1 #include "internal/include/fb_generated.h"
2 #include "internal/naive_policy_checker.hpp"
3 #include "internal/policy.hpp"
4 #include "internal/serializer.hpp"
5 #include "internal/storage_backend_serialized.hpp"
6 #include "internal/storage_backend_serialized.hpp"
7 #include "internal/tslog.hpp"
8 #include "libdbuspolicy1-private.h"
13 #include <sys/types.h>
16 using namespace ldp_serialized;
17 using namespace ldp_serializer;
18 using namespace ldp_xml_parser;
20 std::map<Decision, const char*> DECISIONS {
21 { Decision::ANY, "ANY" },
22 { Decision::ALLOW, "ALLOW" },
23 { Decision::DENY, "DENY" },
24 { Decision::CHECK, "CHECK" }
28 Decision expected_result;
32 const char *destination;
34 const char *interface;
36 ldp_xml_parser::MessageType type;
41 #define TC(expected_result, names) \
42 {(expected_result), ROOT, ROOT, "User::Shell", (names), "/", "a.b", "d", ldp_xml_parser::MessageType::METHOD_CALL}
45 * This test set tests ability to parse xml db
46 * and check sending privilege in use cases
47 * checking send_destination_prefix
50 /* straight-forward tests - base allow */
51 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap"),
52 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.f.f.f.f.f"),
53 TC(Decision::DENY, "org.tizen.test.dest_prefix.apf"),
54 TC(Decision::DENY, "org.tizen.test.dest_prefix.apf.f.f.f.f"),
55 /* multiple names owned */
56 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.ap.f"),
57 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.f org.tizen.test.dest_prefix.ao"),
58 TC(Decision::DENY, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ap.f"),
59 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.f org.tizen.test.dest_prefix.do"),
60 /* target holes in default allow */
61 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.d"),
62 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.dp"),
63 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
64 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f org.tizen.test.dest_prefix.ao"),
65 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f org.tizen.test.dest_prefix.ap"),
66 TC(Decision::DENY, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
67 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
68 /* target holes in holes in default allow */
69 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.d.ap"),
70 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.d.ap.f.f.f.f"),
71 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.ap"),
72 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.ap.f.f.f.f"),
73 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.a"),
74 /* check redefinitions in default allow */
75 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp"),
76 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.f"),
77 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp"),
78 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.f.f.f.f"),
79 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap"),
80 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.f.f.f"),
81 TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.d"),
82 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.a"),
83 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.a"),
84 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap"),
85 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap.f.f.f"),
86 /* totally cancelling previous definitions in default allow */
87 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap"),
88 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.f.f.f.f"),
89 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap"),
90 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.f.f.f"),
91 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp"),
92 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.f.f.f.f"),
93 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap"),
94 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap.f.f.f.f"),
95 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.a"),
96 /* straight-forward tests - base deny */
97 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp"),
98 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.f.f.f.f.f"),
99 TC(Decision::DENY, "org.tizen.test.dest_prefix.dpf"),
100 TC(Decision::DENY, "org.tizen.test.dest_prefix.dpf.f.f.f.f"),
101 /* multiple names owned */
102 TC(Decision::DENY, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.dp.f"),
103 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.f org.tizen.test.dest_prefix.do"),
104 TC(Decision::DENY, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.dp.f"),
105 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.f org.tizen.test.dest_prefix.ao"),
106 /* target holes in default deny */
107 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.a"),
108 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap"),
109 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
110 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f org.tizen.test.dest_prefix.do"),
111 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f org.tizen.test.dest_prefix.dp"),
112 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
113 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
114 /* target holes in holes in default demy */
115 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.a.dp"),
116 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.a.dp.f.f.f.f"),
117 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.ap.dp"),
118 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.ap.dp.f.f.f.f"),
119 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.ap.d"),
120 /* check redefinitions in default deny */
121 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap"),
122 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.f"),
123 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap"),
124 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.f.f.f.f"),
125 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp"),
126 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.f.f.f"),
127 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.a"),
128 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.d"),
129 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.d"),
130 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp"),
131 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp.f.f.f"),
132 /* totally cancelling previous definitions in default deny */
133 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp"),
134 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.f.f.f.f"),
135 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp"),
136 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.f.f.f"),
137 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap"),
138 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.f.f.f.f"),
139 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp"),
140 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp.f.f.f.f"),
141 TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.d"),
142 /* checking order in multiple names case */
143 TC(Decision::DENY, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.do"),
144 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ao.ao org.tizen.test.dest_prefix.do"),
145 TC(Decision::DENY, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ao"),
146 TC(Decision::ALLOW, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ao.ao"),
149 struct Test test_send_to_nonexistent[]={
150 {Decision::DENY, ROOT, ROOT, "User::Shell", "no.such.destination", "/no/such/path",
151 "no.such.interface", "no_such_method", ldp_xml_parser::MessageType::METHOD_CALL}
154 void test_print(const struct Test* t, Decision result) {
155 printf("uid = %lu, gid = %lu, label = %s, destination = %s, expected = %s, result = %s",
156 (unsigned long)t->user, (unsigned long)t->group, t->label, t->destination, DECISIONS[t->expected_result], DECISIONS[result]);
159 template <typename DB, typename Array>
160 void send_prefix_test(const DB &db, const Array &tests)
162 for (const auto &test : tests) {
164 MatchItemSend m_item(test.interface, test.member, test.path, test.type,
165 names.addSpaceSeparatedNames(test.destination));
167 auto ret = db.getDecisionItemContextMandatory(m_item);
169 if (ret.getDecision() == Decision::ANY)
170 ret = db.getDecisionItemUser(test.user, m_item);
172 if (ret.getDecision() == Decision::ANY)
173 ret = db.getDecisionItemGroup(test.group, m_item);
175 if (ret.getDecision() == Decision::ANY)
176 ret = db.getDecisionItemContextDefault(m_item);
180 void run_x_times(std::function<void(void)> func, size_t times) {
181 clock_t begin = clock();
182 for (size_t i = 0; i < times; i++)
184 clock_t end = clock();
186 std::cout << "run: " << static_cast<double>(end - begin)/CLOCKS_PER_SEC << std::endl;
189 void run_fb(const char *conf_file, bool verify, size_t count, bool worst) {
190 Serializer serializer;
192 const uint8_t *buff = serializer.serialize(conf_file, size);
195 auto verifier = flatbuffers::Verifier(buff, size);
196 if (!FB::VerifyFileBuffer(verifier)) {
197 std::cout << "verification of serialized data: failed" << std::endl;
202 StorageBackendSerialized storage;
203 storage.initFromData(buff);
205 printf("FLATBUFFERS:\n");
207 run_x_times([&storage](){ send_prefix_test(storage, tests); }, count);
209 run_x_times([&storage](){ send_prefix_test(storage, test_send_to_nonexistent); }, count);
212 void run_tests(const char *conf_file, bool verify, size_t c, bool worst) {
213 run_fb(conf_file, verify, c, worst);
216 void print_help(const char *name) {
217 std::cout << std::endl;
218 std::cout << "usage: " << name << " [-v] {--system|--session|-c <config_xml>} <count>" << std::endl;
219 std::cout << std::endl;
220 std::cout << " -v - Verify" << std::endl;
221 std::cout << std::endl;
224 static const struct option options[] {
225 {"system", no_argument, 0, 0},
226 {"session", no_argument, 0, 0},
227 {nullptr, 0, nullptr, 0}
230 int main(int argc, char *argv[])
233 std::string input_filename = system_bus_conf_file_primary();
240 c = getopt_long(argc, argv, "vwc:", options, &option_index);
245 if (option_index == 1)
246 input_filename = session_bus_conf_file_primary();
249 input_filename = optarg;
261 count = std::stoi(argv[optind]);
268 run_tests(input_filename.c_str(), verify, count, worst);