win/src/job_unittest.cc - chromium/src/sandbox - Git at Google

 // Copyright 2012 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 // This file contains unit tests for the job object.

 #include "sandbox/win/src/job.h"

 #include "base/win/scoped_process_information.h"
 #include "sandbox/win/src/security_level.h"
 #include "testing/gtest/include/gtest/gtest.h"

 namespace sandbox {

 // Tests the creation and destruction of the job.
 TEST(JobTest, TestCreation) {
   // Create the job.
   Job job;
   ASSERT_FALSE(job.IsValid());
   ASSERT_EQ(nullptr, job.GetHandle());
   ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
             job.Init(JobLevel::kLockdown, 0, 0));
   EXPECT_TRUE(job.IsValid());
   EXPECT_NE(nullptr, job.GetHandle());
 }

 // Tests the ui exceptions
 TEST(JobTest, TestExceptions) {
   HANDLE job_handle;
   // Scope the creation of Job.
   {
     // Create the job.
     Job job;
     ASSERT_EQ(
         static_cast<DWORD>(ERROR_SUCCESS),
         job.Init(JobLevel::kLockdown, JOB_OBJECT_UILIMIT_READCLIPBOARD, 0));

     job_handle = job.GetHandle();
     ASSERT_NE(nullptr, job_handle);

     JOBOBJECT_BASIC_UI_RESTRICTIONS jbur = {0};
     DWORD size = sizeof(jbur);
     ASSERT_TRUE(::QueryInformationJobObject(
         job_handle, JobObjectBasicUIRestrictions, &jbur, size, &size));

     ASSERT_EQ(0u, jbur.UIRestrictionsClass & JOB_OBJECT_UILIMIT_READCLIPBOARD);
   }

   // Scope the creation of Job.
   {
     // Create the job.
     Job job;
     ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
               job.Init(JobLevel::kLockdown, 0, 0));

     job_handle = job.GetHandle();
     ASSERT_NE(nullptr, job_handle);

     JOBOBJECT_BASIC_UI_RESTRICTIONS jbur = {0};
     DWORD size = sizeof(jbur);
     ASSERT_TRUE(::QueryInformationJobObject(
         job_handle, JobObjectBasicUIRestrictions, &jbur, size, &size));

     ASSERT_EQ(static_cast<DWORD>(JOB_OBJECT_UILIMIT_READCLIPBOARD),
               jbur.UIRestrictionsClass & JOB_OBJECT_UILIMIT_READCLIPBOARD);
   }
 }

 // Tests the error case when the job is initialized twice.
 TEST(JobTest, DoubleInit) {
   // Create the job.
   Job job;
   ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
             job.Init(JobLevel::kLockdown, 0, 0));
   ASSERT_EQ(static_cast<DWORD>(ERROR_ALREADY_INITIALIZED),
             job.Init(JobLevel::kLockdown, 0, 0));
 }

 // Tests the initialization of the job with different security levels.
 TEST(JobTest, SecurityLevel) {
   Job job_lockdown;
   ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
             job_lockdown.Init(JobLevel::kLockdown, 0, 0));

   Job job_limited_user;
   ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
             job_limited_user.Init(JobLevel::kLimitedUser, 0, 0));

   Job job_interactive;
   ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
             job_interactive.Init(JobLevel::kInteractive, 0, 0));

   Job job_unprotected;
   ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
             job_unprotected.Init(JobLevel::kUnprotected, 0, 0));
 }

 }  // namespace sandbox
	// Copyright 2012 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	// This file contains unit tests for the job object.

	#include "sandbox/win/src/job.h"

	#include "base/win/scoped_process_information.h"
	#include "sandbox/win/src/security_level.h"
	#include "testing/gtest/include/gtest/gtest.h"

	namespace sandbox {

	// Tests the creation and destruction of the job.
	TEST(JobTest, TestCreation) {
	// Create the job.
	Job job;
	ASSERT_FALSE(job.IsValid());
	ASSERT_EQ(nullptr, job.GetHandle());
	ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
	job.Init(JobLevel::kLockdown, 0, 0));
	EXPECT_TRUE(job.IsValid());
	EXPECT_NE(nullptr, job.GetHandle());
	}

	// Tests the ui exceptions
	TEST(JobTest, TestExceptions) {
	HANDLE job_handle;
	// Scope the creation of Job.
	{
	// Create the job.
	Job job;
	ASSERT_EQ(
	static_cast<DWORD>(ERROR_SUCCESS),
	job.Init(JobLevel::kLockdown, JOB_OBJECT_UILIMIT_READCLIPBOARD, 0));

	job_handle = job.GetHandle();
	ASSERT_NE(nullptr, job_handle);

	JOBOBJECT_BASIC_UI_RESTRICTIONS jbur = {0};
	DWORD size = sizeof(jbur);
	ASSERT_TRUE(::QueryInformationJobObject(
	job_handle, JobObjectBasicUIRestrictions, &jbur, size, &size));

	ASSERT_EQ(0u, jbur.UIRestrictionsClass & JOB_OBJECT_UILIMIT_READCLIPBOARD);
	}

	// Scope the creation of Job.
	{
	// Create the job.
	Job job;
	ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
	job.Init(JobLevel::kLockdown, 0, 0));

	job_handle = job.GetHandle();
	ASSERT_NE(nullptr, job_handle);

	JOBOBJECT_BASIC_UI_RESTRICTIONS jbur = {0};
	DWORD size = sizeof(jbur);
	ASSERT_TRUE(::QueryInformationJobObject(
	job_handle, JobObjectBasicUIRestrictions, &jbur, size, &size));

	ASSERT_EQ(static_cast<DWORD>(JOB_OBJECT_UILIMIT_READCLIPBOARD),
	jbur.UIRestrictionsClass & JOB_OBJECT_UILIMIT_READCLIPBOARD);
	}
	}

	// Tests the error case when the job is initialized twice.
	TEST(JobTest, DoubleInit) {
	// Create the job.
	Job job;
	ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
	job.Init(JobLevel::kLockdown, 0, 0));
	ASSERT_EQ(static_cast<DWORD>(ERROR_ALREADY_INITIALIZED),
	job.Init(JobLevel::kLockdown, 0, 0));
	}

	// Tests the initialization of the job with different security levels.
	TEST(JobTest, SecurityLevel) {
	Job job_lockdown;
	ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
	job_lockdown.Init(JobLevel::kLockdown, 0, 0));

	Job job_limited_user;
	ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
	job_limited_user.Init(JobLevel::kLimitedUser, 0, 0));

	Job job_interactive;
	ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
	job_interactive.Init(JobLevel::kInteractive, 0, 0));

	Job job_unprotected;
	ASSERT_EQ(static_cast<DWORD>(ERROR_SUCCESS),
	job_unprotected.Init(JobLevel::kUnprotected, 0, 0));
	}

	} // namespace sandbox