1 /* 2 * Copyright (C) 2007 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package tests.security; 18 19 import dalvik.annotation.TestLevel; 20 import dalvik.annotation.TestTargetClass; 21 import dalvik.annotation.TestTargetNew; 22 import dalvik.annotation.TestTargets; 23 24 import java.lang.reflect.Field; 25 import java.security.AccessController; 26 import java.security.BasicPermission; 27 import java.security.CodeSource; 28 import java.security.Permission; 29 import java.security.PermissionCollection; 30 import java.security.PrivilegedAction; 31 import java.security.ProtectionDomain; 32 33 import junit.framework.TestCase; 34 35 @TestTargetClass(AccessController.class) 36 public class AccessControllerTest extends TestCase { 37 38 private static void setProtectionDomain(Class<?> c, ProtectionDomain pd){ 39 Field fields[] = Class.class.getDeclaredFields(); 40 for(Field f : fields){ 41 if("pd".equals(f.getName())){ 42 f.setAccessible(true); 43 try { 44 f.set(c, pd); 45 } catch (IllegalArgumentException e) { 46 fail("Protection domain could not be set"); 47 } catch (IllegalAccessException e) { 48 fail("Protection domain could not be set"); 49 } 50 break; 51 } 52 } 53 } 54 55 SecurityManager old; 56 TestPermission p; 57 CodeSource codeSource; 58 PermissionCollection c0, c1, c2; 59 60 @Override 61 protected void setUp() throws Exception { 62 old = System.getSecurityManager(); 63 codeSource = null; 64 p = new TestPermission(); 65 c0 = p.newPermissionCollection(); 66 c1 = p.newPermissionCollection(); 67 c2 = p.newPermissionCollection(); 68 super.setUp(); 69 } 70 71 @TestTargets({ 72 @TestTargetNew( 73 level = TestLevel.PARTIAL_COMPLETE, 74 notes = "Verifies that checkPermission does not throw a SecurityException " + 75 "if all classes on the call stack refer to a protection domain " + 76 "which contains the necessary permissions.", 77 method = "checkPermission", 78 args = {Permission.class} 79 ) 80 }) 81 public void test_do_privileged2() { 82 // add TestPermission to T0, T1, T2 83 c0.add(p); 84 c1.add(p); 85 c2.add(p); 86 setProtectionDomain(T0.class, new ProtectionDomain(codeSource, c0)); 87 setProtectionDomain(T1.class, new ProtectionDomain(codeSource, c1)); 88 setProtectionDomain(T2.class, new ProtectionDomain(codeSource, c2)); 89 } 90 91 static class T0 { 92 static String f0(){ 93 return T1.f1(); 94 } 95 static String f0_priv(){ 96 return T1.f1_priv(); 97 } 98 } 99 100 static class T1 { 101 static String f1(){ 102 return T2.f2(); 103 } 104 static String f1_priv(){ 105 return AccessController.doPrivileged( 106 new PrivilegedAction<String>(){ 107 public String run() { 108 return T2.f2(); 109 } 110 } 111 ); 112 } 113 } 114 115 static class T2 { 116 static String f2(){ 117 SecurityManager s = System.getSecurityManager(); 118 assertNotNull(s); 119 s.checkPermission(new TestPermission()); 120 return "ok"; 121 } 122 } 123 124 static class TestPermission extends BasicPermission { 125 private static final long serialVersionUID = 1L; 126 127 public TestPermission(){ super("TestPermission"); } 128 129 @Override 130 public boolean implies(Permission permission) { 131 return permission instanceof TestPermission; 132 } 133 } 134 135 } 136