From c28cefce917b2e02a4777724968dc8c5d5dcf893 Mon Sep 17 00:00:00 2001
From: "yangguo@chromium.org"
 <yangguo@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Fri, 12 Jul 2013 10:11:18 +0000
Subject: [PATCH] Test case for missing access checks in object observe.

BUG=v8:2778
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/18794003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15642 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---
 test/cctest/test-api.cc | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/test/cctest/test-api.cc b/test/cctest/test-api.cc
index 26ed98e..13c21e1 100644
--- a/test/cctest/test-api.cc
+++ b/test/cctest/test-api.cc
@@ -19786,4 +19786,39 @@ TEST(JSONStringifyAccessCheck) {
   }
 }
 
+
+TEST(Bug2778) {
+  // Check that Object.observe includes access check.
+  i::FLAG_harmony_observation = true;
+  v8::V8::Initialize();
+  v8::Isolate* isolate = v8::Isolate::GetCurrent();
+  v8::HandleScope scope(isolate);
+  // Create an ObjectTemplate for global objects and install access
+  // check callbacks that will block access.
+  v8::Handle<v8::ObjectTemplate> global_template = v8::ObjectTemplate::New();
+  global_template->SetAccessCheckCallbacks(NamedAccessAlwaysBlocked,
+                                           IndexAccessAlwaysBlocked);
+
+  // Create a context and set an x property on it's global object.
+  LocalContext outer_context(NULL, global_template);
+  v8::Handle<v8::Object> outer_global = outer_context->Global();
+  outer_global->Set(v8_str("x"), v8_num(42));
+
+  // Enter a new context.
+  v8::Handle<v8::Context> inner_context = v8::Context::New(isolate);
+  { v8::Context::Scope inner(inner_context);
+    v8::Handle<v8::Object> inner_global = inner_context->Global();
+    inner_global->Set(v8_str("other"), outer_global);
+    v8::Handle<v8::FunctionTemplate> unreachable =
+        v8::FunctionTemplate::New(UnreachableCallback);
+    inner_global->Set(v8_str("unreachable"), unreachable->GetFunction());
+    ExpectUndefined("other.x");  // Verify that access checks are in place.
+    CompileRun("Object.observe(other, unreachable);");  // Install observer.
+  }
+
+  ExpectInt32("x", 42);
+  // This must not be observable by the observer set up in the inner context.
+  CompileRun("var a = 123;");
+}
+
 #endif  // WIN32
-- 
2.7.4