From 7c051682b5c97bfa7f01f361399f0124afa2a5ba Mon Sep 17 00:00:00 2001 From: Hannes Wellmann Date: Sat, 14 Dec 2024 13:23:50 +0100 Subject: [PATCH] Skip Security-Manager related tests if Security-Manager is disallowed Part of https://github.com/eclipse-platform/eclipse.platform.releng.aggregator/issues/2623 --- .../bundles/EquinoxBundleAdaptTests.java | 21 ++++++++++------ .../osgi/tests/bundles/SystemBundleTests.java | 23 +++++++++++------ .../securityadmin/SecurityAdminUnitTests.java | 7 ++++++ .../securityadmin/SecurityManagerTests.java | 25 ++++++++++++++++++- 4 files changed, 61 insertions(+), 15 deletions(-) diff --git a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/EquinoxBundleAdaptTests.java b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/EquinoxBundleAdaptTests.java index 9aba6c32d3f..0ccf8b8192c 100644 --- a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/EquinoxBundleAdaptTests.java +++ b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/EquinoxBundleAdaptTests.java @@ -24,6 +24,7 @@ import org.eclipse.osgi.container.Module; import org.eclipse.osgi.internal.framework.EquinoxBundle; import org.eclipse.osgi.signedcontent.SignedContent; +import org.eclipse.osgi.tests.securityadmin.SecurityManagerTests; import org.junit.Test; import org.osgi.framework.Bundle; import org.osgi.framework.FrameworkUtil; @@ -42,17 +43,23 @@ public void testAdapt_Module() throws Exception { public void testAdapt_ProtectionDomain() throws Exception { Bundle bundle = installer.installBundle("test"); SecurityManager previousSM = System.getSecurityManager(); + boolean unsetSecurityManager = false; try { - System.setSecurityManager(new SecurityManager() { - @Override - public void checkPermission(Permission perm) { - // Just permit everything - } - }); + if (SecurityManagerTests.isSecurityManagerAllowed()) { + unsetSecurityManager = true; + System.setSecurityManager(new SecurityManager() { + @Override + public void checkPermission(Permission perm) { + // Just permit everything + } + }); + } ProtectionDomain domain = bundle.adapt(java.security.ProtectionDomain.class); assertNotNull(domain); } finally { - System.setSecurityManager(previousSM); + if (unsetSecurityManager) { + System.setSecurityManager(previousSM); + } } } diff --git a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/SystemBundleTests.java b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/SystemBundleTests.java index c639b250574..96eadd27109 100644 --- a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/SystemBundleTests.java +++ b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/bundles/SystemBundleTests.java @@ -92,7 +92,9 @@ import org.eclipse.osgi.storage.url.reference.Handler; import org.eclipse.osgi.tests.OSGiTestsActivator; import org.eclipse.osgi.tests.security.BaseSecurityTest; +import org.eclipse.osgi.tests.securityadmin.SecurityManagerTests; import org.junit.Assert; +import org.junit.Assume; import org.junit.Ignore; import org.junit.Test; import org.osgi.framework.Bundle; @@ -1427,6 +1429,8 @@ public void testBug432632() throws BundleException, IOException { @Test public void testDynamicSecurityManager() throws BundleException { + Assume.assumeTrue("Security-Manager is disallowed", SecurityManagerTests.isSecurityManagerAllowed()); + SecurityManager sm = System.getSecurityManager(); assertNull("SecurityManager must be null to test.", sm); try { @@ -3267,16 +3271,21 @@ public void testDeleteBundleFile() throws IOException, BundleException { Map launchProps = new HashMap<>(); launchProps.put(Constants.FRAMEWORK_STORAGE, config.getAbsolutePath()); - SecurityManager sm = new SecurityManager() { - public void checkPermission(Permission perm) { - // do nothing; - } - }; - System.setSecurityManager(sm); + boolean unsetSecurityManager = false; + if (SecurityManagerTests.isSecurityManagerAllowed()) { + unsetSecurityManager = true; + System.setSecurityManager(new SecurityManager() { + public void checkPermission(Permission perm) { + // do nothing; + } + }); + } try { equinox = new Equinox(Collections.singletonMap(Constants.FRAMEWORK_STORAGE, config.getAbsolutePath())); } finally { - System.setSecurityManager(null); + if (unsetSecurityManager) { + System.setSecurityManager(null); + } } equinox.start(); stop(equinox); diff --git a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/securityadmin/SecurityAdminUnitTests.java b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/securityadmin/SecurityAdminUnitTests.java index 5a5703cdf7a..9bf42aaa1ff 100644 --- a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/securityadmin/SecurityAdminUnitTests.java +++ b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/securityadmin/SecurityAdminUnitTests.java @@ -40,6 +40,8 @@ import org.eclipse.osgi.launch.Equinox; import org.eclipse.osgi.tests.OSGiTestsActivator; import org.eclipse.osgi.tests.bundles.AbstractBundleTests; +import org.junit.Assume; +import org.junit.BeforeClass; import org.junit.Test; import org.osgi.framework.Bundle; import org.osgi.framework.BundleException; @@ -108,6 +110,11 @@ public class SecurityAdminUnitTests extends AbstractBundleTests { private ConditionalPermissionAdmin cpa; private PermissionAdmin pa; + @BeforeClass + public static void setupClass() { + Assume.assumeTrue("Security-Manager is disallowed", SecurityManagerTests.isSecurityManagerAllowed()); + } + @Override public void setUp() throws Exception { previousPolicy = Policy.getPolicy(); diff --git a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/securityadmin/SecurityManagerTests.java b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/securityadmin/SecurityManagerTests.java index 1dbb9d04b74..dc2fbf35dae 100644 --- a/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/securityadmin/SecurityManagerTests.java +++ b/bundles/org.eclipse.osgi.tests/src/org/eclipse/osgi/tests/securityadmin/SecurityManagerTests.java @@ -38,6 +38,8 @@ import org.eclipse.osgi.tests.OSGiTestsActivator; import org.eclipse.osgi.tests.bundles.AbstractBundleTests; import org.junit.Assert; +import org.junit.Assume; +import org.junit.BeforeClass; import org.junit.Test; import org.osgi.framework.Bundle; import org.osgi.framework.BundleContext; @@ -81,9 +83,13 @@ public class SecurityManagerTests extends AbstractBundleTests { PackagePermission.class.getName(), "org.osgi.framework", "import"); //$NON-NLS-1$ //$NON-NLS-2$ private Policy previousPolicy; + @BeforeClass + public static void setupClass() { + Assume.assumeTrue("Security-Manager is disallowed", SecurityManagerTests.isSecurityManagerAllowed()); + } + @Override public void setUp() throws Exception { - assertNull("Cannot test with security manager set", getSecurityManager()); previousPolicy = Policy.getPolicy(); final Permission allPermission = new AllPermission(); final PermissionCollection allPermissions = new PermissionCollection() { @@ -721,4 +727,21 @@ public Map getAttributes() { } } } + + public static boolean isSecurityManagerAllowed() { + SecurityManager original = System.getSecurityManager(); + try { // Try to set a dummy to provoke an UnsupportedOperationException if disallowed + System.setSecurityManager(new SecurityManager() { + @Override + public void checkPermission(Permission perm) { + // Permit everything + } + }); + System.setSecurityManager(original); // restore original + return true; + } catch (UnsupportedOperationException e) { + return false; // security-manager is not allowed + } + } + }