/hg/icedtea-web: RequestedPermissionLevel - used instead of hard...
jvanek at icedtea.classpath.org
jvanek at icedtea.classpath.org
Tue Apr 1 15:45:55 UTC 2014
changeset 0b2c5e69cb55 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=0b2c5e69cb55
author: Jiri Vanek <jvanek at redhat.com>
date: Tue Apr 01 17:45:43 2014 +0200
RequestedPermissionLevel - used instead of hardcoded strings, aded tests for it, added DEFAULT, fixed J2EE
diffstat:
ChangeLog | 16 +-
netx/net/sourceforge/jnlp/JNLPFile.java | 10 +-
netx/net/sourceforge/jnlp/PluginBridge.java | 6 +-
netx/net/sourceforge/jnlp/SecurityDesc.java | 4 +-
tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java | 83 ++++++++++
tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java | 29 +++
tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java | 3 +-
7 files changed, 140 insertions(+), 11 deletions(-)
diffs (239 lines):
diff -r fc9ab70d0b32 -r 0b2c5e69cb55 ChangeLog
--- a/ChangeLog Tue Apr 01 10:27:16 2014 -0400
+++ b/ChangeLog Tue Apr 01 17:45:43 2014 +0200
@@ -1,4 +1,18 @@
-2014-04-01 Andrew Azores <aazores at redhat.com
+2014-04-01 Jiri Vanek <jvanek at redhat.com>
+
+ * netx/net/sourceforge/jnlp/JNLPFile.java: hardcoded strings replaced by
+ SecurityDesc.RequestedPermissionLevel values.
+ * netx/net/sourceforge/jnlp/PluginBridge.java: likewise
+ * tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java: likewise
+ * tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java: added new tests
+ (testGetRequestedPermissionLevel1) - (testGetRequestedPermissionLevel7).
+ Added (minimalJnlp) field.
+ * tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java: added new
+ (testGetRequestedPermissionLevel) test.
+ * netx/net/sourceforge/jnlp/SecurityDesc.java: added (DEFAULT) into
+ (RequestedPermissionLevel) and fixed typo in (J2EE) jnlpValue
+
+2014-04-01 Andrew Azores <aazores at redhat.com>
* netx/net/sourceforge/jnlp/SecurityDesc.java: (RequestedPermissionLevel)
new enum to describe the permission level requested in an applet's
diff -r fc9ab70d0b32 -r 0b2c5e69cb55 netx/net/sourceforge/jnlp/JNLPFile.java
--- a/netx/net/sourceforge/jnlp/JNLPFile.java Tue Apr 01 10:27:16 2014 -0400
+++ b/netx/net/sourceforge/jnlp/JNLPFile.java Tue Apr 01 17:45:43 2014 +0200
@@ -965,12 +965,12 @@
String s = getAttribute(PERMISSIONS);
if (s == null) {
return ManifestBoolean.UNDEFINED;
- } else if (s.trim().equalsIgnoreCase("sandbox")) {
+ } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
return ManifestBoolean.TRUE;
- } else if (s.trim().equalsIgnoreCase("all-permissions")) {
+ } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
return ManifestBoolean.FALSE;
} else {
- throw new IllegalArgumentException("Unknown value of " + PERMISSIONS + " attribute " + s + ". Expected sandbox or all-permissions");
+ throw new IllegalArgumentException("Unknown value of " + PERMISSIONS + " attribute " + s + ". Expected "+SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString()+" or "+SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString());
}
@@ -982,9 +982,9 @@
String s = getAttribute(PERMISSIONS);
if (s == null) {
return "Not defined";
- } else if (s.trim().equalsIgnoreCase("sandbox")) {
+ } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
return s.trim();
- } else if (s.trim().equalsIgnoreCase("all-permissions")) {
+ } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
return s.trim();
} else {
return "illegal";
diff -r fc9ab70d0b32 -r 0b2c5e69cb55 netx/net/sourceforge/jnlp/PluginBridge.java
--- a/netx/net/sourceforge/jnlp/PluginBridge.java Tue Apr 01 10:27:16 2014 -0400
+++ b/netx/net/sourceforge/jnlp/PluginBridge.java Tue Apr 01 17:45:43 2014 +0200
@@ -232,11 +232,11 @@
final String level = params.getPermissions();
if (level == null) {
return RequestedPermissionLevel.NONE;
- } else if (level.equals("default")) {
+ } else if (level.equals(SecurityDesc.RequestedPermissionLevel.DEFAULT.toHtmlString())) {
return RequestedPermissionLevel.NONE;
- } else if (level.equals("sandbox")) {
+ } else if (level.equals(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
return RequestedPermissionLevel.SANDBOX;
- } else if (level.equals("all-permissions")) {
+ } else if (level.equals(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
return RequestedPermissionLevel.ALL;
} else {
return RequestedPermissionLevel.NONE;
diff -r fc9ab70d0b32 -r 0b2c5e69cb55 netx/net/sourceforge/jnlp/SecurityDesc.java
--- a/netx/net/sourceforge/jnlp/SecurityDesc.java Tue Apr 01 10:27:16 2014 -0400
+++ b/netx/net/sourceforge/jnlp/SecurityDesc.java Tue Apr 01 17:45:43 2014 +0200
@@ -39,10 +39,12 @@
*/
public enum RequestedPermissionLevel {
NONE(null, null),
+ DEFAULT(null, "default"),
SANDBOX(null, "sandbox"),
- J2EE("j2ee-applitcation-client-permissions", null),
+ J2EE("j2ee-application-client-permissions", null),
ALL("all-permissions", "all-permissions");
+ public static final String PERMISSIONS_NAME = "permissions";
private final String jnlpString, htmlString;
private RequestedPermissionLevel(final String jnlpString, final String htmlString) {
diff -r fc9ab70d0b32 -r 0b2c5e69cb55 tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java Tue Apr 01 10:27:16 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java Tue Apr 01 17:45:43 2014 +0200
@@ -277,4 +277,87 @@
Assert.assertFalse(downloadOptions.useExplicitPack());
Assert.assertFalse(downloadOptions.useExplicitVersion());
}
+
+
+ public static final String minimalJnlp = "<?xml version='1.0'?>\n"
+ + "<jnlp spec='1.5' href='foo' codebase='.'>\n"
+ + " <information>\n"
+ + " <title>Parsing Test</title>\n"
+ + " <vendor>IcedTea</vendor>\n"
+ + " </information>\n"
+ + "<resources>\n"
+ + " </resources>\n"
+ + "SECURITY"
+ + "</jnlp>";
+
+ @Test
+ public void testGetRequestedPermissionLevel1() throws MalformedURLException, ParseException {
+ String jnlpContents = minimalJnlp.replace("SECURITY", "");
+ URL codeBase = new URL("http://icedtea.classpath.org");
+ InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+ JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+ Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+ }
+
+ @Test
+ public void testGetRequestedPermissionLevel2() throws MalformedURLException, ParseException {
+ String jnlpContents = minimalJnlp.replace("SECURITY", "<security><"+SecurityDesc.RequestedPermissionLevel.ALL.toJnlpString()+"/></security>");
+
+ URL codeBase = new URL("http://icedtea.classpath.org");
+ InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+ JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+ Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.ALL, jnlpFile.getRequestedPermissionLevel());
+ }
+
+ @Test
+ public void testGetRequestedPermissionLevel3() throws MalformedURLException, ParseException {
+ String jnlpContents = minimalJnlp.replace("SECURITY", "<security></security>");
+
+ URL codeBase = new URL("http://icedtea.classpath.org");
+ InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+ JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+ Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+ }
+
+ @Test
+ public void testGetRequestedPermissionLevel4() throws MalformedURLException, ParseException {
+ String jnlpContents = minimalJnlp.replace("SECURITY", "<security>whatever</security>");
+
+ URL codeBase = new URL("http://icedtea.classpath.org");
+ InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+ JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+ Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+ }
+
+ @Test
+ public void testGetRequestedPermissionLevel5() throws MalformedURLException, ParseException {
+ String jnlpContents = minimalJnlp.replace("SECURITY", "<security><"+SecurityDesc.RequestedPermissionLevel.J2EE.toJnlpString()+"/></security>");
+
+ URL codeBase = new URL("http://icedtea.classpath.org");
+ InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+ JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+ Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.J2EE, jnlpFile.getRequestedPermissionLevel());
+ }
+
+ @Test
+ //unknown for jnlp
+ public void testGetRequestedPermissionLevel6() throws MalformedURLException, ParseException {
+ String jnlpContents = minimalJnlp.replace("SECURITY", "<security><" + SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString() + "/></security>");
+
+ URL codeBase = new URL("http://icedtea.classpath.org");
+ InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+ JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+ Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+ }
+
+ @Test
+ //unknown for jnlp
+ public void testGetRequestedPermissionLevel7() throws MalformedURLException, ParseException {
+ String jnlpContents = minimalJnlp.replace("SECURITY", "<security><" + SecurityDesc.RequestedPermissionLevel.DEFAULT.toHtmlString() + "/></security>");
+
+ URL codeBase = new URL("http://icedtea.classpath.org");
+ InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+ JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+ Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+ }
}
diff -r fc9ab70d0b32 -r 0b2c5e69cb55 tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java Tue Apr 01 10:27:16 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java Tue Apr 01 17:45:43 2014 +0200
@@ -107,6 +107,35 @@
assertEquals(desiredDomain + relativeLocation,
mockCreator.getJNLPHref().toExternalForm());
}
+
+ @Test
+ public void testGetRequestedPermissionLevel() throws MalformedURLException, Exception {
+ String desiredDomain = "http://desired.absolute.codebase.com";
+ URL codeBase = new URL(desiredDomain + "/undesired/sub/dir");
+ String relativeLocation = "/app/test/test.jnlp";
+ PluginParameters params = createValidParamObject();
+ params.put("jnlp_href", relativeLocation);
+ MockJNLPCreator mockCreator = new MockJNLPCreator();
+ PluginBridge pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+ assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.NONE);
+
+ params.put(SecurityDesc.RequestedPermissionLevel.PERMISSIONS_NAME,SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString());
+ pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+ assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.ALL);
+
+ //unknown for applets!
+ params.put(SecurityDesc.RequestedPermissionLevel.PERMISSIONS_NAME, SecurityDesc.RequestedPermissionLevel.J2EE.toJnlpString());
+ pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+ assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.NONE);
+
+ params.put(SecurityDesc.RequestedPermissionLevel.PERMISSIONS_NAME, SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString());
+ pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+ assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.SANDBOX);
+
+ params.put(SecurityDesc.RequestedPermissionLevel.PERMISSIONS_NAME, SecurityDesc.RequestedPermissionLevel.DEFAULT.toHtmlString());
+ pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+ assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.NONE);
+ }
@Test
public void testBase64StringDecoding() throws Exception {
diff -r fc9ab70d0b32 -r 0b2c5e69cb55 tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java
--- a/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java Tue Apr 01 10:27:16 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java Tue Apr 01 17:45:43 2014 +0200
@@ -44,6 +44,7 @@
import java.util.jar.Manifest;
import net.sourceforge.jnlp.InformationDesc;
import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.SecurityDesc;
import net.sourceforge.jnlp.cache.UpdatePolicy;
import net.sourceforge.jnlp.config.DeploymentConfiguration;
import net.sourceforge.jnlp.mock.DummyJNLPFileWithJar;
@@ -175,7 +176,7 @@
Assert.assertEquals("*.com https://*.cz", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.APP_LIBRARY_ALLOWABLE)));
Assert.assertEquals("*.net ftp://*uu.co.uk", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.CALLER_ALLOWABLE)));
Assert.assertEquals("*.com *.net *.cz *.co.uk", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.CODEBASE)));
- Assert.assertEquals("sandbox", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.PERMISSIONS)));
+ Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString(), jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.PERMISSIONS)));
Assert.assertEquals("false", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.TRUSTED_LIBRARY)));
Assert.assertEquals("false", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.TRUSTED_ONLY)));
More information about the distro-pkg-dev
mailing list