1 /*
2 * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @summary Basic checks for SecurityException from body processors APIs
27 * @run testng/othervm/java.security.policy=httpclient.policy FileProcessorPermissionTest
28 */
29
30 import java.io.FilePermission;
31 import java.nio.file.Path;
32 import java.nio.file.Paths;
33 import java.security.AccessControlContext;
34 import java.security.AccessController;
35 import java.security.Permission;
36 import java.security.Permissions;
37 import java.security.PrivilegedActionException;
38 import java.security.PrivilegedExceptionAction;
39 import java.security.ProtectionDomain;
40 import java.util.List;
41 import jdk.incubator.http.HttpRequest;
42 import jdk.incubator.http.HttpResponse;
43 import org.testng.annotations.Test;
44 import static java.nio.file.StandardOpenOption.*;
45 import static org.testng.Assert.*;
46
47 public class FileProcessorPermissionTest {
48
49 static final String testSrc = System.getProperty("test.src", ".");
50 static final Path fromFilePath = Paths.get(testSrc, "FileProcessorPermissionTest.java");
51 static final Path asFilePath = Paths.get(testSrc, "asFile.txt");
52 static final Path CWD = Paths.get(".");
53 static final Class<SecurityException> SE = SecurityException.class;
54
55 static AccessControlContext withPermissions(Permission... perms) {
56 Permissions p = new Permissions();
57 for (Permission perm : perms) {
58 p.add(perm);
59 }
60 ProtectionDomain pd = new ProtectionDomain(null, p);
61 return new AccessControlContext(new ProtectionDomain[]{ pd });
62 }
63
64 static AccessControlContext noPermissions() {
65 return withPermissions(/*empty*/);
66 }
67
68 @Test
69 public void test() throws Exception {
70 List<PrivilegedExceptionAction<?>> list = List.of(
71 () -> HttpRequest.BodyPublisher.fromFile(fromFilePath),
72
73 () -> HttpResponse.BodyHandler.asFile(asFilePath),
74 () -> HttpResponse.BodyHandler.asFile(asFilePath, CREATE),
75 () -> HttpResponse.BodyHandler.asFile(asFilePath, CREATE, WRITE),
76 () -> HttpResponse.BodyHandler.asFile(asFilePath, CREATE, WRITE, READ),
77 () -> HttpResponse.BodyHandler.asFile(asFilePath, CREATE, WRITE, READ, DELETE_ON_CLOSE),
78
79 () -> HttpResponse.BodyHandler.asFileDownload(CWD),
80 () -> HttpResponse.BodyHandler.asFileDownload(CWD, CREATE),
81 () -> HttpResponse.BodyHandler.asFileDownload(CWD, CREATE, WRITE),
82 () -> HttpResponse.BodyHandler.asFileDownload(CWD, CREATE, WRITE, READ),
83 () -> HttpResponse.BodyHandler.asFileDownload(CWD, CREATE, WRITE, READ, DELETE_ON_CLOSE),
84
85 // TODO: what do these even mean by themselves, maybe ok means nothing?
86 () -> HttpResponse.BodyHandler.asFile(asFilePath, DELETE_ON_CLOSE),
87 () -> HttpResponse.BodyHandler.asFile(asFilePath, READ)
88 );
89
90 // sanity, just run http ( no security manager )
91 System.setSecurityManager(null);
92 try {
93 for (PrivilegedExceptionAction pa : list) {
94 AccessController.doPrivileged(pa);
95 }
96 } finally {
97 System.setSecurityManager(new SecurityManager());
98 }
99
100 // Run with all permissions, i.e. no further restrictions than test's AllPermission
101 for (PrivilegedExceptionAction pa : list) {
102 try {
103 assert System.getSecurityManager() != null;
104 AccessController.doPrivileged(pa, null, new Permission[] { });
105 } catch (PrivilegedActionException pae) {
106 fail("UNEXPECTED Exception:" + pae);
107 pae.printStackTrace();
108 }
109 }
110
111 // Run with limited permissions, i.e. just what is required
112 AccessControlContext minimalACC = withPermissions(
113 new FilePermission(fromFilePath.toString() , "read"),
114 new FilePermission(asFilePath.toString(), "read,write,delete"),
115 new FilePermission(CWD.toString(), "read,write,delete")
116 );
117 for (PrivilegedExceptionAction pa : list) {
118 try {
119 assert System.getSecurityManager() != null;
120 AccessController.doPrivileged(pa, minimalACC);
121 } catch (PrivilegedActionException pae) {
122 fail("UNEXPECTED Exception:" + pae);
123 pae.printStackTrace();
124 }
125 }
126
127 // Run with NO permissions, i.e. expect SecurityException
128 for (PrivilegedExceptionAction pa : list) {
129 try {
130 assert System.getSecurityManager() != null;
131 AccessController.doPrivileged(pa, noPermissions());
132 fail("EXPECTED SecurityException");
133 } catch (SecurityException expected) {
134 System.out.println("Caught expected SE:" + expected);
135 }
136 }
137 }
138 }