| /* |
| * Copyright (C) 2019 Nail Samatov <sanail@yandex.ru> |
| * and other copyright owners as documented in the project's IP log. |
| * |
| * This program and the accompanying materials are made available |
| * under the terms of the Eclipse Distribution License v1.0 which |
| * accompanies this distribution, is reproduced below, and is |
| * available at http://www.eclipse.org/org/documents/edl-v10.php |
| * |
| * All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or |
| * without modification, are permitted provided that the following |
| * conditions are met: |
| * |
| * - Redistributions of source code must retain the above copyright |
| * notice, this list of conditions and the following disclaimer. |
| * |
| * - Redistributions in binary form must reproduce the above |
| * copyright notice, this list of conditions and the following |
| * disclaimer in the documentation and/or other materials provided |
| * with the distribution. |
| * |
| * - Neither the name of the Eclipse Foundation, Inc. nor the |
| * names of its contributors may be used to endorse or promote |
| * products derived from this software without specific prior |
| * written permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND |
| * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, |
| * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR |
| * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
| * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
| * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
| * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
| package org.eclipse.jgit.api; |
| |
| import static org.junit.Assert.assertEquals; |
| import static org.junit.Assert.assertNotNull; |
| import static org.junit.Assert.assertTrue; |
| |
| import java.io.File; |
| import java.io.FilePermission; |
| import java.io.IOException; |
| import java.lang.reflect.ReflectPermission; |
| import java.nio.file.Files; |
| import java.security.Permission; |
| import java.security.SecurityPermission; |
| import java.util.ArrayList; |
| import java.util.List; |
| import java.util.PropertyPermission; |
| import java.util.logging.LoggingPermission; |
| |
| import javax.security.auth.AuthPermission; |
| |
| import org.eclipse.jgit.api.errors.GitAPIException; |
| import org.eclipse.jgit.junit.JGitTestUtil; |
| import org.eclipse.jgit.junit.MockSystemReader; |
| import org.eclipse.jgit.junit.SeparateClassloaderTestRunner; |
| import org.eclipse.jgit.revwalk.RevCommit; |
| import org.eclipse.jgit.treewalk.TreeWalk; |
| import org.eclipse.jgit.util.FileUtils; |
| import org.eclipse.jgit.util.SystemReader; |
| import org.junit.After; |
| import org.junit.Before; |
| import org.junit.Test; |
| import org.junit.runner.RunWith; |
| |
| /** |
| * <p> |
| * Tests if jgit works if SecurityManager is enabled. |
| * </p> |
| * |
| * <p> |
| * Note: JGit's classes shouldn't be used before SecurityManager is configured. |
| * If you use some JGit's class before SecurityManager is replaced then part of |
| * the code can be invoked outside of our custom SecurityManager and this test |
| * becomes useless. |
| * </p> |
| * |
| * <p> |
| * For example the class {@link org.eclipse.jgit.util.FS} is used widely in jgit |
| * sources. It contains DETECTED static field. At the first usage of the class |
| * FS the field DETECTED is initialized and during initialization many system |
| * operations that SecurityManager can forbid are invoked. |
| * </p> |
| * |
| * <p> |
| * For this reason this test doesn't extend LocalDiskRepositoryTestCase (it uses |
| * JGit's classes in setUp() method) and other JGit's utility classes. It's done |
| * to affect SecurityManager as less as possible. |
| * </p> |
| * |
| * <p> |
| * We use SeparateClassloaderTestRunner to isolate FS.DETECTED field |
| * initialization between different tests run. |
| * </p> |
| */ |
| @RunWith(SeparateClassloaderTestRunner.class) |
| public class SecurityManagerTest { |
| private File root; |
| |
| private SecurityManager originalSecurityManager; |
| |
| private List<Permission> permissions = new ArrayList<>(); |
| |
| @Before |
| public void setUp() throws Exception { |
| // Create working directory |
| SystemReader.setInstance(new MockSystemReader()); |
| root = Files.createTempDirectory("jgit-security").toFile(); |
| |
| // Add system permissions |
| permissions.add(new RuntimePermission("*")); |
| permissions.add(new SecurityPermission("*")); |
| permissions.add(new AuthPermission("*")); |
| permissions.add(new ReflectPermission("*")); |
| permissions.add(new PropertyPermission("*", "read,write")); |
| permissions.add(new LoggingPermission("control", null)); |
| |
| permissions.add(new FilePermission( |
| System.getProperty("java.home") + "/-", "read")); |
| |
| String tempDir = System.getProperty("java.io.tmpdir"); |
| permissions.add(new FilePermission(tempDir, "read,write,delete")); |
| permissions |
| .add(new FilePermission(tempDir + "/-", "read,write,delete")); |
| |
| // Add permissions to dependent jar files. |
| String classPath = System.getProperty("java.class.path"); |
| if (classPath != null) { |
| for (String path : classPath.split(File.pathSeparator)) { |
| permissions.add(new FilePermission(path, "read")); |
| } |
| } |
| // Add permissions to jgit class files. |
| String jgitSourcesRoot = new File(System.getProperty("user.dir")) |
| .getParent(); |
| permissions.add(new FilePermission(jgitSourcesRoot + "/-", "read")); |
| |
| // Add permissions to working dir for jgit. Our git repositories will be |
| // initialized and cloned here. |
| permissions.add(new FilePermission(root.getPath() + "/-", |
| "read,write,delete,execute")); |
| |
| // Replace Security Manager |
| originalSecurityManager = System.getSecurityManager(); |
| System.setSecurityManager(new SecurityManager() { |
| |
| @Override |
| public void checkPermission(Permission requested) { |
| for (Permission permission : permissions) { |
| if (permission.implies(requested)) { |
| return; |
| } |
| } |
| |
| super.checkPermission(requested); |
| } |
| }); |
| } |
| |
| @After |
| public void tearDown() throws Exception { |
| System.setSecurityManager(originalSecurityManager); |
| |
| // Note: don't use this method before security manager is replaced in |
| // setUp() method. The method uses FS.DETECTED internally and can affect |
| // the test. |
| FileUtils.delete(root, FileUtils.RECURSIVE | FileUtils.RETRY); |
| } |
| |
| @Test |
| public void testInitAndClone() throws IOException, GitAPIException { |
| File remote = new File(root, "remote"); |
| File local = new File(root, "local"); |
| |
| try (Git git = Git.init().setDirectory(remote).call()) { |
| JGitTestUtil.write(new File(remote, "hello.txt"), "Hello world!"); |
| git.add().addFilepattern(".").call(); |
| git.commit().setMessage("Initial commit").call(); |
| } |
| |
| try (Git git = Git.cloneRepository().setURI(remote.toURI().toString()) |
| .setDirectory(local).call()) { |
| assertTrue(new File(local, ".git").exists()); |
| |
| JGitTestUtil.write(new File(local, "hi.txt"), "Hi!"); |
| git.add().addFilepattern(".").call(); |
| RevCommit commit1 = git.commit().setMessage("Commit on local repo") |
| .call(); |
| assertEquals("Commit on local repo", commit1.getFullMessage()); |
| assertNotNull(TreeWalk.forPath(git.getRepository(), "hello.txt", |
| commit1.getTree())); |
| } |
| |
| } |
| |
| } |