/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

// Policy file for lucene tests. Please keep minimal and avoid wildcards.

grant {
  // let TestIndexWriterOnJRECrash fork its jvm
  permission java.io.FilePermission "${java.home}${/}-", "read,execute";

  // test-files/ resources
  permission java.io.FilePermission "${common.dir}${/}-", "read";
  // classpath-as-file, eg getDataPath, and only rarely (this acts like a JDK bug...)
  permission java.io.FilePermission ".", "read";

  // write only to sandbox
  permission java.io.FilePermission "${tests.linedocsfile}", "read";
  permission java.io.FilePermission "${java.io.tmpdir}", "read,write";
  permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete";

  // misc HardlinkCopyDirectoryWrapper needs this to test if hardlinks can be created
  permission java.nio.file.LinkPermission "hard";

  // needed by RamUsageEstimator, and randomizedtesting runner to identify test methods.
  permission java.lang.RuntimePermission "accessDeclaredMembers";
  // needed by certain tests to capture sysout/syserr:
  permission java.lang.RuntimePermission "setIO";
  // needed by luke and randomized runner to catch failures from other threads:
  permission java.lang.RuntimePermission "setDefaultUncaughtExceptionHandler";
  // needed by tests e.g. shutting down executors:
  permission java.lang.RuntimePermission "modifyThread";
  // needed for tons of test hacks etc
  permission java.lang.RuntimePermission "getStackTrace";
  // needed for mock filesystems in tests
  permission java.lang.RuntimePermission "fileSystemProvider";
  // needed by cyberneko usage by benchmarks on J9
  permission java.lang.RuntimePermission "accessClassInPackage.org.apache.xerces.util";

  // Needed for DirectIODirectory to retrieve block size
  permission java.lang.RuntimePermission "getFileStoreAttributes";

  // TestLockFactoriesMultiJVM opens a random port on 127.0.0.1 (port 0 = ephemeral port range):
  permission java.net.SocketPermission "127.0.0.1:0", "accept,listen,resolve";
  // Replicator tests connect to ephemeral ports
  permission java.net.SocketPermission "127.0.0.1:1024-", "connect,resolve";

  // read access to all system properties:
  permission java.util.PropertyPermission "*", "read";
  // write access to only these:
  // locale randomization
  permission java.util.PropertyPermission "user.language", "write";
  // timezone randomization
  permission java.util.PropertyPermission "user.timezone", "write";

  // CMS randomization
  permission java.util.PropertyPermission "lucene.cms.override_core_count", "write";

  // used by nested tests? (e.g. TestLeaveFilesIfTestFails). TODO: look into this
  permission java.util.PropertyPermission "tests.runnested", "write";

  // allows LuceneTestCase#runWithRestrictedPermissions to execute with lower (or no) permission
  permission java.security.SecurityPermission "createAccessControlContext";

  // Hunspell regression and validation tests can read from external files
  // specified in system properties.
  permission java.io.FilePermission "${hunspell.repo.path}${/}-", "read";
  permission java.io.FilePermission "${hunspell.corpora}${/}-", "read";
  permission java.io.FilePermission "${hunspell.dictionaries}", "read";
  permission java.io.FilePermission "${hunspell.dictionaries}${/}-", "read";
};

// Permissions for jacoco code coverage
grant {
  // permission to write the per-jvm code coverage output
  permission java.io.FilePermission "${user.dir}${/}jacoco.exec", "write";
  // needed by jacoco to dump coverage on shutdown
  permission java.lang.RuntimePermission "shutdownHooks";
  // needed by jacoco to instrument classes
  permission java.lang.RuntimePermission "defineClass";
  // needed by jacoco for God knows what.
  permission java.lang.RuntimePermission "createClassLoader";
};

// Grant all permissions to Gradle test runner classes.
grant codeBase "file:${gradle.lib.dir}${/}-" {
  permission java.security.AllPermission;
};

grant codeBase "file:${gradle.worker.jar}" {
  permission java.security.AllPermission;
};

grant {
  // Allow reading gradle worker JAR.
  permission java.io.FilePermission "${gradle.worker.jar}", "read";
  // Allow reading from classpath JARs (resources).
  permission java.io.FilePermission "${gradle.user.home}${/}-", "read";
};

// Grant permissions to certain test-related JARs (https://github.com/apache/lucene/pull/13146)
grant codeBase "file:${randomizedtesting.jar}" {
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
  permission java.lang.RuntimePermission "modifyThreadGroup";
};
grant codeBase "file:${junit.jar}" {
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};
grant codeBase "file:${lucene.test.framework}${/}-" {
  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};