Unify privilege representation

[platform/core/test/security-tests.git] / src / security-manager-tests / common / policy_configuration.cpp

diff --git a/src/security-manager-tests/common/policy_configuration.cpp b/src/security-manager-tests/common/policy_configuration.cpp
index 111d6bc..64e3b9a 100644 (file)
--- a/src/security-manager-tests/common/policy_configuration.cpp
+++ b/src/security-manager-tests/common/policy_configuration.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -29,6 +29,7 @@
 
 #define CONF_DIR "/usr/share/security-manager/policy/"
 #define CONF_GROUP_FILE "privilege-group.list"
+#define CONF_SYSTEMD_PRIVS_FILE "privilege-managed-by-systemd-for-daemons.list"
 #define CONF_USER_TEMPLATE_FILE "usertype-%s.profile"
 
 namespace SecurityManagerTest {
@@ -69,12 +70,16 @@ PolicyConfiguration::GidVector PolicyConfiguration::getUserGid(PolicyConfigurati
 }
 
 PolicyConfiguration::GidVector PolicyConfiguration::getGid() {
+    return groupToGid(getGroup());
+}
+
+PolicyConfiguration::GroupVector PolicyConfiguration::getGroup() {
     GroupVector result;
     if (m_privGroupMap.empty())
         loadPrivGroupMap();
     for (auto &e : m_privGroupMap)
         result.push_back(e.second);
-    return groupToGid(result);
+    return result;
 }
 
 PolicyConfiguration::UserDescription& PolicyConfiguration::getUserDescription(PolicyConfiguration::UserType userType) {
@@ -98,6 +103,21 @@ PolicyConfiguration::GidVector PolicyConfiguration::groupToGid(const PolicyConfi
     return result;
 }
 
+PolicyConfiguration::PrivGroupMap PolicyConfiguration::getPrivGroupMap()
+{
+    if (m_privGroupMap.empty())
+        loadPrivGroupMap();
+    return m_privGroupMap;
+}
+
+bool PolicyConfiguration::getIsAskuserEnabled() {
+#ifdef ASKUSER_ENABLED
+    return true;
+#else
+    return false;
+#endif
+}
+
 PolicyConfiguration::UserDescription PolicyConfiguration::loadUserDescription(PolicyConfiguration::UserType userType) {
     UserDescription result;
     std::string path = getConfigFilePath(userType);
@@ -120,15 +140,20 @@ PolicyConfiguration::PrivVector PolicyConfiguration::loadPrivFile(const std::str
     return result;
 }
 
-PolicyConfiguration::GroupVector PolicyConfiguration::privToGroup(const PolicyConfiguration::PrivVector &privVector) {
-    GroupVector result;
-    if (m_privGroupMap.empty())
-        loadPrivGroupMap();
-    for (auto &e : privVector) {
-        auto it = m_privGroupMap.find(e);
-        if (it == m_privGroupMap.end())
-            continue;
-        result.push_back(it->second);
+PolicyConfiguration::PrivVector PolicyConfiguration::getSystemdManagedPrivs()
+{
+    PolicyConfiguration::PrivVector result;
+    std::ifstream file(CONF_DIR CONF_SYSTEMD_PRIVS_FILE);
+    if (!file.is_open()) {
+        RUNNER_ASSERT_MSG(file.is_open(),
+          "Unable to read config file " << CONF_DIR CONF_SYSTEMD_PRIVS_FILE);
+    }
+    std::string line;
+    std::regex r("^(http(.*))");
+    while (std::getline(file, line)) {
+        std::smatch m;
+        if (std::regex_search(line, m, r))
+            result.emplace_back(m[1]);
     }
     return result;
 }
@@ -149,5 +174,12 @@ void PolicyConfiguration::loadPrivGroupMap(void) {
     }
 }
 
+std::string PolicyConfiguration::getPkgRulesFilePath() {
+    return CONF_DIR "pkg-rules-template.smack";
+}
+std::string PolicyConfiguration::getAppRulesFilePath() {
+    return CONF_DIR "app-rules-template.smack";
+}
+
 } // namespace SecurityManagerTest