projects / platform / core / system / libdbuspolicy.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
refactoring: move Serializer to ldp_serializer namespace
[platform/core/system/libdbuspolicy.git] / src / test-libdbuspolicy1-send_destination_prefix-deny-gdi.cpp
1 #include "internal/include/fb_generated.h"
2 #include "internal/naive_policy_checker.hpp"
3 #include "internal/policy.hpp"
4 #include "internal/serializer.hpp"
5 #include "internal/storage_backend_serialized.hpp"
6 #include "internal/storage_backend_serialized.hpp"
7 #include "internal/tslog.hpp"
8 #include <map>
9
10 using namespace ldp_xml_parser;
11
12 std::map<Decision, const char*> DECISIONS {
13         { Decision::ANY,   "ANY"   },
14         { Decision::ALLOW, "ALLOW" },
15         { Decision::DENY,  "DENY"  },
16         { Decision::CHECK, "CHECK" }
17 };
18
19 struct Test {
20         Decision expected_result;
21         uid_t user;
22         gid_t group;
23         const char *label;
24         const char *destination;
25         const char *path;
26         const char *interface;
27         const char *member;
28         ldp_xml_parser::MessageType type;
29 };
30
31 const int ROOT = 0;
32
33 #define TC(expected_result, names) \
34         {(expected_result), ROOT, ROOT, "User::Shell", (names), "/", "a.b", "d", ldp_xml_parser::MessageType::METHOD_CALL}
35
36 /**
37  * This test set tests ability to parse xml db
38  * and check sending privilege in use cases
39  * checking send_destination_prefix
40  */
41 struct Test tests[]={
42         /* straight-forward tests - base allow */
43         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap"),
44         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.f.f.f.f.f"),
45         TC(Decision::DENY,  "org.tizen.test.dest_prefix.apf"),
46         TC(Decision::DENY,  "org.tizen.test.dest_prefix.apf.f.f.f.f"),
47         /* multiple names owned */
48         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.ap.f"),
49         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.f org.tizen.test.dest_prefix.ao"),
50         TC(Decision::DENY,  "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ap.f"),
51         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.f org.tizen.test.dest_prefix.do"),
52         /* target holes in default allow */
53         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.1.d"),
54         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.1.dp"),
55         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
56         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f org.tizen.test.dest_prefix.ao"),
57         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f org.tizen.test.dest_prefix.ap"),
58         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
59         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
60         /* target holes in holes in default allow */
61         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.d.ap"),
62         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.d.ap.f.f.f.f"),
63         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.ap"),
64         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.ap.f.f.f.f"),
65         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.a"),
66         /* check redefinitions in default allow */
67         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.2.apxdp"),
68         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.f"),
69         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.2.apxdp.dp"),
70         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.2.apxdp.dp.f.f.f.f"),
71         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap"),
72         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.f.f.f"),
73         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.d"),
74         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.a"),
75         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.a"),
76         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap"),
77         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap.f.f.f"),
78         /* totally cancelling previous definitions in default allow */
79         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap"),
80         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.f.f.f.f"),
81         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap"),
82         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.f.f.f"),
83         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp"),
84         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.f.f.f.f"),
85         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap"),
86         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap.f.f.f.f"),
87         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.a"),
88         /* straight-forward tests - base deny */
89         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp"),
90         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.f.f.f.f.f"),
91         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dpf"),
92         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dpf.f.f.f.f"),
93         /* multiple names owned */
94         TC(Decision::DENY,  "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.dp.f"),
95         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.f org.tizen.test.dest_prefix.do"),
96         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.dp.f"),
97         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.f org.tizen.test.dest_prefix.ao"),
98         /* target holes in default deny */
99         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.a"),
100         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap"),
101         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
102         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f org.tizen.test.dest_prefix.do"),
103         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f org.tizen.test.dest_prefix.dp"),
104         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
105         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
106         /* target holes in holes in default demy */
107         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.1.a.dp"),
108         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.1.a.dp.f.f.f.f"),
109         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.1.ap.dp"),
110         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.1.ap.dp.f.f.f.f"),
111         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.1.ap.d"),
112         /* check redefinitions in default deny */
113         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap"),
114         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.f"),
115         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap"),
116         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.f.f.f.f"),
117         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp"),
118         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.f.f.f"),
119         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.a"),
120         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.2.dpxap.ap.d"),
121         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.d"),
122         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp"),
123         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp.f.f.f"),
124         /* totally cancelling previous definitions in default deny */
125         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp"),
126         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp.f.f.f.f"),
127         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp.dp"),
128         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp.dp.f.f.f"),
129         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap"),
130         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.f.f.f.f"),
131         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp"),
132         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp.f.f.f.f"),
133         TC(Decision::DENY,  "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.d"),
134         /* checking order in multiple names case */
135         TC(Decision::DENY,  "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.do"),
136         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ao.ao org.tizen.test.dest_prefix.do"),
137         TC(Decision::DENY,  "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ao"),
138         TC(Decision::ALLOW, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ao.ao"),
139 };
140
141 void test_print(const struct Test* t, Decision result) {
142         printf("uid = %lu, gid = %lu, label = %s, destination = %s, expected = %s, result = %s",
143                    (unsigned long)t->user, (unsigned long)t->group, t->label, t->destination, DECISIONS[t->expected_result], DECISIONS[result]);
144 }
145
146 template <typename DB>
147 bool send_prefix_test(const DB &db)
148 {
149         unsigned  i = 0;
150         bool flag = true;
151
152         for (const auto &test : tests) {
153                 KdbusBusNames names;
154                 MatchItemSend m_item(test.interface, test.member, test.path, test.type,
155                                 names.addSpaceSeparatedNames(test.destination));
156
157                 auto ret = db.getDecisionItemContextMandatory(m_item);
158
159                 if (ret.getDecision() == Decision::ANY)
160                         ret = db.getDecisionItemUser(test.user, m_item);
161
162                 if (ret.getDecision() == Decision::ANY)
163                         ret = db.getDecisionItemGroup(test.group, m_item);
164
165                 if (ret.getDecision() == Decision::ANY)
166                         ret = db.getDecisionItemContextDefault(m_item);
167
168                 auto decision = ret.getDecision();
169
170                 if (test.expected_result != decision) {
171                         printf("[ERROR][%d] test failed: %s %s ", i, DECISIONS[test.expected_result], DECISIONS[decision]);
172                         test_print(&test, decision);
173                         printf("\n");
174                         flag = false;
175                 }
176         }
177         return flag;
178 }
179
180 bool run_policy_db() {
181         policy_checker_system().initDb("tests/default_deny/system.conf");
182         auto &db = policy_checker_system().getPolicyDb();
183         printf("POLICY_DB:\n");
184         return send_prefix_test(db);
185 }
186
187 bool run_fb() {
188         ldp_serializer::Serializer serializer;
189         size_t size;
190         uint8_t *buff = serializer.serialize("tests/default_deny/system.conf", size);
191
192         ldp_serialized::StorageBackendSerialized storage;
193         storage.initFromData(buff);
194
195         printf("FLATBUFFERS:\n");
196         return send_prefix_test(storage);
197 }
198
199 bool run_xml() {
200         return true;
201 }
202
203 bool run_tests() {
204         return run_policy_db() && run_fb() && run_xml();
205 }
206
207 int main()
208 {
209         tslog::init();
210         if (!run_tests())
211                 return -1;
212         return 0;
213 }
Domain: System / IPC;