2 // MonoTests.System.Security.Policy.FileCodeGroupTest
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2004 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using NUnit
.Framework
;
32 using System
.Collections
;
33 using System
.Security
;
34 using System
.Security
.Policy
;
35 using System
.Security
.Permissions
;
37 namespace MonoTests
.System
.Security
.Policy
{
40 public class FileCodeGroupTest
{
43 [ExpectedException (typeof (ArgumentNullException
))]
44 public void Constructor_MembershipConditionNullFileIOPermissionAccess ()
46 FileCodeGroup cg
= new FileCodeGroup (null, FileIOPermissionAccess
.AllAccess
);
50 public void Constructor_AllAccess ()
52 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
53 Assert
.IsNotNull (cg
.MembershipCondition
, "MembershipCondition");
54 Assert
.IsNull (cg
.PolicyStatement
, "PolicyStatement");
55 // documented as always null
56 Assert
.IsNull (cg
.AttributeString
, "AttributeString");
57 Assert
.IsNotNull (cg
.PermissionSetName
, "PermissionSetName");
61 public void Constructor_Append ()
63 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.Append
);
64 Assert
.IsNotNull (cg
.MembershipCondition
, "MembershipCondition");
65 Assert
.IsNull (cg
.PolicyStatement
, "PolicyStatement");
66 // documented as always null
67 Assert
.IsNull (cg
.AttributeString
, "AttributeString");
68 Assert
.IsNotNull (cg
.PermissionSetName
, "PermissionSetName");
72 public void Constructor_NoAccess ()
74 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.NoAccess
);
75 Assert
.IsNotNull (cg
.MembershipCondition
, "MembershipCondition");
76 Assert
.IsNull (cg
.PolicyStatement
, "PolicyStatement");
77 // documented as always null
78 Assert
.IsNull (cg
.AttributeString
, "AttributeString");
79 Assert
.IsNotNull (cg
.PermissionSetName
, "PermissionSetName");
83 public void Constructor_PathDiscovery ()
85 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.PathDiscovery
);
86 Assert
.IsNotNull (cg
.MembershipCondition
, "MembershipCondition");
87 Assert
.IsNull (cg
.PolicyStatement
, "PolicyStatement");
88 // documented as always null
89 Assert
.IsNull (cg
.AttributeString
, "AttributeString");
90 Assert
.IsNotNull (cg
.PermissionSetName
, "PermissionSetName");
94 public void Constructor_Read ()
96 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.Read
);
97 Assert
.IsNotNull (cg
.MembershipCondition
, "MembershipCondition");
98 Assert
.IsNull (cg
.PolicyStatement
, "PolicyStatement");
99 // documented as always null
100 Assert
.IsNull (cg
.AttributeString
, "AttributeString");
101 Assert
.IsNotNull (cg
.PermissionSetName
, "PermissionSetName");
105 public void Constructor_Write ()
107 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.Write
);
108 Assert
.IsNotNull (cg
.MembershipCondition
, "MembershipCondition");
109 Assert
.IsNull (cg
.PolicyStatement
, "PolicyStatement");
110 // documented as always null
111 Assert
.IsNull (cg
.AttributeString
, "AttributeString");
112 Assert
.IsNotNull (cg
.PermissionSetName
, "PermissionSetName");
116 public void MergeLogic ()
118 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
119 Assert
.AreEqual ("Union", cg
.MergeLogic
, "MergeLogic");
125 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
126 FileCodeGroup cg2
= (FileCodeGroup
) cg
.Copy ();
127 Assert
.AreEqual (cg
.AttributeString
, cg2
.AttributeString
, "AttributeString");
128 Assert
.AreEqual (cg
.Children
.Count
, cg2
.Children
.Count
, "Children");
129 Assert
.AreEqual (cg
.Description
, cg2
.Description
, "Description");
130 Assert
.AreEqual (cg
.MergeLogic
, cg2
.MergeLogic
, "MergeLogic");
131 Assert
.AreEqual (cg
.Name
, cg2
.Name
, "Name");
132 Assert
.AreEqual (cg
.PermissionSetName
, cg2
.PermissionSetName
, "PermissionSetName");
133 Assert
.AreEqual (cg
.ToXml ().ToString (), cg2
.ToXml ().ToString (), "ToXml");
137 public void CopyWithChildren ()
139 FileCodeGroup cgChild
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
140 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
141 cg
.AddChild (cgChild
);
142 FileCodeGroup cg2
= (FileCodeGroup
) cg
.Copy ();
143 Assert
.AreEqual (cg
.Children
.Count
, cg2
.Children
.Count
, "Children");
144 Assert
.AreEqual (cg
.ToXml ().ToString (), cg2
.ToXml ().ToString (), "ToXml");
148 [ExpectedException (typeof (ArgumentNullException
))]
149 public void Resolve_Null ()
151 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
156 public void Resolve_NoMatch ()
158 FileCodeGroup cg
= new FileCodeGroup (new ZoneMembershipCondition (SecurityZone
.Untrusted
), FileIOPermissionAccess
.AllAccess
);
159 Assert
.IsNull (cg
.Resolve (new Evidence ()));
163 public void Resolve_AllMembershipCondition_NoAccess ()
165 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.NoAccess
);
166 PolicyStatement result
= cg
.Resolve (new Evidence ());
167 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Attributes");
168 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "AttributeString");
169 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "IsUnrestricted");
170 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Count");
174 public void Resolve_AllMembershipCondition_AllAccess ()
176 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
177 PolicyStatement result
= cg
.Resolve (new Evidence ());
178 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Attributes");
179 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "AttributeString");
180 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "IsUnrestricted");
181 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Count");
185 public void Resolve_ZoneMembershipCondition_Internet ()
187 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.Internet
);
188 PermissionSet pset
= new PermissionSet (PermissionState
.Unrestricted
);
189 FileCodeGroup cg
= new FileCodeGroup (mc
, FileIOPermissionAccess
.AllAccess
);
191 Evidence e
= new Evidence ();
192 e
.AddHost (new Zone (SecurityZone
.Internet
));
193 PolicyStatement result
= cg
.Resolve (e
);
194 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Internet-Attributes");
195 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "Internet-AttributeString");
196 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "Internet-IsUnrestricted");
197 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Internet-Count");
200 e
.AddHost (new Zone (SecurityZone
.Intranet
));
201 Assert
.IsNull (cg
.Resolve (e
), "Intranet");
204 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
205 Assert
.IsNull (cg
.Resolve (e
), "MyComputer");
208 e
.AddHost (new Zone (SecurityZone
.NoZone
));
209 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
212 e
.AddHost (new Zone (SecurityZone
.Trusted
));
213 Assert
.IsNull (cg
.Resolve (e
), "Trusted");
216 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
217 Assert
.IsNull (cg
.Resolve (e
), "Untrusted");
221 public void Resolve_ZoneMembershipCondition_Intranet ()
223 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.Intranet
);
224 PermissionSet pset
= new PermissionSet (PermissionState
.None
);
225 FileCodeGroup cg
= new FileCodeGroup (mc
, FileIOPermissionAccess
.AllAccess
);
227 Evidence e
= new Evidence ();
228 e
.AddHost (new Zone (SecurityZone
.Intranet
));
229 PolicyStatement result
= cg
.Resolve (e
);
230 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Internet-Attributes");
231 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "Internet-AttributeString");
232 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "Intranet-IsUnrestricted");
233 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Intranet-Count");
236 e
.AddHost (new Zone (SecurityZone
.Internet
));
237 Assert
.IsNull (cg
.Resolve (e
), "Internet");
240 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
241 Assert
.IsNull (cg
.Resolve (e
), "MyComputer");
244 e
.AddHost (new Zone (SecurityZone
.NoZone
));
245 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
248 e
.AddHost (new Zone (SecurityZone
.Trusted
));
249 Assert
.IsNull (cg
.Resolve (e
), "Trusted");
252 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
253 Assert
.IsNull (cg
.Resolve (e
), "Untrusted");
257 public void Resolve_ZoneMembershipCondition_MyComputer ()
259 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.MyComputer
);
260 PermissionSet pset
= new PermissionSet (PermissionState
.Unrestricted
);
261 FileCodeGroup cg
= new FileCodeGroup (mc
, FileIOPermissionAccess
.AllAccess
);
263 Evidence e
= new Evidence ();
264 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
265 PolicyStatement result
= cg
.Resolve (e
);
266 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Internet-Attributes");
267 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "Internet-AttributeString");
268 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "MyComputer-IsUnrestricted");
269 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "MyComputer-Count");
272 e
.AddHost (new Zone (SecurityZone
.Internet
));
273 Assert
.IsNull (cg
.Resolve (e
), "Internet");
276 e
.AddHost (new Zone (SecurityZone
.Intranet
));
277 Assert
.IsNull (cg
.Resolve (e
), "Intranet");
280 e
.AddHost (new Zone (SecurityZone
.NoZone
));
281 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
284 e
.AddHost (new Zone (SecurityZone
.Trusted
));
285 Assert
.IsNull (cg
.Resolve (e
), "Trusted");
288 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
289 Assert
.IsNull (cg
.Resolve (e
), "Untrusted");
293 [ExpectedException (typeof (ArgumentException
))]
294 public void Resolve_ZoneMembershipCondition_NoZone ()
296 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.NoZone
);
300 public void Resolve_ZoneMembershipCondition_Trusted ()
302 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.Trusted
);
303 PermissionSet pset
= new PermissionSet (PermissionState
.Unrestricted
);
304 FileCodeGroup cg
= new FileCodeGroup (mc
, FileIOPermissionAccess
.AllAccess
);
306 Evidence e
= new Evidence ();
307 e
.AddHost (new Zone (SecurityZone
.Trusted
));
308 PolicyStatement result
= cg
.Resolve (e
);
309 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Internet-Attributes");
310 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "Internet-AttributeString");
311 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "Trusted-IsUnrestricted");
312 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Trusted-Count");
315 e
.AddHost (new Zone (SecurityZone
.Internet
));
316 Assert
.IsNull (cg
.Resolve (e
), "Internet");
319 e
.AddHost (new Zone (SecurityZone
.Intranet
));
320 Assert
.IsNull (cg
.Resolve (e
), "Intranet");
323 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
324 Assert
.IsNull (cg
.Resolve (e
), "MyComputer");
327 e
.AddHost (new Zone (SecurityZone
.NoZone
));
328 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
331 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
332 Assert
.IsNull (cg
.Resolve (e
), "Untrusted");
336 public void Resolve_ZoneMembershipCondition_Untrusted ()
338 IMembershipCondition mc
= new ZoneMembershipCondition (SecurityZone
.Untrusted
);
339 PermissionSet pset
= new PermissionSet (PermissionState
.None
);
340 FileCodeGroup cg
= new FileCodeGroup (mc
, FileIOPermissionAccess
.AllAccess
);
342 Evidence e
= new Evidence ();
343 e
.AddHost (new Zone (SecurityZone
.Untrusted
));
344 PolicyStatement result
= cg
.Resolve (e
);
345 Assert
.AreEqual (PolicyStatementAttribute
.Nothing
, result
.Attributes
, "Untrusted-Attributes");
346 Assert
.AreEqual (String
.Empty
, result
.AttributeString
, "Untrusted-AttributeString");
347 Assert
.IsFalse (result
.PermissionSet
.IsUnrestricted (), "Untrusted-IsUnrestricted");
348 Assert
.AreEqual (0, result
.PermissionSet
.Count
, "Untrusted-Count");
351 e
.AddHost (new Zone (SecurityZone
.Internet
));
352 Assert
.IsNull (cg
.Resolve (e
), "Internet");
355 e
.AddHost (new Zone (SecurityZone
.Intranet
));
356 Assert
.IsNull (cg
.Resolve (e
), "Intranet");
359 e
.AddHost (new Zone (SecurityZone
.MyComputer
));
360 Assert
.IsNull (cg
.Resolve (e
), "MyComputer");
363 e
.AddHost (new Zone (SecurityZone
.NoZone
));
364 Assert
.IsNull (cg
.Resolve (e
), "NoZone");
367 e
.AddHost (new Zone (SecurityZone
.Trusted
));
368 Assert
.IsNull (cg
.Resolve (e
), "Trusted");
372 [ExpectedException (typeof (ArgumentNullException
))]
373 public void ResolveMatchingCodeGroups_Null ()
375 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
376 cg
.ResolveMatchingCodeGroups (null);
380 public void ResolveMatchingCodeGroups_NoMatch ()
382 FileCodeGroup cg
= new FileCodeGroup (new ZoneMembershipCondition (SecurityZone
.Untrusted
), FileIOPermissionAccess
.AllAccess
);
383 Assert
.IsNull (cg
.ResolveMatchingCodeGroups (new Evidence ()));
387 public void ResolveMatchingCodeGroups_OneLevel ()
389 FileCodeGroup level1
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
390 CodeGroup match
= level1
.ResolveMatchingCodeGroups (new Evidence ());
391 Assert
.IsNotNull (match
, "Match");
392 Assert
.IsTrue (match
.Equals (level1
, false), "Equals(false)");
393 Assert
.IsTrue (match
.Equals (level1
, true), "Equals(true)");
397 public void ResolveMatchingCodeGroups_TwoLevel ()
399 FileCodeGroup level1
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
400 CodeGroup level2
= level1
.Copy ();
401 level1
.AddChild (level2
);
403 CodeGroup match
= level1
.ResolveMatchingCodeGroups (new Evidence ());
404 Assert
.IsNotNull (match
, "Match");
405 Assert
.IsTrue (match
.Equals (level1
, false), "Equals(false)");
406 Assert
.IsTrue (match
.Equals (level1
, true), "Equals(true)");
408 FileCodeGroup level2b
= new FileCodeGroup (new ZoneMembershipCondition (SecurityZone
.Untrusted
), FileIOPermissionAccess
.AllAccess
);
409 level1
.AddChild (level2b
);
410 CodeGroup match2
= level1
.ResolveMatchingCodeGroups (new Evidence ());
411 Assert
.IsNotNull (match2
, "Match2");
412 Assert
.IsTrue (match2
.Equals (level1
, false), "Equals(false)");
413 Assert
.IsTrue (!match2
.Equals (level1
, true), "Equals(true)");
417 public void ResolveMatchingCodeGroups_ThreeLevel ()
419 FileCodeGroup level1
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
420 CodeGroup level2
= level1
.Copy ();
421 level1
.AddChild (level2
);
422 FileCodeGroup level3
= new FileCodeGroup (new ZoneMembershipCondition (SecurityZone
.Untrusted
), FileIOPermissionAccess
.AllAccess
);
423 level2
.AddChild (level3
);
425 CodeGroup match
= level1
.ResolveMatchingCodeGroups (new Evidence ());
426 Assert
.IsNotNull (match
, "Match");
427 Assert
.IsTrue (match
.Equals (level1
, false), "Equals(false)");
428 // Equals (true) isn't a deep compare (just one level)
429 Assert
.IsTrue (match
.Equals (level1
, true), "Equals(true)");
435 FileIOPermissionAccess access
= FileIOPermissionAccess
.Read
| FileIOPermissionAccess
.Write
;
436 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), access
);
437 string s
= cg
.ToXml ().ToString ();
438 Assert
.IsTrue (s
.IndexOf ("Access=\"Read, Write\"") > 0, "Access='Read, Write'");
442 public void ToFromXmlRoundtrip ()
444 FileCodeGroup cg
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.AllAccess
);
445 cg
.Name
= "SomeName";
446 cg
.Description
= "Some Description";
447 Assert
.IsTrue (cg
.Equals (cg
), "Equals (itself)");
448 SecurityElement se
= cg
.ToXml ();
450 FileCodeGroup cg2
= new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess
.NoAccess
);
451 cg2
.Name
= "SomeOtherName";
452 cg2
.Description
= "Some Other Description";
453 Assert
.IsFalse (cg
.Equals (cg2
), "Equals (another)");
456 Assert
.IsTrue (cg
.Equals (cg2
), "Equals (FromXml)");