public void TypeDefValidator_Should_Allow_References_To_Own_Methods()
{
const string source = @"
using System;
public class Test
{
public void A() {
}
public void B() {
A();
}
}";
var typeDefinition = CompileToTypeDef(source);
var policy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Denied, t =>
t.Type("Object", AccessPolicy.Allowed)
.Type("Void", AccessPolicy.Allowed)
.Type("String", AccessPolicy.Denied));
var validationPolicy = new ValidationPolicy()
.WhitelistValidator(policy);
var validator = new TypePolicyValidator(validationPolicy);
var result = validator.Validate(typeDefinition).ToList();
Assert.Empty(result);
}
public void TypeDefValidator_Should_Validate_Method_Using_Denied_New_Type()
{
const string source = @"
using System;
public class Test
{
public void A()
{
var b = new DateTime();
}
}";
var typeDefinition = CompileToTypeDef(source);
var policy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Denied, t =>
t.Type("Object", AccessPolicy.Allowed)
.Type("Void", AccessPolicy.Allowed)
.Type("String", AccessPolicy.Denied));
var validationPolicy = new ValidationPolicy()
.WhitelistValidator(policy);
var validator = new TypePolicyValidator(validationPolicy);
var result = validator.Validate(typeDefinition).ToList();
Assert.Single(result);
}
public void TypeDefValidator_Should_Validate_Method_Using_Denied_Nested_Array_Element()
{
const string source = @"
using System;
using System.Collections.Generic;
public class Test
{
public void A()
{
var b = new [] { new [] { ""a"" } };
}
}";
var typeDefinition = CompileToTypeDef(source);
var policy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Denied, t =>
t.Type(nameof(Boolean), AccessPolicy.Allowed)
.Type("Object", AccessPolicy.Allowed)
.Type("Void", AccessPolicy.Allowed)
.Type("String", AccessPolicy.Denied))
.Namespace("System.Collections.Generic", AccessPolicy.Allowed);
var validationPolicy = new ValidationPolicy()
.WhitelistValidator(policy);
var validator = new TypePolicyValidator(validationPolicy);
var result = validator.Validate(typeDefinition).ToList();
Assert.True(result.All(r => r is WhitelistValidator.DeniedTypeValidationResult));
}
public void TypeDefValidator_Should_Validate_Method_Using_Denied_Field()
{
const string source = @"
using System;
public class Test
{
public void A()
{
var b = BitConverter.IsLittleEndian;
}
}";
var typeDefinition = CompileToTypeDef(source);
var policy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Denied, t =>
t.Type(nameof(Boolean), AccessPolicy.Allowed)
.Type(nameof(BitConverter), AccessPolicy.Allowed,
m => m.Member(nameof(BitConverter.IsLittleEndian), AccessPolicy.Denied))
.Type("Object", AccessPolicy.Allowed)
.Type("Void", AccessPolicy.Allowed)
.Type("String", AccessPolicy.Denied));
var validationPolicy = new ValidationPolicy()
.WhitelistValidator(policy);
var validator = new TypePolicyValidator(validationPolicy);
var result = validator.Validate(typeDefinition).ToList();
Assert.Single(result);
}
public void TypePolicyValidator_Should_Validate_Own_Methods()
{
const string source = @"
using System;
public class Test
{
static extern uint A();
public void B() {
var dt = DateTime.Now;
}
}";
var typeDefinition = CompileToTypeDef(source);
var policy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Denied, t =>
t.Type("Object", AccessPolicy.Allowed)
.Type("Void", AccessPolicy.Allowed)
.Type("String", AccessPolicy.Denied));
var validationPolicy = new ValidationPolicy()
.WhitelistValidator(policy);
var validator = new TypePolicyValidator(validationPolicy);
var result = validator.Validate(typeDefinition).ToList();
Assert.True(result.Any());
Assert.True(result.All(r => r is WhitelistValidator.WhitelistValidationResult));
}
public void PolicyValidator_No_Namespace_Should_Deny_Type()
{
var testPolicy = new WhitelistPolicy();
var r = new WhitelistPolicyFilter(testPolicy);
var result = r.Filter("System", "Object");
Assert.Equal(PolicyValidatorResultKind.DeniedNamespace, result.Kind);
}
public void PolicyValidator_Allowed_Namespace_Should_Deny_Type_With_Rule()
{
var testPolicy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Allowed, t => t.Type("Object", AccessPolicy.Denied));
var r = new WhitelistPolicyFilter(testPolicy);
var result = r.Filter("System", "Object");
Assert.Equal(PolicyValidatorResultKind.DeniedType, result.Kind);
}
public void PolicyValidator_Denied_Namespace_Should_Deny_Member_Without_Rule()
{
var testPolicy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Denied);
var r = new WhitelistPolicyFilter(testPolicy);
var result = r.Filter("System", "Object", "ToString");
Assert.Equal(PolicyValidatorResultKind.DeniedType, result.Kind);
}
public void PolicyValidator_Allowed_Namespace_Should_Allow_Member_With_Rule()
{
var testPolicy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Allowed);
var r = new WhitelistPolicyFilter(testPolicy);
var result = r.Filter("System", "Object", "ToString");
var result2 = r.Filter("System", "Int32", "Parse");
Assert.Equal(PolicyValidatorResultKind.Allowed, result.Kind);
Assert.Equal(PolicyValidatorResultKind.Allowed, result2.Kind);
}
public void ValidationPolicy_Should_Overwrite_Previous_NamespacePolicy()
{
var policy = new WhitelistPolicy();
policy.Namespace("Test", AccessPolicy.Allowed);
var item = policy.Namespaces["Test"];
policy.Namespace("Test", AccessPolicy.Allowed);
var item2 = policy.Namespaces["Test"];
Assert.NotEqual(item, item2);
}
public void TypeDefValidator_Should_Validate_Method_Allowed_Return_Type()
{
const string source = @"public class Test {public string A(){return ""a"";}}";
var typeDefinition = CompileToTypeDef(source);
var policy = new WhitelistPolicy()
.Namespace("System", AccessPolicy.Denied, t =>
t.Type("Object", AccessPolicy.Allowed)
.Type("Void", AccessPolicy.Allowed)
.Type("String", AccessPolicy.Allowed));
var validationPolicy = new ValidationPolicy()
.WhitelistValidator(policy);
var validator = new TypePolicyValidator(validationPolicy);
var result = validator.Validate(typeDefinition).ToList();
Assert.Empty(result);
}
public WhitelistPolicyFilter(WhitelistPolicy policy)
{
this.Policy = policy;
}
