зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1173523 - Part 2: Tests for new methods nsIPrincipal::MatchesURI and nsIPrincipal::Matches, r=ehsan
This commit is contained in:
Родитель
56a5f8273e
Коммит
567aeb78e9
|
@ -0,0 +1,133 @@
|
|||
/* Any copyright is dedicated to the Public Domain.
|
||||
http://creativecommons.org/publicdomain/zero/1.0/ */
|
||||
|
||||
function matches_always(perm, principals) {
|
||||
principals.forEach((principal) => {
|
||||
do_check_true(perm.matches(principal, true), "perm: " + perm.principal.origin + ", princ: " + principal.origin);
|
||||
do_check_true(perm.matches(principal, false), "perm: " + perm.principal.origin + ", princ: " + principal.origin);
|
||||
});
|
||||
}
|
||||
|
||||
function matches_weak(perm, principals) {
|
||||
principals.forEach((principal) => {
|
||||
do_check_false(perm.matches(principal, true), "perm: " + perm.principal.origin + ", princ: " + principal.origin);
|
||||
do_check_true(perm.matches(principal, false), "perm: " + perm.principal.origin + ", princ: " + principal.origin);
|
||||
});
|
||||
}
|
||||
|
||||
function matches_never(perm, principals) {
|
||||
principals.forEach((principal) => {
|
||||
do_check_false(perm.matches(principal, true), "perm: " + perm.principal.origin + ", princ: " + principal.origin);
|
||||
do_check_false(perm.matches(principal, false), "perm: " + perm.principal.origin + ", princ: " + principal.origin);
|
||||
});
|
||||
}
|
||||
|
||||
function run_test() {
|
||||
// initialize the permission manager service
|
||||
let pm = Cc["@mozilla.org/permissionmanager;1"].
|
||||
getService(Ci.nsIPermissionManager);
|
||||
|
||||
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
|
||||
.getService(Ci.nsIScriptSecurityManager);
|
||||
|
||||
// Add some permissions
|
||||
let uri0 = NetUtil.newURI("http://google.com/search?q=foo#hashtag", null, null);
|
||||
let uri1 = NetUtil.newURI("http://hangouts.google.com/subdir", null, null);
|
||||
let uri2 = NetUtil.newURI("http://google.org/", null, null);
|
||||
|
||||
// NOTE: These entries have different ports/schemes, but will be considered
|
||||
// the same right now (as permissions are based on host only). With bug 1165263
|
||||
// this will be fixed.
|
||||
let uri3 = NetUtil.newURI("https://google.com/some/random/subdirectory", null, null);
|
||||
let uri4 = NetUtil.newURI("https://hangouts.google.com/#!/hangout", null, null);
|
||||
let uri5 = NetUtil.newURI("http://google.com:8096/", null, null);
|
||||
|
||||
let uri0_n_n = secMan.getNoAppCodebasePrincipal(uri0);
|
||||
let uri1_n_n = secMan.getNoAppCodebasePrincipal(uri1);
|
||||
let uri2_n_n = secMan.getNoAppCodebasePrincipal(uri2);
|
||||
let uri3_n_n = secMan.getNoAppCodebasePrincipal(uri3);
|
||||
let uri4_n_n = secMan.getNoAppCodebasePrincipal(uri4);
|
||||
let uri5_n_n = secMan.getNoAppCodebasePrincipal(uri5);
|
||||
|
||||
let uri0_1000_n = secMan.getAppCodebasePrincipal(uri0, 1000, false);
|
||||
let uri1_1000_n = secMan.getAppCodebasePrincipal(uri1, 1000, false);
|
||||
let uri2_1000_n = secMan.getAppCodebasePrincipal(uri2, 1000, false);
|
||||
let uri3_1000_n = secMan.getAppCodebasePrincipal(uri3, 1000, false);
|
||||
let uri4_1000_n = secMan.getAppCodebasePrincipal(uri4, 1000, false);
|
||||
let uri5_1000_n = secMan.getAppCodebasePrincipal(uri5, 1000, false);
|
||||
|
||||
let uri0_1000_y = secMan.getAppCodebasePrincipal(uri0, 1000, true);
|
||||
let uri1_1000_y = secMan.getAppCodebasePrincipal(uri1, 1000, true);
|
||||
let uri2_1000_y = secMan.getAppCodebasePrincipal(uri2, 1000, true);
|
||||
let uri3_1000_y = secMan.getAppCodebasePrincipal(uri3, 1000, true);
|
||||
let uri4_1000_y = secMan.getAppCodebasePrincipal(uri4, 1000, true);
|
||||
let uri5_1000_y = secMan.getAppCodebasePrincipal(uri5, 1000, true);
|
||||
|
||||
let uri0_2000_n = secMan.getAppCodebasePrincipal(uri0, 2000, false);
|
||||
let uri1_2000_n = secMan.getAppCodebasePrincipal(uri1, 2000, false);
|
||||
let uri2_2000_n = secMan.getAppCodebasePrincipal(uri2, 2000, false);
|
||||
let uri3_2000_n = secMan.getAppCodebasePrincipal(uri3, 2000, false);
|
||||
let uri4_2000_n = secMan.getAppCodebasePrincipal(uri4, 2000, false);
|
||||
let uri5_2000_n = secMan.getAppCodebasePrincipal(uri5, 2000, false);
|
||||
|
||||
let uri0_2000_y = secMan.getAppCodebasePrincipal(uri0, 2000, true);
|
||||
let uri1_2000_y = secMan.getAppCodebasePrincipal(uri1, 2000, true);
|
||||
let uri2_2000_y = secMan.getAppCodebasePrincipal(uri2, 2000, true);
|
||||
let uri3_2000_y = secMan.getAppCodebasePrincipal(uri3, 2000, true);
|
||||
let uri4_2000_y = secMan.getAppCodebasePrincipal(uri4, 2000, true);
|
||||
let uri5_2000_y = secMan.getAppCodebasePrincipal(uri5, 2000, true);
|
||||
|
||||
pm.addFromPrincipal(uri0_n_n, "test/matches", pm.ALLOW_ACTION);
|
||||
let perm_n_n = pm.getPermissionObject(uri0_n_n, "test/matches", true);
|
||||
pm.addFromPrincipal(uri0_1000_n, "test/matches", pm.ALLOW_ACTION);
|
||||
let perm_1000_n = pm.getPermissionObject(uri0_1000_n, "test/matches", true);
|
||||
pm.addFromPrincipal(uri0_1000_y, "test/matches", pm.ALLOW_ACTION);
|
||||
let perm_1000_y = pm.getPermissionObject(uri0_1000_y, "test/matches", true);
|
||||
pm.addFromPrincipal(uri0_2000_n, "test/matches", pm.ALLOW_ACTION);
|
||||
let perm_2000_n = pm.getPermissionObject(uri0_2000_n, "test/matches", true);
|
||||
pm.addFromPrincipal(uri0_2000_y, "test/matches", pm.ALLOW_ACTION);
|
||||
let perm_2000_y = pm.getPermissionObject(uri0_2000_y, "test/matches", true);
|
||||
|
||||
matches_always(perm_n_n, [uri0_n_n, uri3_n_n, uri5_n_n]);
|
||||
matches_weak(perm_n_n, [uri1_n_n, uri4_n_n]);
|
||||
matches_never(perm_n_n, [uri2_n_n,
|
||||
uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
|
||||
uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
|
||||
uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
|
||||
uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y]);
|
||||
|
||||
matches_always(perm_1000_n, [uri0_1000_n, uri3_1000_n, uri5_1000_n]);
|
||||
matches_weak(perm_1000_n, [uri1_1000_n, uri4_1000_n]);
|
||||
matches_never(perm_1000_n, [uri2_1000_n,
|
||||
uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
|
||||
uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
|
||||
uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
|
||||
uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y]);
|
||||
|
||||
matches_always(perm_1000_y, [uri0_1000_y, uri3_1000_y, uri5_1000_y]);
|
||||
matches_weak(perm_1000_y, [uri1_1000_y, uri4_1000_y]);
|
||||
matches_never(perm_1000_y, [uri2_1000_y,
|
||||
uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
|
||||
uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
|
||||
uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
|
||||
uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y]);
|
||||
|
||||
matches_always(perm_2000_n, [uri0_2000_n, uri3_2000_n, uri5_2000_n]);
|
||||
matches_weak(perm_2000_n, [uri1_2000_n, uri4_2000_n]);
|
||||
matches_never(perm_2000_n, [uri2_2000_n,
|
||||
uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
|
||||
uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
|
||||
uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
|
||||
uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y]);
|
||||
|
||||
matches_always(perm_2000_y, [uri0_2000_y, uri3_2000_y, uri5_2000_y]);
|
||||
matches_weak(perm_2000_y, [uri1_2000_y, uri4_2000_y]);
|
||||
matches_never(perm_2000_y, [uri2_2000_y,
|
||||
uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
|
||||
uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
|
||||
uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
|
||||
uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y]);
|
||||
|
||||
// Clean up!
|
||||
pm.removeAll();
|
||||
}
|
|
@ -0,0 +1,150 @@
|
|||
/* Any copyright is dedicated to the Public Domain.
|
||||
http://creativecommons.org/publicdomain/zero/1.0/ */
|
||||
|
||||
function matches_always(perm, uris) {
|
||||
uris.forEach((uri) => {
|
||||
do_check_true(perm.matchesURI(uri, true), "perm: " + perm.principal.origin + ", URI: " + uri.spec);
|
||||
do_check_true(perm.matchesURI(uri, false), "perm: " + perm.principal.origin + ", URI: " + uri.spec);
|
||||
});
|
||||
}
|
||||
|
||||
function matches_weak(perm, uris) {
|
||||
uris.forEach((uri) => {
|
||||
do_check_false(perm.matchesURI(uri, true), "perm: " + perm.principal.origin + ", URI: " + uri.spec);
|
||||
do_check_true(perm.matchesURI(uri, false), "perm: " + perm.principal.origin + ", URI: " + uri.spec);
|
||||
});
|
||||
}
|
||||
|
||||
function matches_never(perm, uris) {
|
||||
uris.forEach((uri) => {
|
||||
do_check_false(perm.matchesURI(uri, true), "perm: " + perm.principal.origin + ", URI: " + uri.spec);
|
||||
do_check_false(perm.matchesURI(uri, false), "perm: " + perm.principal.origin + ", URI: " + uri.spec);
|
||||
});
|
||||
}
|
||||
|
||||
function mk_permission(uri, isAppPermission = false) {
|
||||
let pm = Cc["@mozilla.org/permissionmanager;1"].
|
||||
getService(Ci.nsIPermissionManager);
|
||||
|
||||
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
|
||||
.getService(Ci.nsIScriptSecurityManager);
|
||||
|
||||
// Get the permission from the principal!
|
||||
let principal = isAppPermission ?
|
||||
secMan.getAppCodebasePrincipal(uri, 1000, false) :
|
||||
secMan.getNoAppCodebasePrincipal(uri);
|
||||
|
||||
pm.addFromPrincipal(principal, "test/matchesuri", pm.ALLOW_ACTION);
|
||||
let permission = pm.getPermissionObject(principal, "test/matchesuri", true);
|
||||
|
||||
return permission;
|
||||
}
|
||||
|
||||
function run_test() {
|
||||
// initialize the permission manager service
|
||||
let pm = Cc["@mozilla.org/permissionmanager;1"].
|
||||
getService(Ci.nsIPermissionManager);
|
||||
|
||||
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
|
||||
.getService(Ci.nsIScriptSecurityManager);
|
||||
|
||||
let fileprefix = "file:///";
|
||||
if (Services.appinfo.OS == "WINNT") {
|
||||
// Windows rejects files if they don't have a drive. See Bug 1180870
|
||||
fileprefix += "c:/";
|
||||
}
|
||||
|
||||
// Add some permissions
|
||||
let uri0 = NetUtil.newURI("http://google.com:9091/just/a/path", null, null);
|
||||
let uri1 = NetUtil.newURI("http://hangouts.google.com:9091/some/path", null, null);
|
||||
let uri2 = NetUtil.newURI("http://google.com:9091/", null, null);
|
||||
let uri3 = NetUtil.newURI("http://google.org:9091/", null, null);
|
||||
let uri4 = NetUtil.newURI("http://deeper.hangouts.google.com:9091/", null, null);
|
||||
let uri5 = NetUtil.newURI("https://google.com/just/a/path", null, null);
|
||||
let uri6 = NetUtil.newURI("https://hangouts.google.com", null, null);
|
||||
let uri7 = NetUtil.newURI("https://google.com/", null, null);
|
||||
|
||||
let fileuri1 = NetUtil.newURI(fileprefix + "a/file/path", null, null);
|
||||
let fileuri2 = NetUtil.newURI(fileprefix + "a/file/path/deeper", null, null);
|
||||
let fileuri3 = NetUtil.newURI(fileprefix + "a/file/otherpath", null, null);
|
||||
|
||||
{
|
||||
let perm = mk_permission(uri0);
|
||||
matches_always(perm, [uri0, uri2, uri5, uri7]);
|
||||
matches_weak(perm, [uri1, uri4, uri6]);
|
||||
matches_never(perm, [uri3, fileuri1, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(uri1);
|
||||
matches_always(perm, [uri1, uri6]);
|
||||
matches_weak(perm, [uri4]);
|
||||
matches_never(perm, [uri0, uri2, uri3, uri5, uri7, fileuri1, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(uri2);
|
||||
matches_always(perm, [uri0, uri2, uri5, uri7]);
|
||||
matches_weak(perm, [uri1, uri4, uri6]);
|
||||
matches_never(perm, [uri3, fileuri1, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(uri3);
|
||||
matches_always(perm, [uri3]);
|
||||
matches_weak(perm, []);
|
||||
matches_never(perm, [uri1, uri2, uri4, uri5, uri6, uri7, fileuri1, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(uri4);
|
||||
matches_always(perm, [uri4]);
|
||||
matches_weak(perm, []);
|
||||
matches_never(perm, [uri1, uri2, uri3, uri5, uri6, uri7, fileuri1, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(uri5);
|
||||
matches_always(perm, [uri0, uri2, uri5, uri7]);
|
||||
matches_weak(perm, [uri1, uri4, uri6]);
|
||||
matches_never(perm, [uri3, fileuri1, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(uri6);
|
||||
matches_always(perm, [uri1, uri6]);
|
||||
matches_weak(perm, [uri4]);
|
||||
matches_never(perm, [uri0, uri2, uri3, uri5, uri7, fileuri1, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(uri7);
|
||||
matches_always(perm, [uri0, uri2, uri5, uri7]);
|
||||
matches_weak(perm, [uri1, uri4, uri6]);
|
||||
matches_never(perm, [uri3, fileuri1, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(fileuri1);
|
||||
matches_always(perm, [fileuri1]);
|
||||
matches_weak(perm, []);
|
||||
matches_never(perm, [uri0, uri1, uri2, uri3, uri4, uri5, uri6, uri7, fileuri2, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(fileuri2);
|
||||
matches_always(perm, [fileuri2]);
|
||||
matches_weak(perm, []);
|
||||
matches_never(perm, [uri0, uri1, uri2, uri3, uri4, uri5, uri6, uri7, fileuri1, fileuri3]);
|
||||
}
|
||||
|
||||
{
|
||||
let perm = mk_permission(fileuri3);
|
||||
matches_always(perm, [fileuri3]);
|
||||
matches_weak(perm, []);
|
||||
matches_never(perm, [uri0, uri1, uri2, uri3, uri4, uri5, uri6, uri7, fileuri1, fileuri2]);
|
||||
}
|
||||
|
||||
// Clean up!
|
||||
pm.removeAll();
|
||||
}
|
|
@ -35,3 +35,5 @@ skip-if = debug == true
|
|||
[test_schema_2_migration.js]
|
||||
[test_schema_3_migration.js]
|
||||
[test_permmanager_removepermission.js]
|
||||
[test_permmanager_matchesuri.js]
|
||||
[test_permmanager_matches.js]
|
||||
|
|
Загрузка…
Ссылка в новой задаче