Google Git
Sign in
eclipse / equinox / rt.equinox.framework / 44e5a8e91ddb2bced043c5950af1b601cbb83fd4 / . / bundles / org.eclipse.osgi.tests / src / org / eclipse / osgi / tests / composites / CompositeSecurityTests.java
blob: 7dea1a60c1da704bb2bf95640779ef692ec4d003 [file] [log] [blame]
/*******************************************************************************
* Copyright (c) 2008, 2010 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
* Contributors:
* IBM Corporation - initial API and implementation
*******************************************************************************/
package org.eclipse.osgi.tests.composites;
import java.security.*;
import java.util.*;
import junit.framework.Test;
import junit.framework.TestSuite;
import org.osgi.framework.*;
import org.osgi.service.condpermadmin.*;
import org.osgi.service.framework.CompositeBundle;
import org.osgi.service.framework.CompositeBundleFactory;
import org.osgi.service.permissionadmin.PermissionInfo;
public class CompositeSecurityTests extends AbstractCompositeTests {
public static Test suite() {
return new TestSuite(CompositeSecurityTests.class);
}
private Policy previousPolicy;
protected void setUp() throws Exception {
if (System.getSecurityManager() != null)
fail("Cannot test with security manager set"); //$NON-NLS-1$
previousPolicy = Policy.getPolicy();
final Permission allPermission = new AllPermission();
final PermissionCollection allPermissions = new PermissionCollection() {
private static final long serialVersionUID = 3258131349494708277L;
// A simple PermissionCollection that only has AllPermission
public void add(Permission permission) {
//no adding to this policy
}
public boolean implies(Permission permission) {
return true;
}
public Enumeration elements() {
return new Enumeration() {
int cur = 0;
public boolean hasMoreElements() {
return cur < 1;
}
public Object nextElement() {
if (cur == 0) {
cur = 1;
return allPermission;
}
throw new NoSuchElementException();
}
};
}
};
Policy.setPolicy(new Policy() {
public PermissionCollection getPermissions(CodeSource codesource) {
return allPermissions;
}
public void refresh() {
// nothing
}
});
super.setUp();
}
protected void tearDown() throws Exception {
super.tearDown();
if (System.getSecurityManager() != null)
System.setSecurityManager(null);
Policy.setPolicy(previousPolicy);
}
public void testLinkSecurity01() {
Map linkManifest = new HashMap();
linkManifest.put(Constants.BUNDLE_SYMBOLICNAME, "testLinkSecurity01"); //$NON-NLS-1$
linkManifest.put(Constants.BUNDLE_VERSION, "1.0.0"); //$NON-NLS-1$
linkManifest.put(Constants.IMPORT_PACKAGE, "org.eclipse.osgi.tests.bundles"); //$NON-NLS-1$
linkManifest.put(CompositeBundleFactory.COMPOSITE_SERVICE_FILTER_IMPORT, "(objectClass=org.eclipse.osgi.tests.bundles.BundleInstaller)"); //$NON-NLS-1$
CompositeBundle composite = createCompositeBundle(linkBundleFactory, "testLinkSecurity01", null, linkManifest, true, true); //$NON-NLS-1$
startCompositeBundle(composite, false);
stopCompositeBundle(composite);
uninstallCompositeBundle(composite);
}
public void testLinkSecurity02() {
Map linkManifest = new HashMap();
linkManifest.put(Constants.BUNDLE_SYMBOLICNAME, "testLinkSecurity02"); //$NON-NLS-1$
linkManifest.put(Constants.BUNDLE_VERSION, "1.0.0"); //$NON-NLS-1$
linkManifest.put(Constants.IMPORT_PACKAGE, "org.eclipse.osgi.tests.bundles"); //$NON-NLS-1$
linkManifest.put(CompositeBundleFactory.COMPOSITE_SERVICE_FILTER_IMPORT, "(objectClass=org.eclipse.osgi.tests.bundles.BundleInstaller)"); //$NON-NLS-1$
CompositeBundle composite = createCompositeBundle(linkBundleFactory, "testLinkSecurity02", null, linkManifest, true, true); //$NON-NLS-1$
Bundle linkD = installIntoChild(composite.getCompositeFramework(), "test.link.d"); //$NON-NLS-1$
ConditionInfo[] conditions = new ConditionInfo[] {new ConditionInfo(BundleLocationCondition.class.getName(), new String[] {linkD.getLocation()})};
ConditionalPermissionAdmin childCondAdmin = getCondPermAdmin(composite.getCompositeFramework().getBundleContext());
childCondAdmin.addConditionalPermissionInfo(conditions, new PermissionInfo[] {new PermissionInfo("(test)")}); //$NON-NLS-1$
try {
linkD.start();
fail("Should fail to start test.link.d"); //$NON-NLS-1$
} catch (BundleException e) {
assertEquals("Wrong exception type", BundleException.RESOLVE_ERROR, e.getType()); //$NON-NLS-1$
}
ConditionalPermissionUpdate update = childCondAdmin.newConditionalPermissionUpdate();
List infos = update.getConditionalPermissionInfos();
assertEquals("Wrong number of infos", 1, infos.size()); //$NON-NLS-1$
infos.clear();
PermissionInfo packagePerm = new PermissionInfo(PackagePermission.class.getName(), "*", PackagePermission.IMPORT); //$NON-NLS-1$
PermissionInfo servicePerm = new PermissionInfo(ServicePermission.class.getName(), "*", ServicePermission.GET + ',' + ServicePermission.REGISTER); //$NON-NLS-1$
PermissionInfo allPerm = new PermissionInfo(AllPermission.class.getName(), "*", "*"); //$NON-NLS-1$ //$NON-NLS-2$
PermissionInfo[] permissions = new PermissionInfo[] {packagePerm};
infos.add(childCondAdmin.newConditionalPermissionInfo("test.link.d", conditions, permissions, ConditionalPermissionInfo.ALLOW)); //$NON-NLS-1$
update.commit();
try {
linkD.start();
fail("Should fail to start test.link.d"); //$NON-NLS-1$
} catch (BundleException e) {
assertEquals("Wrong exception type", BundleException.ACTIVATOR_ERROR, e.getType()); //$NON-NLS-1$
assertEquals("Unexpected exception message", "Missing Service Permission", e.getCause().getMessage()); //$NON-NLS-1$//$NON-NLS-2$
}
update = childCondAdmin.newConditionalPermissionUpdate();
infos = update.getConditionalPermissionInfos();
assertEquals("Wrong number of infos", 1, infos.size()); //$NON-NLS-1$
infos.clear();
permissions = new PermissionInfo[] {packagePerm, servicePerm};
infos.add(childCondAdmin.newConditionalPermissionInfo("test.link.d", conditions, permissions, ConditionalPermissionInfo.ALLOW)); //$NON-NLS-1$
update.commit();
try {
linkD.start();
fail("Should fail to start test.link.d"); //$NON-NLS-1$
} catch (BundleException e) {
assertEquals("Wrong exception type", BundleException.ACTIVATOR_ERROR, e.getType()); //$NON-NLS-1$
assertEquals("Unexpected exception message", "Missing AllPermissions", e.getCause().getMessage()); //$NON-NLS-1$//$NON-NLS-2$
}
update = childCondAdmin.newConditionalPermissionUpdate();
infos = update.getConditionalPermissionInfos();
assertEquals("Wrong number of infos", 1, infos.size()); //$NON-NLS-1$
infos.clear();
permissions = new PermissionInfo[] {allPerm};
infos.add(childCondAdmin.newConditionalPermissionInfo("test.link.d", conditions, permissions, ConditionalPermissionInfo.ALLOW)); //$NON-NLS-1$
update.commit();
try {
linkD.start();
} catch (BundleException e) {
fail("Unexpected exception", e); //$NON-NLS-1$
}
uninstallCompositeBundle(composite);
}
public void testLinkSecurity03() {
Map linkManifest = new HashMap();
linkManifest.put(Constants.BUNDLE_SYMBOLICNAME, "testLinkSecurity03"); //$NON-NLS-1$
linkManifest.put(Constants.BUNDLE_VERSION, "1.0.0"); //$NON-NLS-1$
linkManifest.put(Constants.IMPORT_PACKAGE, "org.eclipse.osgi.tests.bundles"); //$NON-NLS-1$
linkManifest.put(CompositeBundleFactory.COMPOSITE_SERVICE_FILTER_IMPORT, "(objectClass=org.eclipse.osgi.tests.bundles.BundleInstaller)"); //$NON-NLS-1$
CompositeBundle composite = createCompositeBundle(linkBundleFactory, "testLinkSecurity03", null, linkManifest, true, true); //$NON-NLS-1$
Bundle conditionBundle = installIntoChild(composite.getCompositeFramework(), "test.link.postponed"); //$NON-NLS-1$
assertTrue("Condition bundle not resolved", getPackageAdmin(composite.getCompositeFramework()).resolveBundles(new Bundle[] {conditionBundle}));
Bundle linkD = installIntoChild(composite.getCompositeFramework(), "test.link.d"); //$NON-NLS-1$
ConditionInfo[] conditions = new ConditionInfo[] {new ConditionInfo(BundleLocationCondition.class.getName(), new String[] {linkD.getLocation()})};
ConditionalPermissionAdmin childCondAdmin = getCondPermAdmin(composite.getCompositeFramework().getBundleContext());
childCondAdmin.addConditionalPermissionInfo(conditions, new PermissionInfo[] {new PermissionInfo("(test)")}); //$NON-NLS-1$
try {
linkD.start();
fail("Should fail to start test.link.d"); //$NON-NLS-1$
} catch (BundleException e) {
assertEquals("Wrong exception type", BundleException.RESOLVE_ERROR, e.getType()); //$NON-NLS-1$
}
ConditionalPermissionUpdate update = childCondAdmin.newConditionalPermissionUpdate();
List infos = update.getConditionalPermissionInfos();
assertEquals("Wrong number of infos", 1, infos.size()); //$NON-NLS-1$
infos.clear();
PermissionInfo packagePerm = new PermissionInfo(PackagePermission.class.getName(), "*", PackagePermission.IMPORT); //$NON-NLS-1$
PermissionInfo servicePerm = new PermissionInfo(ServicePermission.class.getName(), "*", ServicePermission.GET + ',' + ServicePermission.REGISTER); //$NON-NLS-1$
PermissionInfo allPerm = new PermissionInfo(AllPermission.class.getName(), "*", "*"); //$NON-NLS-1$ //$NON-NLS-2$
PermissionInfo[] permissions = new PermissionInfo[] {packagePerm};
infos.add(childCondAdmin.newConditionalPermissionInfo("test.link.d", conditions, permissions, ConditionalPermissionInfo.ALLOW)); //$NON-NLS-1$
update.commit();
try {
linkD.start();
fail("Should fail to start test.link.d"); //$NON-NLS-1$
} catch (BundleException e) {
assertEquals("Wrong exception type", BundleException.ACTIVATOR_ERROR, e.getType()); //$NON-NLS-1$
assertEquals("Unexpected exception message", "Missing Service Permission", e.getCause().getMessage()); //$NON-NLS-1$//$NON-NLS-2$
}
update = childCondAdmin.newConditionalPermissionUpdate();
infos = update.getConditionalPermissionInfos();
assertEquals("Wrong number of infos", 1, infos.size()); //$NON-NLS-1$
infos.clear();
permissions = new PermissionInfo[] {packagePerm, servicePerm};
infos.add(childCondAdmin.newConditionalPermissionInfo("test.link.d", conditions, permissions, ConditionalPermissionInfo.ALLOW)); //$NON-NLS-1$
update.commit();
try {
linkD.start();
fail("Should fail to start test.link.d"); //$NON-NLS-1$
} catch (BundleException e) {
assertEquals("Wrong exception type", BundleException.ACTIVATOR_ERROR, e.getType()); //$NON-NLS-1$
assertEquals("Unexpected exception message", "Missing AllPermissions", e.getCause().getMessage()); //$NON-NLS-1$//$NON-NLS-2$
}
update = childCondAdmin.newConditionalPermissionUpdate();
infos = update.getConditionalPermissionInfos();
assertEquals("Wrong number of infos", 1, infos.size()); //$NON-NLS-1$
infos.clear();
permissions = new PermissionInfo[] {allPerm};
infos.add(childCondAdmin.newConditionalPermissionInfo("test.link.d", conditions, permissions, ConditionalPermissionInfo.ALLOW)); //$NON-NLS-1$
update.commit();
try {
linkD.start();
} catch (BundleException e) {
fail("Unexpected exception", e);
}
uninstallCompositeBundle(composite);
}
private ConditionalPermissionAdmin getCondPermAdmin(BundleContext context) {
ServiceReference permAdminRef = context.getServiceReference(ConditionalPermissionAdmin.class.getName());
if (permAdminRef == null) {
fail("No Conditional Permission Admin service"); //$NON-NLS-1$
return null;
}
try {
ConditionalPermissionAdmin permAdmin = (ConditionalPermissionAdmin) context.getService(permAdminRef);
if (permAdmin == null)
fail("No Conditional Permission Admin service"); //$NON-NLS-1$
return permAdmin;
} finally {
context.ungetService(permAdminRef);
}
}
}