1 //
2 // SecurityManagerCas.cs - CAS unit tests for System.Security.SecurityManager
3 //
4 // Author:
5 //	Sebastien Pouliot  <sebastien@ximian.com>
6 //
7 // Copyright (C) 2005 Novell, Inc (http://www.novell.com)
8 //
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
16 //
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
19 //
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
27 //
28 
29 using NUnit.Framework;
30 
31 using System;
32 using System.Collections;
33 using System.Reflection;
34 using System.Security;
35 using System.Security.Permissions;
36 using System.Security.Policy;
37 
38 namespace MonoCasTests.System.Security {
39 
40 	[TestFixture]
41 	[Category ("CAS")]
42 	public class SecurityManagerCas {
43 
44 		[SetUp]
SetUp()45 		public void SetUp ()
46 		{
47 			if (!SecurityManager.SecurityEnabled)
48 				Assert.Ignore ("SecurityManager.SecurityEnabled is OFF");
49 		}
50 
51 		[Test]
IsGranted_Null()52 		public void IsGranted_Null ()
53 		{
54 			// null is always granted
55 			Assert.IsTrue (SecurityManager.IsGranted (null));
56 		}
57 
58 		[Test]
59 		[SecurityPermission (SecurityAction.Deny, ControlPolicy = true)]
60 		[ExpectedException (typeof (SecurityException))]
CheckExecutionRights_DenyControlPolicy()61 		public void CheckExecutionRights_DenyControlPolicy ()
62 		{
63 			SecurityManager.CheckExecutionRights = SecurityManager.CheckExecutionRights;
64 		}
65 
66 		[Test]
67 		[SecurityPermission (SecurityAction.PermitOnly, ControlPolicy = true)]
CheckExecutionRights_PermitOnlyControlPolicy()68 		public void CheckExecutionRights_PermitOnlyControlPolicy ()
69 		{
70 			SecurityManager.CheckExecutionRights = SecurityManager.CheckExecutionRights;
71 		}
72 
73 		[Test]
74 		[SecurityPermission (SecurityAction.Deny, ControlPolicy = true)]
75 		// it seems that this was removed in 2.0 - maybe because you can't turn CAS off ?!?
SecurityEnabled_DenyControlPolicy()76 		public void SecurityEnabled_DenyControlPolicy ()
77 		{
78 			SecurityManager.SecurityEnabled = false;
79 		}
80 
81 		[Test]
82 		[SecurityPermission (SecurityAction.PermitOnly, ControlPolicy = true)]
SecurityEnabled_PermitOnlyControlPolicy()83 		public void SecurityEnabled_PermitOnlyControlPolicy ()
84 		{
85 			SecurityManager.SecurityEnabled = SecurityManager.SecurityEnabled;
86 		}
87 
88 		// identities permission are unrestricted since 2.0
89 		// the Deny shows that IsGranted only checks for assembly
90 		// granted set (and not the stack modifiers)
91 
92 		[Test]
93 		[PermissionSet (SecurityAction.Deny, Unrestricted = true)]
IsGranted_GacIdentityPermission()94 		public void IsGranted_GacIdentityPermission ()
95 		{
96 			GacIdentityPermission gip = new GacIdentityPermission ();
97 			Assert.IsTrue (SecurityManager.IsGranted (gip));
98 		}
99 		[Test]
100 		[PermissionSet (SecurityAction.Deny, Unrestricted = true)]
IsGranted_ZoneIdentityPermission()101 		public void IsGranted_ZoneIdentityPermission ()
102 		{
103 			ZoneIdentityPermission zip = new ZoneIdentityPermission (SecurityZone.Internet);
104 			Assert.IsTrue (SecurityManager.IsGranted (zip));
105 		}
106 
107 		[Test]
108 		[ExpectedException (typeof (PolicyException))]
ResolvePolicy_Evidence_AllNull()109 		public void ResolvePolicy_Evidence_AllNull ()
110 		{
111 			Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights");
112 			PermissionSet denied = null;
113 			// null (2nd) is missing the Execution right
114 			SecurityManager.ResolvePolicy (null, null, null, null, out denied);
115 		}
116 
117 		[Test]
118 		[ExpectedException (typeof (PolicyException))]
ResolvePolicy_Evidence_MinExec()119 		public void ResolvePolicy_Evidence_MinExec ()
120 		{
121 			Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights");
122 			PermissionSet ps = new PermissionSet (PermissionState.None);
123 			ps.AddPermission (new SecurityPermission (SecurityPermissionFlag.Execution));
124 			PermissionSet denied = null;
125 			SecurityManager.ResolvePolicy (null, ps, null, null, out denied);
126 			// the security manager doesn't try the optional permissions to find the execution right
127 		}
128 
129 		[Test]
130 		[ExpectedException (typeof (PolicyException))]
ResolvePolicy_Evidence_MinNullExecOpt()131 		public void ResolvePolicy_Evidence_MinNullExecOpt ()
132 		{
133 			Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights");
134 			PermissionSet ps = new PermissionSet (PermissionState.None);
135 			ps.AddPermission (new SecurityPermission (SecurityPermissionFlag.Execution));
136 			PermissionSet denied = null;
137 			// null (2nd) is missing the Execution right
138 			SecurityManager.ResolvePolicy (null, null, ps, null, out denied);
139 		}
140 	}
141 }
142