test/unit-tests/test_common_policy.cpp

   1 /*
   2  *  Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *  Licensed under the Apache License, Version 2.0 (the "License");
   5  *  you may not use this file except in compliance with the License.
   6  *  You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *  Unless required by applicable law or agreed to in writing, software
  11  *  distributed under the License is distributed on an "AS IS" BASIS,
  12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *  See the License for the specific language governing permissions and
  14  *  limitations under the License
  15  */
  16
  17 #include <algorithm>
  18 #include <string>
  19 #include <utility>
  20 #include <vector>
  21
  22 #include <boost/test/results_reporter.hpp>
  23
  24 #include <security-manager.h>
  25
  26 #include <exception/Exception.h>
  27 #include <policy/Policy.h>
  28 #include <policy/AppInfo.h>
  29 #include <policy/PkgInfo.h>
  30 #include <policy/PrivilegePolicy.h>
  31 #include <policy/PrivilegeInfo.h>
  32
  33 #include "macros.h"
  34
  35 namespace {
  36
  37 const std::string APP = "attach-panel-camera";
  38 const std::string APP_TYPE = "capp";
  39 const std::string APP_API_VERSION = "5.5";
  40 const std::pair<std::string, std::string> APP_RESPONSES[] = {
  41     {"http://tizen.org/privilege/camera", "Allow"},
  42     {"http://tizen.org/privilege/mapservice", "Deny"},
  43 };
  44 const std::string PKG = "org.tizen.chromium-efl";
  45 const std::string PKG_MAIN_APP = "org.tizen.chromium-efl";
  46 const std::string PKG_LABEL = "Tizen Web Engine based on Chromium";
  47 const std::string PKG_APPS[] = {
  48     "org.tizen.chromium-efl.wrt-service",
  49     "org.tizen.chromium-efl.wrt-service-launcher",
  50     "org.tizen.chromium-efl"
  51 };
  52 const std::string PRIVACY = "http://tizen.org/privacy/location";
  53 const std::string PRIVACY_DISPLAY_NAME = "IDS_TPLATFORM_OPT_LOCATION_T_LBS";
  54 const std::string PRIVACY_PRIVILEGES[] = {
  55     "http://tizen.org/privilege/location",
  56     "http://tizen.org/privilege/location.coarse",
  57 };
  58 const std::string PRIVILEGE = "http://tizen.org/privilege/externalstorage";
  59 const std::string PRIVILEGE_SAME_PRIVACY_PRIVILEGES[] = {
  60     "http://tizen.org/privilege/externalstorage",
  61     "http://tizen.org/privilege/mediastorage",
  62 };
  63 const std::string NONEXISTENT_APP = "org.tizen.does-not-exist";
  64 const std::string NONEXISTENT_PRIVACY = "http://tizen.org/privacy/does-not-exist";
  65 const std::string NONEXISTENT_PRIVILEGE = "http://tizen.org/privilege/does-not-exist";
  66 const uid_t USER = 0;
  67
  68 };
  69
  70 BOOST_AUTO_TEST_SUITE(TESTS_ASKUSER_COMMON_POLICY)
  71
  72 POSITIVE_TEST_CASE(askuser_common_policy_entry_default)
  73 {
  74     AskUser::PolicyEntry policy;
  75     BOOST_REQUIRE(policy.getAppId() == SECURITY_MANAGER_ANY);
  76     BOOST_REQUIRE(policy.getLevel().empty());
  77     BOOST_REQUIRE(policy.getPrivilege() == SECURITY_MANAGER_ANY);
  78     BOOST_REQUIRE(policy.getUser() == std::to_string(geteuid()));
  79 }
  80
  81 POSITIVE_TEST_CASE(askuser_common_policy_entry_setters)
  82 {
  83     const std::string LEVEL = "some-level";
  84     const std::string PRIVILEGE = "some-privilege";
  85     const std::string USER = "42";
  86     AskUser::PolicyEntry policy;
  87     policy.setApp(APP);
  88     policy.setLevel(LEVEL);
  89     policy.setPrivilege(PRIVILEGE);
  90     policy.setUser(USER);
  91     BOOST_REQUIRE(policy.getAppId() == APP);
  92     BOOST_REQUIRE(policy.getLevel() == LEVEL);
  93     BOOST_REQUIRE(policy.getPrivilege() == PRIVILEGE);
  94     BOOST_REQUIRE(policy.getUser() == USER);
  95     AskUser::PolicyEntry policy2 = std::move(policy);
  96     BOOST_REQUIRE(policy2.getAppId() == APP);
  97     BOOST_REQUIRE(policy2.getLevel() == LEVEL);
  98     BOOST_REQUIRE(policy2.getPrivilege() == PRIVILEGE);
  99     BOOST_REQUIRE(policy2.getUser() == USER);
 100     AskUser::PolicyEntryCopy copy{policy2.get()};
 101     BOOST_REQUIRE(copy.getAppId() == APP);
 102     BOOST_REQUIRE(copy.getLevel() == LEVEL);
 103     BOOST_REQUIRE(copy.getPrivilege() == PRIVILEGE);
 104     BOOST_REQUIRE(copy.getUser() == USER);
 105     AskUser::PolicyEntryCopy copy2 = std::move(copy);
 106     BOOST_REQUIRE(copy2.getAppId() == APP);
 107     BOOST_REQUIRE(copy2.getLevel() == LEVEL);
 108     BOOST_REQUIRE(copy2.getPrivilege() == PRIVILEGE);
 109     BOOST_REQUIRE(copy2.getUser() == USER);
 110 }
 111
 112 POSITIVE_TEST_CASE(askuser_common_appinfo)
 113 {
 114     AskUser::PkgMgrAppInfo info;
 115     BOOST_REQUIRE(info.type(APP, USER) == APP_TYPE);
 116     BOOST_REQUIRE(info.apiVersion(APP, USER) == APP_API_VERSION);
 117 }
 118
 119 NEGATIVE_TEST_CASE(askuser_common_appinfo_app_does_not_exist)
 120 {
 121     AskUser::PkgMgrAppInfo info;
 122     BOOST_REQUIRE(info.type(NONEXISTENT_APP, USER).empty());
 123     BOOST_REQUIRE(info.apiVersion(NONEXISTENT_APP, USER).empty());
 124 }
 125
 126 POSITIVE_TEST_CASE(askuser_common_pkginfo)
 127 {
 128     AskUser::PkgMgrPkgInfo info;
 129     BOOST_REQUIRE(info.mainAppId(PKG, USER) == PKG_MAIN_APP);
 130     BOOST_REQUIRE(info.pkgLabel(PKG, USER) == PKG_LABEL);
 131     std::vector<std::string> appIds = AskUser::PkgMgrPkgInfo::listOfAppIds(PKG, USER);
 132     BOOST_REQUIRE(std::is_permutation(appIds.begin(), appIds.end(),
 133         std::begin(PKG_APPS), std::end(PKG_APPS)));
 134 }
 135
 136 NEGATIVE_TEST_CASE(askuser_common_pkginfo_pkg_does_not_exist)
 137 {
 138     const std::string NONEXISTENT_PKG = "org.tizen.does-not-exist";
 139     AskUser::PkgMgrPkgInfo info;
 140     BOOST_REQUIRE(info.mainAppId(NONEXISTENT_PKG, USER).empty());
 141     BOOST_REQUIRE(info.pkgLabel(NONEXISTENT_PKG, USER).empty());
 142     BOOST_REQUIRE(AskUser::PkgMgrPkgInfo::listOfAppIds(NONEXISTENT_PKG, USER).empty());
 143 }
 144
 145 POSITIVE_TEST_CASE(askuser_common_privilege_policy)
 146 {
 147     AskUser::PkgMgrAppInfo info;
 148     for (auto& privilegePolicy : APP_RESPONSES) {
 149         AskUser::PrivilegePolicy request(APP, privilegePolicy.first);
 150         BOOST_REQUIRE(request.calculatePolicy(info) == privilegePolicy.second);
 151         BOOST_REQUIRE(request.calculateAskablePrivacies(info).empty());
 152     }
 153 }
 154
 155 NEGATIVE_TEST_CASE(askuser_common_privilege_policy_privilege_does_not_exist)
 156 {
 157     AskUser::PkgMgrAppInfo info;
 158     AskUser::PrivilegePolicy req(APP, NONEXISTENT_PRIVILEGE);
 159     BOOST_REQUIRE(req.calculatePolicy(info) == "Deny");
 160     BOOST_REQUIRE(req.calculateAskablePrivacies(info).empty());
 161 }
 162
 163 NEGATIVE_TEST_CASE(askuser_common_privilege_policy_app_does_not_exist)
 164 {
 165     AskUser::PkgMgrAppInfo info;
 166     AskUser::PrivilegePolicy req(NONEXISTENT_APP, PRIVILEGE);
 167     BOOST_REQUIRE(req.calculatePolicy(info) == "Deny");
 168     BOOST_REQUIRE(req.calculateAskablePrivacies(info).empty());
 169 }
 170
 171 POSITIVE_TEST_CASE(askuser_common_privilege_same_privacy)
 172 {
 173     std::vector<std::string> others =
 174         AskUser::PrivilegeInfo::getSamePrivacyPrivilegeMapping(PRIVILEGE);
 175     BOOST_REQUIRE(std::is_permutation(others.begin(), others.end(),
 176         std::begin(PRIVILEGE_SAME_PRIVACY_PRIVILEGES),
 177         std::end(PRIVILEGE_SAME_PRIVACY_PRIVILEGES)));
 178 }
 179
 180 POSITIVE_TEST_CASE(askuser_common_privacy_display_name)
 181 {
 182     BOOST_REQUIRE(AskUser::PrivilegeInfo::getPrivacyDisplayName(PRIVACY) == PRIVACY_DISPLAY_NAME);
 183 }
 184
 185 POSITIVE_TEST_CASE(askuser_common_privacy_privileges)
 186 {
 187     std::vector<std::string> privileges = AskUser::PrivilegeInfo::getPrivacyPrivileges(PRIVACY);
 188     BOOST_REQUIRE(std::is_permutation(privileges.begin(), privileges.end(),
 189         std::begin(PRIVACY_PRIVILEGES), std::end(PRIVACY_PRIVILEGES)));
 190 }
 191
 192 NEGATIVE_TEST_CASE(askuser_common_privilege_same_privacy_does_not_exist)
 193 {
 194     BOOST_REQUIRE(AskUser::PrivilegeInfo::getSamePrivacyPrivilegeMapping(NONEXISTENT_PRIVILEGE)
 195         .empty());
 196 }
 197
 198 NEGATIVE_TEST_CASE(askuser_common_privacy_display_name_does_not_exist)
 199 {
 200     BOOST_REQUIRE(AskUser::PrivilegeInfo::getPrivacyDisplayName(NONEXISTENT_PRIVACY)
 201         == NONEXISTENT_PRIVACY);
 202 }
 203
 204 NEGATIVE_TEST_CASE(askuser_common_privacy_privileges_does_not_exist)
 205 {
 206     std::vector<std::string> ret =
 207         AskUser::PrivilegeInfo::getPrivacyPrivileges(NONEXISTENT_PRIVACY);
 208     BOOST_REQUIRE(ret.size() == 1);
 209     BOOST_REQUIRE(ret[0] == NONEXISTENT_PRIVACY);
 210 }
 211
 212 NEGATIVE_TEST_CASE(askuser_common_get_own_app_id_no_app_context)
 213 {
 214     AskUser::PkgMgrPkgInfo info;
 215     BOOST_REQUIRE_THROW(AskUser::getOwnAppId(info), AskUser::Exception);
 216 }
 217
 218 NEGATIVE_TEST_CASE(askuser_common_policy_app_privs_does_not_exist)
 219 {
 220     BOOST_REQUIRE(AskUser::getManifestPrivs(NONEXISTENT_APP).empty());
 221 }
 222
 223 NEGATIVE_TEST_CASE(askuser_common_policy_app_identify_does_not_exist)
 224 {
 225     const std::string NONEXISTENT_CYNARA_CLIENT = "does-not-exist";
 226     std::string buf1;
 227     std::string buf2;
 228     bool buf3;
 229     AskUser::PkgMgrPkgInfo info;
 230     BOOST_REQUIRE_THROW(AskUser::identifyApp(info, NONEXISTENT_CYNARA_CLIENT, buf1, buf2, buf3),
 231         AskUser::Exception);
 232 }
 233
 234 NEGATIVE_TEST_CASE(askuser_common_policy_request_bad_change)
 235 {
 236     AskUser::PolicyEntry entry;
 237     AskUser::PolicyRequest req;
 238     entry.setApp(APP);
 239     req.addEntry(std::move(entry));
 240     BOOST_REQUIRE_THROW(req.updatePolicy(), AskUser::Exception);
 241 }
 242
 243 BOOST_AUTO_TEST_SUITE_END()