// PolicyLevelTest.cs - NUnit Test Cases for PolicyLevel
//
// Author:
-// Sebastien Pouliot (spouliot@motus.com)
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2004 Motus Technologies Inc. (http://www.motus.com)
+// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using NUnit.Framework;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
+using System.Text;
namespace MonoTests.System.Security.Policy {
[TestFixture]
- public class PolicyLevelTest : Assertion {
+ public class PolicyLevelTest {
static string minimal = null;
static string minimal_policy = null;
static byte[] snPublicKey = { 0x00, 0x24, 0x00, 0x00, 0x04, 0x80, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x06, 0x02, 0x00, 0x00, 0x00, 0x24, 0x00, 0x00, 0x52, 0x53, 0x41, 0x31, 0x00, 0x04, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x3D, 0xBD, 0x72, 0x08, 0xC6, 0x2B, 0x0E, 0xA8, 0xC1, 0xC0, 0x58, 0x07, 0x2B, 0x63, 0x5F, 0x7C, 0x9A, 0xBD, 0xCB, 0x22, 0xDB, 0x20, 0xB2, 0xA9, 0xDA, 0xDA, 0xEF, 0xE8, 0x00, 0x64, 0x2F, 0x5D, 0x8D, 0xEB, 0x78, 0x02, 0xF7, 0xA5, 0x36, 0x77, 0x28, 0xD7, 0x55, 0x8D, 0x14, 0x68, 0xDB, 0xEB, 0x24, 0x09, 0xD0, 0x2B, 0x13, 0x1B, 0x92, 0x6E, 0x2E, 0x59, 0x54, 0x4A, 0xAC, 0x18, 0xCF, 0xC9, 0x09, 0x02, 0x3F, 0x4F, 0xA8, 0x3E, 0x94, 0x00, 0x1F, 0xC2, 0xF1, 0x1A, 0x27, 0x47, 0x7D, 0x10, 0x84, 0xF5, 0x14, 0xB8, 0x61, 0x62, 0x1A, 0x0C, 0x66, 0xAB, 0xD2, 0x4C, 0x4B, 0x9F, 0xC9, 0x0F, 0x3C, 0xD8, 0x92, 0x0F, 0xF5, 0xFF, 0xCE, 0xD7, 0x6E, 0x5C, 0x6F, 0xB1, 0xF5, 0x7D, 0xD3, 0x56, 0xF9, 0x67, 0x27, 0xA4, 0xA5, 0x48, 0x5B, 0x07, 0x93, 0x44, 0x00, 0x4A, 0xF8, 0xFF, 0xA4, 0xCB };
[SetUp]
- void Prepare ()
+ public void SetUp ()
{
if (minimal == null) {
- minimal_policy = "<PolicyLevel version=\"1\">\r\n <SecurityClasses>\r\n <SecurityClass Name=\"PrintingPermission\"\r\n Description=\"System.Drawing.Printing.PrintingPermission, System.Drawing, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\"/>\r\n <SecurityClass Name=\"NamedPermissionSet\"\r\n Description=\"System.Security.NamedPermissionSet\"/>\r\n <SecurityClass Name=\"ReflectionPermission\"\r\n Description=\"System.Security.Permissions.ReflectionPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"DnsPermission\"\r\n Description=\"System.Net.DnsPermission, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"EventLogPermission\"\r\n Description=\"System.Diagnostics.EventLogPermission, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"IsolatedStorageFilePermission\"\r\n Description=\"System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"AllMembershipCondition\"\r\n Description=\"System.Security.Policy.AllMembershipCondition, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"FirstMatchCodeGroup\"\r\n Description=\"System.Security.Policy.FirstMatchCodeGroup\"/>\r\n <SecurityClass Name=\"EnvironmentPermission\"\r\n Description=\"System.Security.Permissions.EnvironmentPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n";
+ minimal_policy = "<PolicyLevel version=\"1\">\r\n <SecurityClasses>\r\n <SecurityClass Name=\"NamedPermissionSet\"\r\n Description=\"System.Security.NamedPermissionSet\"/>\r\n <SecurityClass Name=\"ReflectionPermission\"\r\n Description=\"System.Security.Permissions.ReflectionPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"IsolatedStorageFilePermission\"\r\n Description=\"System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"AllMembershipCondition\"\r\n Description=\"System.Security.Policy.AllMembershipCondition, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"FirstMatchCodeGroup\"\r\n Description=\"System.Security.Policy.FirstMatchCodeGroup\"/>\r\n <SecurityClass Name=\"EnvironmentPermission\"\r\n Description=\"System.Security.Permissions.EnvironmentPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n";
minimal_policy += " <SecurityClass Name=\"StrongNameMembershipCondition\"\r\n Description=\"System.Security.Policy.StrongNameMembershipCondition, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"SecurityPermission\"\r\n Description=\"System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"UIPermission\"\r\n Description=\"System.Security.Permissions.UIPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"FileDialogPermission\"\r\n Description=\"System.Security.Permissions.FileDialogPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n </SecurityClasses>\r\n <NamedPermissionSets>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Unrestricted=\"true\"\r\n Name=\"FullTrust\"\r\n Description=\"Allows full access to all resources\"/>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"SkipVerification\"\r\n Description=\"Grants right to bypass the verification\">\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"SkipVerification\"/>\r\n </PermissionSet>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Execution\"\r\n Description=\"Permits execution\">\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Execution\"/>\r\n </PermissionSet>\r\n";
- minimal_policy += " <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Nothing\"\r\n Description=\"Denies all resources, including the right to execute\"/>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"LocalIntranet\"\r\n Description=\"Default rights given to applications on the local intranet\">\r\n <IPermission class=\"EnvironmentPermission\"\r\n version=\"1\"\r\n Read=\"USERNAME\"/>\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"AssemblyIsolationByUser\"\r\n UserQuota=\"9223372036854775807\"\r\n Expiry=\"9223372036854775807\"\r\n Permanent=\"True\"/>\r\n <IPermission class=\"ReflectionPermission\"\r\n version=\"1\"\r\n Flags=\"ReflectionEmit\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Assertion, Execution, BindingRedirects\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"DnsPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"PrintingPermission\"\r\n version=\"1\"\r\n Level=\"DefaultPrinting\"/>\r\n <IPermission class=\"EventLogPermission\"\r\n version=\"1\">\r\n <Machine name=\".\"\r\n access=\"Instrument\"/>\r\n";
- minimal_policy += " </IPermission>\r\n </PermissionSet>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Internet\"\r\n Description=\"Default rights given to internet applications\">\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Access=\"Open\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"DomainIsolationByUser\"\r\n UserQuota=\"10240\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Execution\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Window=\"SafeTopLevelWindows\"\r\n Clipboard=\"OwnClipboard\"/>\r\n <IPermission class=\"PrintingPermission\"\r\n version=\"1\"\r\n Level=\"SafePrinting\"/>\r\n </PermissionSet>\r\n </NamedPermissionSets>\r\n <CodeGroup class=\"FirstMatchCodeGroup\"\r\n version=\"1\"\r\n PermissionSetName=\"Nothing\">\r\n <IMembershipCondition class=\"AllMembershipCondition\"\r\n version=\"1\"/>\r\n </CodeGroup>\r\n <FullTrustAssemblies>\r\n <IMembershipCondition class=\"StrongNameMembershipCondition\"\r\n version=\"1\"\r\n PublicKeyBlob=\"00000000000000000400000000000000\"\r\n Name=\"System\"/>\r\n </FullTrustAssemblies>\r\n</PolicyLevel>\r\n";
+ minimal_policy += " <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Nothing\"\r\n Description=\"Denies all resources, including the right to execute\"/>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"LocalIntranet\"\r\n Description=\"Default rights given to applications on the local intranet\">\r\n <IPermission class=\"EnvironmentPermission\"\r\n version=\"1\"\r\n Read=\"USERNAME\"/>\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"AssemblyIsolationByUser\"\r\n UserQuota=\"9223372036854775807\"\r\n Expiry=\"9223372036854775807\"\r\n Permanent=\"True\"/>\r\n <IPermission class=\"ReflectionPermission\"\r\n version=\"1\"\r\n Flags=\"ReflectionEmit\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Assertion, Execution, BindingRedirects\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n";
+ minimal_policy += " </PermissionSet>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Internet\"\r\n Description=\"Default rights given to internet applications\">\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Access=\"Open\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"DomainIsolationByUser\"\r\n UserQuota=\"10240\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Execution\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Window=\"SafeTopLevelWindows\"\r\n Clipboard=\"OwnClipboard\"/>\r\n </PermissionSet>\r\n </NamedPermissionSets>\r\n <CodeGroup class=\"FirstMatchCodeGroup\"\r\n version=\"1\"\r\n PermissionSetName=\"Nothing\">\r\n <IMembershipCondition class=\"AllMembershipCondition\"\r\n version=\"1\"/>\r\n </CodeGroup>\r\n <FullTrustAssemblies>\r\n <IMembershipCondition class=\"StrongNameMembershipCondition\"\r\n version=\"1\"\r\n PublicKeyBlob=\"00000000000000000400000000000000\"\r\n Name=\"System\"/>\r\n </FullTrustAssemblies>\r\n</PolicyLevel>\r\n";
minimal = Envelope (minimal_policy);
}
}
StrongName sn = new StrongName (new StrongNamePublicKeyBlob (snPublicKey), "First", new Version (1, 2, 3, 4));
pl.AddFullTrustAssembly (sn);
- AssertEquals ("FullTrustAssemblies.Count+1", n+1, pl.FullTrustAssemblies.Count);
+ Assert.AreEqual (n + 1, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+1");
StrongNameMembershipCondition snmc = new StrongNameMembershipCondition (new StrongNamePublicKeyBlob (snPublicKey), "Second", new Version ("0.1.2.3"));
pl.AddFullTrustAssembly (snmc);
- AssertEquals ("FullTrustAssemblies.Count+2", n+2, pl.FullTrustAssemblies.Count);
+ Assert.AreEqual (n + 2, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+2");
}
[Test]
}
[Test]
- [Ignore ("System.ExecutionEngineException on MS runtime (1.1)")]
+#if ! NET_2_0
+ [Category ("NotDotNet")] // System.ExecutionEngineException on MS runtime (1.1)
+#endif
public void AddNamedPermissionSet ()
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
NamedPermissionSet nps = new NamedPermissionSet ("Mono", PermissionState.Unrestricted);
pl.AddNamedPermissionSet (nps);
// ExecutionEngineException here!
- AssertEquals ("NamedPermissionSets.Count+1", n+1, pl.NamedPermissionSets.Count);
+ Assert.AreEqual (n + 1, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count+1");
}
[Test]
}
[Test]
- [ExpectedException (typeof (ArgumentException))]
- [Ignore ("System.ExecutionEngineException on MS runtime (1.1)")]
+ [ExpectedException (typeof (ArgumentException))]\r
+#if ! NET_2_0
+ [Category ("NotDotNet")] // System.ExecutionEngineException on MS runtime (1.1)
+#endif\r
public void AddNamedPermissionSet_Duplicate ()
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
pl.AddNamedPermissionSet (nps2);
}
- [Test]
- [Ignore ("System.ExecutionEngineException on MS runtime (1.1)")]
+ [Test]\r
+#if ! NET_2_0
+ [Category ("NotDotNet")] // System.ExecutionEngineException on MS runtime (1.1)
+#endif\r
public void ChangeNamedPermissionSet ()
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
public void CreateAppDomainLevel ()
{
PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
- AssertEquals ("Label", "AppDomain", pl.Label);
- AssertEquals ("RootCodeGroup==FullTrust", "FullTrust", pl.RootCodeGroup.PermissionSetName);
- AssertEquals ("RootCodeGroup/NoChildren", 0, pl.RootCodeGroup.Children.Count);
- Assert ("RootCodeGroup.PolicyStatement.PermissionSet.IsUnrestricted", pl.RootCodeGroup.PolicyStatement.PermissionSet.IsUnrestricted ());
+ Assert.AreEqual ("AppDomain", pl.Label, "Label");
+ Assert.AreEqual ("FullTrust", pl.RootCodeGroup.PermissionSetName, "RootCodeGroup==FullTrust");
+ Assert.AreEqual (0, pl.RootCodeGroup.Children.Count, "RootCodeGroup/NoChildren");
+ Assert.IsTrue (pl.RootCodeGroup.PolicyStatement.PermissionSet.IsUnrestricted (), "RootCodeGroup.PolicyStatement.PermissionSet.IsUnrestricted");
}
[Test]
+ // Makes distcheck fail because there is no Mono installed into the prefix
+ // thus making the GAC not work...
+ [Category ("NotWorking")]
public void FromXml ()
{
PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
SecurityElement se = pl.ToXml ();
pl.FromXml (se);
- AssertEquals ("Label", "AppDomain", pl.Label);
- AssertEquals ("RootCodeGroup", "All_Code", pl.RootCodeGroup.Name);
- AssertEquals ("RootCodeGroup", "FullTrust", pl.RootCodeGroup.PermissionSetName);
- AssertEquals ("RootCodeGroup", 0, pl.RootCodeGroup.Children.Count);
+ Assert.AreEqual ("AppDomain", pl.Label, "Label");
+ Assert.AreEqual ("All_Code", pl.RootCodeGroup.Name, "RootCodeGroup");
+ Assert.AreEqual ("FullTrust", pl.RootCodeGroup.PermissionSetName, "PermissionSetName");
+ Assert.AreEqual (0, pl.RootCodeGroup.Children.Count, "Children");
}
[Test]
}
[Test]
+ // Makes distcheck fail because there is no Mono installed into the prefix
+ // thus making the GAC not work...
+ [Category ("NotWorking")]
[ExpectedException (typeof (ArgumentException))]
public void FromXml_Invalid ()
{
// it's enough >:)
}
- [Test]
- [Ignore ("System.ExecutionEngineException on MS runtime (1.1)")]
+ [Test]\r
+#if ! NET_2_0
+ [Category ("NotDotNet")] // System.ExecutionEngineException on MS runtime (1.1)
+#endif\r
public void GetNamedPermissionSet ()
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
NamedPermissionSet nps = pl.GetNamedPermissionSet ("Mono");
- AssertNull ("GetNamedPermissionSet(notfound)", nps);
+ Assert.IsNull (nps, "GetNamedPermissionSet(notfound)");
nps = new NamedPermissionSet ("Mono", PermissionState.None);
pl.AddNamedPermissionSet (nps);
// ExecutionEngineException here!
nps = pl.GetNamedPermissionSet ("Mono");
- AssertNotNull ("GetNamedPermissionSet(found)", nps);
+ Assert.IsNotNull (nps, "GetNamedPermissionSet(found)");
}
[Test]
public void Label ()
{
PolicyLevel pl = Load (minimal, PolicyLevelType.AppDomain);
- AssertEquals ("Label.AppDomain", "AppDomain", pl.Label);
+ Assert.AreEqual ("AppDomain", pl.Label, "Label.AppDomain");
pl = Load (minimal, PolicyLevelType.Enterprise);
- AssertEquals ("Label.Enterprise", "Enterprise", pl.Label);
+ Assert.AreEqual ("Enterprise", pl.Label, "Label.Enterprise");
pl = Load (minimal, PolicyLevelType.Machine);
- AssertEquals ("Label.Machine", "Machine", pl.Label);
+ Assert.AreEqual ("Machine", pl.Label, "Label.Machine");
pl = Load (minimal, PolicyLevelType.User);
- AssertEquals ("Label.User", "User", pl.Label);
+ Assert.AreEqual ("User", pl.Label, "Label.User");
// static method
pl = PolicyLevel.CreateAppDomainLevel ();
- AssertEquals ("Label.AppDomain", "AppDomain", pl.Label);
- }
-
- [Test]
- public void Recover ()
- {
- // note: may be dangerous to test
+ Assert.AreEqual ("AppDomain", pl.Label, "Label.AppDomain");
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (PolicyException))]\r
+ public void Recover_LoadPolicyLevelFromFile ()\r
+ {\r
+ string temp = Path.GetTempFileName ();\r
+ using (FileStream fs = File.OpenWrite (temp)) {\r
+ // that way we're sure that no back exists\r
+ byte[] data = Encoding.UTF8.GetBytes (minimal);\r
+ fs.Write (data, 0, data.Length);\r
+ fs.Close ();\r
+ }\r
+ PolicyLevel pl = SecurityManager.LoadPolicyLevelFromFile (temp, PolicyLevelType.User);\r
+ pl.Recover ();\r
+ // can't recover if no backup exists\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (PolicyException))]\r
+ public void Recover_LoadPolicyLevelFromString ()
+ {\r
+ PolicyLevel pl = SecurityManager.LoadPolicyLevelFromString (minimal, PolicyLevelType.Enterprise);\r
+ pl.Recover ();\r
+ // can't recover as it's not file based\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (PolicyException))]\r
+ public void Recover_AppDomainLevel ()\r
+ {\r
+ PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();\r
+ pl.Recover ();\r
+ // can't recover as it's not file based\r
}
[Test]
StrongName sn = new StrongName (new StrongNamePublicKeyBlob (snPublicKey), "First", new Version (1, 2, 3, 4));
pl.AddFullTrustAssembly (sn);
- AssertEquals ("FullTrustAssemblies.Count+1", n+1, pl.FullTrustAssemblies.Count);
+ Assert.AreEqual (n + 1, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+1");
StrongNameMembershipCondition snmc = new StrongNameMembershipCondition (new StrongNamePublicKeyBlob (snPublicKey), "Second", new Version ("0.1.2.3"));
pl.AddFullTrustAssembly (snmc);
- AssertEquals ("FullTrustAssemblies.Count+2", n+2, pl.FullTrustAssemblies.Count);
+ Assert.AreEqual (n + 2, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+2");
pl.RemoveFullTrustAssembly (sn);
- AssertEquals ("FullTrustAssemblies.Count-1", n+1, pl.FullTrustAssemblies.Count);
+ Assert.AreEqual (n + 1, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count-1");
pl.RemoveFullTrustAssembly (snmc);
- AssertEquals ("FullTrustAssemblies.Count-2", n, pl.FullTrustAssemblies.Count);
+ Assert.AreEqual (n, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count-2");
}
[Test]
pl.RemoveFullTrustAssembly (snmc);
}
- [Test]
- [Ignore ("System.ExecutionEngineException on MS runtime (1.1)")]
+ [Test]\r
+#if ! NET_2_0
+ [Category ("NotDotNet")] // System.ExecutionEngineException on MS runtime (1.1)
+#endif\r
public void RemoveNamedPermissionSet ()
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
pl.AddNamedPermissionSet (nps);
// ExecutionEngineException here!
pl.RemoveNamedPermissionSet (nps);
- AssertEquals ("NamedPermissionSets.Count", n, pl.NamedPermissionSets.Count);
+ Assert.AreEqual (n, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count");
}
[Test]
pl.RemoveNamedPermissionSet (nps);
}
- [Test]
- [Ignore ("System.ExecutionEngineException on MS runtime (1.1)")]
+ [Test]\r
+#if ! NET_2_0
+ [Category ("NotDotNet")] // System.ExecutionEngineException on MS runtime (1.1)
+#endif\r
public void RemoveNamedPermissionSet_String ()
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
pl.AddNamedPermissionSet (nps);
// ExecutionEngineException here!
pl.RemoveNamedPermissionSet ("Mono");
- AssertEquals ("NamedPermissionSets.Count", n, pl.NamedPermissionSets.Count);
+ Assert.AreEqual (n, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count");
}
[Test]
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
pl.RemoveNamedPermissionSet ("Mono");
- }
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_FullTrust_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("FullTrust");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_LocalIntranet_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("LocalIntranet");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_Internet_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("Internet");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_SkipVerification_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("SkipVerification");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_Execution_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("Execution");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_Nothing_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("Nothing");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_Everything_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("Everything");\r
+ }\r
[Test]
- [Ignore ("not yet implement in Mono - CAS related")]
public void Reset ()
{
PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
int n = pl.FullTrustAssemblies.Count;
StrongName sn = new StrongName (new StrongNamePublicKeyBlob (snPublicKey), "First", new Version (1, 2, 3, 4));
pl.AddFullTrustAssembly (sn);
- AssertEquals ("FullTrustAssemblies.Count+1", n+1, pl.FullTrustAssemblies.Count);
+ Assert.AreEqual (n + 1, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count+1");
int m = pl.NamedPermissionSets.Count;
NamedPermissionSet nps = new NamedPermissionSet ("Mono");
- // ExecutionEngineException here!
- //AssertEquals ("NamedPermissionSets.Count+1", m+1, pl.NamedPermissionSets.Count);
+ pl.AddNamedPermissionSet (nps);
+ Assert.AreEqual (m + 1, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count+1");
pl.Reset ();
- AssertEquals ("FullTrustAssemblies.Count", n, pl.FullTrustAssemblies.Count);
- // ExecutionEngineException here!
- AssertEquals ("NamedPermissionSets.Count", m, pl.NamedPermissionSets.Count);
+ Assert.AreEqual (n, pl.FullTrustAssemblies.Count, "FullTrustAssemblies.Count");
+ Assert.AreEqual (m, pl.NamedPermissionSets.Count, "NamedPermissionSets.Count");
}
[Test]
pl.Resolve (null);
}
+ [Test]
+ public void Resolve_Empty ()
+ {
+ PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
+ PolicyStatement result = pl.Resolve (new Evidence ());
+ Assert.IsNotNull (result, "PolicyStatement");
+ Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Attributes");
+ Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
+ Assert.IsTrue (result.PermissionSet.IsUnrestricted (), "IsUnrestricted");
+ Assert.AreEqual (0, result.PermissionSet.Count, "Count");
+ }
+
+ private void Resolve_Zone (PolicyLevel level, SecurityZone z, PolicyStatementAttribute attr, bool unrestricted, int count)
+ {
+ string prefix = z.ToString () + "-" + attr.ToString () + "-";
+ Evidence e = new Evidence ();
+ e.AddHost (new Zone (z));
+ PolicyStatement result = level.Resolve (e);
+ if (unrestricted) {
+ Assert.AreEqual (attr, result.Attributes, prefix + "Attributes");
+ switch (attr) {
+ case PolicyStatementAttribute.Nothing:
+ Assert.AreEqual (String.Empty, result.AttributeString, prefix + "AttributeString");
+ break;
+ case PolicyStatementAttribute.Exclusive:
+ Assert.AreEqual ("Exclusive", result.AttributeString, prefix + "AttributeString");
+ break;
+ case PolicyStatementAttribute.LevelFinal:
+ Assert.AreEqual ("LevelFinal", result.AttributeString, prefix + "AttributeString");
+ break;
+ case PolicyStatementAttribute.All:
+ Assert.AreEqual ("Exclusive LevelFinal", result.AttributeString, prefix + "AttributeString");
+ break;
+ }
+ }
+ else {
+ Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, prefix + "Attributes");
+ Assert.AreEqual (String.Empty, result.AttributeString, prefix + "AttributeString");
+ }
+ Assert.AreEqual (unrestricted, result.PermissionSet.IsUnrestricted (), prefix + "IsUnrestricted");
+ Assert.AreEqual (count, result.PermissionSet.Count, prefix + "Count");
+ }
+
+ private void Resolve_Zone_Unrestricted_Attribute (SecurityZone zone, PolicyStatementAttribute attr)
+ {
+ IMembershipCondition mc = new ZoneMembershipCondition (zone);
+ PolicyStatement ps = new PolicyStatement (new PermissionSet (PermissionState.Unrestricted));
+ ps.Attributes = attr;
+ PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
+ pl.RootCodeGroup = new UnionCodeGroup (mc, ps);
+
+ Resolve_Zone (pl, SecurityZone.Internet, attr, (zone == SecurityZone.Internet), 0);
+ Resolve_Zone (pl, SecurityZone.Intranet, attr, (zone == SecurityZone.Intranet), 0);
+ Resolve_Zone (pl, SecurityZone.MyComputer, attr, (zone == SecurityZone.MyComputer), 0);
+ Resolve_Zone (pl, SecurityZone.NoZone, attr, (zone == SecurityZone.NoZone), 0);
+ Resolve_Zone (pl, SecurityZone.Trusted, attr, (zone == SecurityZone.Trusted), 0);
+ Resolve_Zone (pl, SecurityZone.Untrusted, attr, (zone == SecurityZone.Untrusted), 0);
+ }
+
+ [Test]
+ public void Resolve_MyComputerUnrestricted ()
+ {
+ SecurityZone z = SecurityZone.MyComputer;
+ Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.Nothing);
+ Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.Exclusive);
+ Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.LevelFinal);
+ Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.All);
+ }
+
+ [Test]
+ public void Resolve_InternetUnrestricted ()
+ {
+ SecurityZone z = SecurityZone.Internet;
+ Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.Nothing);
+ Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.Exclusive);
+ Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.LevelFinal);
+ Resolve_Zone_Unrestricted_Attribute (z, PolicyStatementAttribute.All);
+ }
+
+ [Test]
+ [ExpectedException (typeof (ArgumentNullException))]
+ public void ResolveMatchingCodeGroups_Null ()
+ {
+ PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
+ pl.ResolveMatchingCodeGroups (null);
+ }
+
+ [Test]
+ public void ResolveMatchingCodeGroups_Empty ()
+ {
+ PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
+ CodeGroup result = pl.ResolveMatchingCodeGroups (new Evidence ());
+ Assert.IsNotNull (result, "CodeGroup");
+ Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
+ Assert.AreEqual (0, result.Children.Count, "Count");
+ Assert.AreEqual ("Union", result.MergeLogic, "MergeLogic");
+ Assert.IsTrue (result.PolicyStatement.PermissionSet.IsUnrestricted (), "IsUnrestricted");
+ }
+
[Test]
[ExpectedException (typeof (ArgumentNullException))]
public void RootCodeGroup_Null ()
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
// loaded from a string - no store
- AssertNull ("StoreLocation(string)", pl.StoreLocation);
+ Assert.IsNull (pl.StoreLocation, "StoreLocation(string)");
- string filename = Path.GetFullPath ("unittest.config");
+ string filename = Path.GetFullPath (Environment.UserName + "-unittest.config");
using (StreamWriter sw = new StreamWriter (filename, false)) {
sw.Write (minimal);
}
pl = SecurityManager.LoadPolicyLevelFromFile (filename, PolicyLevelType.Machine);
- AssertEquals ("StoreLocation(file)", filename, pl.StoreLocation);
+ Assert.AreEqual (filename, pl.StoreLocation, "StoreLocation(file)");
+
+ File.Delete (filename);
}
[Test]
SecurityElement se = pl.ToXml ();
pl2.FromXml (se);
- AssertEquals ("ToXml-FullTrustAssemblies", pl.FullTrustAssemblies.Count, pl2.FullTrustAssemblies.Count);
- AssertEquals ("ToXml-NamedPermissionSets", pl.NamedPermissionSets.Count, pl2.NamedPermissionSets.Count);
- Assert ("ToXml-RootCodeGroup", pl.RootCodeGroup.Equals (pl2.RootCodeGroup, true));
- AssertEquals ("ToXml-StoreLocation", pl.StoreLocation, pl2.StoreLocation);
+ Assert.AreEqual (pl.FullTrustAssemblies.Count, pl2.FullTrustAssemblies.Count, "ToXml-FullTrustAssemblies");
+ Assert.AreEqual (pl.NamedPermissionSets.Count, pl2.NamedPermissionSets.Count, "ToXml-NamedPermissionSets");
+ Assert.IsTrue (pl.RootCodeGroup.Equals (pl2.RootCodeGroup, true), "ToXml-RootCodeGroup");
+ Assert.AreEqual (pl.StoreLocation, pl2.StoreLocation, "ToXml-StoreLocation");
}
}
}