2 // MonoTests.System.Security.Policy.UnionCodeGroupTest
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2004 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using NUnit
.Framework
;
32 using System
.Collections
;
33 using System
.Security
;
34 using System
.Security
.Policy
;
35 using System
.Security
.Permissions
;
37 namespace MonoTests
.System
.Security
.Policy
{
40 public class UnionCodeGroupTest
{
43 [ExpectedException (typeof (ArgumentNullException
))]
44 public void Constructor_MembershipConditionNullPolicyStatement ()
46 UnionCodeGroup cg
= new UnionCodeGroup (null, new PolicyStatement (new PermissionSet (PermissionState
.None
)));
50 public void Constructor_MembershipConditionPolicyStatementNull ()
53 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), null);
54 Assert
.IsNull (cg
.AttributeString
, "AttributeString");
55 Assert
.IsNull (cg
.Description
, "Description");
56 Assert
.IsNotNull (cg
.MembershipCondition
, "MembershipCondition");
57 Assert
.IsNull (cg
.Name
, "Name");
58 Assert
.IsNull (cg
.PermissionSetName
, "PermissionSetName");
59 Assert
.IsNull (cg
.PolicyStatement
, "PolicyStatement");
63 public void Constructor ()
65 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
66 Assert
.AreEqual (String
.Empty
, cg
.AttributeString
, "AttributeString");
67 Assert
.IsNull (cg
.Description
, "Description");
68 Assert
.IsNotNull (cg
.MembershipCondition
, "MembershipCondition");
69 Assert
.IsNull (cg
.Name
, "Name");
70 Assert
.IsNull (cg
.PermissionSetName
, "PermissionSetName");
71 Assert
.IsNotNull (cg
.PolicyStatement
, "PolicyStatement");
75 public void MergeLogic ()
77 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
78 Assert
.AreEqual ("Union", cg
.MergeLogic
, "MergeLogic");
84 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
85 UnionCodeGroup cg2
= (UnionCodeGroup
) cg
.Copy ();
86 Assert
.AreEqual (cg
.AttributeString
, cg2
.AttributeString
, "AttributeString");
87 Assert
.AreEqual (cg
.Children
.Count
, cg2
.Children
.Count
, "Children");
88 Assert
.AreEqual (cg
.Description
, cg2
.Description
, "Description");
89 Assert
.AreEqual (cg
.MergeLogic
, cg2
.MergeLogic
, "MergeLogic");
90 Assert
.AreEqual (cg
.Name
, cg2
.Name
, "Name");
91 Assert
.AreEqual (cg
.PermissionSetName
, cg2
.PermissionSetName
, "PermissionSetName");
92 Assert
.AreEqual (cg
.ToXml ().ToString (), cg2
.ToXml ().ToString (), "ToXml");
96 public void CopyWithChildren ()
98 UnionCodeGroup cgChild
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.Unrestricted
)));
99 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
100 cg
.AddChild (cgChild
);
101 UnionCodeGroup cg2
= (UnionCodeGroup
) cg
.Copy ();
102 Assert
.AreEqual (cg
.Children
.Count
, cg2
.Children
.Count
, "Children");
103 Assert
.AreEqual (cg
.ToXml ().ToString (), cg2
.ToXml ().ToString (), "ToXml");
107 [ExpectedException (typeof (ArgumentNullException
))]
108 public void Resolve_Null ()
110 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
115 public void Resolve_NoMatch ()
117 UnionCodeGroup cg
= new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone
.Untrusted
), new PolicyStatement (new PermissionSet (PermissionState
.Unrestricted
)));
118 Assert
.IsNull (cg
.Resolve (new Evidence ()));
122 public void Resolve_AllMembershipCondition_None ()
124 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
125 PolicyStatement result
= cg
.Resolve (new Evidence ());
126 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Attributes");
127 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "AttributeString");
128 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "IsUnrestricted");
129 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Count");
133 public void Resolve_AllMembershipCondition_Unrestricted ()
135 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.Unrestricted
)));
136 PolicyStatement result
= cg
.Resolve (new Evidence ());
137 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Attributes");
138 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "AttributeString");
139 Assert
.IsTrue (result
.PermissionSet
.IsUnrestricted (), "IsUnrestricted");
140 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Count");
144 public void Resolve_ZoneMembershipCondition_Internet ()
146 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.Internet
);
147 PermissionSet pset
= new PermissionSet (PermissionState
.Unrestricted
);
148 UnionCodeGroup cg
= new UnionCodeGroup (mc
, new PolicyStatement (pset
, PolicyStatementAttribute
.Nothing
));
150 Evidence e
= new Evidence ();
151 e
.AddHost (new Zone (SecurityZone
.Internet
));
152 PolicyStatement result
= cg
.Resolve (e
);
153 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Internet-Attributes");
154 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "Internet-AttributeString");
155 Assert
.IsTrue (result
.PermissionSet
.IsUnrestricted (),"Internet-IsUnrestricted");
156 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Internet-Count");
159 e
.AddHost (new Zone (SecurityZone
.Intranet
));
160 Assert
.IsNull (cg
.Resolve (e
), "Intranet");
163 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
164 Assert
.IsNull (cg
.Resolve (e
), "MyComputer");
167 e
.AddHost (new Zone (SecurityZone
.NoZone
));
168 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
171 e
.AddHost (new Zone (SecurityZone
.Trusted
));
172 Assert
.IsNull (cg
.Resolve (e
), "Trusted");
175 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
176 Assert
.IsNull (cg
.Resolve (e
), "Untrusted");
180 public void Resolve_ZoneMembershipCondition_Intranet ()
182 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.Intranet
);
183 PermissionSet pset
= new PermissionSet (PermissionState
.None
);
184 UnionCodeGroup cg
= new UnionCodeGroup (mc
, new PolicyStatement (pset
, PolicyStatementAttribute
.Exclusive
));
186 Evidence e
= new Evidence ();
187 e
.AddHost (new Zone (SecurityZone
.Intranet
));
188 PolicyStatement result
= cg
.Resolve (e
);
189 Assert
.AreEqual (PolicyStatementAttribute
.Exclusive
, result
.Attributes
, "Intranet-Attributes");
190 Assert
.AreEqual ("Exclusive", result
.AttributeString
, "Intranet-AttributeString");
191 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "Intranet-IsUnrestricted");
192 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Intranet-Count");
195 e
.AddHost (new Zone (SecurityZone
.Internet
));
196 Assert
.IsNull (cg
.Resolve (e
), "Internet");
199 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
200 Assert
.IsNull (cg
.Resolve (e
), "MyComputer");
203 e
.AddHost (new Zone (SecurityZone
.NoZone
));
204 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
207 e
.AddHost (new Zone (SecurityZone
.Trusted
));
208 Assert
.IsNull (cg
.Resolve (e
), "Trusted");
211 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
212 Assert
.IsNull (cg
.Resolve (e
), "Untrusted");
216 public void Resolve_ZoneMembershipCondition_MyComputer ()
218 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.MyComputer
);
219 PermissionSet pset
= new PermissionSet (PermissionState
.Unrestricted
);
220 UnionCodeGroup cg
= new UnionCodeGroup (mc
, new PolicyStatement (pset
, PolicyStatementAttribute
.LevelFinal
));
222 Evidence e
= new Evidence ();
223 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
224 PolicyStatement result
= cg
.Resolve (e
);
225 Assert
.AreEqual (PolicyStatementAttribute
.LevelFinal
, result
.Attributes
, "MyComputer-Attributes");
226 Assert
.AreEqual ("LevelFinal", result
.AttributeString
, "MyComputer-AttributeString");
227 Assert
.IsTrue (result
.PermissionSet
.IsUnrestricted (), "MyComputer-IsUnrestricted");
228 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "MyComputer-Count");
231 e
.AddHost (new Zone (SecurityZone
.Internet
));
232 Assert
.IsNull (cg
.Resolve (e
), "Internet");
235 e
.AddHost (new Zone (SecurityZone
.Intranet
));
236 Assert
.IsNull (cg
.Resolve (e
), "Intranet");
239 e
.AddHost (new Zone (SecurityZone
.NoZone
));
240 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
243 e
.AddHost (new Zone (SecurityZone
.Trusted
));
244 Assert
.IsNull (cg
.Resolve (e
), "Trusted");
247 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
248 Assert
.IsNull (cg
.Resolve (e
), "Untrusted");
252 [ExpectedException (typeof (ArgumentException
))]
253 public void Resolve_ZoneMembershipCondition_NoZone ()
255 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.NoZone
);
259 public void Resolve_ZoneMembershipCondition_Trusted ()
261 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.Trusted
);
262 PermissionSet pset
= new PermissionSet (PermissionState
.Unrestricted
);
263 UnionCodeGroup cg
= new UnionCodeGroup (mc
, new PolicyStatement (pset
, PolicyStatementAttribute
.All
));
265 Evidence e
= new Evidence ();
266 e
.AddHost (new Zone (SecurityZone
.Trusted
));
267 PolicyStatement result
= cg
.Resolve (e
);
268 Assert
.AreEqual (PolicyStatementAttribute
.All
, result
.Attributes
, "Trusted-Attributes");
269 Assert
.AreEqual ("Exclusive LevelFinal", result
.AttributeString
, "Trusted-AttributeString");
270 Assert
.IsTrue (result
.PermissionSet
.IsUnrestricted (), "Trusted-IsUnrestricted");
271 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Trusted-Count");
274 e
.AddHost (new Zone (SecurityZone
.Internet
));
275 Assert
.IsNull (cg
.Resolve (e
), "Internet");
278 e
.AddHost (new Zone (SecurityZone
.Intranet
));
279 Assert
.IsNull (cg
.Resolve (e
), "Intranet");
282 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
283 Assert
.IsNull (cg
.Resolve (e
), "MyComputer");
286 e
.AddHost (new Zone (SecurityZone
.NoZone
));
287 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
290 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
291 Assert
.IsNull (cg
.Resolve (e
), "Untrusted");
295 public void Resolve_ZoneMembershipCondition_Untrusted ()
297 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.Untrusted
);
298 PermissionSet pset
= new PermissionSet (PermissionState
.None
);
299 UnionCodeGroup cg
= new UnionCodeGroup (mc
, new PolicyStatement (pset
, PolicyStatementAttribute
.Nothing
));
301 Evidence e
= new Evidence ();
302 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
303 PolicyStatement result
= cg
.Resolve (e
);
304 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Untrusted-Attributes");
305 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "Untrusted-AttributeString");
306 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "Untrusted-IsUnrestricted");
307 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Untrusted-Count");
310 e
.AddHost (new Zone (SecurityZone
.Internet
));
311 Assert
.IsNull (cg
.Resolve (e
), "Internet");
314 e
.AddHost (new Zone (SecurityZone
.Intranet
));
315 Assert
.IsNull (cg
.Resolve (e
), "Intranet");
318 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
319 Assert
.IsNull (cg
.Resolve (e
), "MyComputer");
322 e
.AddHost (new Zone (SecurityZone
.NoZone
));
323 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
326 e
.AddHost (new Zone (SecurityZone
.Trusted
));
327 Assert
.IsNull (cg
.Resolve (e
), "Trusted");
331 [ExpectedException (typeof (ArgumentNullException
))]
332 public void ResolveMatchingCodeGroups_Null ()
334 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
335 cg
.ResolveMatchingCodeGroups (null);
339 public void ResolveMatchingCodeGroups_NoMatch ()
341 UnionCodeGroup cg
= new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone
.Untrusted
), new PolicyStatement (new PermissionSet (PermissionState
.Unrestricted
)));
342 Assert
.IsNull (cg
.ResolveMatchingCodeGroups (new Evidence ()));
346 public void ResolveMatchingCodeGroups_OneLevel ()
348 UnionCodeGroup level1
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
349 CodeGroup match
= level1
.ResolveMatchingCodeGroups (new Evidence ());
350 Assert
.IsNotNull (match
, "Match");
351 Assert
.IsTrue (match
.Equals (level1
, false), "Equals(false)");
352 Assert
.IsTrue (match
.Equals (level1
, true), "Equals(true)");
356 public void ResolveMatchingCodeGroups_TwoLevel ()
358 UnionCodeGroup level1
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
359 CodeGroup level2
= level1
.Copy ();
360 level1
.AddChild (level2
);
362 CodeGroup match
= level1
.ResolveMatchingCodeGroups (new Evidence ());
363 Assert
.IsNotNull (match
, "Match");
364 Assert
.IsTrue (match
.Equals (level1
, false), "Equals(false)");
365 Assert
.IsTrue (match
.Equals (level1
, true), "Equals(true)");
367 UnionCodeGroup level2b
= new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone
.Untrusted
), new PolicyStatement (new PermissionSet (PermissionState
.Unrestricted
)));
368 level1
.AddChild (level2b
);
369 CodeGroup match2
= level1
.ResolveMatchingCodeGroups (new Evidence ());
370 Assert
.IsNotNull (match2
, "Match2");
371 Assert
.IsTrue (match2
.Equals (level1
, false), "Equals(false)");
372 Assert
.IsTrue (!match2
.Equals (level1
, true), "Equals(true)");
376 public void ResolveMatchingCodeGroups_ThreeLevel ()
378 UnionCodeGroup level1
= new UnionCodeGroup (new AllMembershipCondition (), new PolicyStatement (new PermissionSet (PermissionState
.None
)));
379 CodeGroup level2
= level1
.Copy ();
380 level1
.AddChild (level2
);
381 UnionCodeGroup level3
= new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone
.Untrusted
), new PolicyStatement (new PermissionSet (PermissionState
.Unrestricted
)));
382 level2
.AddChild (level3
);
384 CodeGroup match
= level1
.ResolveMatchingCodeGroups (new Evidence ());
385 Assert
.IsNotNull (match
, "Match");
386 Assert
.IsTrue (match
.Equals (level1
, false), "Equals(false)");
387 // Equals (true) isn't a deep compare (just one level)
388 Assert
.IsTrue (match
.Equals (level1
, true), "Equals(true)");
392 public void ToFromXmlRoundtrip ()
394 const string ps_Name
= "TestName";
395 PolicyStatement ps
= new PolicyStatement (new NamedPermissionSet (ps_Name
));
396 UnionCodeGroup cg
= new UnionCodeGroup (new AllMembershipCondition (), ps
);
397 cg
.Name
= "SomeName";
398 cg
.Description
= "Some Description";
399 Assert
.IsTrue (cg
.Equals (cg
), "Equals (itself)");
400 SecurityElement se
= cg
.ToXml ();
402 UnionCodeGroup cg2
= new UnionCodeGroup (new AllMembershipCondition(), ps
);
403 cg2
.Name
= "SomeOtherName";
404 cg2
.Description
= "Some Other Description";
405 Assert
.IsTrue (!cg
.Equals (cg2
), "Equals (another)");
408 Assert
.IsTrue (cg
.Equals (cg2
), "Equals (FromXml)");
412 public void ResolveWithChildren ()
414 PermissionSet pset1
= new PermissionSet (PermissionState
.None
);
415 PermissionSet pset2
= new PermissionSet (PermissionState
.None
);
416 PermissionSet pset3
= new PermissionSet (PermissionState
.None
);
417 PermissionSet pset4
= new PermissionSet (PermissionState
.None
);
418 PermissionSet pset5
= new PermissionSet (PermissionState
.None
);
419 PermissionSet pset6
= new PermissionSet (PermissionState
.None
);
421 IPermission perm1
= new UIPermission (PermissionState
.Unrestricted
);
422 IPermission perm2
= new EnvironmentPermission (PermissionState
.Unrestricted
);
423 IPermission perm3
= new FileDialogPermission (PermissionState
.Unrestricted
);
424 IPermission perm4
= new ReflectionPermission (PermissionState
.Unrestricted
);
425 IPermission perm5
= new RegistryPermission (PermissionState
.Unrestricted
);
426 IPermission perm6
= new FileIOPermission (PermissionState
.Unrestricted
);
428 pset1
.AddPermission (perm1
);
429 PolicyStatement policy1
= new PolicyStatement (pset1
);
431 pset2
.AddPermission(perm2
);
432 PolicyStatement policy2
= new PolicyStatement (pset2
);
434 pset3
.AddPermission (perm3
);
435 PolicyStatement policy3
= new PolicyStatement (pset3
);
437 pset4
.AddPermission (perm4
);
438 PolicyStatement policy4
= new PolicyStatement (pset4
);
440 pset5
.AddPermission (perm5
);
441 PolicyStatement policy5
= new PolicyStatement (pset5
);
443 pset6
.AddPermission (perm6
);
444 PolicyStatement policy6
= new PolicyStatement (pset6
);
446 UnionCodeGroup root
= new UnionCodeGroup (new AllMembershipCondition (), policy1
);
448 UnionCodeGroup child1
= new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone
.Internet
), policy2
);
449 UnionCodeGroup child2
= new UnionCodeGroup (new AllMembershipCondition (), policy3
);
450 UnionCodeGroup child3
= new UnionCodeGroup (new AllMembershipCondition (), policy4
);
451 UnionCodeGroup childofchild1
= new UnionCodeGroup (new AllMembershipCondition (), policy5
);
452 UnionCodeGroup childofchild3
= new UnionCodeGroup (new AllMembershipCondition (), policy6
);
454 child1
.AddChild (childofchild1
);
455 child3
.AddChild (childofchild3
);
457 root
.AddChild (child1
);
458 root
.AddChild (child2
);
459 root
.AddChild (child3
);
461 PolicyStatement result
= root
.Resolve (new Evidence ());
463 PermissionSet correctset
= new PermissionSet (PermissionState
.None
);
464 correctset
.AddPermission (perm1
);
465 correctset
.AddPermission (perm3
);
466 correctset
.AddPermission (perm4
);
467 correctset
.AddPermission (perm6
);
469 Assert
.AreEqual (correctset
.Count
, result
.PermissionSet
.Count
, "PermissionSet.Count");
470 foreach (IPermission p
in correctset
) {
471 IPermission r
= result
.PermissionSet
.GetPermission (p
.GetType ());
472 Assert
.IsNotNull (r
, "PermissionSet.GetPermission");