search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[LoongArch64] Part-5:add loongarch support in some files for LoongArch64. (#21769)
[mono-project.git] / mcs / class / corlib / Test / System.Security.Policy / PolicyLevelTest.cs
blob2341b51f30bed92d160ca6322f24c2e73c97f658
1 //
2 // PolicyLevelTest.cs - NUnit Test Cases for PolicyLevel
3 //
4 // Author:
5 // Sebastien Pouliot <sebastien@ximian.com>
6 //
7 // (C) 2004 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
9 //
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
17 //
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
20 //
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
28 //
29
30 using NUnit.Framework;
31 using System;
32 using System.IO;
33 using System.Security;
34 using System.Security.Permissions;
35 using System.Security.Policy;
36 using System.Text;
37
38 namespace MonoTests.System.Security.Policy {
39
40 [TestFixture]
41 #if MOBILE
42 [Ignore ("Not supported")]
43 #endif
44 public class PolicyLevelTest {
45
46 static string minimal = null;
47 static string minimal_policy = null;
48 static byte[] snPublicKey = { 0x00, 0x24, 0x00, 0x00, 0x04, 0x80, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x06, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x31, 0x00, 0x04, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x3D, 0xBD, 0x72, 0x08, 0xC6, 0x2B, 0x0E, 0xA8, 0xC1, 0xC0, 0x58, 0x07, 0x2B, 0x63, 0x5F, 0x7C, 0x9A, 0xBD, 0xCB, 0x22, 0xDB, 0x20, 0xB2, 0xA9, 0xDA, 0xDA, 0xEF, 0xE8, 0x00, 0x64, 0x2F, 0x5D, 0x8D, 0xEB, 0x78, 0x02, 0xF7, 0xA5, 0x36, 0x77, 0x28, 0xD7, 0x55, 0x8D, 0x14, 0x68, 0xDB, 0xEB, 0x24, 0x09, 0xD0, 0x2B, 0x13, 0x1B, 0x92, 0x6E, 0x2E, 0x59, 0x54, 0x4A, 0xAC, 0x18, 0xCF, 0xC9, 0x09, 0x02, 0x3F, 0x4F, 0xA8, 0x3E, 0x94, 0x00, 0x1F, 0xC2, 0xF1, 0x1A, 0x27, 0x47, 0x7D, 0x10, 0x84, 0xF5, 0x14, 0xB8, 0x61, 0x62, 0x1A, 0x0C, 0x66, 0xAB, 0xD2, 0x4C, 0x4B, 0x9F, 0xC9, 0x0F, 0x3C, 0xD8, 0x92, 0x0F, 0xF5, 0xFF, 0xCE, 0xD7, 0x6E, 0x5C, 0x6F, 0xB1, 0xF5, 0x7D, 0xD3, 0x56, 0xF9, 0x67, 0x27, 0xA4, 0xA5, 0x48, 0x5B, 0x07, 0x93, 0x44, 0x00, 0x4A, 0xF8, 0xFF, 0xA4, 0xCB };
49
50 [SetUp]
51 public void SetUp ()
52 {
53 if (minimal == null) {
54 minimal_policy = "<PolicyLevel version=\"1\">\r\n <SecurityClasses>\r\n <SecurityClass Name=\"NamedPermissionSet\"\r\n Description=\"System.Security.NamedPermissionSet\"/>\r\n <SecurityClass Name=\"ReflectionPermission\"\r\n Description=\"System.Security.Permissions.ReflectionPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"IsolatedStorageFilePermission\"\r\n Description=\"System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"AllMembershipCondition\"\r\n Description=\"System.Security.Policy.AllMembershipCondition, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"FirstMatchCodeGroup\"\r\n Description=\"System.Security.Policy.FirstMatchCodeGroup\"/>\r\n <SecurityClass Name=\"EnvironmentPermission\"\r\n Description=\"System.Security.Permissions.EnvironmentPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n";
55 minimal_policy += " <SecurityClass Name=\"StrongNameMembershipCondition\"\r\n Description=\"System.Security.Policy.StrongNameMembershipCondition, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"SecurityPermission\"\r\n Description=\"System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"UIPermission\"\r\n Description=\"System.Security.Permissions.UIPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"FileDialogPermission\"\r\n Description=\"System.Security.Permissions.FileDialogPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n </SecurityClasses>\r\n <NamedPermissionSets>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Unrestricted=\"true\"\r\n Name=\"FullTrust\"\r\n Description=\"Allows full access to all resources\"/>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"SkipVerification\"\r\n Description=\"Grants right to bypass the verification\">\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"SkipVerification\"/>\r\n </PermissionSet>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Execution\"\r\n Description=\"Permits execution\">\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Execution\"/>\r\n </PermissionSet>\r\n";
56 minimal_policy += " <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Nothing\"\r\n Description=\"Denies all resources, including the right to execute\"/>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"LocalIntranet\"\r\n Description=\"Default rights given to applications on the local intranet\">\r\n <IPermission class=\"EnvironmentPermission\"\r\n version=\"1\"\r\n Read=\"USERNAME\"/>\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"AssemblyIsolationByUser\"\r\n UserQuota=\"9223372036854775807\"\r\n Expiry=\"9223372036854775807\"\r\n Permanent=\"True\"/>\r\n <IPermission class=\"ReflectionPermission\"\r\n version=\"1\"\r\n Flags=\"ReflectionEmit\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Assertion, Execution, BindingRedirects\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n";
57 minimal_policy += " </PermissionSet>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Internet\"\r\n Description=\"Default rights given to internet applications\">\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Access=\"Open\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"DomainIsolationByUser\"\r\n UserQuota=\"10240\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Execution\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Window=\"SafeTopLevelWindows\"\r\n Clipboard=\"OwnClipboard\"/>\r\n </PermissionSet>\r\n </NamedPermissionSets>\r\n <CodeGroup class=\"FirstMatchCodeGroup\"\r\n version=\"1\"\r\n PermissionSetName=\"Nothing\">\r\n <IMembershipCondition class=\"AllMembershipCondition\"\r\n version=\"1\"/>\r\n </CodeGroup>\r\n <FullTrustAssemblies>\r\n <IMembershipCondition class=\"StrongNameMembershipCondition\"\r\n version=\"1\"\r\n PublicKeyBlob=\"00000000000000000400000000000000\"\r\n Name=\"System\"/>\r\n </FullTrustAssemblies>\r\n</PolicyLevel>\r\n";
58 minimal = Envelope (minimal_policy);
59 }
60 }
61
62 private string Envelope (string policy)
63 {
64 return "<configuration><mscorlib><security><policy>" + policy + "</policy></security></mscorlib></configuration>";
65 }
66
67 private PolicyLevel Load (string xml, PolicyLevelType type)
68 {
69 return SecurityManager.LoadPolicyLevelFromString (xml, type);
70 // return SecurityManager.LoadPolicyLevelFromFile (@"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\CONFIG\minimal.config", type);
71 }
72
73 [Test]
74 public void AddFullTrustAssembly ()
75 {
76 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
77 int n = pl.FullTrustAssemblies.Count;
78
79 StrongName sn = new StrongName (new StrongNamePublicKeyBlob (snPublicKey), "First", new Version (1, 2, 3, 4));
80 pl.AddFullTrustAssembly (sn);
81 Assert.AreEqual (n + 1, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+1");
82
83 StrongNameMembershipCondition snmc = new StrongNameMembershipCondition (new StrongNamePublicKeyBlob (snPublicKey), "Second", new Version ("0.1.2.3"));
84 pl.AddFullTrustAssembly (snmc);
85 Assert.AreEqual (n + 2, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+2");
86 }
87
88 [Test]
89 [ExpectedException (typeof (ArgumentNullException))]
90 public void AddFullTrustAssembly_NullStrongName ()
91 {
92 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
93 StrongName sn = null;
94 pl.AddFullTrustAssembly (sn);
95 }
96
97 [Test]
98 [ExpectedException (typeof (ArgumentNullException))]
99 public void AddFullTrustAssembly_NullStrongNameMembershipCondition ()
100 {
101 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
102 StrongNameMembershipCondition snmc = null;
103 pl.AddFullTrustAssembly (snmc);
104 }
105
106 [Test]
107 [ExpectedException (typeof (ArgumentException))]
108 public void AddFullTrustAssembly_DuplicateStrongName ()
109 {
110 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
111 StrongName sn = new StrongName (new StrongNamePublicKeyBlob (snPublicKey), "First", new Version (1, 2, 3, 4));
112 pl.AddFullTrustAssembly (sn);
113 pl.AddFullTrustAssembly (sn);
114 }
115
116 [Test]
117 [ExpectedException (typeof (ArgumentException))]
118 public void AddFullTrustAssembly_DuplicateStrongNameMembershipCondition ()
119 {
120 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
121 StrongNameMembershipCondition snmc = new StrongNameMembershipCondition (new StrongNamePublicKeyBlob (snPublicKey), "Second", new Version ("0.1.2.3"));
122 pl.AddFullTrustAssembly (snmc);
123 pl.AddFullTrustAssembly (snmc);
124 }
125
126 [Test]
127 public void AddNamedPermissionSet ()
128 {
129 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
130 int n = pl.NamedPermissionSets.Count;
131
132 NamedPermissionSet nps = new NamedPermissionSet ("Mono", PermissionState.Unrestricted);
133 pl.AddNamedPermissionSet (nps);
134 // ExecutionEngineException here!
135 Assert.AreEqual (n + 1, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count+1");
136 }
137
138 [Test]
139 [ExpectedException (typeof (ArgumentNullException))]
140 public void AddNamedPermissionSet_Null ()
141 {
142 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
143 pl.AddNamedPermissionSet (null);
144 }
145
146 [Test]
147 [ExpectedException (typeof (ArgumentException))]
148 public void AddNamedPermissionSet_Duplicate ()
149 {
150 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
151 NamedPermissionSet nps1 = new NamedPermissionSet ("Mono", PermissionState.Unrestricted);
152 pl.AddNamedPermissionSet (nps1);
153 NamedPermissionSet nps2 = new NamedPermissionSet ("Mono", PermissionState.None);
154 // ExecutionEngineException here!
155 pl.AddNamedPermissionSet (nps2);
156 }
157
158 [Test]
159 public void ChangeNamedPermissionSet ()
160 {
161 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
162 NamedPermissionSet nps1 = new NamedPermissionSet ("Mono", PermissionState.Unrestricted);
163 pl.AddNamedPermissionSet (nps1);
164
165 NamedPermissionSet nps2 = new NamedPermissionSet ("Mono", PermissionState.None);
166 // ExecutionEngineException here!
167 pl.ChangeNamedPermissionSet ("Mono", nps2);
168 }
169
170 [Test]
171 [ExpectedException (typeof (ArgumentNullException))]
172 public void ChangeNamedPermissionSet_NullName ()
173 {
174 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
175 NamedPermissionSet nps2 = new NamedPermissionSet ("Mono", PermissionState.None);
176 pl.ChangeNamedPermissionSet (null, nps2);
177 }
178
179 [Test]
180 [ExpectedException (typeof (ArgumentNullException))]
181 public void ChangeNamedPermissionSet_NullPermissionSet ()
182 {
183 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
184 pl.ChangeNamedPermissionSet ("Mono", null);
185 }
186
187 [Test]
188 [ExpectedException (typeof (ArgumentException))]
189 public void ChangeNamedPermissionSet_NotFound ()
190 {
191 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
192 NamedPermissionSet nps2 = new NamedPermissionSet ("Mono", PermissionState.None);
193 pl.ChangeNamedPermissionSet ("Mono", nps2);
194 }
195
196 [Test]
197 [ExpectedException (typeof (ArgumentException))]
198 public void ChangeNamedPermissionSet_Reserved_FullTrust ()
199 {
200 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
201 PermissionSet ps = new PermissionSet (PermissionState.None);
202 pl.ChangeNamedPermissionSet ("FullTrust", ps);
203 }
204
205 [Test]
206 [ExpectedException (typeof (ArgumentException))]
207 public void ChangeNamedPermissionSet_Reserved_LocalIntranet ()
208 {
209 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
210 PermissionSet ps = new PermissionSet (PermissionState.None);
211 pl.ChangeNamedPermissionSet ("LocalIntranet", ps);
212 }
213
214 [Test]
215 [ExpectedException (typeof (ArgumentException))]
216 public void ChangeNamedPermissionSet_Reserved_Internet ()
217 {
218 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
219 PermissionSet ps = new PermissionSet (PermissionState.None);
220 pl.ChangeNamedPermissionSet ("Internet", ps);
221 }
222
223 [Test]
224 [ExpectedException (typeof (ArgumentException))]
225 public void ChangeNamedPermissionSet_Reserved_SkipVerification ()
226 {
227 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
228 PermissionSet ps = new PermissionSet (PermissionState.None);
229 pl.ChangeNamedPermissionSet ("SkipVerification", ps);
230 }
231
232 [Test]
233 [ExpectedException (typeof (ArgumentException))]
234 public void ChangeNamedPermissionSet_Reserved_ ()
235 {
236 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
237 PermissionSet ps = new PermissionSet (PermissionState.None);
238 pl.ChangeNamedPermissionSet ("Execution", ps);
239 }
240
241 [Test]
242 [ExpectedException (typeof (ArgumentException))]
243 public void ChangeNamedPermissionSet_Reserved_Nothing ()
244 {
245 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
246 PermissionSet ps = new PermissionSet (PermissionState.None);
247 pl.ChangeNamedPermissionSet ("SkipVerification", ps);
248 }
249
250 [Test]
251 [ExpectedException (typeof (ArgumentException))]
252 public void ChangeNamedPermissionSet_Reserved_Everything ()
253 {
254 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
255 PermissionSet ps = new PermissionSet (PermissionState.None);
256 pl.ChangeNamedPermissionSet ("Everything", ps);
257 }
258
259 [Test]
260 public void CreateAppDomainLevel ()
261 {
262 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
263 Assert.AreEqual ("AppDomain", pl.Label, "Label");
264 Assert.AreEqual ("FullTrust", pl.RootCodeGroup.PermissionSetName, "RootCodeGroup==FullTrust");
265 Assert.AreEqual (0, pl.RootCodeGroup.Children.Count, "RootCodeGroup/NoChildren");
266 Assert.IsTrue (pl.RootCodeGroup.PolicyStatement.PermissionSet.IsUnrestricted (), "RootCodeGroup.PolicyStatement.PermissionSet.IsUnrestricted");
267 }
268
269 [Test]
270 // Makes distcheck fail because there is no Mono installed into the prefix
271 // thus making the GAC not work...
272 [Category ("NotWorking")]
273 public void FromXml ()
274 {
275 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
276 SecurityElement se = pl.ToXml ();
277 pl.FromXml (se);
278 Assert.AreEqual ("AppDomain", pl.Label, "Label");
279 Assert.AreEqual ("All_Code", pl.RootCodeGroup.Name, "RootCodeGroup");
280 Assert.AreEqual ("FullTrust", pl.RootCodeGroup.PermissionSetName, "PermissionSetName");
281 Assert.AreEqual (0, pl.RootCodeGroup.Children.Count, "Children");
282 }
283
284 [Test]
285 [ExpectedException (typeof (ArgumentNullException))]
286 public void FromXml_Null ()
287 {
288 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
289 pl.FromXml (null);
290 }
291
292 [Test]
293 // Makes distcheck fail because there is no Mono installed into the prefix
294 // thus making the GAC not work...
295 [Category ("NotWorking")]
296 [ExpectedException (typeof (ArgumentException))]
297 public void FromXml_Invalid ()
298 {
299 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
300 SecurityElement se = pl.ToXml ();
301 se.Tag = "Mono";
302 // strangely this works :(
303 pl.FromXml (se);
304 // let's get weirder :)
305 foreach (SecurityElement child in se.Children) {
306 child.Tag = "Mono";
307 }
308 pl.FromXml (se);
309 // it's enough >:)
310 }
311
312 [Test]
313 public void GetNamedPermissionSet ()
314 {
315 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
316 NamedPermissionSet nps = pl.GetNamedPermissionSet ("Mono");
317 Assert.IsNull (nps, "GetNamedPermissionSet(notfound)");
318 nps = new NamedPermissionSet ("Mono", PermissionState.None);
319 pl.AddNamedPermissionSet (nps);
320 // ExecutionEngineException here!
321 nps = pl.GetNamedPermissionSet ("Mono");
322 Assert.IsNotNull (nps, "GetNamedPermissionSet(found)");
323 }
324
325 [Test]
326 [ExpectedException (typeof (ArgumentNullException))]
327 public void GetNamedPermissionSet_Null ()
328 {
329 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
330 NamedPermissionSet nps = pl.GetNamedPermissionSet (null);
331 }
332
333 [Test]
334 public void Label ()
335 {
336 PolicyLevel pl = Load (minimal, PolicyLevelType.AppDomain);
337 Assert.AreEqual ("AppDomain", pl.Label, "Label.AppDomain");
338 pl = Load (minimal, PolicyLevelType.Enterprise);
339 Assert.AreEqual ("Enterprise", pl.Label, "Label.Enterprise");
340 pl = Load (minimal, PolicyLevelType.Machine);
341 Assert.AreEqual ("Machine", pl.Label, "Label.Machine");
342 pl = Load (minimal, PolicyLevelType.User);
343 Assert.AreEqual ("User", pl.Label, "Label.User");
344 // static method
345 pl = PolicyLevel.CreateAppDomainLevel ();
346 Assert.AreEqual ("AppDomain", pl.Label, "Label.AppDomain");
347 }
348
349 [Test]
350 [ExpectedException (typeof (PolicyException))]
351 public void Recover_LoadPolicyLevelFromFile ()
352 {
353 string temp = Path.GetTempFileName ();
354 using (FileStream fs = File.OpenWrite (temp)) {
355 // that way we're sure that no back exists
356 byte[] data = Encoding.UTF8.GetBytes (minimal);
357 fs.Write (data, 0, data.Length);
358 fs.Close ();
359 }
360 PolicyLevel pl = SecurityManager.LoadPolicyLevelFromFile (temp, PolicyLevelType.User);
361 pl.Recover ();
362 // can't recover if no backup exists
363 }
364
365 [Test]
366 [ExpectedException (typeof (PolicyException))]
367 public void Recover_LoadPolicyLevelFromString ()
368 {
369 PolicyLevel pl = SecurityManager.LoadPolicyLevelFromString (minimal, PolicyLevelType.Enterprise);
370 pl.Recover ();
371 // can't recover as it's not file based
372 }
373
374 [Test]
375 [ExpectedException (typeof (PolicyException))]
376 public void Recover_AppDomainLevel ()
377 {
378 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
379 pl.Recover ();
380 // can't recover as it's not file based
381 }
382
383 [Test]
384 public void RemoveFullTrustAssembly ()
385 {
386 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
387 int n = pl.FullTrustAssemblies.Count;
388
389 StrongName sn = new StrongName (new StrongNamePublicKeyBlob (snPublicKey), "First", new Version (1, 2, 3, 4));
390 pl.AddFullTrustAssembly (sn);
391 Assert.AreEqual (n + 1, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+1");
392
393 StrongNameMembershipCondition snmc = new StrongNameMembershipCondition (new StrongNamePublicKeyBlob (snPublicKey), "Second", new Version ("0.1.2.3"));
394 pl.AddFullTrustAssembly (snmc);
395 Assert.AreEqual (n + 2, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+2");
396
397 pl.RemoveFullTrustAssembly (sn);
398 Assert.AreEqual (n + 1, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count-1");
399
400 pl.RemoveFullTrustAssembly (snmc);
401 Assert.AreEqual (n, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count-2");
402 }
403
404 [Test]
405 [ExpectedException (typeof (ArgumentNullException))]
406 public void RemoveFullTrustAssembly_NullStrongName ()
407 {
408 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
409 StrongName sn = null;
410 pl.RemoveFullTrustAssembly (sn);
411 }
412
413 [Test]
414 [ExpectedException (typeof (ArgumentNullException))]
415 public void RemoveFullTrustAssembly_NullStrongNameMembershipCondition ()
416 {
417 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
418 StrongNameMembershipCondition snmc = null;
419 pl.RemoveFullTrustAssembly (snmc);
420 }
421
422 [Test]
423 [ExpectedException (typeof (ArgumentException))]
424 public void RemoveFullTrustAssembly_UnknownStrongName () {
425 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
426 StrongName sn = new StrongName (new StrongNamePublicKeyBlob (snPublicKey), "First", new Version (1, 2, 3, 4));
427 pl.RemoveFullTrustAssembly (sn);
428 }
429
430 [Test]
431 [ExpectedException (typeof (ArgumentException))]
432 public void RemoveFullTrustAssembly_UnknownStrongNameMembershipCondition ()
433 {
434 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
435 StrongNameMembershipCondition snmc = new StrongNameMembershipCondition (new StrongNamePublicKeyBlob (snPublicKey), "Second", new Version ("0.1.2.3"));
436 pl.RemoveFullTrustAssembly (snmc);
437 }
438
439 [Test]
440 public void RemoveNamedPermissionSet ()
441 {
442 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
443 int n = pl.NamedPermissionSets.Count;
444 NamedPermissionSet nps = new NamedPermissionSet ("Mono", PermissionState.Unrestricted);
445 pl.AddNamedPermissionSet (nps);
446 // ExecutionEngineException here!
447 pl.RemoveNamedPermissionSet (nps);
448 Assert.AreEqual (n, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count");
449 }
450
451 [Test]
452 [ExpectedException (typeof (ArgumentNullException))]
453 public void RemoveNamedPermissionSet_Null ()
454 {
455 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
456 pl.RemoveNamedPermissionSet ((NamedPermissionSet)null);
457 }
458
459 [Test]
460 [ExpectedException (typeof (ArgumentException))]
461 public void RemoveNamedPermissionSet_NotFound ()
462 {
463 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
464 NamedPermissionSet nps = new NamedPermissionSet ("Mono", PermissionState.Unrestricted);
465 pl.RemoveNamedPermissionSet (nps);
466 }
467
468 [Test]
469 public void RemoveNamedPermissionSet_String ()
470 {
471 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
472 int n = pl.NamedPermissionSets.Count;
473 NamedPermissionSet nps = new NamedPermissionSet ("Mono", PermissionState.Unrestricted);
474 pl.AddNamedPermissionSet (nps);
475 // ExecutionEngineException here!
476 pl.RemoveNamedPermissionSet ("Mono");
477 Assert.AreEqual (n, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count");
478 }
479
480 [Test]
481 [ExpectedException (typeof (ArgumentNullException))]
482 public void RemoveNamedPermissionSet_StringNull ()
483 {
484 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
485 pl.RemoveNamedPermissionSet ((string)null);
486 }
487
488 [Test]
489 [ExpectedException (typeof (ArgumentException))]
490 public void RemoveNamedPermissionSet_StringNotFound ()
491 {
492 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
493 pl.RemoveNamedPermissionSet ("Mono");
494 }
495
496 [Test]
497 [ExpectedException (typeof (ArgumentException))]
498 public void RemoveNamedPermissionSet_FullTrust_ReservedName ()
499 {
500 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
501 pl.RemoveNamedPermissionSet ("FullTrust");
502 }
503
504 [Test]
505 [ExpectedException (typeof (ArgumentException))]
506 public void RemoveNamedPermissionSet_LocalIntranet_ReservedName ()
507 {
508 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
509 pl.RemoveNamedPermissionSet ("LocalIntranet");
510 }
511
512 [Test]
513 [ExpectedException (typeof (ArgumentException))]
514 public void RemoveNamedPermissionSet_Internet_ReservedName ()
515 {
516 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
517 pl.RemoveNamedPermissionSet ("Internet");
518 }
519
520 [Test]
521 [ExpectedException (typeof (ArgumentException))]
522 public void RemoveNamedPermissionSet_SkipVerification_ReservedName ()
523 {
524 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
525 pl.RemoveNamedPermissionSet ("SkipVerification");
526 }
527
528 [Test]
529 [ExpectedException (typeof (ArgumentException))]
530 public void RemoveNamedPermissionSet_Execution_ReservedName ()
531 {
532 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
533 pl.RemoveNamedPermissionSet ("Execution");
534 }
535
536 [Test]
537 [ExpectedException (typeof (ArgumentException))]
538 public void RemoveNamedPermissionSet_Nothing_ReservedName ()
539 {
540 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
541 pl.RemoveNamedPermissionSet ("Nothing");
542 }
543
544 [Test]
545 [ExpectedException (typeof (ArgumentException))]
546 public void RemoveNamedPermissionSet_Everything_ReservedName ()
547 {
548 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
549 pl.RemoveNamedPermissionSet ("Everything");
550 }
551
552 [Test]
553 public void Reset ()
554 {
555 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
556
557 int n = pl.FullTrustAssemblies.Count;
558 StrongName sn = new StrongName (new StrongNamePublicKeyBlob (snPublicKey), "First", new Version (1, 2, 3, 4));
559 pl.AddFullTrustAssembly (sn);
560 Assert.AreEqual (n + 1, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+1");
561
562 int m = pl.NamedPermissionSets.Count;
563
564 NamedPermissionSet nps = new NamedPermissionSet ("Mono");
565 pl.AddNamedPermissionSet (nps);
566 Assert.AreEqual (m + 1, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count+1");
567
568 pl.Reset ();
569 Assert.AreEqual (n, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count");
570 Assert.AreEqual (m, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count");
571 }
572
573 [Test]
574 [ExpectedException (typeof (ArgumentNullException))]
575 public void Resolve_Null ()
576 {
577 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
578 pl.Resolve (null);
579 }
580
581 [Test]
582 public void Resolve_Empty ()
583 {
584 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
585 PolicyStatement result = pl.Resolve (new Evidence ());
586 Assert.IsNotNull (result, "PolicyStatement");
587 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Attributes");
588 Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
589 Assert.IsTrue (result.PermissionSet.IsUnrestricted (), "IsUnrestricted");
590 Assert.AreEqual (0, result.PermissionSet.Count, "Count");
591 }
592
593 private void Resolve_Zone (PolicyLevel level, SecurityZone z, PolicyStatementAttribute attr, bool unrestricted, int count)
594 {
595 string prefix = z.ToString () + "-" + attr.ToString () + "-";
596 Evidence e = new Evidence ();
597 e.AddHost (new Zone (z));
598 PolicyStatement result = level.Resolve (e);
599 if (unrestricted) {
600 Assert.AreEqual (attr, result.Attributes, prefix + "Attributes");
601 switch (attr) {
602 case PolicyStatementAttribute.Nothing:
603 Assert.AreEqual (String.Empty, result.AttributeString, prefix + "AttributeString");
604 break;
605 case PolicyStatementAttribute.Exclusive:
606 Assert.AreEqual ("Exclusive", result.AttributeString, prefix + "AttributeString");
607 break;
608 case PolicyStatementAttribute.LevelFinal:
609 Assert.AreEqual ("LevelFinal", result.AttributeString, prefix + "AttributeString");
610 break;
611 case PolicyStatementAttribute.All:
612 Assert.AreEqual ("Exclusive LevelFinal", result.AttributeString, prefix + "AttributeString");
613 break;
614 }
615 }
616 else {
617 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, prefix + "Attributes");
618 Assert.AreEqual (String.Empty, result.AttributeString, prefix + "AttributeString");
619 }
620 Assert.AreEqual (unrestricted, result.PermissionSet.IsUnrestricted (), prefix + "IsUnrestricted");
621 Assert.AreEqual (count, result.PermissionSet.Count, prefix + "Count");
622 }
623
624 private void Resolve_Zone_Unrestricted_Attribute (SecurityZone zone, PolicyStatementAttribute attr)
625 {
626 IMembershipCondition mc = new ZoneMembershipCondition (zone);
627 PolicyStatement ps = new PolicyStatement (new PermissionSet (PermissionState.Unrestricted));
628 ps.Attributes = attr;
629 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
630 pl.RootCodeGroup = new UnionCodeGroup (mc, ps);
631
632 Resolve_Zone (pl, SecurityZone.Internet, attr, (zone == SecurityZone.Internet), 0);
633 Resolve_Zone (pl, SecurityZone.Intranet, attr, (zone == SecurityZone.Intranet), 0);
634 Resolve_Zone (pl, SecurityZone.MyComputer, attr, (zone == SecurityZone.MyComputer), 0);
635 Resolve_Zone (pl, SecurityZone.NoZone, attr, (zone == SecurityZone.NoZone), 0);
636 Resolve_Zone (pl, SecurityZone.Trusted, attr, (zone == SecurityZone.Trusted), 0);
637 Resolve_Zone (pl, SecurityZone.Untrusted, attr, (zone == SecurityZone.Untrusted), 0);
638 }
639
640 [Test]
641 public void Resolve_MyComputerUnrestricted ()
642 {
643 SecurityZone z = SecurityZone.MyComputer;
644 Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.Nothing);
645 Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.Exclusive);
646 Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.LevelFinal);
647 Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.All);
648 }
649
650 [Test]
651 public void Resolve_InternetUnrestricted ()
652 {
653 SecurityZone z = SecurityZone.Internet;
654 Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.Nothing);
655 Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.Exclusive);
656 Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.LevelFinal);
657 Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.All);
658 }
659
660 [Test]
661 [ExpectedException (typeof (ArgumentNullException))]
662 public void ResolveMatchingCodeGroups_Null ()
663 {
664 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
665 pl.ResolveMatchingCodeGroups (null);
666 }
667
668 [Test]
669 public void ResolveMatchingCodeGroups_Empty ()
670 {
671 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
672 CodeGroup result = pl.ResolveMatchingCodeGroups (new Evidence ());
673 Assert.IsNotNull (result, "CodeGroup");
674 Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
675 Assert.AreEqual (0, result.Children.Count, "Count");
676 Assert.AreEqual ("Union", result.MergeLogic, "MergeLogic");
677 Assert.IsTrue (result.PolicyStatement.PermissionSet.IsUnrestricted (), "IsUnrestricted");
678 }
679
680 [Test]
681 [ExpectedException (typeof (ArgumentNullException))]
682 public void RootCodeGroup_Null ()
683 {
684 PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
685 pl.RootCodeGroup = null;
686 }
687
688 [Test]
689 public void StoreLocation ()
690 {
691 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
692 // loaded from a string - no store
693 Assert.IsNull (pl.StoreLocation, "StoreLocation(string)");
694
695 string filename = Path.GetFullPath (Environment.UserName + "-unittest.config");
696 using (StreamWriter sw = new StreamWriter (filename, false)) {
697 sw.Write (minimal);
698 }
699 pl = SecurityManager.LoadPolicyLevelFromFile (filename, PolicyLevelType.Machine);
700 Assert.AreEqual (filename, pl.StoreLocation, "StoreLocation(file)");
701
702 File.Delete (filename);
703 }
704
705 [Test]
706 public void ToXml ()
707 {
708 PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
709 PolicyLevel pl2 = PolicyLevel.CreateAppDomainLevel ();
710 SecurityElement se = pl.ToXml ();
711 pl2.FromXml (se);
712
713 Assert.AreEqual (pl.FullTrustAssemblies.Count, pl2.FullTrustAssemblies.Count, "ToXml-FullTrustAssemblies");
714 Assert.AreEqual (pl.NamedPermissionSets.Count, pl2.NamedPermissionSets.Count, "ToXml-NamedPermissionSets");
715 Assert.IsTrue (pl.RootCodeGroup.Equals (pl2.RootCodeGroup, true), "ToXml-RootCodeGroup");
716 Assert.AreEqual (pl.StoreLocation, pl2.StoreLocation, "ToXml-StoreLocation");
717 }
718 }
719 }
Mirror of the official Mono project git repository