[
https://issues.apache.org/jira/browse/DERBY-3547?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16675758#comment-16675758
]
Rick Hillegas commented on DERBY-3547:
--------------------------------------
Attaching derby-3547-02-aa-remainingTestPolicies.diff. This patch converts the
remaining test policies into descriptors, expressed as deltas from
derby_tests.policy.
Tests passed cleanly with the classpath and the modulepath.
Touches the following files:
{noformat}
--------------------------------
M java/build/org/apache/derbyBuild/SecurityPolicyGenerator.java
Provide support for grants to Principals in addition to jar
files (needed by SystemPrivilegesPermissionTest).
--------------------------------
M
java/org.apache.derby.engine/org/apache/derby/security/securityPolicies.xml
New descriptors corresponding to the now deleted policy files.
--------------------------------
M
java/org.apache.derby.engine/org/apache/derby/security/securityTests.properties
Add a logical-to-physical mapping for the lucene-core jar file.
--------------------------------
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/LDAPAuthenticationTest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/XATest.java
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/RuntimeInfoTest.java
Minor corrections to license headers.
--------------------------------
M
java/org.apache.derby.tests/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest.java
Added a little more information to failure messages to help me
diagnose issues with the conversion of this test's policy files.
--------------------------------
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/compatibility/VersionCombinationConfigurator.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/GetCurrentPropertiesTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/NetworkServerControlApiTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/ProtocolTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/RuntimeInfoTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/SecureServerTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/ServerPropertiesTest.policy
M
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/SysinfoTest.java
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/derbynet/SysinfoTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/engine/noDeregisterPermission.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbc4/noAbortPermission.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/LDAPTests.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/jdbcapi/XATest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/SecurityPolicyReloadingTest.initial.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/SecurityPolicyReloadingTest.modified.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/SecurityPolicyReloadingTest.unreloadable.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/luceneSupport.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/no_derby_internals.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/lang/resultSetReader.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/management/CacheManagerMBeanTest.withPerm.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/management/CacheManagerMBeanTest.withoutPerm.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/replicationTests/Derby5937SlaveShutdownTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/store/Derby3980DeadlockTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/tools/derbyrunjartest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/tests/unit/fillLog.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/util/nwsvr.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/functionTests/util/useprocessfalse.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/unitTests/junit/AssertFailureTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/unitTests/junit/AssertFailureTest1.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest1.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest2.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy
D
java/org.apache.derby.tests/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest1.policy
Obsolete source policy files. These files are now generated into the
classes directory by SecurityPolicyGenerator.
{noformat}
> Create a utility that generates a security policy file for Derby's tests
> ------------------------------------------------------------------------
>
> Key: DERBY-3547
> URL: https://issues.apache.org/jira/browse/DERBY-3547
> Project: Derby
> Issue Type: Improvement
> Components: Test
> Reporter: Daniel John Debrunner
> Priority: Minor
> Attachments: SecurityPolicyVTI.java,
> derby-3547-01-ab-policyGenerator.diff,
> derby-3547-02-aa-remainingTestPolicies.diff
>
>
> With the number of current test policy files it is becoming a pain to
> remember to modify all of them when needed to add a new permission.
> In addition with JMX, SystemPermission (and DatabasePermission) support,
> testing of fine-grained permissions will become unmanagable if a new policy
> file is needed for every combination.
> I suggest a java utility that can be used in a test decorator to create a set
> of permissions that can then be modified before creating a real policy file
> and pointing the security manager to it. I imagine an api like:
> TestPolicy() - constructor creates a set of permissions that corresponds to
> the current derby_tests.policy (or similar)
> The object supports a number of code bases, corresponding to the current
> jars, e.g.
> derby, derbynet, derbytools,derbyclient,ant,emma, junit,
> removeCodebase(String code) - remove all the permissions for a given code
> base. Allows specific testing, e.g. with just client tests don't have
> permissions for any other jars.
> removePermission(String code, Permission permission) - remove a single
> permission from a code base - allows negative testing, what happens if this
> permission is not available.
> addPermission(String code, Permission permission) - add a permission into the
> code base
> writePolicyFile(PrintStream out) - write the policy file out
> This would also stop the need for derby_tests.policy to have a jar and
> classes section with duplicated information, TestPolicy would just create the
> grant code blocks with the correct code location.
> TestPolicy could obviously be expanded as new needs appear, eg. Principal
> testing.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
