#
# Testing OpenWFE
#
# John Mettraux at openwfe.org
#
# Tue Jan 2 13:14:37 JST 2007
#
require 'test/unit'
require 'openwfe/workitem'
require 'openwfe/engine/engine'
class SecTest < Test::Unit::TestCase
#def setup
#end
#def teardown
#end
#def xxxx_sec_0
def test_sec_0
engine = OpenWFE::Engine.new
engine.ac[:ruby_eval_allowed] = true
def0 = \
'''
File.open("nada.txt") do |f| f.write("nada"); end
'''
e = dotest(engine, def0)
assert_not_nil e
assert_equal e.to_s, "Insecure operation - initialize"
def1 = \
'''
class Object
def my_name
"toto"
end
end
"stringobject".my_name
'''
e = dotest(engine, def1)
assert_not_nil e
assert_equal \
e.to_s, "undefined method `my_name' for \"stringobject\":String"
def2 = \
'''
'''
e = dotest(engine, def2)
assert_nil e
#
# I don't like that
def3 = \
'''
self.ac[:ruby_eval_allowed] = false
puts self.ac[:ruby_eval_allowed]
'''
e = dotest(engine, def3)
#puts e
assert_not_nil e
assert_equal \
e.to_s, "evaluation of ruby code is not allowed"
engine.stop
end
def test_sec_1
value = nil
engine = OpenWFE::Engine.new
engine.register_participant(:toto) do |workitem|
value = "#{workitem.attributes.size}_#{workitem.f}"
end
def0 = \
'''
'''
engine.launch(OpenWFE::LaunchItem.new(def0))
assert_equal value, "3_"
engine.ac[:ruby_eval_allowed] = true
engine.launch(OpenWFE::LaunchItem.new(def0))
assert_equal value, "3_35"
engine.stop
end
protected
def dotest (engine, def_or_li)
li = if def_or_li.is_a?(OpenWFE::LaunchItem)
def_or_li
else
OpenWFE::LaunchItem.new(def_or_li)
end
e = nil
begin
engine.launch(li)
rescue Exception => e
end
e
end
end