6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23 package jaxp.library;
24
25
26 import java.security.CodeSource;
27 import java.security.Permission;
28 import java.security.PermissionCollection;
29 import java.security.Permissions;
30 import java.security.Policy;
31 import java.security.ProtectionDomain;
32 import java.security.SecurityPermission;
33 import java.util.Enumeration;
34 import java.util.HashMap;
35 import java.util.Map;
36 import java.util.PropertyPermission;
37 import java.util.StringJoiner;
38
39
40 /*
41 * This is a base class that every test class must extend if it needs to be run
42 * with security mode.
43 */
44 public class JAXPPolicyManager {
45 /*
46 * Backing up policy.
47 */
48 private Policy policyBackup;
49
50 /*
51 * Backing up security manager.
52 */
53 private SecurityManager smBackup;
54
55 /*
56 * Current policy.
90
91 /*
92 * Restore the original Policy and SecurityManager.
93 */
94 static synchronized void teardownPolicyManager() throws Exception {
95 if (policyManager != null) {
96 policyManager.teardown();
97 policyManager = null;
98 }
99 }
100
101 /*
102 * Set default permissions, sub-class of JAXPBaseTest should override this
103 * method.
104 */
105 private void setDefaultPermissions() {
106 //Permissions to set security manager and policy
107 addPermission(new SecurityPermission("getPolicy"));
108 addPermission(new SecurityPermission("setPolicy"));
109 addPermission(new RuntimePermission("setSecurityManager"));
110 //Properties that jtreg and TestNG require
111 addPermission(new PropertyPermission("testng.show.stack.frames", "read"));
112 addPermission(new PropertyPermission("test.src", "read"));
113 addPermission(new PropertyPermission("test.classes", "read"));
114 addPermission(new PropertyPermission("dataproviderthreadcount", "read"));
115 addPermission(new PropertyPermission("experimental", "read"));
116 }
117
118 /*
119 * Add permission to the TestPolicy.
120 *
121 * @param permission to be added.
122 */
123 void addPermission(Permission p) {
124 policy.addPermission(p);
125 }
126
127 /*
128 * Add a temporary permission in current thread context. This won't impact
129 * global policy and doesn't support permission combination.
130 *
131 * @param permission
132 * to add.
133 * @return index of the added permission.
134 */
135 int addTmpPermission(Permission p) {
146 /*
147 * Remove a temporary permission from current thread context.
148 *
149 * @param index to remove.
150 *
151 * @throws RuntimeException if no temporary permission list in current
152 * thread context or no permission correlated to the index.
153 */
154 void removeTmpPermission(int index) {
155 policy.removeTmpPermission(index);
156 }
157
158
159 }
160
161 /*
162 * Simple Policy class that supports the required Permissions to validate the
163 * JAXP concrete classes.
164 */
165 class TestPolicy extends Policy {
166 private final PermissionCollection permissions = new Permissions();
167
168 private ThreadLocal<Map<Integer, Permission>> transientPermissions = new ThreadLocal<>();
169 private ThreadLocal<Boolean> allowAll = new ThreadLocal<>();
170
171 private static Policy defaultPolicy = Policy.getPolicy();
172
173 /*
174 * Add permission to this policy.
175 *
176 * @param permission to be added.
177 */
178 void addPermission(Permission p) {
179 permissions.add(p);
180 }
181
182 /*
183 * Set all permissions. Caution: this should not called carefully unless
184 * it's really needed.
185 *
194 public String toString() {
195 StringJoiner sj = new StringJoiner("\n", "policy: ", "");
196 Enumeration<Permission> perms = permissions.elements();
197 while (perms.hasMoreElements()) {
198 sj.add(perms.nextElement().toString());
199 }
200 return sj.toString();
201
202 }
203
204 @Override
205 public PermissionCollection getPermissions(ProtectionDomain domain) {
206 return permissions;
207 }
208
209 @Override
210 public PermissionCollection getPermissions(CodeSource codesource) {
211 return permissions;
212 }
213
214 @Override
215 public boolean implies(ProtectionDomain domain, Permission perm) {
216 if (allowAll())
217 return true;
218
219 if (defaultPolicy.implies(domain, perm))
220 return true;
221
222 if (permissions.implies(perm))
223 return true;
224 else
225 return tmpImplies(perm);
226 }
227
228 /*
229 * Add a temporary permission in current thread context. This won't impact
230 * global policy and doesn't support permission combination.
231 *
232 * @param permission to add.
233 * @return index of the added permission.
234 */
235 int addTmpPermission(Permission p) {
236 Map<Integer, Permission> tmpPermissions = transientPermissions.get();
237 if (tmpPermissions == null)
238 tmpPermissions = new HashMap<>();
239
240 int id = tmpPermissions.size();
241 tmpPermissions.put(id, p);
242 transientPermissions.set(tmpPermissions);
243 return id;
244 }
245
246 /*
247 * Remove a temporary permission from current thread context.
|
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23 package jaxp.library;
24
25
26 import java.net.URL;
27 import java.security.CodeSource;
28 import java.security.Permission;
29 import java.security.PermissionCollection;
30 import java.security.Permissions;
31 import java.security.Policy;
32 import java.security.ProtectionDomain;
33 import java.security.SecurityPermission;
34 import java.util.Enumeration;
35 import java.util.HashMap;
36 import java.util.Map;
37 import java.util.PropertyPermission;
38 import java.util.Set;
39 import java.util.StringJoiner;
40
41
42 /*
43 * This is a base class that every test class must extend if it needs to be run
44 * with security mode.
45 */
46 public class JAXPPolicyManager {
47 /*
48 * Backing up policy.
49 */
50 private Policy policyBackup;
51
52 /*
53 * Backing up security manager.
54 */
55 private SecurityManager smBackup;
56
57 /*
58 * Current policy.
92
93 /*
94 * Restore the original Policy and SecurityManager.
95 */
96 static synchronized void teardownPolicyManager() throws Exception {
97 if (policyManager != null) {
98 policyManager.teardown();
99 policyManager = null;
100 }
101 }
102
103 /*
104 * Set default permissions, sub-class of JAXPBaseTest should override this
105 * method.
106 */
107 private void setDefaultPermissions() {
108 //Permissions to set security manager and policy
109 addPermission(new SecurityPermission("getPolicy"));
110 addPermission(new SecurityPermission("setPolicy"));
111 addPermission(new RuntimePermission("setSecurityManager"));
112 addPermission(new PropertyPermission("test.src", "read"));
113 }
114
115 /*
116 * Add permission to the TestPolicy.
117 *
118 * @param permission to be added.
119 */
120 void addPermission(Permission p) {
121 policy.addPermission(p);
122 }
123
124 /*
125 * Add a temporary permission in current thread context. This won't impact
126 * global policy and doesn't support permission combination.
127 *
128 * @param permission
129 * to add.
130 * @return index of the added permission.
131 */
132 int addTmpPermission(Permission p) {
143 /*
144 * Remove a temporary permission from current thread context.
145 *
146 * @param index to remove.
147 *
148 * @throws RuntimeException if no temporary permission list in current
149 * thread context or no permission correlated to the index.
150 */
151 void removeTmpPermission(int index) {
152 policy.removeTmpPermission(index);
153 }
154
155
156 }
157
158 /*
159 * Simple Policy class that supports the required Permissions to validate the
160 * JAXP concrete classes.
161 */
162 class TestPolicy extends Policy {
163 private final static Set<String> TEST_JARS =
164 Set.of("jtreg.jar", "javatest.jar", "testng.jar");
165 private final PermissionCollection permissions = new Permissions();
166
167 private ThreadLocal<Map<Integer, Permission>> transientPermissions = new ThreadLocal<>();
168 private ThreadLocal<Boolean> allowAll = new ThreadLocal<>();
169
170 private static Policy defaultPolicy = Policy.getPolicy();
171
172 /*
173 * Add permission to this policy.
174 *
175 * @param permission to be added.
176 */
177 void addPermission(Permission p) {
178 permissions.add(p);
179 }
180
181 /*
182 * Set all permissions. Caution: this should not called carefully unless
183 * it's really needed.
184 *
193 public String toString() {
194 StringJoiner sj = new StringJoiner("\n", "policy: ", "");
195 Enumeration<Permission> perms = permissions.elements();
196 while (perms.hasMoreElements()) {
197 sj.add(perms.nextElement().toString());
198 }
199 return sj.toString();
200
201 }
202
203 @Override
204 public PermissionCollection getPermissions(ProtectionDomain domain) {
205 return permissions;
206 }
207
208 @Override
209 public PermissionCollection getPermissions(CodeSource codesource) {
210 return permissions;
211 }
212
213
214 private boolean isTestMachineryDomain(ProtectionDomain domain) {
215 CodeSource cs = (domain == null) ? null : domain.getCodeSource();
216 URL loc = (cs == null) ? null : cs.getLocation();
217 String path = (loc == null) ? null : loc.getPath();
218 return path != null && TEST_JARS.stream()
219 .filter(path::endsWith)
220 .findAny()
221 .isPresent();
222 }
223
224 @Override
225 public boolean implies(ProtectionDomain domain, Permission perm) {
226 if (allowAll())
227 return true;
228
229 if (defaultPolicy.implies(domain, perm))
230 return true;
231
232 if (permissions.implies(perm))
233 return true;
234
235 if (isTestMachineryDomain(domain))
236 return true;
237
238 return tmpImplies(perm);
239 }
240
241
242
243
244 /*
245 * Add a temporary permission in current thread context. This won't impact
246 * global policy and doesn't support permission combination.
247 *
248 * @param permission to add.
249 * @return index of the added permission.
250 */
251 int addTmpPermission(Permission p) {
252 Map<Integer, Permission> tmpPermissions = transientPermissions.get();
253 if (tmpPermissions == null)
254 tmpPermissions = new HashMap<>();
255
256 int id = tmpPermissions.size();
257 tmpPermissions.put(id, p);
258 transientPermissions.set(tmpPermissions);
259 return id;
260 }
261
262 /*
263 * Remove a temporary permission from current thread context.
|