blob: a07f37009edf9faa2022a21bc80a848992e44923 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
/*
* Copyright (c) 2019 Alex Jitianu <alex_jitianu@sync.ro> and others
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Distribution License v. 1.0 which is available at
* https://www.eclipse.org/org/documents/edl-v10.php.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
package org.eclipse.jgit.api;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import java.io.File;
import java.io.IOException;
import java.io.StringWriter;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.Policy;
import java.util.Collections;
import org.apache.log4j.Logger;
import org.apache.log4j.PatternLayout;
import org.apache.log4j.WriterAppender;
import org.eclipse.jgit.junit.RepositoryTestCase;
import org.eclipse.jgit.util.FileUtils;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
/**
* Tests that using a SecurityManager does not result in errors logged.
*/
public class SecurityManagerMissingPermissionsTest extends RepositoryTestCase {
/**
* Collects all logging sent to the logging system.
*/
private final StringWriter errorOutputWriter = new StringWriter();
/**
* Appender to intercept all logging sent to the logging system.
*/
private WriterAppender appender;
private SecurityManager originalSecurityManager;
@Override
@Before
public void setUp() throws Exception {
originalSecurityManager = System.getSecurityManager();
appender = new WriterAppender(
new PatternLayout(PatternLayout.TTCC_CONVERSION_PATTERN),
errorOutputWriter);
Logger.getRootLogger().addAppender(appender);
refreshPolicyAllPermission(Policy.getPolicy());
System.setSecurityManager(new SecurityManager());
super.setUp();
}
/**
* If a SecurityManager is active a lot of {@link java.io.FilePermission}
* errors are thrown and logged while initializing a repository.
*
* @throws Exception
*/
@Test
public void testCreateNewRepos_MissingPermissions() throws Exception {
File wcTree = new File(getTemporaryDirectory(),
"CreateNewRepositoryTest_testCreateNewRepos");
File marker = new File(getTemporaryDirectory(), "marker");
Files.write(marker.toPath(), Collections.singletonList("Can write"));
assertTrue("Can write in test directory", marker.isFile());
FileUtils.delete(marker);
assertFalse("Can delete in test direcory", marker.exists());
Git git = Git.init().setBare(false)
.setDirectory(new File(wcTree.getAbsolutePath())).call();
addRepoToClose(git.getRepository());
assertEquals("", errorOutputWriter.toString());
}
@Override
@After
public void tearDown() throws Exception {
System.setSecurityManager(originalSecurityManager);
Logger.getRootLogger().removeAppender(appender);
super.tearDown();
}
/**
* Refresh the Java Security Policy.
*
* @param policy
* the policy object
*
* @throws IOException
* if the temporary file that contains the policy could not be
* created
*/
private static void refreshPolicyAllPermission(Policy policy)
throws IOException {
// Starting with an all permissions policy.
String policyString = "grant { permission java.security.AllPermission; };";
// Do not use TemporaryFilesFactory, it will create a dependency cycle
Path policyFile = Files.createTempFile("testpolicy", ".txt");
try {
Files.write(policyFile, Collections.singletonList(policyString));
System.setProperty("java.security.policy",
policyFile.toUri().toURL().toString());
policy.refresh();
} finally {
try {
Files.delete(policyFile);
} catch (IOException e) {
// Do not log; the test tests for no logging having occurred
e.printStackTrace();
}
}
}
}
|
