[macruby-changes] [4412] MacRuby/trunk/spec/macruby/core/sandbox
source_changes at macosforge.org
source_changes at macosforge.org
Fri Aug 6 13:57:17 PDT 2010
Revision: 4412
http://trac.macosforge.org/projects/ruby/changeset/4412
Author: pthomson at apple.com
Date: 2010-08-06 13:57:17 -0700 (Fri, 06 Aug 2010)
Log Message:
-----------
Big cleanup, much better-specified and cleaner tests
Modified Paths:
--------------
MacRuby/trunk/spec/macruby/core/sandbox/fixtures/sample_file.txt
MacRuby/trunk/spec/macruby/core/sandbox/shared/no_write.rb
Added Paths:
-----------
MacRuby/trunk/spec/macruby/core/sandbox/no_writes_spec.rb
MacRuby/trunk/spec/macruby/core/sandbox/pure_computation_spec.rb
MacRuby/trunk/spec/macruby/core/sandbox/shared/no_network.rb
MacRuby/trunk/spec/macruby/core/sandbox/spec_helper.rb
Removed Paths:
-------------
MacRuby/trunk/spec/macruby/core/sandbox/pure_spec.rb
Property Changed:
----------------
MacRuby/trunk/spec/macruby/core/sandbox/fixtures/sample_file.txt
Modified: MacRuby/trunk/spec/macruby/core/sandbox/fixtures/sample_file.txt
===================================================================
--- MacRuby/trunk/spec/macruby/core/sandbox/fixtures/sample_file.txt 2010-08-06 20:57:15 UTC (rev 4411)
+++ MacRuby/trunk/spec/macruby/core/sandbox/fixtures/sample_file.txt 2010-08-06 20:57:17 UTC (rev 4412)
@@ -1 +1 @@
-This is some text.
+hello
\ No newline at end of file
Property changes on: MacRuby/trunk/spec/macruby/core/sandbox/fixtures/sample_file.txt
___________________________________________________________________
Added: svn:executable
+ *
Added: MacRuby/trunk/spec/macruby/core/sandbox/no_writes_spec.rb
===================================================================
--- MacRuby/trunk/spec/macruby/core/sandbox/no_writes_spec.rb (rev 0)
+++ MacRuby/trunk/spec/macruby/core/sandbox/no_writes_spec.rb 2010-08-06 20:57:17 UTC (rev 4412)
@@ -0,0 +1,23 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe "Sandbox.no_writes" do
+
+ before do
+ add_line "framework 'Cocoa'"
+ add_line "Sandbox.no_writes.apply!"
+ end
+
+ it_behaves_like :sandbox_no_write, :no_write
+
+ it "prevents writing to a file in /tmp" do
+ with_temporary_file("/tmp/sandboxed") do
+ add_line "open('/tmp/sandboxed', 'w').puts 'This must fail'"
+ result.should =~ /Errno::EPERM/
+ end
+ end
+
+ after do
+ ScratchPad.clear
+ end
+
+end
\ No newline at end of file
Added: MacRuby/trunk/spec/macruby/core/sandbox/pure_computation_spec.rb
===================================================================
--- MacRuby/trunk/spec/macruby/core/sandbox/pure_computation_spec.rb (rev 0)
+++ MacRuby/trunk/spec/macruby/core/sandbox/pure_computation_spec.rb 2010-08-06 20:57:17 UTC (rev 4412)
@@ -0,0 +1,29 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe Sandbox, "pure_computation" do
+
+ it_behaves_like :sandbox_no_write, :no_write
+ it_behaves_like :sandbox_no_network, :no_network
+
+ before do
+ add_line "framework 'Cocoa'"
+ add_line "Sandbox.pure_computation.apply!"
+ end
+
+ it "should cause Kernel#open to fail with Errno::EPERM" do
+ with_temporary_file do |temp|
+ add_line "open('#{temp}')"
+ result.should =~ /Errno::EPERM/
+ end
+ end
+
+ it "should cause Kernel#require to raise a LoadError" do
+ add_line "require '#{File.expand_path(File.dirname(__FILE__) + '/spec_helper')}'"
+ result.should =~ /LoadError/
+ end
+
+ after :each do
+ ScratchPad.clear
+ end
+
+end
\ No newline at end of file
Deleted: MacRuby/trunk/spec/macruby/core/sandbox/pure_spec.rb
===================================================================
--- MacRuby/trunk/spec/macruby/core/sandbox/pure_spec.rb 2010-08-06 20:57:15 UTC (rev 4411)
+++ MacRuby/trunk/spec/macruby/core/sandbox/pure_spec.rb 2010-08-06 20:57:17 UTC (rev 4412)
@@ -1,16 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/../../spec_helper')
-require File.expand_path('../shared/no_write', __FILE__)
-
-describe "Sandbox.pure_computation" do
-
- # These tests are applicable beyond just the pure_computation spec.
- # Eventually the tests themselves will be farmed out to /sandbox/shared
- # and all sandbox specs will just be aggregations of should_behave_like calls.
-
- it_behaves_like :sandbox_no_write, :no_write
-
- before do
- @code << "Sandbox.pure_computation.apply!; "
- end
-
-end
\ No newline at end of file
Added: MacRuby/trunk/spec/macruby/core/sandbox/shared/no_network.rb
===================================================================
--- MacRuby/trunk/spec/macruby/core/sandbox/shared/no_network.rb (rev 0)
+++ MacRuby/trunk/spec/macruby/core/sandbox/shared/no_network.rb 2010-08-06 20:57:17 UTC (rev 4412)
@@ -0,0 +1,26 @@
+describe :sandbox_no_network, :shared => true do
+
+ it "disallows looking up the address of the current NSHost" do
+ unless NSHost.currentHost.address.empty?
+ add_line "print NSHost.currentHost.address"
+ result.should be_empty
+ end
+ end
+
+ it "disallows DNS requests through NSHost" do
+ add_line 'print NSHost.hostWithName("apple.com").address'
+ result.should be_empty
+ end
+
+ it "disallows NSString#stringWithContentsOfURL" do
+ add_line 'url = NSURL.URLWithString("http://apple.com")'
+ add_line 'print NSString.stringWithContentsOfURL(url)'
+ result.should be_empty
+ end
+
+ it "disallows NSURLConnection.connectionWithRequest:delegate:" do
+ add_line 'req = NSURLRequest.requestWithURL(NSURL.URLWithString("http://apple.com"))'
+ add_line 'print NSURLConnection.connectionWithRequest(req, delegate:nil)'
+ result.should be_empty
+ end
+end
Modified: MacRuby/trunk/spec/macruby/core/sandbox/shared/no_write.rb
===================================================================
--- MacRuby/trunk/spec/macruby/core/sandbox/shared/no_write.rb 2010-08-06 20:57:15 UTC (rev 4411)
+++ MacRuby/trunk/spec/macruby/core/sandbox/shared/no_write.rb 2010-08-06 20:57:17 UTC (rev 4412)
@@ -1,22 +1,10 @@
describe :sandbox_no_write, :shared => true do
- before do
- @code = "error = Pointer.new_with_type('@'); "
- @filename = fixture('spec/macruby/core/sandbox/shared', 'sample_file.txt')
+ it "prevents NSString#writeToFile from writing any characters" do
+ with_temporary_file do |tmp|
+ add_line "print 'hello'.writeToFile('#{tmp}', atomically:true)"
+ result.to_i.should == 0
+ end
end
- it "prevents Objective-C methods from writing to a file" do
- @code << "print 'hello'.writeToFile('#{@filename}', atomically:true)"
- ruby_exe(@code).to_i.should == 0
- end
-
- it "prevents Ruby methods from writing to a file" do
- @code << "open('#{@filename}'); file.puts 'this must fail'"
- ruby_exe(@code).should =~ /Errno::EPERM/
- end
-
- it "prevents otherwise changing file attributes through the File module" do
- @code << "File.chmod(0777, '#{@filename}')"
- ruby_exe(@code).should =~ /Errno::EPERM/
- end
end
Added: MacRuby/trunk/spec/macruby/core/sandbox/spec_helper.rb
===================================================================
--- MacRuby/trunk/spec/macruby/core/sandbox/spec_helper.rb (rev 0)
+++ MacRuby/trunk/spec/macruby/core/sandbox/spec_helper.rb 2010-08-06 20:57:17 UTC (rev 4412)
@@ -0,0 +1,20 @@
+require File.expand_path("../shared/no_network", __FILE__)
+require File.expand_path("../shared/no_write", __FILE__)
+
+def add_line(line)
+ ScratchPad.record("") unless ScratchPad.recorded
+ ScratchPad << line << "; "
+end
+
+def result
+ ruby_exe(ScratchPad.recorded)
+end
+
+def with_temporary_file(temp = tmp('sandbox', false))
+ p "Creating #{temp}"
+ FileUtils.touch temp
+ yield temp
+ FileUtils.rm temp
+ p "Deleting #{temp}"
+end
+
\ No newline at end of file
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macruby-changes/attachments/20100806/918a0998/attachment-0001.html>
More information about the macruby-changes
mailing list