| package groovy.security; |
| |
| import groovy.lang.GroovyCodeSource; |
| import junit.framework.Test; |
| import junit.framework.TestSuite; |
| import junit.textui.TestRunner; |
| import org.codehaus.groovy.control.CompilationFailedException; |
| |
| import java.io.File; |
| import java.io.IOException; |
| import java.net.URL; |
| import java.security.Security; |
| import java.util.PropertyPermission; |
| |
| /** |
| * Test the effects of enabling security in Groovy. Some tests below check for proper framework |
| * behavior (e.g. ensuring that GroovyCodeSources may only be created for which proper permissions exist). |
| * Other tests run .groovy scripts under a secure environment and ensure that the proper permissions |
| * are required for success. |
| * <p/> |
| * Todo: find out why the marked tests are environment specific and why security tests are not |
| * running on the build server. |
| * |
| * @author Steve Goetze |
| */ |
| public class SecurityTest extends SecurityTestSupport { |
| |
| public static void main(String[] args) { |
| TestRunner.run(suite()); |
| } |
| |
| public static Test suite() { |
| return new TestSuite(SecurityTest.class); |
| } |
| |
| public void testForbiddenProperty() { |
| String script = "System.getProperty(\"user.home\")"; |
| assertExecute(script, null, new PropertyPermission("user.home", "read")); |
| } |
| |
| public void testForbiddenPackage() { |
| String script = "import sun.net.*; s = new NetworkClient()"; |
| assertExecute(script, "/groovy/security/testForbiddenPackage", new RuntimePermission("accessClassInPackage.sun.*")); |
| } |
| |
| public void testForbiddenCodebase() { |
| assertExecute(new File("src/test/groovy/security/forbiddenCodeBase.gvy"), new GroovyCodeSourcePermission("/groovy/security/forbiddenCodeBase")); |
| } |
| |
| public void testForbiddenCodebaseWithActions() { |
| assertExecute(new File("src/test/groovy/security/forbiddenCodeBase.gvy"), new GroovyCodeSourcePermission("/groovy/security/forbiddenCodeBase", "unused actions string")); |
| } |
| |
| //Check that the Security package.access control works. |
| public void testPackageAccess() { |
| String script = "new javax.print.PrintException();"; |
| Security.setProperty("package.access", "javax.print"); |
| //This should throw an ACE because its codeBase does not allow access to javax.print |
| assertExecute(script, "/groovy/security/javax/print/deny", new RuntimePermission("accessClassInPackage.javax.print")); |
| //This should not throw an ACE because groovy.policy grants the codeBase access to javax.print |
| assertExecute(script, "/groovy/security/javax/print/allow", null); |
| } |
| |
| public void testBadScriptNameBug() { |
| assertExecute(new File("src/test/groovy/bugs/BadScriptNameBug.groovy"), null); |
| } |
| |
| public void testClosureListenerTest() { |
| //if (System.getProperty("java.version").startsWith("1.5") && notYetImplemented()) return; |
| if (System.getProperty("java.version").startsWith("1.5")) return; |
| assertExecute(new File("src/test/groovy/ClosureListenerTest.groovy"), null); |
| } |
| |
| public void testClosureMethodTest() { |
| assertExecute(new File("src/test/groovy/ClosureMethodTest.groovy"), null); |
| } |
| |
| public void testGroovyMethodsTest_FAILS() { |
| if (notYetImplemented()) return; |
| assertExecute(new File("src/test/groovy/GroovyMethodsTest.groovy"), null); |
| } |
| |
| public void testClosureWithDefaultParamTest() { |
| assertExecute(new File("src/test/groovy/ClosureWithDefaultParamTest.groovy"), null); |
| } |
| |
| public void testGroovy303_Bug() { |
| assertExecute(new File("src/test/groovy/bugs/Groovy303_Bug.groovy"), null); |
| } |
| |
| public void testScriptTest() { |
| assertExecute(new File("src/test/groovy/script/ScriptTest.groovy"), null); |
| } |
| |
| //In addition to requiring several permissions, this test is an example of the case |
| //where the groovy class loader is required at script invocation time as well as |
| //during compilation. |
| public void testSqlCompleteWithoutDataSourceTest() { |
| assertExecute(new File("src/test/groovy/sql/SqlCompleteWithoutDataSourceTest.groovy"), null); |
| } |
| |
| //Test to prevent scripts from invoking the groovy compiler. This is done by restricting access |
| //to the org.codehaus.groovy packages. |
| public void testMetaClassTest() { |
| //Security.setProperty("package.access", "org.codehaus.groovy"); |
| //assertExecute(new File("src/test/org/codehaus/groovy/classgen/MetaClassTest.groovy"), new RuntimePermission("accessClassInPackage.org.codehaus.groovy")); |
| } |
| |
| //Mailing list post by Richard Hensley reporting a CodeSource bug. A GroovyCodeSource created |
| //with a URL was causing an NPE. |
| public void testCodeSource() throws IOException, CompilationFailedException { |
| URL script = loader.getResource("groovy/ArrayTest.groovy"); |
| try { |
| new GroovyCodeSource(script); |
| } catch (RuntimeException re) { |
| assertEquals("Could not construct a GroovyCodeSource from a null URL", re.getMessage()); |
| } |
| } |
| |
| } |