# HG changeset patch
# User fyuan
# Date 1480043811 -28800
# Node ID cddf48cf96e9177f6818800236db62ca03cc1656
# Parent  25a48473f3ccaef2caf8f5a081698d8350e847d8
8170192: [JAXP] [TESTBUG] test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java should grant permissions to jtreg, javatest, and testng jars
Reviewed-by: dfuchs, clanger, joehw, jjg, lana

diff -r 25a48473f3cc -r cddf48cf96e9 jaxp/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java
--- a/jaxp/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java	Wed Nov 23 19:15:33 2016 +0000
+++ b/jaxp/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java	Fri Nov 25 11:16:51 2016 +0800
@@ -23,6 +23,7 @@
 package jaxp.library;
 
 
+import java.net.URL;
 import java.security.CodeSource;
 import java.security.Permission;
 import java.security.PermissionCollection;
@@ -34,6 +35,7 @@
 import java.util.HashMap;
 import java.util.Map;
 import java.util.PropertyPermission;
+import java.util.Set;
 import java.util.StringJoiner;
 
 
@@ -107,12 +109,7 @@
         addPermission(new SecurityPermission("getPolicy"));
         addPermission(new SecurityPermission("setPolicy"));
         addPermission(new RuntimePermission("setSecurityManager"));
-        //Properties that jtreg and TestNG require
-        addPermission(new PropertyPermission("testng.show.stack.frames", "read"));
         addPermission(new PropertyPermission("test.src", "read"));
-        addPermission(new PropertyPermission("test.classes", "read"));
-        addPermission(new PropertyPermission("dataproviderthreadcount", "read"));
-        addPermission(new PropertyPermission("experimental", "read"));
     }
 
     /*
@@ -163,6 +160,8 @@
  * JAXP concrete classes.
  */
 class TestPolicy extends Policy {
+    private final static Set<String> TEST_JARS =
+         Set.of("jtreg.jar", "javatest.jar", "testng.jar", "jcommander.jar");
     private final PermissionCollection permissions = new Permissions();
 
     private ThreadLocal<Map<Integer, Permission>> transientPermissions = new ThreadLocal<>();
@@ -211,6 +210,16 @@
         return permissions;
     }
 
+    private boolean isTestMachineryDomain(ProtectionDomain domain) {
+        CodeSource cs = (domain == null) ? null : domain.getCodeSource();
+        URL loc = (cs == null) ? null : cs.getLocation();
+        String path = (loc == null) ? null : loc.getPath();
+        return path != null && TEST_JARS.stream()
+                                .filter(path::endsWith)
+                                .findAny()
+                                .isPresent();
+    }
+
     @Override
     public boolean implies(ProtectionDomain domain, Permission perm) {
         if (allowAll())
@@ -221,8 +230,11 @@
 
         if (permissions.implies(perm))
             return true;
-        else
-            return tmpImplies(perm);
+
+        if (isTestMachineryDomain(domain))
+            return true;
+
+        return tmpImplies(perm);
     }
 
     /*