Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/java/nio/file/Files/CheckPermissions.java
38828 views
/*1* Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/* @test24* @bug 6866804 7006126 802827025* @summary Unit test for java.nio.file.Files26* @library ..27* @build CheckPermissions28* @run main/othervm CheckPermissions29*/3031import java.nio.ByteBuffer;32import java.nio.file.*;33import static java.nio.file.Files.*;34import static java.nio.file.StandardOpenOption.*;35import java.nio.file.attribute.*;36import java.nio.channels.SeekableByteChannel;37import java.security.Permission;38import java.io.*;39import java.util.*;4041/**42* Checks each method that accesses the file system does the right permission43* check when there is a security manager set.44*/4546public class CheckPermissions {4748static class Checks {49private List<Permission> permissionsChecked = new ArrayList<>();50private Set<String> propertiesChecked = new HashSet<>();51private List<String> readsChecked = new ArrayList<>();52private List<String> writesChecked = new ArrayList<>();53private List<String> deletesChecked = new ArrayList<>();54private List<String> execsChecked = new ArrayList<>();5556List<Permission> permissionsChecked() { return permissionsChecked; }57Set<String> propertiesChecked() { return propertiesChecked; }58List<String> readsChecked() { return readsChecked; }59List<String> writesChecked() { return writesChecked; }60List<String> deletesChecked() { return deletesChecked; }61List<String> execsChecked() { return execsChecked; }62}6364static ThreadLocal<Checks> myChecks =65new ThreadLocal<Checks>() {66@Override protected Checks initialValue() {67return null;68}69};7071static void prepare() {72myChecks.set(new Checks());73}7475static void assertCheckPermission(Permission expected) {76if (!myChecks.get().permissionsChecked().contains(expected))77throw new RuntimeException(expected + " not checked");78}7980static void assertCheckPropertyAccess(String key) {81if (!myChecks.get().propertiesChecked().contains(key))82throw new RuntimeException("Property " + key + " not checked");83}8485static void assertChecked(Path file, List<String> list) {86String s = file.toString();87for (String f: list) {88if (f.endsWith(s))89return;90}91throw new RuntimeException("Access not checked");92}9394static void assertCheckRead(Path file) {95assertChecked(file, myChecks.get().readsChecked());96}9798static void assertCheckWrite(Path file) {99assertChecked(file, myChecks.get().writesChecked());100}101102static void assertCheckWriteToDirectory(Path dir) {103String s = dir.toString();104List<String> list = myChecks.get().writesChecked();105for (String f: list) {106if (f.startsWith(s)) {107return;108}109}110throw new RuntimeException("Access not checked");111}112113static void assertCheckDelete(Path file) {114assertChecked(file, myChecks.get().deletesChecked());115}116117static void assertCheckExec(Path file) {118assertChecked(file, myChecks.get().execsChecked());119}120121static class LoggingSecurityManager extends SecurityManager {122static void install() {123System.setSecurityManager(new LoggingSecurityManager());124}125126@Override127public void checkPermission(Permission perm) {128Checks checks = myChecks.get();129if (checks != null)130checks.permissionsChecked().add(perm);131}132133@Override134public void checkPropertyAccess(String key) {135Checks checks = myChecks.get();136if (checks != null)137checks.propertiesChecked().add(key);138}139140@Override141public void checkRead(String file) {142Checks checks = myChecks.get();143if (checks != null)144checks.readsChecked().add(file);145}146147@Override148public void checkWrite(String file) {149Checks checks = myChecks.get();150if (checks != null)151checks.writesChecked().add(file);152}153154@Override155public void checkDelete(String file) {156Checks checks = myChecks.get();157if (checks != null)158checks.deletesChecked().add(file);159}160161@Override162public void checkExec(String file) {163Checks checks = myChecks.get();164if (checks != null)165checks.execsChecked().add(file);166}167}168169static void testBasicFileAttributeView(BasicFileAttributeView view, Path file)170throws IOException171{172prepare();173view.readAttributes();174assertCheckRead(file);175176prepare();177FileTime now = FileTime.fromMillis(System.currentTimeMillis());178view.setTimes(null, now, now);179assertCheckWrite(file);180}181182static void testPosixFileAttributeView(PosixFileAttributeView view, Path file)183throws IOException184{185prepare();186PosixFileAttributes attrs = view.readAttributes();187assertCheckRead(file);188assertCheckPermission(new RuntimePermission("accessUserInformation"));189190prepare();191view.setPermissions(attrs.permissions());192assertCheckWrite(file);193assertCheckPermission(new RuntimePermission("accessUserInformation"));194195prepare();196view.setOwner(attrs.owner());197assertCheckWrite(file);198assertCheckPermission(new RuntimePermission("accessUserInformation"));199200prepare();201view.setOwner(attrs.owner());202assertCheckWrite(file);203assertCheckPermission(new RuntimePermission("accessUserInformation"));204}205206public static void main(String[] args) throws IOException {207final Path testdir = Paths.get(System.getProperty("test.dir", ".")).toAbsolutePath();208final Path tmpdir = Paths.get(System.getProperty("java.io.tmpdir"));209210Path file = createFile(testdir.resolve("file1234"));211try {212LoggingSecurityManager.install();213214// -- check access --215216prepare();217exists(file);218assertCheckRead(file);219220prepare();221isReadable(file);222assertCheckRead(file);223224prepare();225isWritable(file);226assertCheckWrite(file);227228prepare();229isExecutable(file);230assertCheckExec(file);231232// -- copy --233234Path target = testdir.resolve("target1234");235prepare();236copy(file, target);237try {238assertCheckRead(file);239assertCheckWrite(target);240} finally {241delete(target);242}243244if (TestUtil.supportsLinks(testdir)) {245Path link = testdir.resolve("link1234");246createSymbolicLink(link, file);247try {248prepare();249copy(link, target, LinkOption.NOFOLLOW_LINKS);250try {251assertCheckRead(link);252assertCheckWrite(target);253assertCheckPermission(new LinkPermission("symbolic"));254} finally {255delete(target);256}257258prepare();259readSymbolicLink(link);260assertCheckPermission(new FilePermission(link.toString(), "readlink"));261} finally {262delete(link);263}264}265266// -- createDirectory --267268Path subdir = testdir.resolve("subdir1234");269prepare();270createDirectory(subdir);271try {272assertCheckWrite(subdir);273} finally {274delete(subdir);275}276277// -- createFile --278279Path fileToCreate = testdir.resolve("file7890");280prepare();281createFile(fileToCreate);282try {283assertCheckWrite(fileToCreate);284} finally {285delete(fileToCreate);286}287288// -- createSymbolicLink --289290if (TestUtil.supportsLinks(testdir)) {291prepare();292Path link = testdir.resolve("link1234");293createSymbolicLink(link, file);294try {295assertCheckWrite(link);296assertCheckPermission(new LinkPermission("symbolic"));297} finally {298delete(link);299}300}301302// -- createLink --303304if (TestUtil.supportsLinks(testdir)) {305prepare();306Path link = testdir.resolve("entry234");307createLink(link, file);308try {309assertCheckWrite(link);310assertCheckPermission(new LinkPermission("hard"));311} finally {312delete(link);313}314}315316// -- createTempFile --317318prepare();319Path tmpfile1 = createTempFile("foo", null);320try {321assertCheckWriteToDirectory(tmpdir);322} finally {323delete(tmpfile1);324}325prepare();326Path tmpfile2 = createTempFile(testdir, "foo", ".tmp");327try {328assertCheckWriteToDirectory(testdir);329} finally {330delete(tmpfile2);331}332333// -- createTempDirectory --334335prepare();336Path tmpdir1 = createTempDirectory("foo");337try {338assertCheckWriteToDirectory(tmpdir);339} finally {340delete(tmpdir1);341}342prepare();343Path tmpdir2 = createTempDirectory(testdir, "foo");344try {345assertCheckWriteToDirectory(testdir);346} finally {347delete(tmpdir2);348}349350// -- delete/deleteIfExists --351352Path fileToDelete = testdir.resolve("file7890");353354createFile(fileToDelete);355prepare();356delete(fileToDelete);357assertCheckDelete(fileToDelete);358359createFile(fileToDelete);360prepare();361deleteIfExists(fileToDelete); // file exists362assertCheckDelete(fileToDelete);363364prepare();365deleteIfExists(fileToDelete); // file does not exist366assertCheckDelete(fileToDelete);367368// -- exists/notExists --369370prepare();371exists(file);372assertCheckRead(file);373374prepare();375notExists(file);376assertCheckRead(file);377378// -- getFileStore --379380prepare();381getFileStore(file);382assertCheckRead(file);383assertCheckPermission(new RuntimePermission("getFileStoreAttributes"));384385// -- isSameFile --386387prepare();388isSameFile(file, testdir);389assertCheckRead(file);390assertCheckRead(testdir);391392// -- move --393394Path target2 = testdir.resolve("target1234");395prepare();396move(file, target2);397try {398assertCheckWrite(file);399assertCheckWrite(target2);400} finally {401// restore file402move(target2, file);403}404405// -- newByteChannel --406407prepare();408try (SeekableByteChannel sbc = newByteChannel(file)) {409assertCheckRead(file);410}411prepare();412try (SeekableByteChannel sbc = newByteChannel(file, WRITE)) {413assertCheckWrite(file);414}415prepare();416try (SeekableByteChannel sbc = newByteChannel(file, READ, WRITE)) {417assertCheckRead(file);418assertCheckWrite(file);419}420421prepare();422try (SeekableByteChannel sbc = newByteChannel(file, DELETE_ON_CLOSE)) {423assertCheckRead(file);424assertCheckDelete(file);425}426createFile(file); // restore file427428429// -- newInputStream/newOutptuStream --430431prepare();432try (InputStream in = newInputStream(file)) {433assertCheckRead(file);434}435prepare();436try (OutputStream out = newOutputStream(file)) {437assertCheckWrite(file);438}439440// -- newDirectoryStream --441442prepare();443try (DirectoryStream<Path> stream = newDirectoryStream(testdir)) {444assertCheckRead(testdir);445446if (stream instanceof SecureDirectoryStream<?>) {447Path entry;448SecureDirectoryStream<Path> sds =449(SecureDirectoryStream<Path>)stream;450451// newByteChannel452entry = file.getFileName();453prepare();454try (SeekableByteChannel sbc = sds.newByteChannel(entry, EnumSet.of(READ))) {455assertCheckRead(file);456}457prepare();458try (SeekableByteChannel sbc = sds.newByteChannel(entry, EnumSet.of(WRITE))) {459assertCheckWrite(file);460}461462// deleteFile463entry = file.getFileName();464prepare();465sds.deleteFile(entry);466assertCheckDelete(file);467createFile(testdir.resolve(entry)); // restore file468469// deleteDirectory470entry = Paths.get("subdir1234");471createDirectory(testdir.resolve(entry));472prepare();473sds.deleteDirectory(entry);474assertCheckDelete(testdir.resolve(entry));475476// move477entry = Paths.get("tempname1234");478prepare();479sds.move(file.getFileName(), sds, entry);480assertCheckWrite(file);481assertCheckWrite(testdir.resolve(entry));482sds.move(entry, sds, file.getFileName()); // restore file483484// newDirectoryStream485entry = Paths.get("subdir1234");486createDirectory(testdir.resolve(entry));487try {488prepare();489sds.newDirectoryStream(entry).close();490assertCheckRead(testdir.resolve(entry));491} finally {492delete(testdir.resolve(entry));493}494495// getFileAttributeView to access attributes of directory496testBasicFileAttributeView(sds497.getFileAttributeView(BasicFileAttributeView.class), testdir);498testPosixFileAttributeView(sds499.getFileAttributeView(PosixFileAttributeView.class), testdir);500501// getFileAttributeView to access attributes of entry502entry = file.getFileName();503testBasicFileAttributeView(sds504.getFileAttributeView(entry, BasicFileAttributeView.class), file);505testPosixFileAttributeView(sds506.getFileAttributeView(entry, PosixFileAttributeView.class), file);507508} else {509System.out.println("SecureDirectoryStream not tested");510}511}512513// -- toAbsolutePath --514515prepare();516file.getFileName().toAbsolutePath();517assertCheckPropertyAccess("user.dir");518519// -- toRealPath --520521prepare();522file.toRealPath();523assertCheckRead(file);524525prepare();526file.toRealPath(LinkOption.NOFOLLOW_LINKS);527assertCheckRead(file);528529prepare();530Paths.get(".").toRealPath();531assertCheckPropertyAccess("user.dir");532533prepare();534Paths.get(".").toRealPath(LinkOption.NOFOLLOW_LINKS);535assertCheckPropertyAccess("user.dir");536537// -- register --538539try (WatchService watcher = FileSystems.getDefault().newWatchService()) {540prepare();541testdir.register(watcher, StandardWatchEventKinds.ENTRY_DELETE);542assertCheckRead(testdir);543}544545// -- getAttribute/setAttribute/readAttributes --546547prepare();548getAttribute(file, "size");549assertCheckRead(file);550551prepare();552setAttribute(file, "lastModifiedTime",553FileTime.fromMillis(System.currentTimeMillis()));554assertCheckWrite(file);555556prepare();557readAttributes(file, "*");558assertCheckRead(file);559560// -- BasicFileAttributeView --561testBasicFileAttributeView(562getFileAttributeView(file, BasicFileAttributeView.class), file);563564// -- PosixFileAttributeView --565566{567PosixFileAttributeView view =568getFileAttributeView(file, PosixFileAttributeView.class);569if (view != null &&570getFileStore(file).supportsFileAttributeView(PosixFileAttributeView.class))571{572testPosixFileAttributeView(view, file);573} else {574System.out.println("PosixFileAttributeView not tested");575}576}577578// -- DosFileAttributeView --579580{581DosFileAttributeView view =582getFileAttributeView(file, DosFileAttributeView.class);583if (view != null &&584getFileStore(file).supportsFileAttributeView(DosFileAttributeView.class))585{586prepare();587view.readAttributes();588assertCheckRead(file);589590prepare();591view.setArchive(false);592assertCheckWrite(file);593594prepare();595view.setHidden(false);596assertCheckWrite(file);597598prepare();599view.setReadOnly(false);600assertCheckWrite(file);601602prepare();603view.setSystem(false);604assertCheckWrite(file);605} else {606System.out.println("DosFileAttributeView not tested");607}608}609610// -- FileOwnerAttributeView --611612{613FileOwnerAttributeView view =614getFileAttributeView(file, FileOwnerAttributeView.class);615if (view != null &&616getFileStore(file).supportsFileAttributeView(FileOwnerAttributeView.class))617{618prepare();619UserPrincipal owner = view.getOwner();620assertCheckRead(file);621assertCheckPermission(new RuntimePermission("accessUserInformation"));622623prepare();624view.setOwner(owner);625assertCheckWrite(file);626assertCheckPermission(new RuntimePermission("accessUserInformation"));627628} else {629System.out.println("FileOwnerAttributeView not tested");630}631}632633// -- UserDefinedFileAttributeView --634635{636UserDefinedFileAttributeView view =637getFileAttributeView(file, UserDefinedFileAttributeView.class);638if (view != null &&639getFileStore(file).supportsFileAttributeView(UserDefinedFileAttributeView.class))640{641prepare();642view.write("test", ByteBuffer.wrap(new byte[100]));643assertCheckWrite(file);644assertCheckPermission(new RuntimePermission("accessUserDefinedAttributes"));645646prepare();647view.read("test", ByteBuffer.allocate(100));648assertCheckRead(file);649assertCheckPermission(new RuntimePermission("accessUserDefinedAttributes"));650651prepare();652view.size("test");653assertCheckRead(file);654assertCheckPermission(new RuntimePermission("accessUserDefinedAttributes"));655656prepare();657view.list();658assertCheckRead(file);659assertCheckPermission(new RuntimePermission("accessUserDefinedAttributes"));660661prepare();662view.delete("test");663assertCheckWrite(file);664assertCheckPermission(new RuntimePermission("accessUserDefinedAttributes"));665} else {666System.out.println("UserDefinedFileAttributeView not tested");667}668}669670// -- AclFileAttributeView --671{672AclFileAttributeView view =673getFileAttributeView(file, AclFileAttributeView.class);674if (view != null &&675getFileStore(file).supportsFileAttributeView(AclFileAttributeView.class))676{677prepare();678List<AclEntry> acl = view.getAcl();679assertCheckRead(file);680assertCheckPermission(new RuntimePermission("accessUserInformation"));681prepare();682view.setAcl(acl);683assertCheckWrite(file);684assertCheckPermission(new RuntimePermission("accessUserInformation"));685} else {686System.out.println("AclFileAttributeView not tested");687}688}689690// -- UserPrincipalLookupService691692UserPrincipalLookupService lookupService =693FileSystems.getDefault().getUserPrincipalLookupService();694UserPrincipal owner = getOwner(file);695696prepare();697lookupService.lookupPrincipalByName(owner.getName());698assertCheckPermission(new RuntimePermission("lookupUserInformation"));699700try {701UserPrincipal group = readAttributes(file, PosixFileAttributes.class).group();702prepare();703lookupService.lookupPrincipalByGroupName(group.getName());704assertCheckPermission(new RuntimePermission("lookupUserInformation"));705} catch (UnsupportedOperationException ignore) {706System.out.println("lookupPrincipalByGroupName not tested");707}708709710} finally {711deleteIfExists(file);712}713}714}715716717