1 //******************************************************************
3 // Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #include "gtest/gtest.h"
24 #include <linux/limits.h>
27 #include "ocpayload.h"
28 #include "oic_malloc.h"
29 #include "oic_string.h"
31 #include "cainterface.h"
32 #include "secureresourcemanager.h"
33 #include "securevirtualresourcetypes.h"
34 #include "srmresourcestrings.h"
35 #include "aclresource.h"
36 #include "srmtestcommon.h"
37 #include "srmutility.h"
42 #define TAG "SRM-ACL-UT"
48 extern char * BinToAclJSON(const OicSecAcl_t * acl);
49 extern OicSecAcl_t * JSONToAclBin(const char * jsonStr);
50 extern void DeleteACLList(OicSecAcl_t* acl);
51 OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl);
52 OCEntityHandlerResult ACLEntityHandler (OCEntityHandlerFlag flag,
53 OCEntityHandlerRequest * ehRequest);
58 const char* JSON_FILE_NAME = "oic_unittest.json";
59 const char* DEFAULT_ACL_JSON_FILE_NAME = "oic_unittest_default_acl.json";
60 const char* ACL1_JSON_FILE_NAME = "oic_unittest_acl1.json";
62 #define NUM_ACE_FOR_WILDCARD_IN_ACL1_JSON (2)
64 // JSON Marshalling Tests
65 TEST(ACLResourceTest, JSONMarshallingTests)
67 char *jsonStr1 = ReadFile(ACL1_JSON_FILE_NAME);
70 cJSON_Minify(jsonStr1);
71 /* Workaround : cJSON_Minify does not remove all the unwanted characters
72 from the end. Here is an attempt to remove those characters */
73 int len = strlen(jsonStr1);
76 if (jsonStr1[--len] == '}')
81 jsonStr1[len + 1] = 0;
83 OicSecAcl_t * acl = JSONToAclBin(jsonStr1);
84 EXPECT_TRUE(NULL != acl);
86 char * jsonStr2 = BinToAclJSON(acl);
87 EXPECT_TRUE(NULL != jsonStr2);
89 EXPECT_STREQ(jsonStr1, jsonStr2);
98 TEST(ACLResourceTest, GetDefaultACLTests)
100 // Read default ACL from the file
101 char *jsonStr = ReadFile(DEFAULT_ACL_JSON_FILE_NAME);
104 OicSecAcl_t * acl = JSONToAclBin(jsonStr);
105 EXPECT_TRUE(NULL != acl);
107 // Invoke API to generate default ACL
108 OicSecAcl_t * defaultAcl = NULL;
109 OCStackResult ret = GetDefaultACL(&defaultAcl);
110 EXPECT_TRUE(NULL == defaultAcl);
112 EXPECT_TRUE(OC_STACK_ERROR == ret);
114 // Verify if the SRM generated default ACL matches with unit test default
115 if (acl && defaultAcl)
117 EXPECT_TRUE(memcmp(&(acl->subject), &(defaultAcl->subject), sizeof(OicUuid_t)) == 0);
118 EXPECT_EQ(acl->resourcesLen, defaultAcl->resourcesLen);
119 for (size_t i = 0; i < acl->resourcesLen; i++)
121 EXPECT_EQ(strlen(acl->resources[i]), strlen(defaultAcl->resources[i]));
123 memcmp(acl->resources[i], defaultAcl->resources[i],
124 strlen(acl->resources[i])) == 0);
126 EXPECT_EQ(acl->permission, defaultAcl->permission);
131 DeleteACLList(defaultAcl);
138 TEST(ACLResourceTest, ACLPostTest)
140 OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
142 // Read an ACL from the file
143 char *jsonStr = ReadFile(ACL1_JSON_FILE_NAME);
146 static OCPersistentStorage ps = OCPersistentStorage();
148 SetPersistentHandler(&ps, true);
150 // Create Entity Handler POST request payload
151 ehReq.method = OC_REST_POST;
152 ehReq.payload = (OCPayload*)OCSecurityPayloadCreate(jsonStr);
154 OCEntityHandlerResult ehRet = ACLEntityHandler(OC_REQUEST_FLAG, &ehReq);
155 EXPECT_TRUE(OC_EH_ERROR == ehRet);
157 // Convert JSON into OicSecAcl_t for verification
158 OicSecAcl_t * acl = JSONToAclBin(jsonStr);
159 EXPECT_TRUE(NULL != acl);
161 // Verify if SRM contains ACL for the subject
162 OicSecAcl_t* savePtr = NULL;
163 const OicSecAcl_t* subjectAcl = GetACLResourceData(&(acl->subject), &savePtr);
164 EXPECT_TRUE(NULL != subjectAcl);
169 OCPayloadDestroy(ehReq.payload);
175 // GetACLResource tests
176 TEST(ACLResourceTest, GetACLResourceTests)
178 // gAcl is a pointer to the the global ACL used by SRM
179 extern OicSecAcl_t *gAcl;
181 // Read an ACL from the file
182 char *jsonStr = ReadFile(ACL1_JSON_FILE_NAME);
185 gAcl = JSONToAclBin(jsonStr);
186 EXPECT_TRUE(NULL != gAcl);
188 // Verify that ACL file contains 2 ACE entries for 'WILDCARD' subject
189 const OicSecAcl_t* acl = NULL;
190 OicSecAcl_t* savePtr = NULL;
191 OicUuid_t subject = WILDCARD_SUBJECT_ID;
196 acl = GetACLResourceData(&subject, &savePtr);
197 count = (NULL != acl) ? count + 1 : count;
198 } while (acl != NULL);
200 EXPECT_EQ(count, NUM_ACE_FOR_WILDCARD_IN_ACL1_JSON);
202 /* Perform cleanup */
209 TEST(ACLResourceTest, ACLDeleteWithSingleResourceTest)
211 OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
212 static OCPersistentStorage ps = OCPersistentStorage();
213 char *jsonStr = NULL;
214 OicSecAcl_t acl = OicSecAcl_t();
215 OicSecAcl_t* savePtr = NULL;
216 const OicSecAcl_t* subjectAcl1 = NULL;
217 const OicSecAcl_t* subjectAcl2 = NULL;
218 OCEntityHandlerResult ehRet = OC_EH_ERROR;
219 char query[] = "sub=MjIyMjIyMjIyMjIyMjIyMg==;rsrc=/a/led";
221 SetPersistentHandler(&ps, true);
224 memcpy(acl.subject.id, "2222222222222222", sizeof(acl.subject.id));
225 acl.resourcesLen = 1;
226 acl.resources = (char**)OICCalloc(acl.resourcesLen, sizeof(char*));
227 VERIFY_NON_NULL(TAG, acl.resources, ERROR);
228 acl.resources[0] = (char*)OICMalloc(strlen("/a/led")+1);
229 VERIFY_NON_NULL(TAG, acl.resources[0], ERROR);
230 OICStrcpy(acl.resources[0], sizeof(acl.resources[0]), "/a/led");
233 acl.owners = (OicUuid_t*)OICCalloc(acl.ownersLen, sizeof(OicUuid_t));
234 VERIFY_NON_NULL(TAG, acl.owners, ERROR);
235 memcpy(acl.owners->id, "1111111111111111", sizeof(acl.owners->id));
237 //GET json POST payload
238 jsonStr = BinToAclJSON(&acl);
239 VERIFY_NON_NULL(TAG, jsonStr, ERROR);
241 // Create Entity Handler POST request payload
242 ehReq.method = OC_REST_POST;
243 ehReq.payload = (OCPayload*)OCSecurityPayloadCreate(jsonStr);
244 ehRet = ACLEntityHandler(OC_REQUEST_FLAG, &ehReq);
245 EXPECT_TRUE(OC_EH_ERROR == ehRet);
247 // Verify if SRM contains ACE for the subject
249 subjectAcl1 = GetACLResourceData(&acl.subject, &savePtr);
250 EXPECT_TRUE(NULL != subjectAcl1);
252 // Create Entity Handler DELETE request
253 ehReq.method = OC_REST_DELETE;
254 ehReq.query = (char*)OICMalloc(strlen(query)+1);
255 VERIFY_NON_NULL(TAG, ehReq.query, ERROR);
256 OICStrcpy(ehReq.query, strlen(query)+1, query);
257 ehRet = ACLEntityHandler(OC_REQUEST_FLAG, &ehReq);
258 EXPECT_TRUE(OC_EH_ERROR == ehRet);
260 // Verify if SRM has deleted ACE for the subject
262 subjectAcl2 = GetACLResourceData(&acl.subject, &savePtr);
263 EXPECT_TRUE(NULL == subjectAcl2);
267 if(NULL != subjectAcl1)
271 OCPayloadDestroy(ehReq.payload);
272 OICFree(ehReq.query);
277 TEST(ACLResourceTest, ACLDeleteWithMultiResourceTest)
279 OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
280 static OCPersistentStorage ps = OCPersistentStorage();
281 OicSecAcl_t acl = OicSecAcl_t();
282 char *jsonStr = NULL;
283 OicSecAcl_t* savePtr = NULL;
284 const OicSecAcl_t* subjectAcl1 = NULL;
285 const OicSecAcl_t* subjectAcl2 = NULL;
286 OCEntityHandlerResult ehRet = OC_EH_ERROR;
287 char query[] = "sub=MjIyMjIyMjIyMjIyMjIyMg==;rsrc=/a/led";
289 SetPersistentHandler(&ps, true);
291 memcpy(acl.subject.id, "2222222222222222", sizeof(acl.subject.id));
292 acl.resourcesLen = 2;
293 acl.resources = (char**)OICCalloc(acl.resourcesLen, sizeof(char*));
294 VERIFY_NON_NULL(TAG, acl.resources, ERROR);
295 acl.resources[0] = (char*)OICMalloc(strlen("/a/led")+1);
296 VERIFY_NON_NULL(TAG, acl.resources[0], ERROR);
297 OICStrcpy(acl.resources[0], sizeof(acl.resources[0]), "/a/led");
298 acl.resources[1] = (char*)OICMalloc(strlen("/a/fan")+1);
299 VERIFY_NON_NULL(TAG, acl.resources[1], ERROR);
300 OICStrcpy(acl.resources[1], sizeof(acl.resources[1]), "/a/fan");
303 acl.owners = (OicUuid_t*)OICCalloc(acl.ownersLen, sizeof(OicUuid_t));
304 VERIFY_NON_NULL(TAG, acl.owners, ERROR);
305 memcpy(acl.owners->id, "1111111111111111", sizeof(acl.owners->id));
307 jsonStr = BinToAclJSON(&acl);
308 VERIFY_NON_NULL(TAG, jsonStr, ERROR);
310 // Create Entity Handler POST request payload
311 ehReq.method = OC_REST_POST;
312 ehReq.payload = (OCPayload*)OCSecurityPayloadCreate(jsonStr);
313 ehRet = ACLEntityHandler(OC_REQUEST_FLAG, &ehReq);
314 EXPECT_TRUE(OC_EH_ERROR == ehRet);
316 // Verify if SRM contains ACE for the subject with two resources
318 subjectAcl1 = GetACLResourceData(&acl.subject, &savePtr);
319 EXPECT_TRUE(NULL != subjectAcl1);
320 EXPECT_TRUE(subjectAcl1->resourcesLen == 2);
322 // Create Entity Handler DELETE request
323 ehReq.method = OC_REST_DELETE;
324 ehReq.query = (char*)OICMalloc(strlen(query)+1);
325 VERIFY_NON_NULL(TAG, ehReq.query, ERROR);
326 OICStrcpy(ehReq.query, strlen(query)+1, query);
328 ehRet = ACLEntityHandler(OC_REQUEST_FLAG, &ehReq);
329 EXPECT_TRUE(OC_EH_ERROR == ehRet);
331 // Verify if SRM contains ACL for the subject but only with one resource
333 subjectAcl2 = GetACLResourceData(&acl.subject, &savePtr);
334 EXPECT_TRUE(NULL != subjectAcl2);
335 EXPECT_TRUE(subjectAcl2->resourcesLen == 1);
339 if(NULL != subjectAcl1)
343 OCPayloadDestroy(ehReq.payload);
344 OICFree(ehReq.query);