2 // MonoTests.System.Security.Policy.FileCodeGroupTest
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2004 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using NUnit.Framework;
32 using System.Collections;
33 using System.Security;
34 using System.Security.Policy;
35 using System.Security.Permissions;
37 namespace MonoTests.System.Security.Policy {
40 public class FileCodeGroupTest {
43 [ExpectedException (typeof (ArgumentNullException))]
44 public void Constructor_MembershipConditionNullFileIOPermissionAccess ()
46 FileCodeGroup cg = new FileCodeGroup (null, FileIOPermissionAccess.AllAccess);
50 public void Constructor_AllAccess ()
52 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
53 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
54 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
55 // documented as always null
56 Assert.IsNull (cg.AttributeString, "AttributeString");
57 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
61 public void Constructor_Append ()
63 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.Append);
64 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
65 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
66 // documented as always null
67 Assert.IsNull (cg.AttributeString, "AttributeString");
68 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
72 public void Constructor_NoAccess ()
74 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.NoAccess);
75 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
76 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
77 // documented as always null
78 Assert.IsNull (cg.AttributeString, "AttributeString");
79 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
83 public void Constructor_PathDiscovery ()
85 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.PathDiscovery);
86 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
87 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
88 // documented as always null
89 Assert.IsNull (cg.AttributeString, "AttributeString");
90 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
94 public void Constructor_Read ()
96 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.Read);
97 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
98 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
99 // documented as always null
100 Assert.IsNull (cg.AttributeString, "AttributeString");
101 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
105 public void Constructor_Write ()
107 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.Write);
108 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
109 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
110 // documented as always null
111 Assert.IsNull (cg.AttributeString, "AttributeString");
112 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
116 public void MergeLogic ()
118 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
119 Assert.AreEqual ("Union", cg.MergeLogic, "MergeLogic");
125 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
126 FileCodeGroup cg2 = (FileCodeGroup) cg.Copy ();
127 Assert.AreEqual (cg.AttributeString, cg2.AttributeString, "AttributeString");
128 Assert.AreEqual (cg.Children.Count, cg2.Children.Count, "Children");
129 Assert.AreEqual (cg.Description, cg2.Description, "Description");
130 Assert.AreEqual (cg.MergeLogic, cg2.MergeLogic, "MergeLogic");
131 Assert.AreEqual (cg.Name, cg2.Name, "Name");
132 Assert.AreEqual (cg.PermissionSetName, cg2.PermissionSetName, "PermissionSetName");
133 Assert.AreEqual (cg.ToXml ().ToString (), cg2.ToXml ().ToString (), "ToXml");
137 public void CopyWithChildren ()
139 FileCodeGroup cgChild = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
140 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
141 cg.AddChild (cgChild);
142 FileCodeGroup cg2 = (FileCodeGroup) cg.Copy ();
143 Assert.AreEqual (cg.Children.Count, cg2.Children.Count, "Children");
144 Assert.AreEqual (cg.ToXml ().ToString (), cg2.ToXml ().ToString (), "ToXml");
148 [ExpectedException (typeof (ArgumentNullException))]
149 public void Resolve_Null ()
151 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
156 public void Resolve_NoMatch ()
158 FileCodeGroup cg = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
159 Assert.IsNull (cg.Resolve (new Evidence ()));
163 public void Resolve_AllMembershipCondition_NoAccess ()
165 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.NoAccess);
166 PolicyStatement result = cg.Resolve (new Evidence ());
167 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Attributes");
168 Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
169 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "IsUnrestricted");
170 Assert.AreEqual (0, result.PermissionSet.Count, "Count");
174 public void Resolve_AllMembershipCondition_AllAccess ()
176 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
177 PolicyStatement result = cg.Resolve (new Evidence ());
178 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Attributes");
179 Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
180 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "IsUnrestricted");
181 Assert.AreEqual (0, result.PermissionSet.Count, "Count");
185 public void Resolve_ZoneMembershipCondition_Internet ()
187 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Internet);
188 PermissionSet pset = new PermissionSet (PermissionState.Unrestricted);
189 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
191 Evidence e = new Evidence ();
192 e.AddHost (new Zone (SecurityZone.Internet));
193 PolicyStatement result = cg.Resolve (e);
194 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Internet-Attributes");
195 Assert.AreEqual (String.Empty, result.AttributeString, "Internet-AttributeString");
196 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Internet-IsUnrestricted");
197 Assert.AreEqual (0, result.PermissionSet.Count, "Internet-Count");
200 e.AddHost (new Zone (SecurityZone.Intranet));
201 Assert.IsNull (cg.Resolve (e), "Intranet");
204 e.AddHost (new Zone (SecurityZone.MyComputer));
205 Assert.IsNull (cg.Resolve (e), "MyComputer");
208 e.AddHost (new Zone (SecurityZone.NoZone));
209 Assert.IsNull (cg.Resolve (e), "NoZone");
212 e.AddHost (new Zone (SecurityZone.Trusted));
213 Assert.IsNull (cg.Resolve (e), "Trusted");
216 e.AddHost (new Zone (SecurityZone.Untrusted));
217 Assert.IsNull (cg.Resolve (e), "Untrusted");
221 public void Resolve_ZoneMembershipCondition_Intranet ()
223 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Intranet);
224 PermissionSet pset = new PermissionSet (PermissionState.None);
225 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
227 Evidence e = new Evidence ();
228 e.AddHost (new Zone (SecurityZone.Intranet));
229 PolicyStatement result = cg.Resolve (e);
230 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Internet-Attributes");
231 Assert.AreEqual (String.Empty, result.AttributeString, "Internet-AttributeString");
232 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Intranet-IsUnrestricted");
233 Assert.AreEqual (0, result.PermissionSet.Count, "Intranet-Count");
236 e.AddHost (new Zone (SecurityZone.Internet));
237 Assert.IsNull (cg.Resolve (e), "Internet");
240 e.AddHost (new Zone (SecurityZone.MyComputer));
241 Assert.IsNull (cg.Resolve (e), "MyComputer");
244 e.AddHost (new Zone (SecurityZone.NoZone));
245 Assert.IsNull (cg.Resolve (e), "NoZone");
248 e.AddHost (new Zone (SecurityZone.Trusted));
249 Assert.IsNull (cg.Resolve (e), "Trusted");
252 e.AddHost (new Zone (SecurityZone.Untrusted));
253 Assert.IsNull (cg.Resolve (e), "Untrusted");
257 public void Resolve_ZoneMembershipCondition_MyComputer ()
259 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.MyComputer);
260 PermissionSet pset = new PermissionSet (PermissionState.Unrestricted);
261 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
263 Evidence e = new Evidence ();
264 e.AddHost (new Zone (SecurityZone.MyComputer));
265 PolicyStatement result = cg.Resolve (e);
266 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Internet-Attributes");
267 Assert.AreEqual (String.Empty, result.AttributeString, "Internet-AttributeString");
268 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "MyComputer-IsUnrestricted");
269 Assert.AreEqual (0, result.PermissionSet.Count, "MyComputer-Count");
272 e.AddHost (new Zone (SecurityZone.Internet));
273 Assert.IsNull (cg.Resolve (e), "Internet");
276 e.AddHost (new Zone (SecurityZone.Intranet));
277 Assert.IsNull (cg.Resolve (e), "Intranet");
280 e.AddHost (new Zone (SecurityZone.NoZone));
281 Assert.IsNull (cg.Resolve (e), "NoZone");
284 e.AddHost (new Zone (SecurityZone.Trusted));
285 Assert.IsNull (cg.Resolve (e), "Trusted");
288 e.AddHost (new Zone (SecurityZone.Untrusted));
289 Assert.IsNull (cg.Resolve (e), "Untrusted");
293 [ExpectedException (typeof (ArgumentException))]
294 public void Resolve_ZoneMembershipCondition_NoZone ()
296 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.NoZone);
300 public void Resolve_ZoneMembershipCondition_Trusted ()
302 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Trusted);
303 PermissionSet pset = new PermissionSet (PermissionState.Unrestricted);
304 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
306 Evidence e = new Evidence ();
307 e.AddHost (new Zone (SecurityZone.Trusted));
308 PolicyStatement result = cg.Resolve (e);
309 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Internet-Attributes");
310 Assert.AreEqual (String.Empty, result.AttributeString, "Internet-AttributeString");
311 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Trusted-IsUnrestricted");
312 Assert.AreEqual (0, result.PermissionSet.Count, "Trusted-Count");
315 e.AddHost (new Zone (SecurityZone.Internet));
316 Assert.IsNull (cg.Resolve (e), "Internet");
319 e.AddHost (new Zone (SecurityZone.Intranet));
320 Assert.IsNull (cg.Resolve (e), "Intranet");
323 e.AddHost (new Zone (SecurityZone.MyComputer));
324 Assert.IsNull (cg.Resolve (e), "MyComputer");
327 e.AddHost (new Zone (SecurityZone.NoZone));
328 Assert.IsNull (cg.Resolve (e), "NoZone");
331 e.AddHost (new Zone (SecurityZone.Untrusted));
332 Assert.IsNull (cg.Resolve (e), "Untrusted");
336 public void Resolve_ZoneMembershipCondition_Untrusted ()
338 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Untrusted);
339 PermissionSet pset = new PermissionSet (PermissionState.None);
340 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
342 Evidence e = new Evidence ();
343 e.AddHost (new Zone (SecurityZone.Untrusted));
344 PolicyStatement result = cg.Resolve (e);
345 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Untrusted-Attributes");
346 Assert.AreEqual (String.Empty, result.AttributeString, "Untrusted-AttributeString");
347 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Untrusted-IsUnrestricted");
348 Assert.AreEqual (0, result.PermissionSet.Count, "Untrusted-Count");
351 e.AddHost (new Zone (SecurityZone.Internet));
352 Assert.IsNull (cg.Resolve (e), "Internet");
355 e.AddHost (new Zone (SecurityZone.Intranet));
356 Assert.IsNull (cg.Resolve (e), "Intranet");
359 e.AddHost (new Zone (SecurityZone.MyComputer));
360 Assert.IsNull (cg.Resolve (e), "MyComputer");
363 e.AddHost (new Zone (SecurityZone.NoZone));
364 Assert.IsNull (cg.Resolve (e), "NoZone");
367 e.AddHost (new Zone (SecurityZone.Trusted));
368 Assert.IsNull (cg.Resolve (e), "Trusted");
372 [ExpectedException (typeof (ArgumentNullException))]
373 public void ResolveMatchingCodeGroups_Null ()
375 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
376 cg.ResolveMatchingCodeGroups (null);
380 public void ResolveMatchingCodeGroups_NoMatch ()
382 FileCodeGroup cg = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
383 Assert.IsNull (cg.ResolveMatchingCodeGroups (new Evidence ()));
387 public void ResolveMatchingCodeGroups_OneLevel ()
389 FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
390 CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
391 Assert.IsNotNull (match, "Match");
392 Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
393 Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
397 public void ResolveMatchingCodeGroups_TwoLevel ()
399 FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
400 CodeGroup level2 = level1.Copy ();
401 level1.AddChild (level2);
403 CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
404 Assert.IsNotNull (match, "Match");
405 Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
406 Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
408 FileCodeGroup level2b = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
409 level1.AddChild (level2b);
410 CodeGroup match2 = level1.ResolveMatchingCodeGroups (new Evidence ());
411 Assert.IsNotNull (match2, "Match2");
412 Assert.IsTrue (match2.Equals (level1, false), "Equals(false)");
413 Assert.IsTrue (!match2.Equals (level1, true), "Equals(true)");
417 public void ResolveMatchingCodeGroups_ThreeLevel ()
419 FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
420 CodeGroup level2 = level1.Copy ();
421 level1.AddChild (level2);
422 FileCodeGroup level3 = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
423 level2.AddChild (level3);
425 CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
426 Assert.IsNotNull (match, "Match");
427 Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
428 // Equals (true) isn't a deep compare (just one level)
429 Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
435 FileIOPermissionAccess access = FileIOPermissionAccess.Read | FileIOPermissionAccess.Write;
436 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), access);
437 string s = cg.ToXml ().ToString ();
438 Assert.IsTrue (s.IndexOf ("Access=\"Read, Write\"") > 0, "Access='Read, Write'");
442 public void ToFromXmlRoundtrip ()
444 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
445 cg.Name = "SomeName";
446 cg.Description = "Some Description";
447 Assert.IsTrue (cg.Equals (cg), "Equals (itself)");
448 SecurityElement se = cg.ToXml ();
450 FileCodeGroup cg2 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.NoAccess);
451 cg2.Name = "SomeOtherName";
452 cg2.Description = "Some Other Description";
453 Assert.IsFalse (cg.Equals (cg2), "Equals (another)");
456 Assert.IsTrue (cg.Equals (cg2), "Equals (FromXml)");