mcs/class/corlib/Test/System.Security/SecurityManagerCas.cs

   1 //
   2 // SecurityManagerCas.cs - CAS unit tests for System.Security.SecurityManager
   3 //
   4 // Author:
   5 //      Sebastien Pouliot  <sebastien@ximian.com>
   6 //
   7 // Copyright (C) 2005 Novell, Inc (http://www.novell.com)
   8 //
   9 // Permission is hereby granted, free of charge, to any person obtaining
  10 // a copy of this software and associated documentation files (the
  11 // "Software"), to deal in the Software without restriction, including
  12 // without limitation the rights to use, copy, modify, merge, publish,
  13 // distribute, sublicense, and/or sell copies of the Software, and to
  14 // permit persons to whom the Software is furnished to do so, subject to
  15 // the following conditions:
  16 //
  17 // The above copyright notice and this permission notice shall be
  18 // included in all copies or substantial portions of the Software.
  19 //
  20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  27 //
  28
  29 using NUnit.Framework;
  30
  31 using System;
  32 using System.Collections;
  33 using System.Reflection;
  34 using System.Security;
  35 using System.Security.Permissions;
  36 using System.Security.Policy;
  37
  38 namespace MonoCasTests.System.Security {
  39
  40         [TestFixture]
  41         [Category ("CAS")]
  42         public class SecurityManagerCas {
  43
  44                 [SetUp]
  45                 public void SetUp ()
  46                 {
  47                         if (!SecurityManager.SecurityEnabled)
  48                                 Assert.Ignore ("SecurityManager.SecurityEnabled is OFF");
  49                 }
  50
  51                 [Test]
  52                 public void IsGranted_Null ()
  53                 {
  54                         // null is always granted
  55                         Assert.IsTrue (SecurityManager.IsGranted (null));
  56                 }
  57
  58                 [Test]
  59                 [SecurityPermission (SecurityAction.Deny, ControlPolicy = true)]
  60                 [ExpectedException (typeof (SecurityException))]
  61                 public void CheckExecutionRights_DenyControlPolicy ()
  62                 {
  63                         SecurityManager.CheckExecutionRights = SecurityManager.CheckExecutionRights;
  64                 }
  65
  66                 [Test]
  67                 [SecurityPermission (SecurityAction.PermitOnly, ControlPolicy = true)]
  68                 public void CheckExecutionRights_PermitOnlyControlPolicy ()
  69                 {
  70                         SecurityManager.CheckExecutionRights = SecurityManager.CheckExecutionRights;
  71                 }
  72
  73                 [Test]
  74                 [SecurityPermission (SecurityAction.Deny, ControlPolicy = true)]
  75                 // it seems that this was removed in 2.0 - maybe because you can't turn CAS off ?!?
  76                 public void SecurityEnabled_DenyControlPolicy ()
  77                 {
  78                         SecurityManager.SecurityEnabled = false;
  79                 }
  80
  81                 [Test]
  82                 [SecurityPermission (SecurityAction.PermitOnly, ControlPolicy = true)]
  83                 public void SecurityEnabled_PermitOnlyControlPolicy ()
  84                 {
  85                         SecurityManager.SecurityEnabled = SecurityManager.SecurityEnabled;
  86                 }
  87
  88                 // identities permission are unrestricted since 2.0
  89                 // the Deny shows that IsGranted only checks for assembly
  90                 // granted set (and not the stack modifiers)
  91
  92                 [Test]
  93                 [PermissionSet (SecurityAction.Deny, Unrestricted = true)]
  94                 public void IsGranted_GacIdentityPermission ()
  95                 {
  96                         GacIdentityPermission gip = new GacIdentityPermission ();
  97                         Assert.IsTrue (SecurityManager.IsGranted (gip));
  98                 }
  99                 [Test]
 100                 [PermissionSet (SecurityAction.Deny, Unrestricted = true)]
 101                 public void IsGranted_ZoneIdentityPermission ()
 102                 {
 103                         ZoneIdentityPermission zip = new ZoneIdentityPermission (SecurityZone.Internet);
 104                         Assert.IsTrue (SecurityManager.IsGranted (zip));
 105                 }
 106
 107                 [Test]
 108                 [ExpectedException (typeof (PolicyException))]
 109                 public void ResolvePolicy_Evidence_AllNull ()
 110                 {
 111                         Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights");
 112                         PermissionSet denied = null;
 113                         // null (2nd) is missing the Execution right
 114                         SecurityManager.ResolvePolicy (null, null, null, null, out denied);
 115                 }
 116
 117                 [Test]
 118                 [ExpectedException (typeof (PolicyException))]
 119                 public void ResolvePolicy_Evidence_MinExec ()
 120                 {
 121                         Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights");
 122                         PermissionSet ps = new PermissionSet (PermissionState.None);
 123                         ps.AddPermission (new SecurityPermission (SecurityPermissionFlag.Execution));
 124                         PermissionSet denied = null;
 125                         SecurityManager.ResolvePolicy (null, ps, null, null, out denied);
 126                         // the security manager doesn't try the optional permissions to find the execution right
 127                 }
 128
 129                 [Test]
 130                 [ExpectedException (typeof (PolicyException))]
 131                 public void ResolvePolicy_Evidence_MinNullExecOpt ()
 132                 {
 133                         Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights");
 134                         PermissionSet ps = new PermissionSet (PermissionState.None);
 135                         ps.AddPermission (new SecurityPermission (SecurityPermissionFlag.Execution));
 136                         PermissionSet denied = null;
 137                         // null (2nd) is missing the Execution right
 138                         SecurityManager.ResolvePolicy (null, null, ps, null, out denied);
 139                 }
 140         }
 141 }