2 * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 * @author Marcin Lis (m.lis@samsung.com)
21 * @brief security-manager tests database record check functions
24 #include <tests_common.h>
25 #include <tzplatform_config.h>
28 #include "db_sqlite.h"
30 /* Keep this consistent with the database file path used in the security-manager */
31 const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
33 /* Initialize static constants */
34 const bool TestSecurityManagerDatabase::NOT_REMOVED = false;
35 const bool TestSecurityManagerDatabase::REMOVED = true;
37 TestSecurityManagerDatabase::TestSecurityManagerDatabase() : m_base(PRIVILEGE_DB_PATH, SQLITE_OPEN_READWRITE)
41 void TestSecurityManagerDatabase::test_db_after__app_install(const std::string &app_name,
42 const std::string &pkg_name)
44 const privileges_t dummy; /* just some empty privileges set */
46 test_db_after__app_install(app_name, pkg_name, dummy);
49 void TestSecurityManagerDatabase::test_db_after__app_install(const std::string &app_name,
50 const std::string &pkg_name,
51 const privileges_t &privileges)
53 if (!m_base.is_open())
56 RUNNER_ASSERT_MSG(!app_name.empty(), "Request is corrupted, appId is empty");
57 RUNNER_ASSERT_MSG(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
59 check_app_and_pkg(app_name, pkg_name, NOT_REMOVED);
61 if (!privileges.empty()) {
62 check_privileges(app_name, pkg_name, privileges);
66 void TestSecurityManagerDatabase::test_db_after__app_uninstall(const std::string &app_name,
67 const std::string &pkg_name,
68 const bool is_pkg_removed)
70 const privileges_t dummy; /* just some empty privileges set */
72 test_db_after__app_uninstall(app_name, pkg_name, dummy, is_pkg_removed);
75 void TestSecurityManagerDatabase::test_db_after__app_uninstall(const std::string &app_name,
76 const std::string &pkg_name,
77 const privileges_t &privileges,
78 const bool is_pkg_removed)
80 if (!m_base.is_open())
83 RUNNER_ASSERT_MSG(!app_name.empty(), "Request is corrupted, appId is empty");
84 RUNNER_ASSERT_MSG(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
86 check_app_and_pkg(app_name, pkg_name, REMOVED);
87 check_pkg(pkg_name, is_pkg_removed);
89 if (!privileges.empty()) {
90 check_privileges_removed(app_name, pkg_name, privileges);
94 void TestSecurityManagerDatabase::check_privileges(const std::string &app_name,
95 const std::string &pkg_name,
96 const privileges_t &privileges)
100 RUNNER_ASSERT_MSG(!app_name.empty(), "Request is corrupted, appId is empty");
101 RUNNER_ASSERT_MSG(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
103 for (auto it = privileges.begin(); it != privileges.end(); ++it) {
104 result = check_privilege(app_name, pkg_name, *it);
106 RUNNER_ASSERT_MSG(result == true, "privilege: <" << *it << "> not added to app: <" <<
107 app_name << "> from pkg_id: <" << pkg_name << ">");
111 void TestSecurityManagerDatabase::check_privileges_removed(const std::string &app_name,
112 const std::string &pkg_name,
113 const privileges_t &privileges)
117 RUNNER_ASSERT_MSG(!app_name.empty(), "Request is corrupted, appId is empty");
118 RUNNER_ASSERT_MSG(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
120 for (auto it = privileges.begin(); it != privileges.end(); ++it) {
121 result = check_privilege(app_name, pkg_name, *it);
123 RUNNER_ASSERT_MSG(result == false, "privilege: <" << *it << "> not removed for app: <" <<
124 app_name << "> from pkg_id: <" << pkg_name << ">");
128 void TestSecurityManagerDatabase::check_app_and_pkg(const std::string &app_name, const std::string &pkg_name,
129 const bool is_app_removed)
131 Sqlite3DBaseSelectResult result;
132 std::ostringstream sql;
133 sql << "SELECT app_name, pkg_name FROM app_pkg_view"
134 " WHERE app_name == '" << app_name << "' "
135 " AND pkg_name == '" << pkg_name << "' ;";
136 m_base.execute(sql.str(), result);
138 if (is_app_removed) /* expect 0 results */
139 RUNNER_ASSERT_MSG(result.rows.size() == 0, "query : <" << sql.str() <<
140 "> returned [" << result.rows.size() << "] rows, expected [0]");
141 else /* expect exactly 1 result with 2 columns */
142 RUNNER_ASSERT_MSG(result.rows.size() == 1 && result.rows[0].size() == 2, "query : <" <<
143 sql.str() << "> returned [" << result.rows.size() << "] rows, expected [1]");
146 void TestSecurityManagerDatabase::check_pkg(const std::string &pkg_name,
147 const bool is_pkg_removed)
149 const unsigned expected_rows = is_pkg_removed ? 0 : 1;
150 Sqlite3DBaseSelectResult result;
151 std::ostringstream sql;
152 sql << "SELECT pkg_id FROM pkg"
153 " WHERE name == '" << pkg_name << "' ;";
154 m_base.execute(sql.str(), result);
156 RUNNER_ASSERT_MSG(result.rows.size() == expected_rows, "query : <" <<
157 sql.str() << "> returned [" << result.rows.size() << "] rows, expected [" <<
158 expected_rows << "] rows");
161 bool TestSecurityManagerDatabase::check_privilege(const std::string &app_name,
162 const std::string &pkg_name,
163 const std::string &privilege)
165 Sqlite3DBaseSelectResult result;
166 std::ostringstream sql;
167 sql << "SELECT privilege_id FROM app_privilege_view"
168 " WHERE app_name == '" << app_name << "' "
169 " AND pkg_name == '" << pkg_name << "' "
170 " AND privilege_name == '" << privilege << "' "
172 m_base.execute(sql.str(), result);
174 /* only 0 or 1 resulting rows are alowed */
175 RUNNER_ASSERT_MSG(result.rows.size() == 0 || result.rows.size() == 1, "query : <" << sql.str() << "> returned [" <<
176 result.rows.size() << "] rows");
178 return result.rows.size() == 1;
181 void TestSecurityManagerDatabase::setup_privilege_groups(const std::string &privilege,
182 const std::vector<std::string> &groups)
184 Sqlite3DBaseSelectResult result;
185 std::ostringstream sql;
187 if (!m_base.is_open())
190 for (const auto &group : groups) {
193 sql << "INSERT INTO privilege_group_view (privilege_name, group_name) "
195 << "'" << privilege << "'" << ","
196 << "'" << group << "'" << ")";
197 m_base.execute(sql.str(), result);