TestPermissions.java

/**
 * Copyright 2015 Google Inc. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *      http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS-IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.google.apphosting.tests.usercode.testservlets.security;

import java.lang.reflect.Field;

/**
 * Tests enforcement of permissions.
 *
 * @see com.google.apphosting.tests.usercode.testservlets.SecurityServlet
 */
public class TestPermissions implements Runnable {

  private static String privateFieldForTesting = "test";

  public void run() {
    // NB(tobyr) This may look like it's testing reflection, but it's really
    // testing that reflection permissions like accessDeclaredMembers and
    // suppressAccessChecks are inherited across ClassLoaders.

    try {
      Field field = getClass().getDeclaredField("privateFieldForTesting");

      // Test that setAccessible doesn't blow up
      field.setAccessible(true);

      // Reset to false to ensure we don't require unnecessary setAccessible
      // calls.
      field.setAccessible(false);

      String value = (String) field.get(null);
      if (!privateFieldForTesting.equals(value)) {
        throw new RuntimeException("Expected: " + privateFieldForTesting + " Actual: " + value);
      }

      field = String.class.getDeclaredField("value");

      try {
        field.get(privateFieldForTesting);
        throw new RuntimeException("Expected illegal access exception");
      } catch (IllegalAccessException e) {
        // Good
      }

      // TODO(xx) This would fail on the real runtime
      // See if there's any easy way to reproduce that behavior in dev_appserver
      field.setAccessible(true);

      // TODO(xx) Add a couple more tests in here.
      // I tried to add some for IO, but our current working directory is inaccurate
      // under blaze. I could correct for this, but it's not worth the effort, atm.
    } catch (Exception e) {
      throw new RuntimeException(e);
    }
  }
}