8055776: Add tests to exercise SQLPermissions for DriverManager & SyncFactory
Reviewed-by: rriggs
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/sql/test/sql/DriverManagerPermissionsTests.java Thu Sep 04 12:23:01 2014 -0400
@@ -0,0 +1,154 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package test.sql;
+
+import java.security.AccessControlException;
+import java.security.Policy;
+import java.sql.DriverManager;
+import java.sql.SQLException;
+import org.testng.annotations.AfterClass;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+import util.BaseTest;
+import util.StubDriver;
+import util.TestPolicy;
+
+public class DriverManagerPermissionsTests extends BaseTest {
+
+ private static Policy policy;
+ private static SecurityManager sm;
+
+ /*
+ * Install a SecurityManager along with a base Policy to allow testNG to run
+ */
+ @BeforeClass
+ public static void setUpClass() throws Exception {
+ setPolicy(new TestPolicy());
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ /*
+ * Install the original Policy and SecurityManager
+ */
+ @AfterClass
+ public static void tearDownClass() throws Exception {
+ System.setSecurityManager(sm);
+ setPolicy(policy);
+ }
+
+ /*
+ * Save off the original Policy and SecurityManager
+ */
+ public DriverManagerPermissionsTests() {
+ policy = Policy.getPolicy();
+ sm = System.getSecurityManager();
+ }
+
+ /*
+ * Validate that AccessControlException is thrown if SQLPermission("setLog")
+ * has not been granted
+ */
+ @Test(expectedExceptions = AccessControlException.class)
+ public void test() {
+ setPolicy(new TestPolicy());
+ DriverManager.setLogStream(null);
+ }
+
+ /*
+ * Validate that setLogStream succeeds if SQLPermission("setLog") has been
+ * granted
+ */
+ @Test
+ public void test1() {
+ Policy.setPolicy(new TestPolicy("setLog"));
+ DriverManager.setLogStream(null);
+ }
+
+ /*
+ * Validate that setLogStream succeeds if AllPermissions has been granted
+ */
+ @Test
+ public void test2() {
+ setPolicy(new TestPolicy("all"));
+ DriverManager.setLogStream(null);
+ }
+
+ /*
+ * Validate that AccessControlException is thrown if SQLPermission("setLog")
+ * has not been granted
+ */
+ @Test(expectedExceptions = AccessControlException.class)
+ public void test4() {
+ setPolicy(new TestPolicy());
+ DriverManager.setLogWriter(null);
+ }
+
+ /*
+ * Validate that setLogWriter succeeds if SQLPermission("setLog") has been
+ * granted
+ */
+ @Test
+ public void test5() {
+ setPolicy(new TestPolicy("setLog"));
+ DriverManager.setLogWriter(null);
+ }
+
+ /*
+ * Validate that setLogWriter succeeds if AllPermissions has been granted
+ */
+ @Test
+ public void test6() {
+ setPolicy(new TestPolicy("all"));
+ DriverManager.setLogWriter(null);
+ }
+
+ /*
+ * Validate that AccessControlException is thrown if
+ * SQLPermission("deregisterDriver") has not been granted
+ */
+ @Test(expectedExceptions = AccessControlException.class)
+ public void test7() throws SQLException {
+ setPolicy(new TestPolicy());
+ DriverManager.deregisterDriver(new StubDriver());
+ }
+
+ /*
+ * Validate that deregisterDriver succeeds if
+ * SQLPermission("deregisterDriver") has been granted
+ */
+ @Test
+ public void test8() throws SQLException {
+ setPolicy(new TestPolicy("deregisterDriver"));
+ DriverManager.deregisterDriver(new StubDriver());
+ }
+
+ /*
+ * Validate that deregisterDriver succeeds if AllPermissions has been
+ * granted
+ */
+ @Test
+ public void test9() throws SQLException {
+ setPolicy(new TestPolicy("all"));
+ DriverManager.deregisterDriver(new StubDriver());
+ }
+}
--- a/jdk/test/java/sql/util/BaseTest.java Thu Sep 04 00:32:43 2014 -0700
+++ b/jdk/test/java/sql/util/BaseTest.java Thu Sep 04 12:23:01 2014 -0400
@@ -27,6 +27,7 @@
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
+import java.security.Policy;
import java.sql.SQLException;
import org.testng.annotations.AfterClass;
import org.testng.annotations.AfterMethod;
@@ -88,4 +89,11 @@
}
return o1;
}
+
+ /*
+ * Utility Method used to set the current Policy
+ */
+ protected static void setPolicy(Policy p) {
+ Policy.setPolicy(p);
+ }
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/java/sql/util/TestPolicy.java Thu Sep 04 12:23:01 2014 -0400
@@ -0,0 +1,135 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package util;
+
+import java.io.FilePermission;
+import java.security.AllPermission;
+import java.security.CodeSource;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
+import java.security.Policy;
+import java.security.ProtectionDomain;
+import java.security.SecurityPermission;
+import java.sql.SQLPermission;
+import java.util.Enumeration;
+import java.util.PropertyPermission;
+import java.util.StringJoiner;
+
+/*
+ * Simple Policy class that supports the required Permissions to validate the
+ * JDBC concrete classes
+ */
+public class TestPolicy extends Policy {
+
+ final PermissionCollection permissions = new Permissions();
+
+ /**
+ * Constructor which sets the minimum permissions allowing testNG to work
+ * with a SecurityManager
+ */
+ public TestPolicy() {
+ setMinimalPermissions();
+ }
+
+ /*
+ * Constructor which determines which permissions are defined for this
+ * Policy used by the JDBC tests Possible values are: all (ALLPermissions),
+ * setLog (SQLPemission("setLog"), deregisterDriver
+ * (SQLPermission("deregisterDriver") (SQLPermission("deregisterDriver"),
+ * and setSyncFactory(SQLPermission(setSyncFactory),
+ *
+ * @param policy Permissions to set
+ */
+ public TestPolicy(String policy) {
+
+ switch (policy) {
+ case "all":
+ permissions.add(new AllPermission());
+ break;
+ case "setLog":
+ setMinimalPermissions();
+ permissions.add(new SQLPermission("setLog"));
+ break;
+ case "deregisterDriver":
+ setMinimalPermissions();
+ permissions.add(new SQLPermission("deregisterDriver"));
+ break;
+ case "setSyncFactory":
+ setMinimalPermissions();
+ permissions.add(new SQLPermission("setSyncFactory"));
+ break;
+ default:
+ setMinimalPermissions();
+ }
+ }
+
+ /*
+ * Defines the minimal permissions required by testNG when running these
+ * tests
+ */
+ private void setMinimalPermissions() {
+ permissions.add(new SecurityPermission("getPolicy"));
+ permissions.add(new SecurityPermission("setPolicy"));
+ permissions.add(new RuntimePermission("getClassLoader"));
+ permissions.add(new RuntimePermission("setSecurityManager"));
+ permissions.add(new RuntimePermission("createSecurityManager"));
+ permissions.add(new PropertyPermission("testng.show.stack.frames",
+ "read"));
+ permissions.add(new PropertyPermission("line.separator", "read"));
+ permissions.add(new PropertyPermission("fileStringBuffer", "read"));
+ permissions.add(new PropertyPermission("dataproviderthreadcount", "read"));
+ permissions.add(new PropertyPermission("java.io.tmpdir", "read"));
+ permissions.add(new FilePermission("<<ALL FILES>>",
+ "read, write, delete"));
+ }
+
+ /*
+ * Overloaded methods from the Policy class
+ */
+ @Override
+ public String toString() {
+ StringJoiner sj = new StringJoiner("\n", "policy: ", "");
+ Enumeration<Permission> perms = permissions.elements();
+ while (perms.hasMoreElements()) {
+ sj.add(perms.nextElement().toString());
+ }
+ return sj.toString();
+
+ }
+
+ @Override
+ public PermissionCollection getPermissions(ProtectionDomain domain) {
+ return permissions;
+ }
+
+ @Override
+ public PermissionCollection getPermissions(CodeSource codesource) {
+ return permissions;
+ }
+
+ @Override
+ public boolean implies(ProtectionDomain domain, Permission perm) {
+ return permissions.implies(perm);
+ }
+}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/sql/testng/test/rowset/spi/SyncFactoryPermissionsTests.java Thu Sep 04 12:23:01 2014 -0400
@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package test.rowset.spi;
+
+import java.security.AccessControlException;
+import java.security.Policy;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import javax.sql.rowset.spi.SyncFactory;
+import org.testng.annotations.AfterClass;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.Test;
+import util.BaseTest;
+import util.TestPolicy;
+
+public class SyncFactoryPermissionsTests extends BaseTest {
+
+ Context ctx;
+ private static Policy policy;
+ private static SecurityManager sm;
+
+ /*
+ * Install a SeeurityManager along with a base Policy to allow testNG to run
+ */
+ @BeforeClass
+ public static void setUpClass() throws Exception {
+ setPolicy(new TestPolicy());
+ System.setSecurityManager(new SecurityManager());
+ }
+
+ /*
+ * Install the original Policy and SecurityManager
+ */
+ @AfterClass
+ public static void tearDownClass() throws Exception {
+ System.setSecurityManager(sm);
+ setPolicy(policy);
+ }
+
+ /*
+ * Initialize a Context to be used in our tests.
+ * Save off the original Policy and SecurityManager
+ */
+ public SyncFactoryPermissionsTests() {
+ policy = Policy.getPolicy();
+ sm = System.getSecurityManager();
+
+ try {
+ ctx = new InitialContext();
+ } catch (NamingException ex) {
+ Logger.getLogger(SyncFactoryPermissionsTests.class.getName()).
+ log(Level.SEVERE, null, ex);
+ }
+ }
+
+ /*
+ * Validate that AccessControlException is thrown if
+ * SQLPermission("setSyncFactory") has not been granted
+ */
+ @Test(expectedExceptions = AccessControlException.class)
+ public void test() throws Exception {
+ setPolicy(new TestPolicy());
+ SyncFactory.setJNDIContext(ctx);
+ }
+
+ /*
+ * Validate that setJNDIContext succeeds if SQLPermission("setSyncFactory")
+ * has been granted
+ */
+ @Test
+ public void test1() throws Exception {
+ Policy.setPolicy(new TestPolicy("setSyncFactory"));
+ SyncFactory.setJNDIContext(ctx);
+ }
+
+ /*
+ * Validate that setJNDIContext succeeds if AllPermissions has been granted
+ */
+ @Test
+ public void test2() throws Exception {
+ setPolicy(new TestPolicy("all"));
+ SyncFactory.setJNDIContext(ctx);
+ }
+}
--- a/jdk/test/javax/sql/testng/util/BaseTest.java Thu Sep 04 00:32:43 2014 -0700
+++ b/jdk/test/javax/sql/testng/util/BaseTest.java Thu Sep 04 12:23:01 2014 -0400
@@ -27,6 +27,7 @@
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
+import java.security.Policy;
import java.sql.SQLException;
import org.testng.annotations.AfterClass;
import org.testng.annotations.AfterMethod;
@@ -88,4 +89,11 @@
}
return o1;
}
+
+ /*
+ * Utility Method used to set the current Policy
+ */
+ protected static void setPolicy(Policy p) {
+ Policy.setPolicy(p);
+ }
}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/javax/sql/testng/util/TestPolicy.java Thu Sep 04 12:23:01 2014 -0400
@@ -0,0 +1,135 @@
+/*
+ * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package util;
+
+import java.io.FilePermission;
+import java.security.AllPermission;
+import java.security.CodeSource;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
+import java.security.Policy;
+import java.security.ProtectionDomain;
+import java.security.SecurityPermission;
+import java.sql.SQLPermission;
+import java.util.Enumeration;
+import java.util.PropertyPermission;
+import java.util.StringJoiner;
+
+/*
+ * Simple Policy class that supports the required Permissions to validate the
+ * JDBC concrete classes
+ */
+public class TestPolicy extends Policy {
+
+ final PermissionCollection permissions = new Permissions();
+
+ /**
+ * Constructor which sets the minimum permissions allowing testNG to work
+ * with a SecurityManager
+ */
+ public TestPolicy() {
+ setMinimalPermissions();
+ }
+
+ /*
+ * Constructor which determines which permissions are defined for this
+ * Policy used by the JDBC tests Possible values are: all (ALLPermissions),
+ * setLog (SQLPemission("setLog"), deregisterDriver
+ * (SQLPermission("deregisterDriver") (SQLPermission("deregisterDriver"),
+ * and setSyncFactory(SQLPermission(setSyncFactory),
+ *
+ * @param policy Permissions to set
+ */
+ public TestPolicy(String policy) {
+
+ switch (policy) {
+ case "all":
+ permissions.add(new AllPermission());
+ break;
+ case "setLog":
+ setMinimalPermissions();
+ permissions.add(new SQLPermission("setLog"));
+ break;
+ case "deregisterDriver":
+ setMinimalPermissions();
+ permissions.add(new SQLPermission("deregisterDriver"));
+ break;
+ case "setSyncFactory":
+ setMinimalPermissions();
+ permissions.add(new SQLPermission("setSyncFactory"));
+ break;
+ default:
+ setMinimalPermissions();
+ }
+ }
+
+ /*
+ * Defines the minimal permissions required by testNG when running these
+ * tests
+ */
+ private void setMinimalPermissions() {
+ permissions.add(new SecurityPermission("getPolicy"));
+ permissions.add(new SecurityPermission("setPolicy"));
+ permissions.add(new RuntimePermission("getClassLoader"));
+ permissions.add(new RuntimePermission("setSecurityManager"));
+ permissions.add(new RuntimePermission("createSecurityManager"));
+ permissions.add(new PropertyPermission("testng.show.stack.frames",
+ "read"));
+ permissions.add(new PropertyPermission("line.separator", "read"));
+ permissions.add(new PropertyPermission("fileStringBuffer", "read"));
+ permissions.add(new PropertyPermission("dataproviderthreadcount", "read"));
+ permissions.add(new PropertyPermission("java.io.tmpdir", "read"));
+ permissions.add(new FilePermission("<<ALL FILES>>",
+ "read, write, delete"));
+ }
+
+ /*
+ * Overloaded methods from the Policy class
+ */
+ @Override
+ public String toString() {
+ StringJoiner sj = new StringJoiner("\n", "policy: ", "");
+ Enumeration<Permission> perms = permissions.elements();
+ while (perms.hasMoreElements()) {
+ sj.add(perms.nextElement().toString());
+ }
+ return sj.toString();
+
+ }
+
+ @Override
+ public PermissionCollection getPermissions(ProtectionDomain domain) {
+ return permissions;
+ }
+
+ @Override
+ public PermissionCollection getPermissions(CodeSource codesource) {
+ return permissions;
+ }
+
+ @Override
+ public boolean implies(ProtectionDomain domain, Permission perm) {
+ return permissions.implies(perm);
+ }
+}