junit.framework.TestSuite;
15  import junit.textui.TestRunner;
16  
17  /**
18   * Test the effects of enabling security in Groovy.  Some tests below check for proper framework
19   * behavior (e.g. ensuring that GroovyCodeSources may only be created for which proper permissions exist).
20   * Other tests run .groovy scripts under a secure environment and ensure that the proper permissions
21   * are required for success.
22   * 
23   * @author Steve Goetze
24   */
25  public class SecurityTest extends SecurityTestSupport {
26  
27      public static void main(String  [] args) {
28          TestRunner.run( suite() );
29      }
30     
31      public static Test suite() {
32          return new TestSuite(SecurityTest.class);
33      }
34  
35      public void testForbiddenProperty() {
36          String   script = "System.getProperty(\"user.home\")";
37          assertExecute(script, null, new PropertyPermission  ("user.home", "read"));
38      }
39  
40      public void testForbiddenPackage() {
41          String   script = "import sun.net.*; s = new NetworkClient()";
42          assertExecute(script, "/groovy/security/testForbiddenPackage", new RuntimePermission  ("accessClassInPackage.sun.*"));
43      }
44  
45      public void testForbiddenCodebase() {
46          assertExecute(new File  ("src/test/groovy/security/forbiddenCodeBase.gvy"), new GroovyCodeSourcePermission("/groovy/security/forbiddenCodeBase"));
47      }
48      
49      //Check that the Security package.access control works.
50      public void testPackageAccess() {
51          String   script = "new javax.print.PrintException();";
52          Security.setProperty("package.access", "javax.print");
53          //This should throw an ACE because its codeBase does not allow access to javax.print
54          assertExecute(script, "/groovy/security/javax/print/deny", new RuntimePermission  ("accessClassInPackage.javax.print"));
55          //This should not throw an ACE because groovy.policy grants the codeBase access to javax.print
56          assertExecute(script, "/groovy/security/javax/print/allow", null);
57      }
58      
59      public void testBadScriptNameBug() {
60          assertExecute(new File  ("src/test/groovy/bugs/BadScriptNameBug.groovy"), null);
61      }
62  
63      public void testClosureListenerTest() {
64          assertExecute(new File  ("src/test/groovy/ClosureListenerTest.groovy"), null);
65      }
66  
67      public void testClosureMethodTest() {
68          assertExecute(new File  ("src/test/groovy/ClosureMethodTest.groovy"), null);
69      }
70  
71      public void testGroovyMethodsTest() {
72          assertExecute(new File  ("src/test/groovy/GroovyMethodsTest.groovy"), null);
73      }
74  
75      public void testClosureWithDefaultParamTest() {
76          assertExecute(new File  ("src/test/groovy/ClosureWithDefaultParamTest.groovy"), null);
77      }
78  
79      public void testGroovy303_Bug() {
80          assertExecute(new File  ("src/test/groovy/bugs/Groovy303_Bug.groovy"), null);
81      }
82  
83      public void testScriptTest() {
84          assertExecute(new File  ("src/test/groovy/script/ScriptTest.groovy"), null);
85      }
86      
87      //In addition to requiring several permissions, this test is an example of the case
88      //where the groovy class loader is required at script invocation time as well as
89      //during compilation.
90      public void testSqlCompleteWithoutDataSourceTest() {
91          assertExecute(new File  ("src/test/groovy/sql/SqlCompleteWithoutDataSourceTest.groovy"), null);
92      }
93      
94      //Test to prevent scripts from invoking the groovy compiler.  This is done by restricting access
95      //to the org.codehaus.groovy packages.
96      public void testMetaClassTest() {
97          Security.setProperty("package.access", "org.codehaus.groovy");
98          assertExecute(new File  ("src/test/org/codehaus/groovy/classgen/MetaClassTest.groovy"), new RuntimePermission  ("accessClassInPackage.org.codehaus.groovy"));
99      }
100     
101     //Mailing list post by Richard Hensley reporting a CodeSource bug.  A GroovyCodeSource created
102     //with a URL was causing an NPE.
103     public void testCodeSource() throws IOException  , CompilationFailedException {
104         URL   script = loader.getResource("groovy/ArrayTest.groovy");
105         GroovyCodeSource gcs = new GroovyCodeSource(script);
106         Class   result = loader.parseClass(gcs);
107     }
108     
109 }
110
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags