On Tue, Nov 22, 2016 at 8:08 PM, Joe Wang <huizhe.w...@oracle.com> wrote: > Daniel, you're awesome! This could have potentially been a frustration to > anyone with a newer testng, as Christoph and Volker have experienced. This > issue really needs to be fixed immediately :-) >
And Oracle should try to use the same tools versions as the community :) As mentioned earlier in this thread, nobody can currently build jtreg with testng 6.9.5 as described on the jtreg page :( > Joe > > > On 11/22/16, 7:58 AM, Daniel Fuchs wrote: >> >> On 22/11/16 14:51, Langer, Christoph wrote: >>> >>> In that case, if we can't change testng, maybe the jaxp SecurityManager >>> can allow testng to access the declared members without granting this to the >>> testee code? >> >> >> That's what I was prototyping. >> The patch below seem to fix the issue - but it's a bit ugly. >> (note I just tested it with XSLTFunctionsTest - you need to >> rm -r JT* after applying to the jaxp repo) >> >> It might be less ugly if we had a system property set >> by jtreg to point at <jtreg>/lib - as we could use that >> to predict the code source location - but I don't think >> we do. >> >> -- daniel >> >> diff --git a/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java >> b/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java >> --- a/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java >> +++ b/test/javax/xml/jaxp/libs/jaxp/library/JAXPPolicyManager.java >> @@ -23,6 +23,7 @@ >> package jaxp.library; >> >> >> +import java.net.URL; >> import java.security.CodeSource; >> import java.security.Permission; >> import java.security.PermissionCollection; >> @@ -34,6 +35,7 @@ >> import java.util.HashMap; >> import java.util.Map; >> import java.util.PropertyPermission; >> +import java.util.Set; >> import java.util.StringJoiner; >> >> >> @@ -163,6 +165,8 @@ >> * JAXP concrete classes. >> */ >> class TestPolicy extends Policy { >> + private final static Set<String> TEST_JARS = >> + Set.of("jtreg.jar", "javatest.jar", "testng.jar"); >> private final PermissionCollection permissions = new Permissions(); >> >> private ThreadLocal<Map<Integer, Permission>> transientPermissions = >> new ThreadLocal<>(); >> @@ -221,9 +225,30 @@ >> >> if (permissions.implies(perm)) >> return true; >> - else >> + else { >> + boolean before = allowAll(); >> + String path = null; >> + try { >> + CodeSource cs = (domain == null) ? null : >> domain.getCodeSource(); >> + URL loc = (cs == null) ? null : cs.getLocation(); >> + path = (loc == null) ? null : loc.getPath(); >> + } finally { >> + setAllowAll(before); >> + } >> + if (path != null && TEST_JARS.stream() >> + .filter(path::endsWith) >> + .findAny() >> + .isPresent()) { >> + return true; >> + } else { >> return tmpImplies(perm); >> } >> + } >> + } >> + >> + >> + >> >> /* >> * Add a temporary permission in current thread context. This won't >> impact >> >