1 // 2 // SecurityManagerCas.cs - CAS unit tests for System.Security.SecurityManager 3 // 4 // Author: 5 // Sebastien Pouliot <sebastien@ximian.com> 6 // 7 // Copyright (C) 2005 Novell, Inc (http://www.novell.com) 8 // 9 // Permission is hereby granted, free of charge, to any person obtaining 10 // a copy of this software and associated documentation files (the 11 // "Software"), to deal in the Software without restriction, including 12 // without limitation the rights to use, copy, modify, merge, publish, 13 // distribute, sublicense, and/or sell copies of the Software, and to 14 // permit persons to whom the Software is furnished to do so, subject to 15 // the following conditions: 16 // 17 // The above copyright notice and this permission notice shall be 18 // included in all copies or substantial portions of the Software. 19 // 20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 27 // 28 29 using NUnit.Framework; 30 31 using System; 32 using System.Collections; 33 using System.Reflection; 34 using System.Security; 35 using System.Security.Permissions; 36 using System.Security.Policy; 37 38 namespace MonoCasTests.System.Security { 39 40 [TestFixture] 41 [Category ("CAS")] 42 public class SecurityManagerCas { 43 44 [SetUp] SetUp()45 public void SetUp () 46 { 47 if (!SecurityManager.SecurityEnabled) 48 Assert.Ignore ("SecurityManager.SecurityEnabled is OFF"); 49 } 50 51 [Test] IsGranted_Null()52 public void IsGranted_Null () 53 { 54 // null is always granted 55 Assert.IsTrue (SecurityManager.IsGranted (null)); 56 } 57 58 [Test] 59 [SecurityPermission (SecurityAction.Deny, ControlPolicy = true)] 60 [ExpectedException (typeof (SecurityException))] CheckExecutionRights_DenyControlPolicy()61 public void CheckExecutionRights_DenyControlPolicy () 62 { 63 SecurityManager.CheckExecutionRights = SecurityManager.CheckExecutionRights; 64 } 65 66 [Test] 67 [SecurityPermission (SecurityAction.PermitOnly, ControlPolicy = true)] CheckExecutionRights_PermitOnlyControlPolicy()68 public void CheckExecutionRights_PermitOnlyControlPolicy () 69 { 70 SecurityManager.CheckExecutionRights = SecurityManager.CheckExecutionRights; 71 } 72 73 [Test] 74 [SecurityPermission (SecurityAction.Deny, ControlPolicy = true)] 75 // it seems that this was removed in 2.0 - maybe because you can't turn CAS off ?!? SecurityEnabled_DenyControlPolicy()76 public void SecurityEnabled_DenyControlPolicy () 77 { 78 SecurityManager.SecurityEnabled = false; 79 } 80 81 [Test] 82 [SecurityPermission (SecurityAction.PermitOnly, ControlPolicy = true)] SecurityEnabled_PermitOnlyControlPolicy()83 public void SecurityEnabled_PermitOnlyControlPolicy () 84 { 85 SecurityManager.SecurityEnabled = SecurityManager.SecurityEnabled; 86 } 87 88 // identities permission are unrestricted since 2.0 89 // the Deny shows that IsGranted only checks for assembly 90 // granted set (and not the stack modifiers) 91 92 [Test] 93 [PermissionSet (SecurityAction.Deny, Unrestricted = true)] IsGranted_GacIdentityPermission()94 public void IsGranted_GacIdentityPermission () 95 { 96 GacIdentityPermission gip = new GacIdentityPermission (); 97 Assert.IsTrue (SecurityManager.IsGranted (gip)); 98 } 99 [Test] 100 [PermissionSet (SecurityAction.Deny, Unrestricted = true)] IsGranted_ZoneIdentityPermission()101 public void IsGranted_ZoneIdentityPermission () 102 { 103 ZoneIdentityPermission zip = new ZoneIdentityPermission (SecurityZone.Internet); 104 Assert.IsTrue (SecurityManager.IsGranted (zip)); 105 } 106 107 [Test] 108 [ExpectedException (typeof (PolicyException))] ResolvePolicy_Evidence_AllNull()109 public void ResolvePolicy_Evidence_AllNull () 110 { 111 Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights"); 112 PermissionSet denied = null; 113 // null (2nd) is missing the Execution right 114 SecurityManager.ResolvePolicy (null, null, null, null, out denied); 115 } 116 117 [Test] 118 [ExpectedException (typeof (PolicyException))] ResolvePolicy_Evidence_MinExec()119 public void ResolvePolicy_Evidence_MinExec () 120 { 121 Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights"); 122 PermissionSet ps = new PermissionSet (PermissionState.None); 123 ps.AddPermission (new SecurityPermission (SecurityPermissionFlag.Execution)); 124 PermissionSet denied = null; 125 SecurityManager.ResolvePolicy (null, ps, null, null, out denied); 126 // the security manager doesn't try the optional permissions to find the execution right 127 } 128 129 [Test] 130 [ExpectedException (typeof (PolicyException))] ResolvePolicy_Evidence_MinNullExecOpt()131 public void ResolvePolicy_Evidence_MinNullExecOpt () 132 { 133 Assert.IsTrue (SecurityManager.CheckExecutionRights, "CheckExecutionRights"); 134 PermissionSet ps = new PermissionSet (PermissionState.None); 135 ps.AddPermission (new SecurityPermission (SecurityPermissionFlag.Execution)); 136 PermissionSet denied = null; 137 // null (2nd) is missing the Execution right 138 SecurityManager.ResolvePolicy (null, null, ps, null, out denied); 139 } 140 } 141 } 142