Mercurial > hg > release > icedtea-web-1.5

changeset 971:0b2c5e69cb55

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
RequestedPermissionLevel - used instead of hardcoded strings, aded tests for it, added DEFAULT, fixed J2EE
author Jiri Vanek <jvanek@redhat.com>
date Tue, 01 Apr 2014 17:45:43 +0200
parents fc9ab70d0b32
children c310c9e44597
files ChangeLog netx/net/sourceforge/jnlp/JNLPFile.java netx/net/sourceforge/jnlp/PluginBridge.java netx/net/sourceforge/jnlp/SecurityDesc.java tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java
diffstat 7 files changed, 140 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Tue Apr 01 10:27:16 2014 -0400
+++ b/ChangeLog	Tue Apr 01 17:45:43 2014 +0200
@@ -1,4 +1,18 @@
-2014-04-01  Andrew Azores  <aazores@redhat.com
+2014-04-01  Jiri Vanek  <jvanek@redhat.com>
+
+	* netx/net/sourceforge/jnlp/JNLPFile.java: hardcoded strings replaced by
+	SecurityDesc.RequestedPermissionLevel values.
+	* netx/net/sourceforge/jnlp/PluginBridge.java: likewise
+	* tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java: likewise
+	* tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java: added new tests
+	(testGetRequestedPermissionLevel1) - (testGetRequestedPermissionLevel7).
+	Added (minimalJnlp) field.
+	* tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java: added new
+	(testGetRequestedPermissionLevel) test.
+	* netx/net/sourceforge/jnlp/SecurityDesc.java: added (DEFAULT) into
+	(RequestedPermissionLevel) and fixed typo in (J2EE) jnlpValue
+
+2014-04-01  Andrew Azores  <aazores@redhat.com>
 
 	* netx/net/sourceforge/jnlp/SecurityDesc.java: (RequestedPermissionLevel)
 	new enum to describe the permission level requested in an applet's
--- a/netx/net/sourceforge/jnlp/JNLPFile.java	Tue Apr 01 10:27:16 2014 -0400
+++ b/netx/net/sourceforge/jnlp/JNLPFile.java	Tue Apr 01 17:45:43 2014 +0200
@@ -965,12 +965,12 @@
             String s = getAttribute(PERMISSIONS);
             if (s == null) {
                 return ManifestBoolean.UNDEFINED;
-            } else if (s.trim().equalsIgnoreCase("sandbox")) {
+            } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
                 return ManifestBoolean.TRUE;
-            } else if (s.trim().equalsIgnoreCase("all-permissions")) {
+            } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
                 return ManifestBoolean.FALSE;
             } else {
-                throw new IllegalArgumentException("Unknown value of " + PERMISSIONS + " attribute " + s + ". Expected sandbox or all-permissions");
+                throw new IllegalArgumentException("Unknown value of " + PERMISSIONS + " attribute " + s + ". Expected "+SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString()+" or "+SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString());
             }
 
 
@@ -982,9 +982,9 @@
             String s = getAttribute(PERMISSIONS);
             if (s == null) {
                 return "Not defined";
-            } else if (s.trim().equalsIgnoreCase("sandbox")) {
+            } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
                 return s.trim();
-            } else if (s.trim().equalsIgnoreCase("all-permissions")) {
+            } else if (s.trim().equalsIgnoreCase(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
                 return s.trim();
             } else {
                 return "illegal";
--- a/netx/net/sourceforge/jnlp/PluginBridge.java	Tue Apr 01 10:27:16 2014 -0400
+++ b/netx/net/sourceforge/jnlp/PluginBridge.java	Tue Apr 01 17:45:43 2014 +0200
@@ -232,11 +232,11 @@
         final String level = params.getPermissions();
         if (level == null) {
             return RequestedPermissionLevel.NONE;
-        } else if (level.equals("default")) {
+        } else if (level.equals(SecurityDesc.RequestedPermissionLevel.DEFAULT.toHtmlString())) {
             return RequestedPermissionLevel.NONE;
-        } else if (level.equals("sandbox")) {
+        } else if (level.equals(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString())) {
             return RequestedPermissionLevel.SANDBOX;
-        } else if (level.equals("all-permissions")) {
+        } else if (level.equals(SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString())) {
             return RequestedPermissionLevel.ALL;
         } else {
             return RequestedPermissionLevel.NONE;
--- a/netx/net/sourceforge/jnlp/SecurityDesc.java	Tue Apr 01 10:27:16 2014 -0400
+++ b/netx/net/sourceforge/jnlp/SecurityDesc.java	Tue Apr 01 17:45:43 2014 +0200
@@ -39,10 +39,12 @@
      */
     public enum RequestedPermissionLevel {
         NONE(null, null),
+        DEFAULT(null, "default"),
         SANDBOX(null, "sandbox"),
-        J2EE("j2ee-applitcation-client-permissions", null),
+        J2EE("j2ee-application-client-permissions", null),
         ALL("all-permissions", "all-permissions");
 
+        public static final String PERMISSIONS_NAME = "permissions";
         private final String jnlpString, htmlString;
 
         private RequestedPermissionLevel(final String jnlpString, final String htmlString) {
--- a/tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java	Tue Apr 01 10:27:16 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/JNLPFileTest.java	Tue Apr 01 17:45:43 2014 +0200
@@ -277,4 +277,87 @@
         Assert.assertFalse(downloadOptions.useExplicitPack());
         Assert.assertFalse(downloadOptions.useExplicitVersion());
     }
+    
+    
+    public static final String minimalJnlp = "<?xml version='1.0'?>\n"
+            + "<jnlp spec='1.5' href='foo' codebase='.'>\n"
+            + "  <information>\n"
+            + "    <title>Parsing Test</title>\n"
+            + "    <vendor>IcedTea</vendor>\n"
+            + "  </information>\n"
+            + "<resources>\n"
+            + "  </resources>\n"
+            + "SECURITY"
+            + "</jnlp>";
+
+    @Test
+    public void testGetRequestedPermissionLevel1() throws MalformedURLException, ParseException {
+        String jnlpContents = minimalJnlp.replace("SECURITY", "");
+        URL codeBase = new URL("http://icedtea.classpath.org");
+        InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+        JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+        Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+    }
+
+    @Test
+    public void testGetRequestedPermissionLevel2() throws MalformedURLException, ParseException {
+        String jnlpContents = minimalJnlp.replace("SECURITY", "<security><"+SecurityDesc.RequestedPermissionLevel.ALL.toJnlpString()+"/></security>");
+
+        URL codeBase = new URL("http://icedtea.classpath.org");
+        InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+        JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+        Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.ALL, jnlpFile.getRequestedPermissionLevel());
+    }
+
+    @Test
+    public void testGetRequestedPermissionLevel3() throws MalformedURLException, ParseException {
+        String jnlpContents = minimalJnlp.replace("SECURITY", "<security></security>");
+
+        URL codeBase = new URL("http://icedtea.classpath.org");
+        InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+        JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+        Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+    }
+
+    @Test
+    public void testGetRequestedPermissionLevel4() throws MalformedURLException, ParseException {
+        String jnlpContents = minimalJnlp.replace("SECURITY", "<security>whatever</security>");
+
+        URL codeBase = new URL("http://icedtea.classpath.org");
+        InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+        JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+        Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+    }
+    
+    @Test
+    public void testGetRequestedPermissionLevel5() throws MalformedURLException, ParseException {
+        String jnlpContents = minimalJnlp.replace("SECURITY", "<security><"+SecurityDesc.RequestedPermissionLevel.J2EE.toJnlpString()+"/></security>");
+
+        URL codeBase = new URL("http://icedtea.classpath.org");
+        InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+        JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+        Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.J2EE, jnlpFile.getRequestedPermissionLevel());
+    }
+    
+    @Test
+    //unknown for jnlp
+    public void testGetRequestedPermissionLevel6() throws MalformedURLException, ParseException {
+        String jnlpContents = minimalJnlp.replace("SECURITY", "<security><" + SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString() + "/></security>");
+
+        URL codeBase = new URL("http://icedtea.classpath.org");
+        InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+        JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+        Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+    }
+    
+    @Test
+    //unknown for jnlp
+    public void testGetRequestedPermissionLevel7() throws MalformedURLException, ParseException {
+        String jnlpContents = minimalJnlp.replace("SECURITY", "<security><" + SecurityDesc.RequestedPermissionLevel.DEFAULT.toHtmlString() + "/></security>");
+
+        URL codeBase = new URL("http://icedtea.classpath.org");
+        InputStream is = new ByteArrayInputStream(jnlpContents.getBytes());
+        JNLPFile jnlpFile = new JNLPFile(is, codeBase, new ParserSettings(false, false, false));
+        Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.NONE, jnlpFile.getRequestedPermissionLevel());
+    }
 }
--- a/tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java	Tue Apr 01 10:27:16 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/PluginBridgeTest.java	Tue Apr 01 17:45:43 2014 +0200
@@ -107,6 +107,35 @@
         assertEquals(desiredDomain + relativeLocation,
                 mockCreator.getJNLPHref().toExternalForm());
     }
+    
+    @Test
+    public void testGetRequestedPermissionLevel() throws MalformedURLException, Exception {
+        String desiredDomain = "http://desired.absolute.codebase.com";
+        URL codeBase = new URL(desiredDomain + "/undesired/sub/dir");
+        String relativeLocation = "/app/test/test.jnlp";
+        PluginParameters params = createValidParamObject();
+        params.put("jnlp_href", relativeLocation);
+        MockJNLPCreator mockCreator = new MockJNLPCreator();
+        PluginBridge pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+        assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.NONE);
+        
+        params.put(SecurityDesc.RequestedPermissionLevel.PERMISSIONS_NAME,SecurityDesc.RequestedPermissionLevel.ALL.toHtmlString());
+        pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+        assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.ALL);
+        
+        //unknown for applets!
+        params.put(SecurityDesc.RequestedPermissionLevel.PERMISSIONS_NAME, SecurityDesc.RequestedPermissionLevel.J2EE.toJnlpString());
+        pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+        assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.NONE);
+        
+        params.put(SecurityDesc.RequestedPermissionLevel.PERMISSIONS_NAME, SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString());
+        pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+        assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.SANDBOX);
+        
+        params.put(SecurityDesc.RequestedPermissionLevel.PERMISSIONS_NAME, SecurityDesc.RequestedPermissionLevel.DEFAULT.toHtmlString());
+        pb = new PluginBridge(codeBase, null, "", "", 0, 0, params, mockCreator);
+        assertEquals(pb.getRequestedPermissionLevel(), SecurityDesc.RequestedPermissionLevel.NONE);
+    }
 
     @Test
     public void testBase64StringDecoding() throws Exception {
--- a/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java	Tue Apr 01 10:27:16 2014 -0400
+++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java	Tue Apr 01 17:45:43 2014 +0200
@@ -44,6 +44,7 @@
 import java.util.jar.Manifest;
 import net.sourceforge.jnlp.InformationDesc;
 import net.sourceforge.jnlp.JNLPFile;
+import net.sourceforge.jnlp.SecurityDesc;
 import net.sourceforge.jnlp.cache.UpdatePolicy;
 import net.sourceforge.jnlp.config.DeploymentConfiguration;
 import net.sourceforge.jnlp.mock.DummyJNLPFileWithJar;
@@ -175,7 +176,7 @@
         Assert.assertEquals("*.com  https://*.cz", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.APP_LIBRARY_ALLOWABLE)));
         Assert.assertEquals("*.net  ftp://*uu.co.uk", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.CALLER_ALLOWABLE)));
         Assert.assertEquals("*.com *.net *.cz *.co.uk", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.CODEBASE)));
-        Assert.assertEquals("sandbox", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.PERMISSIONS)));
+        Assert.assertEquals(SecurityDesc.RequestedPermissionLevel.SANDBOX.toHtmlString(), jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.PERMISSIONS)));
         Assert.assertEquals("false", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.TRUSTED_LIBRARY)));
         Assert.assertEquals("false", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.TRUSTED_ONLY)));