2 * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 #include <dpl/assert.h>
18 #include <dpl/test/test_runner.h>
19 #include <ace/PolicyResult.h>
20 #include <ace-dao-ro/PromptModel.h>
21 #include <ace-dao-ro/PromptModel.h>
22 #include "SecurityCommunicationClient.h"
23 #include <widget_installer.h>
33 const std::string ACE_INTERFACE_NAME =
34 "org.tizen.AceCheckAccessInterface";
35 const std::string ACE_CHECK_ACCESS_METHOD = "check_access";
37 const std::string POPUP_INTERFACE_NAME =
38 "org.tizen.PopupResponse";
39 const std::string VALIDATION_METHOD = "validate";
47 PolicyResult callCheckAccess(int handle,
48 const std::string& subjectId,
49 const std::string& resourceId,
50 const std::vector<std::string> keys,
51 const std::vector<std::string> values)
53 Assert(!!m_aceCommunicationClient);
55 std::string sessionId = "fakeSession";
56 m_aceCommunicationClient->call(ACE_CHECK_ACCESS_METHOD,
64 PolicyResult policyResult = PolicyResult::deserialize(serialized);
68 bool callPopupAnswer(bool allowed,
69 int serializedValidity,
71 const std::string& subjectId,
72 const std::string& resourceId,
73 const std::vector<std::string> keys,
74 const std::vector<std::string> values,
75 const std::string& session)
77 Assert(!!m_popupCommunicationClient);
79 m_popupCommunicationClient->call(VALIDATION_METHOD,
92 static AceClientStub& getInstance();
96 m_aceCommunicationClient(new WrtSecurity::Communication::Client(ACE_INTERFACE_NAME)),
97 m_popupCommunicationClient(new WrtSecurity::Communication::Client(POPUP_INTERFACE_NAME))
103 std::unique_ptr<WrtSecurity::Communication::Client> m_aceCommunicationClient;
104 std::unique_ptr<WrtSecurity::Communication::Client> m_popupCommunicationClient;
107 AceClientStub& AceClientStub::getInstance()
109 static AceClientStub instance;
113 RUNNER_TEST_GROUP_INIT(ace)
117 * test: Policy evaluation by security server.
118 * description: Prepared policy is passed to ACE and evaluation result is checked.
119 * expect: Evaluation effect match assumptions, result should be PolicyEffect::PROMPT_ONESHOT.
123 std::vector<std::string> names;
124 std::vector<std::string> values;
125 std::string subjectId = "resource_id_prompt_oneshot";
126 std::string resourceId = subjectId;
127 WidgetHandle widgetHandle = InstallerMockup::registerWidget();
128 auto policy = AceClientStub::getInstance().callCheckAccess(
134 RUNNER_ASSERT(!!policy.getEffect());
135 RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_ONESHOT);
140 * test: Policy evaluation by security server.
141 * description: Prepared policy is passed to ACE and evaluation result is checked.
142 * expect: Evaluation effect match assumptions, result should be PolicyEffect::PROMPT_BLANKET.
146 std::vector<std::string> names;
147 std::vector<std::string> values;
148 std::string subjectId = "resource_id_prompt_blanket";
149 std::string resourceId = subjectId;
150 WidgetHandle widgetHandle = InstallerMockup::registerWidget();
151 auto policy = AceClientStub::getInstance().callCheckAccess(widgetHandle,
156 RUNNER_ASSERT(!!policy.getEffect());
157 RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_BLANKET);
162 * test: Policy evaluation by security server.
163 * description: Prepared policy is passed to ACE and evaluation result is checked.
164 * expect: Evaluation effect match assumptions, result should be PolicyEffect::PROMPT_SESSION.
168 std::vector<std::string> names;
169 std::vector<std::string> values;
170 std::string subjectId = "resource_id_prompt_session";
171 std::string resourceId = subjectId;
172 WidgetHandle widgetHandle = InstallerMockup::registerWidget();
173 auto policy = AceClientStub::getInstance().callCheckAccess(widgetHandle,
178 RUNNER_ASSERT(!!policy.getEffect());
179 RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_SESSION);
184 * test: Policy evaluation by security server.
185 * description: Prepared policy is passed to ACE and evaluation result is checked.
186 * expect: Evaluation effect match assumptions, result should be PolicyEffect::PERMIT.
190 std::vector<std::string> names;
191 std::vector<std::string> values;
192 std::string subjectId = "resource_id_permit";
193 std::string resourceId = subjectId;
194 WidgetHandle widgetHandle = InstallerMockup::registerWidget();
195 auto policy = AceClientStub::getInstance().callCheckAccess(widgetHandle,
200 RUNNER_ASSERT(!!policy.getEffect());
201 RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PERMIT);
206 * test: Policy evaluation by security server.
207 * description: Prepared policy is passed to ACE and evaluation result is checked.
208 * expect: Evaluation effect match assumptions, result should be PolicyEffect::DENY.
212 std::vector<std::string> names;
213 std::vector<std::string> values;
214 std::string subjectId = "resource_id_deny";
215 std::string resourceId = subjectId;
216 WidgetHandle widgetHandle = InstallerMockup::registerWidget();
217 auto policy = AceClientStub::getInstance().callCheckAccess(widgetHandle,
222 RUNNER_ASSERT(!!policy.getEffect());
223 RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::DENY);
228 * test: Policy evaluation by security server.
229 * description: Prepared policy is passed to ACE and evaluation result is checked.
230 * Next popup asking about accesses is passed to user.
231 * expect: Evaluation effect match assumptions, result should be PolicyEffect::PROMPT_ONESHOT.
232 * Popup contains correct evaluation results.
234 RUNNER_TEST(popup_test_after_policy1)
236 std::vector<std::string> names;
237 std::vector<std::string> values;
238 std::string resourceId = "resource_id_prompt_oneshot";
239 std::string subjectId = resourceId;
240 WidgetHandle widgetHandle = InstallerMockup::registerWidget();
241 auto policy = AceClientStub::getInstance().callCheckAccess(widgetHandle,
246 RUNNER_ASSERT(!!policy.getEffect());
247 RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_ONESHOT);
249 int validity = static_cast<int>(Prompt::Validity::ONCE);
250 auto status = AceClientStub::getInstance().callPopupAnswer(true,
258 RUNNER_ASSERT(status);
259 LogDebug("1: " << status);
260 status = AceClientStub::getInstance().callPopupAnswer(false,
268 RUNNER_ASSERT(!status);
269 status = AceClientStub::getInstance().callPopupAnswer(true,
277 RUNNER_ASSERT(status);
282 * test: Policy evaluation by security server.
283 * description: Prepared policy is passed to ACE and evaluation result is checked.
284 * Next popup asking about accesses is passed to user.
285 * expect: Evaluation effect match assumptions, result should be PolicyEffect::PROMPT_BLANKET.
286 * Popup contains correct evaluation results.
288 RUNNER_TEST(popup_test_after_policy2)
290 std::vector<std::string> names;
291 std::vector<std::string> values;
292 std::string resourceId = "resource_id_prompt_blanket";
293 std::string subjectId = resourceId;
294 WidgetHandle widgetHandle = InstallerMockup::registerWidget();
295 auto policy = AceClientStub::getInstance().callCheckAccess(widgetHandle,
300 RUNNER_ASSERT(!!policy.getEffect());
301 RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_BLANKET);
303 int validity = static_cast<int>(Prompt::Validity::ALWAYS);
304 auto status = AceClientStub::getInstance().callPopupAnswer(true,
312 RUNNER_ASSERT(status);
313 LogDebug("1: " << status);
314 status = AceClientStub::getInstance().callPopupAnswer(false,
322 RUNNER_ASSERT(!status);
323 status = AceClientStub::getInstance().callPopupAnswer(true,
331 RUNNER_ASSERT(status);
336 * test: Policy evaluation by security server.
337 * description: Prepared policy is passed to ACE and evaluation result is checked.
338 * Next popup asking about accesses is passed to user.
339 * expect: Evaluation effect match assumptions, result should be Prompt::Validity::SESSION.
340 * Popup contains correct evaluation results.
342 RUNNER_TEST(popup_test_after_policy3)
344 std::vector<std::string> names;
345 std::vector<std::string> values;
346 std::string resourceId = "resource_id_prompt_session";
347 std::string subjectId = resourceId;
348 WidgetHandle widgetHandle = InstallerMockup::registerWidget();
349 auto policy = AceClientStub::getInstance().callCheckAccess(widgetHandle,
354 RUNNER_ASSERT(!!policy.getEffect());
355 RUNNER_ASSERT(*policy.getEffect() == PolicyEffect::PROMPT_SESSION);
357 int validity = static_cast<int>(Prompt::Validity::SESSION);
358 auto status = AceClientStub::getInstance().callPopupAnswer(true,
366 RUNNER_ASSERT(status);
367 status = AceClientStub::getInstance().callPopupAnswer(false,
375 RUNNER_ASSERT(!status);
376 status = AceClientStub::getInstance().callPopupAnswer(true,
384 RUNNER_ASSERT(status);