2 // MonoTests.System.Security.Policy.FileCodeGroupTest
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // (C) 2004 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using NUnit.Framework;
32 using System.Collections;
33 using System.Security;
34 using System.Security.Policy;
35 using System.Security.Permissions;
37 namespace MonoTests.System.Security.Policy {
40 public class FileCodeGroupTest {
43 [ExpectedException (typeof (ArgumentNullException))]
44 public void Constructor_MembershipConditionNullFileIOPermissionAccess ()
46 FileCodeGroup cg = new FileCodeGroup (null, FileIOPermissionAccess.AllAccess);
50 public void Constructor_AllAccess ()
52 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
53 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
54 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
55 // documented as always null
56 Assert.IsNull (cg.AttributeString, "AttributeString");
57 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
59 Assert.AreEqual (CodeGroupGrantScope.Assembly, cg.Scope, "Scope");
64 public void Constructor_Append ()
66 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.Append);
67 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
68 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
69 // documented as always null
70 Assert.IsNull (cg.AttributeString, "AttributeString");
71 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
73 Assert.AreEqual (CodeGroupGrantScope.Assembly, cg.Scope, "Scope");
78 public void Constructor_NoAccess ()
80 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.NoAccess);
81 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
82 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
83 // documented as always null
84 Assert.IsNull (cg.AttributeString, "AttributeString");
85 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
87 Assert.AreEqual (CodeGroupGrantScope.Assembly, cg.Scope, "Scope");
92 public void Constructor_PathDiscovery ()
94 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.PathDiscovery);
95 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
96 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
97 // documented as always null
98 Assert.IsNull (cg.AttributeString, "AttributeString");
99 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
101 Assert.AreEqual (CodeGroupGrantScope.Assembly, cg.Scope, "Scope");
106 public void Constructor_Read ()
108 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.Read);
109 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
110 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
111 // documented as always null
112 Assert.IsNull (cg.AttributeString, "AttributeString");
113 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
115 Assert.AreEqual (CodeGroupGrantScope.Assembly, cg.Scope, "Scope");
120 public void Constructor_Write ()
122 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.Write);
123 Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
124 Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
125 // documented as always null
126 Assert.IsNull (cg.AttributeString, "AttributeString");
127 Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
129 Assert.AreEqual (CodeGroupGrantScope.Assembly, cg.Scope, "Scope");
134 public void MergeLogic ()
136 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
137 Assert.AreEqual ("Union", cg.MergeLogic, "MergeLogic");
143 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
144 FileCodeGroup cg2 = (FileCodeGroup) cg.Copy ();
145 Assert.AreEqual (cg.AttributeString, cg2.AttributeString, "AttributeString");
146 Assert.AreEqual (cg.Children.Count, cg2.Children.Count, "Children");
147 Assert.AreEqual (cg.Description, cg2.Description, "Description");
148 Assert.AreEqual (cg.MergeLogic, cg2.MergeLogic, "MergeLogic");
149 Assert.AreEqual (cg.Name, cg2.Name, "Name");
150 Assert.AreEqual (cg.PermissionSetName, cg2.PermissionSetName, "PermissionSetName");
151 Assert.AreEqual (cg.ToXml ().ToString (), cg2.ToXml ().ToString (), "ToXml");
155 public void CopyWithChildren ()
157 FileCodeGroup cgChild = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
158 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
159 cg.AddChild (cgChild);
160 FileCodeGroup cg2 = (FileCodeGroup) cg.Copy ();
161 Assert.AreEqual (cg.Children.Count, cg2.Children.Count, "Children");
162 Assert.AreEqual (cg.ToXml ().ToString (), cg2.ToXml ().ToString (), "ToXml");
166 [ExpectedException (typeof (ArgumentNullException))]
167 public void Resolve_Null ()
169 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
174 public void Resolve_NoMatch ()
176 FileCodeGroup cg = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
177 Assert.IsNull (cg.Resolve (new Evidence ()));
181 public void Resolve_AllMembershipCondition_NoAccess ()
183 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.NoAccess);
184 PolicyStatement result = cg.Resolve (new Evidence ());
185 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Attributes");
186 Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
187 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "IsUnrestricted");
188 Assert.AreEqual (0, result.PermissionSet.Count, "Count");
190 Assert.AreEqual (CodeGroupGrantScope.Assembly, cg.Scope, "Scope");
195 public void Resolve_AllMembershipCondition_AllAccess ()
197 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
198 PolicyStatement result = cg.Resolve (new Evidence ());
199 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Attributes");
200 Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
201 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "IsUnrestricted");
202 Assert.AreEqual (0, result.PermissionSet.Count, "Count");
204 Assert.AreEqual (CodeGroupGrantScope.Assembly, cg.Scope, "Scope");
209 public void Resolve_ZoneMembershipCondition_Internet ()
211 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Internet);
212 PermissionSet pset = new PermissionSet (PermissionState.Unrestricted);
213 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
215 Evidence e = new Evidence ();
216 e.AddHost (new Zone (SecurityZone.Internet));
217 PolicyStatement result = cg.Resolve (e);
218 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Internet-Attributes");
219 Assert.AreEqual (String.Empty, result.AttributeString, "Internet-AttributeString");
220 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Internet-IsUnrestricted");
221 Assert.AreEqual (0, result.PermissionSet.Count, "Internet-Count");
224 e.AddHost (new Zone (SecurityZone.Intranet));
225 Assert.IsNull (cg.Resolve (e), "Intranet");
228 e.AddHost (new Zone (SecurityZone.MyComputer));
229 Assert.IsNull (cg.Resolve (e), "MyComputer");
232 e.AddHost (new Zone (SecurityZone.NoZone));
233 Assert.IsNull (cg.Resolve (e), "NoZone");
236 e.AddHost (new Zone (SecurityZone.Trusted));
237 Assert.IsNull (cg.Resolve (e), "Trusted");
240 e.AddHost (new Zone (SecurityZone.Untrusted));
241 Assert.IsNull (cg.Resolve (e), "Untrusted");
245 public void Resolve_ZoneMembershipCondition_Intranet ()
247 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Intranet);
248 PermissionSet pset = new PermissionSet (PermissionState.None);
249 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
251 Evidence e = new Evidence ();
252 e.AddHost (new Zone (SecurityZone.Intranet));
253 PolicyStatement result = cg.Resolve (e);
254 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Internet-Attributes");
255 Assert.AreEqual (String.Empty, result.AttributeString, "Internet-AttributeString");
256 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Intranet-IsUnrestricted");
257 Assert.AreEqual (0, result.PermissionSet.Count, "Intranet-Count");
260 e.AddHost (new Zone (SecurityZone.Internet));
261 Assert.IsNull (cg.Resolve (e), "Internet");
264 e.AddHost (new Zone (SecurityZone.MyComputer));
265 Assert.IsNull (cg.Resolve (e), "MyComputer");
268 e.AddHost (new Zone (SecurityZone.NoZone));
269 Assert.IsNull (cg.Resolve (e), "NoZone");
272 e.AddHost (new Zone (SecurityZone.Trusted));
273 Assert.IsNull (cg.Resolve (e), "Trusted");
276 e.AddHost (new Zone (SecurityZone.Untrusted));
277 Assert.IsNull (cg.Resolve (e), "Untrusted");
281 public void Resolve_ZoneMembershipCondition_MyComputer ()
283 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.MyComputer);
284 PermissionSet pset = new PermissionSet (PermissionState.Unrestricted);
285 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
287 Evidence e = new Evidence ();
288 e.AddHost (new Zone (SecurityZone.MyComputer));
289 PolicyStatement result = cg.Resolve (e);
290 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Internet-Attributes");
291 Assert.AreEqual (String.Empty, result.AttributeString, "Internet-AttributeString");
292 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "MyComputer-IsUnrestricted");
293 Assert.AreEqual (0, result.PermissionSet.Count, "MyComputer-Count");
296 e.AddHost (new Zone (SecurityZone.Internet));
297 Assert.IsNull (cg.Resolve (e), "Internet");
300 e.AddHost (new Zone (SecurityZone.Intranet));
301 Assert.IsNull (cg.Resolve (e), "Intranet");
304 e.AddHost (new Zone (SecurityZone.NoZone));
305 Assert.IsNull (cg.Resolve (e), "NoZone");
308 e.AddHost (new Zone (SecurityZone.Trusted));
309 Assert.IsNull (cg.Resolve (e), "Trusted");
312 e.AddHost (new Zone (SecurityZone.Untrusted));
313 Assert.IsNull (cg.Resolve (e), "Untrusted");
317 [ExpectedException (typeof (ArgumentException))]
318 public void Resolve_ZoneMembershipCondition_NoZone ()
320 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.NoZone);
324 public void Resolve_ZoneMembershipCondition_Trusted ()
326 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Trusted);
327 PermissionSet pset = new PermissionSet (PermissionState.Unrestricted);
328 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
330 Evidence e = new Evidence ();
331 e.AddHost (new Zone (SecurityZone.Trusted));
332 PolicyStatement result = cg.Resolve (e);
333 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Internet-Attributes");
334 Assert.AreEqual (String.Empty, result.AttributeString, "Internet-AttributeString");
335 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Trusted-IsUnrestricted");
336 Assert.AreEqual (0, result.PermissionSet.Count, "Trusted-Count");
339 e.AddHost (new Zone (SecurityZone.Internet));
340 Assert.IsNull (cg.Resolve (e), "Internet");
343 e.AddHost (new Zone (SecurityZone.Intranet));
344 Assert.IsNull (cg.Resolve (e), "Intranet");
347 e.AddHost (new Zone (SecurityZone.MyComputer));
348 Assert.IsNull (cg.Resolve (e), "MyComputer");
351 e.AddHost (new Zone (SecurityZone.NoZone));
352 Assert.IsNull (cg.Resolve (e), "NoZone");
355 e.AddHost (new Zone (SecurityZone.Untrusted));
356 Assert.IsNull (cg.Resolve (e), "Untrusted");
360 public void Resolve_ZoneMembershipCondition_Untrusted ()
362 IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Untrusted);
363 PermissionSet pset = new PermissionSet (PermissionState.None);
364 FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
366 Evidence e = new Evidence ();
367 e.AddHost (new Zone (SecurityZone.Untrusted));
368 PolicyStatement result = cg.Resolve (e);
369 Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Untrusted-Attributes");
370 Assert.AreEqual (String.Empty, result.AttributeString, "Untrusted-AttributeString");
371 Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Untrusted-IsUnrestricted");
372 Assert.AreEqual (0, result.PermissionSet.Count, "Untrusted-Count");
375 e.AddHost (new Zone (SecurityZone.Internet));
376 Assert.IsNull (cg.Resolve (e), "Internet");
379 e.AddHost (new Zone (SecurityZone.Intranet));
380 Assert.IsNull (cg.Resolve (e), "Intranet");
383 e.AddHost (new Zone (SecurityZone.MyComputer));
384 Assert.IsNull (cg.Resolve (e), "MyComputer");
387 e.AddHost (new Zone (SecurityZone.NoZone));
388 Assert.IsNull (cg.Resolve (e), "NoZone");
391 e.AddHost (new Zone (SecurityZone.Trusted));
392 Assert.IsNull (cg.Resolve (e), "Trusted");
396 [ExpectedException (typeof (ArgumentNullException))]
397 public void ResolveMatchingCodeGroups_Null ()
399 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
400 cg.ResolveMatchingCodeGroups (null);
404 public void ResolveMatchingCodeGroups_NoMatch ()
406 FileCodeGroup cg = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
407 Assert.IsNull (cg.ResolveMatchingCodeGroups (new Evidence ()));
411 public void ResolveMatchingCodeGroups_OneLevel ()
413 FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
414 CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
415 Assert.IsNotNull (match, "Match");
416 Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
417 Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
421 public void ResolveMatchingCodeGroups_TwoLevel ()
423 FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
424 CodeGroup level2 = level1.Copy ();
425 level1.AddChild (level2);
427 CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
428 Assert.IsNotNull (match, "Match");
429 Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
430 Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
432 FileCodeGroup level2b = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
433 level1.AddChild (level2b);
434 CodeGroup match2 = level1.ResolveMatchingCodeGroups (new Evidence ());
435 Assert.IsNotNull (match2, "Match2");
436 Assert.IsTrue (match2.Equals (level1, false), "Equals(false)");
437 Assert.IsTrue (!match2.Equals (level1, true), "Equals(true)");
441 public void ResolveMatchingCodeGroups_ThreeLevel ()
443 FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
444 CodeGroup level2 = level1.Copy ();
445 level1.AddChild (level2);
446 FileCodeGroup level3 = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
447 level2.AddChild (level3);
449 CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
450 Assert.IsNotNull (match, "Match");
451 Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
452 // Equals (true) isn't a deep compare (just one level)
453 Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
459 FileIOPermissionAccess access = FileIOPermissionAccess.Read | FileIOPermissionAccess.Write;
460 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), access);
461 string s = cg.ToXml ().ToString ();
462 Assert.IsTrue (s.IndexOf ("Access=\"Read, Write\"") > 0, "Access='Read, Write'");
466 public void ToFromXmlRoundtrip ()
468 FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
469 cg.Name = "SomeName";
470 cg.Description = "Some Description";
471 Assert.IsTrue (cg.Equals (cg), "Equals (itself)");
472 SecurityElement se = cg.ToXml ();
474 FileCodeGroup cg2 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.NoAccess);
475 cg2.Name = "SomeOtherName";
476 cg2.Description = "Some Other Description";
477 Assert.IsFalse (cg.Equals (cg2), "Equals (another)");
480 Assert.IsTrue (cg.Equals (cg2), "Equals (FromXml)");