1 /************************************************************** 2 * 3 * Licensed to the Apache Software Foundation (ASF) under one 4 * or more contributor license agreements. See the NOTICE file 5 * distributed with this work for additional information 6 * regarding copyright ownership. The ASF licenses this file 7 * to you under the Apache License, Version 2.0 (the 8 * "License"); you may not use this file except in compliance 9 * with the License. You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, 14 * software distributed under the License is distributed on an 15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 * KIND, either express or implied. See the License for the 17 * specific language governing permissions and limitations 18 * under the License. 19 * 20 *************************************************************/ 21 22 23 24 package ifc.script.framework.security; 25 26 import java.util.HashMap; 27 import java.util.Iterator; 28 import java.util.Collection; 29 30 import drafts.com.sun.star.script.framework.security.XScriptSecurity; 31 import drafts.com.sun.star.script.framework.storage.XScriptStorageManager; 32 33 import com.sun.star.lang.XMultiServiceFactory; 34 import com.sun.star.ucb.XSimpleFileAccess; 35 import com.sun.star.beans.XPropertySet; 36 import com.sun.star.beans.PropertyValue; 37 import com.sun.star.uno.XComponentContext; 38 import com.sun.star.uno.UnoRuntime; 39 import com.sun.star.uno.XInterface; 40 import com.sun.star.frame.XModel; 41 import com.sun.star.container.XNameReplace; 42 import com.sun.star.util.XChangesBatch; 43 import com.sun.star.reflection.InvocationTargetException; 44 45 import ifc.script.framework.SecurityDialogUtil; 46 47 import lib.MultiMethodTest; 48 import lib.StatusException; 49 import lib.Parameters; 50 import util.SOfficeFactory; 51 52 public class _XScriptSecurity extends MultiMethodTest { 53 54 public XScriptSecurity oObj = null; 55 private XScriptStorageManager storageManager = null; 56 57 /** 58 * Retrieves object relation. 59 */ before()60 public void before() throws StatusException { 61 } 62 after()63 public void after() throws StatusException { 64 } 65 _checkPermission()66 public void _checkPermission() { 67 boolean result = true; 68 69 Collection c = 70 (Collection) tEnv.getObjRelation("_checkPermission"); 71 72 Iterator tests; 73 74 if (c != null) { 75 tests = c.iterator(); 76 77 while (tests.hasNext()) { 78 result &= runCheckPermissionTest((Parameters)tests.next()); 79 } 80 } 81 else { 82 result = false; 83 } 84 85 // set security to always without confirmation dialog and empty path 86 // list so other tests can run without dialog popping up 87 setSecurity(2, "false", "false", null); 88 89 tRes.tested("checkPermission()", result); 90 } 91 runCheckPermissionTest(Parameters testdata)92 private boolean runCheckPermissionTest(Parameters testdata) { 93 // description of test 94 String description = testdata.get("description"); 95 96 // document location 97 String location = testdata.get("location"); 98 99 //security settings 100 String runmacro = testdata.get("runmacro"); 101 String confirm = testdata.get("confirm"); 102 String warning = testdata.get("warning"); 103 String pathlist = testdata.get("pathlist"); 104 105 //do this test produce a dialog? 106 String dialog = testdata.get("dialog"); 107 //is checkbox to be ticked? 108 String checkBoxStr = testdata.get("checkbox"); 109 //name of button in dialog to press 110 String buttonName = testdata.get("buttonName"); 111 112 //expected result 113 String expected = testdata.get("expected"); 114 //do we need to check the pathlist? 115 String checkpath = testdata.get("checkpath"); 116 117 String output = null; 118 119 log.println(description); 120 121 // get the officeBasic setting 122 int officeBasic = 0; 123 if( runmacro.equals("never") ) 124 { 125 officeBasic = 0; 126 } 127 else if ( runmacro.equals("pathlist") ) 128 { 129 officeBasic = 1; 130 } 131 else if ( runmacro.equals("always") ) 132 { 133 officeBasic = 2; 134 } 135 136 // should pathlist include doc? 137 String secureURLs = null; 138 if( pathlist.equals("true") ) 139 { 140 String uri = util.utils.getFullTestURL(location); 141 secureURLs = uri.substring(0, uri.lastIndexOf('/')); 142 } 143 144 if ( !setSecurity( officeBasic, confirm, warning, secureURLs ) ) 145 { 146 log.println( "failed to set security" ); 147 return false; 148 } 149 150 if( dialog.equals( "true" ) ) 151 { 152 // is the checkbox to be ticked? 153 boolean checkBox = false; 154 if( checkBoxStr.equals( "true" ) ) 155 { 156 checkBox = true; 157 } 158 new SecurityDialogUtil( tParam.getMSF(), buttonName, checkBox ).start(); 159 } 160 // need to set up dialog utils thread first 161 int storageId = getStorageId(location); 162 163 try { 164 String uri = util.utils.getFullTestURL(location); 165 oObj.checkPermission(uri, "execute" ); 166 output = "true"; 167 } 168 catch (com.sun.star.security.AccessControlException ace) { 169 log.println("Couldn't invoke script:" + ace); 170 output = "com.sun.star.security.AccessControlException"; 171 } 172 catch (com.sun.star.lang.IllegalArgumentException iae) { 173 log.println("Couldn't invoke script:" + iae); 174 output = "com.sun.star.lang.IllegalArgumentException"; 175 } 176 catch (com.sun.star.uno.RuntimeException re) { 177 log.println("Couldn't invoke script:" + re); 178 output = "com.sun.star.uno.RuntimeException"; 179 } 180 181 log.println("expected: " + expected + ", output: " + output); 182 if (output.equals(expected)) 183 { 184 if( checkpath.equals("true") ) 185 { 186 String setPath = getPathList(); 187 String expectedPath = "empty"; 188 if( checkBoxStr.equals( "true" ) ) 189 { 190 String uri = util.utils.getFullTestURL(location); 191 expectedPath = uri.substring(0, uri.lastIndexOf('/')); 192 } 193 log.println("pathlist: expected: " + expectedPath + ", output: " + setPath); 194 if( setPath.equals( expectedPath ) ) 195 { 196 return true; 197 } 198 else 199 { 200 return false; 201 } 202 } 203 return true; 204 } 205 else 206 return false; 207 } 208 getPathList()209 private String getPathList() 210 { 211 String result = ""; 212 try { 213 Object oProv = tParam.getMSF().createInstance( 214 "com.sun.star.configuration.ConfigurationProvider" ); 215 216 XMultiServiceFactory xProv = (XMultiServiceFactory) 217 UnoRuntime.queryInterface(XMultiServiceFactory.class, oProv); 218 219 //the path to the security settings in the registry 220 PropertyValue aPathArg = new PropertyValue(); 221 aPathArg.Name="nodepath"; 222 aPathArg.Value="org.openoffice.Office.Common/Security/Scripting"; 223 // we don't want to cache the write 224 PropertyValue aModeArg = new PropertyValue(); 225 aModeArg.Name="lazywrite"; 226 aModeArg.Value=new Boolean(false); 227 228 Object[] aArgs = new Object[2]; 229 aArgs[0]=aPathArg; 230 aArgs[1]=aModeArg; 231 Object oConfigUpdate = xProv.createInstanceWithArguments( 232 "com.sun.star.configuration.ConfigurationAccess", 233 aArgs ); 234 XPropertySet xPropertySet = (XPropertySet)UnoRuntime.queryInterface( 235 XPropertySet.class, oConfigUpdate ); 236 237 String[] paths = (String[])xPropertySet.getPropertyValue("SecureURL"); 238 if (paths == null || paths.length == 0) 239 result = "empty"; 240 else 241 result = paths[0]; 242 243 } catch (Exception e) 244 { 245 result = e.getClass().getName() + " getting list of secure URLs"; 246 } 247 return result; 248 } 249 setSecurity( int officeBasic, String confirm, String warning, String secureURLs )250 private boolean setSecurity( int officeBasic, String confirm, 251 String warning, String secureURLs ) 252 { 253 boolean success=false; 254 try { 255 Object oProv = tParam.getMSF().createInstance( 256 "com.sun.star.configuration.ConfigurationProvider" ); 257 258 XMultiServiceFactory xProv = (XMultiServiceFactory) 259 UnoRuntime.queryInterface(XMultiServiceFactory.class, oProv); 260 261 //the path to the security settings in the registry 262 PropertyValue aPathArg = new PropertyValue(); 263 aPathArg.Name="nodepath"; 264 aPathArg.Value="org.openoffice.Office.Common/Security/Scripting"; 265 // we don't want to cache the write 266 PropertyValue aModeArg = new PropertyValue(); 267 aModeArg.Name="lazywrite"; 268 aModeArg.Value=new Boolean(false); 269 270 Object[] aArgs = new Object[2]; 271 aArgs[0]=aPathArg; 272 aArgs[1]=aModeArg; 273 Object oConfigUpdate = xProv.createInstanceWithArguments( 274 "com.sun.star.configuration.ConfigurationUpdateAccess", 275 aArgs ); 276 XNameReplace xNameReplace = (XNameReplace)UnoRuntime.queryInterface( 277 XNameReplace.class, oConfigUpdate ); 278 XChangesBatch xChangesBatch = (XChangesBatch)UnoRuntime.queryInterface( 279 XChangesBatch.class, oConfigUpdate ); 280 281 Object[] aSecureURLs; 282 if (secureURLs == null) { 283 aSecureURLs = new Object[0]; 284 } 285 else { 286 aSecureURLs = new Object[1]; 287 aSecureURLs[0] = secureURLs; 288 } 289 log.println("setting SecureURL"); 290 xNameReplace.replaceByName( "SecureURL", aSecureURLs ); 291 292 log.println("setting OfficeBasic"); 293 xNameReplace.replaceByName( "OfficeBasic", new Integer(officeBasic) ); 294 295 Boolean bConfirm = null; 296 if( ( confirm != null ) && ( confirm.equals("true") ) ) 297 { 298 bConfirm = new Boolean( true ); 299 } 300 else 301 { 302 bConfirm = new Boolean( false ); 303 } 304 log.println("setting Confirmation"); 305 xNameReplace.replaceByName( "Confirmation", bConfirm ); 306 307 Boolean bWarning = null; 308 if( ( warning != null ) && ( warning.equals("true") ) ) 309 { 310 bWarning = new Boolean( true ); 311 } 312 else 313 { 314 bWarning = new Boolean( false ); 315 } 316 log.println("setting Warning"); 317 xNameReplace.replaceByName( "Warning", bWarning ); 318 319 // and now commit the changes 320 xChangesBatch.commitChanges(); 321 success=true; 322 } catch (Exception e) { 323 log.println("Error updating security settings: " + 324 e.getMessage() ); 325 } 326 return success; 327 } 328 getStorageId(String location)329 private int getStorageId(String location) { 330 331 XSimpleFileAccess access = null; 332 String uri = util.utils.getFullTestURL(location); 333 334 if (storageManager == null) { 335 try { 336 XPropertySet xProp = (XPropertySet)UnoRuntime.queryInterface( 337 XPropertySet.class, tParam.getMSF()); 338 339 XComponentContext xContext = (XComponentContext) 340 UnoRuntime.queryInterface(XComponentContext.class, 341 xProp.getPropertyValue("DefaultContext")); 342 343 XInterface ifc = (XInterface) 344 xContext.getValueByName("/singletons/drafts.com.sun.star." + 345 "script.framework.storage.theScriptStorageManager"); 346 347 storageManager = (XScriptStorageManager) 348 UnoRuntime.queryInterface(XScriptStorageManager.class, ifc); 349 } 350 catch( Exception e ) { 351 return -1; 352 } 353 } 354 355 access = getXSimpleFileAccess(); 356 if (access == null) 357 return -1; 358 359 int id = storageManager.createScriptStorageWithURI(access, uri); 360 361 return id; 362 } 363 getXSimpleFileAccess()364 private XSimpleFileAccess getXSimpleFileAccess() { 365 XSimpleFileAccess access = null; 366 367 try { 368 Object fa = tParam.getMSF().createInstance( 369 "com.sun.star.ucb.SimpleFileAccess"); 370 371 access = (XSimpleFileAccess) 372 UnoRuntime.queryInterface(XSimpleFileAccess.class, fa); 373 } 374 catch (com.sun.star.uno.Exception e) { 375 return null; 376 } 377 return access; 378 } 379 loadDocument(String name)380 private XModel loadDocument(String name) { 381 XModel model = null; 382 SOfficeFactory factory = SOfficeFactory.getFactory(tParam.getMSF()); 383 384 String fullname = util.utils.getFullTestURL(name); 385 386 try { 387 Object obj = factory.loadDocument(fullname); 388 model = (XModel) UnoRuntime.queryInterface(XModel.class, obj); 389 } 390 catch (com.sun.star.lang.IllegalArgumentException iae) { 391 return null; 392 } 393 catch (Exception e) { 394 return null; 395 } 396 397 try { 398 Thread.sleep(5000); 399 } 400 catch (InterruptedException ie) { 401 } 402 403 return model; 404 } 405 } 406