/*
 * Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package common;

import java.security.AllPermission;
import java.security.Permission;
import java.security.Permissions;

import javax.xml.XMLConstants;
import javax.xml.transform.TransformerFactory;
import javax.xml.validation.SchemaFactory;
import javax.xml.xpath.XPathFactory;

import jaxp.library.JAXPTestUtilities;

import org.testng.Assert;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;

/*
 * @bug 7143711
 * @summary Test set use-service-mechanism shall not override what's set by the constructor in secure mode.
 */
@Listeners({jaxp.library.BasePolicy.class})
public class Bug7143711Test {
    static final String SCHEMA_LANGUAGE = "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
    static final String SCHEMA_SOURCE = "http://java.sun.com/xml/jaxp/properties/schemaSource";

    private static final String DOM_FACTORY_ID = "javax.xml.parsers.DocumentBuilderFactory";
    private static final String SAX_FACTORY_ID = "javax.xml.parsers.SAXParserFactory";

    // impl specific feature
    final String ORACLE_FEATURE_SERVICE_MECHANISM = "http://www.oracle.com/feature/use-service-mechanism";

    @Test
    public void testValidation_SAX_withSM() {
        System.out.println("Validation using SAX Source with security manager:");
        System.setProperty(SAX_FACTORY_ID, "MySAXFactoryImpl");
        Permissions granted = new java.security.Permissions();
        granted.add(new AllPermission());
        System.setSecurityManager(new MySM(granted));

        try {
            SchemaFactory factory = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
            // should not allow
            factory.setFeature(ORACLE_FEATURE_SERVICE_MECHANISM, true);
            if ((boolean) factory.getFeature(ORACLE_FEATURE_SERVICE_MECHANISM)) {
                Assert.fail("should not override in secure mode");
            }
        } catch (Exception e) {
            Assert.fail(e.getMessage());

        } finally {
            System.clearProperty(SAX_FACTORY_ID);
            System.setSecurityManager(null);
        }

        System.setSecurityManager(null);

    }

    @Test(enabled=false) //skipped due to bug JDK-8080097
    public void testTransform_DOM_withSM() {
        System.out.println("Transform using DOM Source;  Security Manager is set:");

        Permissions granted = new java.security.Permissions();
        granted.add(new AllPermission());
        System.setSecurityManager(new MySM(granted));
        System.setProperty(DOM_FACTORY_ID, "MyDOMFactoryImpl");

        try {
            TransformerFactory factory = TransformerFactory.newInstance("com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl",
                    TransformerFactory.class.getClassLoader());
            factory.setFeature(ORACLE_FEATURE_SERVICE_MECHANISM, true);
            if ((boolean) factory.getFeature(ORACLE_FEATURE_SERVICE_MECHANISM)) {
                Assert.fail("should not override in secure mode");
            }

        } catch (Exception e) {
            Assert.fail(e.getMessage());
        } finally {
            System.clearProperty(DOM_FACTORY_ID);
            System.setSecurityManager(null);
        }

        System.clearProperty(DOM_FACTORY_ID);
    }

    @Test
    public void testXPath_DOM_withSM() {
        System.out.println("Evaluate DOM Source;  Security Manager is set:");
        Permissions granted = new java.security.Permissions();
        granted.add(new AllPermission());
        System.setSecurityManager(new MySM(granted));
        System.setProperty(DOM_FACTORY_ID, "MyDOMFactoryImpl");

        try {
            XPathFactory xPathFactory = XPathFactory.newInstance("http://java.sun.com/jaxp/xpath/dom",
                    "com.sun.org.apache.xpath.internal.jaxp.XPathFactoryImpl", null);
            xPathFactory.setFeature(ORACLE_FEATURE_SERVICE_MECHANISM, true);
            if ((boolean) xPathFactory.getFeature(ORACLE_FEATURE_SERVICE_MECHANISM)) {
                Assert.fail("should not override in secure mode");
            }

        } catch (Exception e) {
            Assert.fail(e.getMessage());
        } finally {
            System.clearProperty(DOM_FACTORY_ID);
            System.setSecurityManager(null);
        }

        System.clearProperty(DOM_FACTORY_ID);
    }

    @Test
    public void testSM() {
        SecurityManager sm = System.getSecurityManager();
        if (System.getSecurityManager() != null) {
            System.out.println("Security manager not cleared: " + sm.toString());
        } else {
            System.out.println("Security manager cleared: ");
        }
    }

    class MySM extends SecurityManager {
        Permissions granted;

        public MySM(Permissions perms) {
            granted = perms;
        }

        @Override
        public void checkPermission(Permission perm) {
            if (granted.implies(perm)) {
                return;
            }
            super.checkPermission(perm);
        }

    }

}