2 * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file test_cases.cpp
19 * @author Zofia Abramowska (z.abramowska@samsung.com)
20 * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
22 * @brief libprivilege-control tests commons
25 #ifndef LIBPRIVILEGE_CONTROL_TEST_COMMON_H_
26 #define LIBPRIVILEGE_CONTROL_TEST_COMMON_H_
32 #include <privilege-control.h>
33 #include <tests_common.h>
35 #include <tzplatform_config.h>
37 // How many open file descriptors should ftw() function use?
38 #define FTW_MAX_FDS 16
40 #define SOCK_PATH "/tmp/test-smack-socket"
42 #define TEST_APP_DIR "/etc/smack/test_privilege_control_DIR/app_dir"
43 #define TEST_NON_APP_DIR "/etc/smack/test_privilege_control_DIR/non_app_dir"
45 #define APP_ID "test_APP"
46 #define APPID_DIR "test_APP_ID_dir"
47 #define GENERATED_APP_ID "User" // TODO to be replaced in the future
49 const uid_t TZ_APP_UID = tzplatform_getuid(TZ_USER_NAME);
50 const gid_t TZ_APP_GID = tzplatform_getgid(TZ_USER_NAME);
52 #define PERM_TO_REDEFINE "Test::RedefinePermission"
53 #define PERM_SUB_TO_REDEFINE "Test::RedefinePermission::Sub"
56 #define APP_1_DIR "/tmp/app_1"
59 #define APP_2_DIR "/tmp/app_2"
61 #define APP_TEST "app_test"
63 #define EFL_APP_ID "hello-tizen"
65 #define LIBPRIVILEGE_TEST_DAC_FILE_WGT "/usr/share/privilege-control/WRT_test_privilege_control_rules_wgt.dac"
66 #define LIBPRIVILEGE_TEST_DAC_FILE_OSP "/usr/share/privilege-control/OSP_test_privilege_control_rules_osp.dac"
67 #define LIBPRIVILEGE_TEST_DAC_FILE_EFL "/usr/share/privilege-control/EFL_test_privilege_control_rules_efl.dac"
69 #define OSP_APP_ID "uqNfgEjqc7"
71 #define WGT_APP_PATH "/usr/bin/test-app-wgt"
72 #define OSP_APP_PATH "/usr/bin/test-app-osp"
73 #define EFL_APP_PATH "/usr/bin/test-app-efl"
75 #define APP_SET_PRIV_PATH "/etc/smack/test_privilege_control_DIR/test_set_app_privilege/test_APP"
77 extern const char *USER_APP_ID;
79 extern const char *PRIVS1[];
80 extern const char *PRIVS2[];
81 extern const char *PRIVS2_NO_R[];
82 extern const char *PRIVS2_R[];
83 extern const char *PRIVS2_R_AND_NO_R[];
85 extern const char *PRIVS_WGT[];
86 extern const char *PRIVS_OSP[];
87 extern const char *PRIVS_EFL[];
89 extern const char *PRIV_APPSETTING[];
90 extern const char *PRIV_APPSETTING_RULES[];
92 typedef std::vector< std::vector<std::string> > rules_t;
94 // Rules from WRT_test_privilege_control_rules1.smack for wgt
95 const rules_t rules1 = {
96 { USER_APP_ID, "test_book_1", "r" },
97 { USER_APP_ID, "test_book_2", "w" },
98 { USER_APP_ID, "test_book_3", "x" },
99 { USER_APP_ID, "test_book_4", "rw" },
100 { USER_APP_ID, "test_book_5", "rx" },
101 { USER_APP_ID, "test_book_6", "wx" },
102 { USER_APP_ID, "test_book_7", "rwx" },
103 { "test_subject_1", USER_APP_ID, "r" },
104 { "test_subject_2", USER_APP_ID, "w" },
105 { "test_subject_3", USER_APP_ID, "x" },
106 { "test_subject_4", USER_APP_ID, "rw" },
107 { "test_subject_5", USER_APP_ID, "rx" },
108 { "test_subject_6", USER_APP_ID, "wx" },
109 { "test_subject_7", USER_APP_ID, "rwx" }
112 // Rules from WRT_test_privilege_control_rules2.smack
113 const rules_t rules2 = {
114 { USER_APP_ID, "test_book_8", "r" },
115 { USER_APP_ID, "test_book_9", "w" },
116 { USER_APP_ID, "test_book_10", "x" },
117 { USER_APP_ID, "test_book_11", "rw" },
118 { USER_APP_ID, "test_book_12", "rx" },
119 { USER_APP_ID, "test_book_13", "wx" },
120 { USER_APP_ID, "test_book_14", "rwx" },
121 { USER_APP_ID, "test_book_15", "rwxat" },
122 { "test_subject_8", USER_APP_ID, "r" },
123 { "test_subject_9", USER_APP_ID, "w" },
124 { "test_subject_10", USER_APP_ID, "x" },
125 { "test_subject_11", USER_APP_ID, "rw" },
126 { "test_subject_12", USER_APP_ID, "rx" },
127 { "test_subject_13", USER_APP_ID, "wx" },
128 { "test_subject_14", USER_APP_ID, "rwx" },
129 { "test_subject_15", USER_APP_ID, "rwxat" }
132 // Rules from WRT_test_privilege_control_rules_no_r.smack
133 const rules_t rules2_no_r = {
134 { USER_APP_ID, "test_book_9", "w" },
135 { USER_APP_ID, "test_book_10", "x" },
136 { USER_APP_ID, "test_book_11", "w" },
137 { USER_APP_ID, "test_book_12", "x" },
138 { USER_APP_ID, "test_book_13", "x" },
139 { USER_APP_ID, "test_book_14", "wx" },
140 { USER_APP_ID, "test_book_15", "wxat" },
141 { "test_subject_9", USER_APP_ID, "w" },
142 { "test_subject_10", USER_APP_ID, "x" },
143 { "test_subject_11", USER_APP_ID, "w" },
144 { "test_subject_12", USER_APP_ID, "x" },
145 { "test_subject_13", USER_APP_ID, "x" },
146 { "test_subject_14", USER_APP_ID, "wx" },
147 { "test_subject_15", USER_APP_ID, "wxat" }
150 // Rules from test_privilege_control_rules.smack
151 // minus WRT_test_privilege_control_rules_no_r.smack
152 const rules_t rules2_r = {
153 { USER_APP_ID, "test_book_8", "r" },
154 { USER_APP_ID, "test_book_11", "r" },
155 { USER_APP_ID, "test_book_12", "r" },
156 { USER_APP_ID, "test_book_14", "r" },
157 { USER_APP_ID, "test_book_15", "r" },
158 { "test_subject_8", USER_APP_ID, "r" },
159 { "test_subject_11", USER_APP_ID, "r" },
160 { "test_subject_12", USER_APP_ID, "r" },
161 { "test_subject_14", USER_APP_ID, "r" },
162 { "test_subject_15", USER_APP_ID, "r" }
165 // Rules from EFL_test_privilege_control_rules_efl.smack for rpm
166 const rules_t rules_efl = {
167 { USER_APP_ID, "test_book_efl", "r" }
170 // Rules from WRT_test_privilege_control_rules_wgt.smack for wgt
171 const rules_t rules_wgt = {
172 { USER_APP_ID, "test_book_wgt_8", "r" },
173 { USER_APP_ID, "test_book_wgt_9", "w" },
174 { USER_APP_ID, "test_book_wgt_10", "x" },
175 { USER_APP_ID, "test_book_wgt_11", "rw" },
176 { USER_APP_ID, "test_book_wgt_12", "rx" },
177 { USER_APP_ID, "test_book_wgt_13", "wx" },
178 { USER_APP_ID, "test_book_wgt_14", "rwx" },
179 { USER_APP_ID, "test_book_wgt_15", "rwxat" },
180 { "test_subject_wgt_8", USER_APP_ID, "r" },
181 { "test_subject_wgt_9", USER_APP_ID, "w" },
182 { "test_subject_wgt_10", USER_APP_ID, "x" },
183 { "test_subject_wgt_11", USER_APP_ID, "rw" },
184 { "test_subject_wgt_12", USER_APP_ID, "rx" },
185 { "test_subject_wgt_13", USER_APP_ID, "wx" },
186 { "test_subject_wgt_14", USER_APP_ID, "rwx" },
187 { "test_subject_wgt_15", USER_APP_ID, "rwxat" }
190 // Rules from OSP_test_privilege_control_rules_osp.smack for osp
191 const rules_t rules_osp = {
192 { USER_APP_ID, "test_book_osp_8", "r" },
193 { USER_APP_ID, "test_book_osp_9", "w" },
194 { USER_APP_ID, "test_book_osp_10", "x" },
195 { USER_APP_ID, "test_book_osp_11", "rw" },
196 { USER_APP_ID, "test_book_osp_12", "rx" },
197 { USER_APP_ID, "test_book_osp_13", "wx" },
198 { USER_APP_ID, "test_book_osp_14", "rwx" },
199 { USER_APP_ID, "test_book_osp_15", "rwxat" },
200 { "test_subject_osp_8", USER_APP_ID, "r" },
201 { "test_subject_osp_9", USER_APP_ID, "w" },
202 { "test_subject_osp_10", USER_APP_ID, "x" },
203 { "test_subject_osp_11", USER_APP_ID, "rw" },
204 { "test_subject_osp_12", USER_APP_ID, "rx" },
205 { "test_subject_osp_13", USER_APP_ID, "wx" },
206 { "test_subject_osp_14", USER_APP_ID, "rwx" },
207 { "test_subject_osp_15", USER_APP_ID, "rwxat" }
210 int test_have_all_accesses(const rules_t &rules);
211 int test_have_any_accesses(const rules_t &rules);
212 int test_have_nosmack_accesses(const rules_t &rules);
214 void read_user_gids(std::set<unsigned> &set, const uid_t user_id);
215 void check_groups(const std::set<unsigned> &groups_prev, const char *dac_file);
217 int file_exists(const char *path);
218 void check_app_installed(const char *app_path);
220 void check_perm_app_has_permission(const char *app_label,
221 const char *permission,
222 bool is_enabled_expected);
224 int nftw_remove_labels(const char *fpath, const struct stat* /*sb*/,
225 int /*typeflag*/, struct FTW* /*ftwbuf*/);
226 int nftw_check_labels_app_private_dir(const char *fpath, const struct stat *sb,
227 int /*typeflag*/, struct FTW* /*ftwbuf*/);
228 int nftw_check_labels_app_floor_dir(const char *fpath, const struct stat *sb,
229 int /*typeflag*/, struct FTW* /*ftwbuf*/);
230 int nftw_set_labels_non_app_dir(const char *fpath, const struct stat* /*sb*/,
231 int /*typeflag*/, struct FTW* /*ftwbuf*/);
232 int nftw_check_labels_non_app_dir(const char *fpath, const struct stat* /*sb*/,
233 int /*typeflag*/, struct FTW* /*ftwbuf*/);
235 void test_perm_app_setup_path_PUBLIC_RO(bool smack);
236 void test_revoke_permissions(int line_no, const char* app_id);
237 void test_app_enable_permissions_efl(bool smack);
238 void test_app_disable_permissions_efl(bool smack);
239 void test_app_disable_permissions(bool smack);
240 bool check_all_accesses(bool smack, const rules_t &rules);
241 bool check_no_accesses(bool smack, const rules_t &rules);
243 #endif /* LIBPRIVILEGE_CONTROL_TEST_COMMON_H_ */