#include <fcntl.h>
#include <stdio.h>
#include <memory.h>
-#include <summary_collector.h>
#include <string>
#include <unordered_set>
#include <sys/capability.h>
#include <sm_api.h>
#include <sm_db.h>
#include <sm_request.h>
+#include <sm_user_request.h>
+#include <temp_test_user.h>
#include <cynara_test_client.h>
+#include <dbus_access.h>
using namespace SecurityManagerTest;
dbtest.test_db_after__app_uninstall(app_id, pkg_id, is_pkg_removed);
}
-static void install_app(const char *app_id, const char *pkg_id)
+static void install_app(const char *app_id, const char *pkg_id, uid_t uid = 0)
{
InstallRequest request;
request.setAppId(app_id);
request.setPkgId(pkg_id);
-
+ request.setUid(uid);
Api::install(request);
check_app_after_install(app_id, pkg_id);
RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
-RUNNER_TEST(security_manager_01_app_double_install_double_uninstall)
+RUNNER_TEST(security_manager_01a_app_double_install_double_uninstall)
{
- const char *const sm_app_id = "sm_test_01_app_id_double";
- const char *const sm_pkg_id = "sm_test_01_pkg_id_double";
+ const char *const sm_app_id = "sm_test_01a_app_id_double";
+ const char *const sm_pkg_id = "sm_test_01a_pkg_id_double";
InstallRequest requestInst;
requestInst.setAppId(sm_app_id);
check_app_after_uninstall(sm_app_id, sm_pkg_id, TestSecurityManagerDatabase::REMOVED);
}
+
+RUNNER_TEST(security_manager_01b_app_double_install_wrong_pkg_id)
+{
+ const char *const sm_app_id = "sm_test_01b_app";
+ const char *const sm_pkg_id = "sm_test_01b_pkg";
+ const char *const sm_pkg_id_wrong = "sm_test_01b_pkg_BAD";
+
+ InstallRequest requestInst;
+ requestInst.setAppId(sm_app_id);
+ requestInst.setPkgId(sm_pkg_id);
+
+ Api::install(requestInst);
+
+ InstallRequest requestInst2;
+ requestInst2.setAppId(sm_app_id);
+ requestInst2.setPkgId(sm_pkg_id_wrong);
+
+ Api::install(requestInst2, SECURITY_MANAGER_ERROR_INPUT_PARAM);
+
+
+ /* Check records in the security-manager database */
+ check_app_after_install(sm_app_id, sm_pkg_id);
+
+ InstallRequest requestUninst;
+ requestUninst.setAppId(sm_app_id);
+
+ Api::uninstall(requestUninst);
+
+
+ /* Check records in the security-manager database */
+ check_app_after_uninstall(sm_app_id, sm_pkg_id, TestSecurityManagerDatabase::REMOVED);
+
+}
+
+RUNNER_TEST(security_manager_01c_app_uninstall_pkg_id_ignored)
+{
+ const char * const sm_app_id = "SM_TEST_01c_APPID";
+ const char * const sm_pkg_id = "SM_TEST_01c_PKGID";
+ const char * const sm_pkg_id_wrong = "SM_TEST_01c_PKGID_wrong";
+
+ InstallRequest requestInst;
+ requestInst.setAppId(sm_app_id);
+ requestInst.setPkgId(sm_pkg_id);
+
+ Api::install(requestInst);
+
+ /* Check records in the security-manager database */
+ check_app_after_install(sm_app_id, sm_pkg_id);
+
+ InstallRequest requestUninst;
+ requestUninst.setAppId(sm_app_id);
+ requestUninst.setPkgId(sm_pkg_id_wrong);
+
+ Api::uninstall(requestUninst);
+
+ check_app_after_uninstall(sm_app_id, sm_pkg_id, TestSecurityManagerDatabase::REMOVED);
+
+}
+
RUNNER_TEST(security_manager_02_app_install_uninstall_full)
{
const char *const sm_app_id = "sm_test_02_app_id_full";
static void install_and_check(const char *const sm_app_id,
const char *const sm_pkg_id,
- const std::string &user, uid_t uid)
+ const std::string &user, uid_t uid,
+ const std::string &user_path = SM_PRIVATE_PATH_FOR_USER)
{
InstallRequest requestPublic;
//install app for non-root user and try to register public path (should fail)
- prepare_request(requestPublic, sm_app_id, sm_pkg_id, SECURITY_MANAGER_PATH_PUBLIC, SM_PRIVATE_PATH_FOR_USER, uid);
+ prepare_request(requestPublic, sm_app_id, sm_pkg_id, SECURITY_MANAGER_PATH_PUBLIC, user_path.c_str(), uid);
Api::install(requestPublic, SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED);
//install app for non-root user
//should succeed - this time i register folder inside user's home dir
- prepare_request(requestPrivateUser, sm_app_id, sm_pkg_id, SECURITY_MANAGER_PATH_PRIVATE, SM_PRIVATE_PATH_FOR_USER, uid);
+ prepare_request(requestPrivateUser, sm_app_id, sm_pkg_id, SECURITY_MANAGER_PATH_PRIVATE, user_path.c_str(), uid);
for (auto &privilege : SM_ALLOWED_PRIVILEGES)
requestPrivateUser.addPrivilege(privilege.c_str());
"capabilities not dropped. Current: " << cap_to_text(caps.get(), NULL));
}
+RUNNER_CHILD_TEST(security_manager_06_install_app_offline)
+{
+ const char *const app_id = "sm_test_06_app_id_install_app_offline";
+ const char *const pkg_id = "sm_test_06_pkg_id_install_app_offline";
+ DBusAccess dbusAccess("security-manager.service");
+
+ uninstall_app(app_id, pkg_id, true);
+ dbusAccess.maskService();
+ dbusAccess.stopService();
+
+ install_app(app_id, pkg_id);
+
+ dbusAccess.unmaskService();
+ dbusAccess.startService();
+
+ uninstall_app(app_id, pkg_id, true);
+}
+
+RUNNER_CHILD_TEST(security_manager_07_user_add_app_install)
+{
+ const char *const sm_app_id = "sm_test_07_app_id_user";
+ const char *const sm_pkg_id = "sm_test_07_pkg_id_user";
+ const std::string new_user_name = "sm_test_07_user_name";
+ std::string uid_string;
+ TemporaryTestUser test_user(new_user_name, GUM_USERTYPE_NORMAL, false);
+ uid_string = std::to_string(static_cast<unsigned int>(test_user.getUid()));
+
+ install_app(sm_app_id, sm_pkg_id, test_user.getUid());
+
+ check_app_after_install(sm_app_id, sm_pkg_id);
+
+ test_user.remove();
+
+ check_app_permissions(sm_app_id, sm_pkg_id, uid_string.c_str(), SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES);
+
+ check_app_after_uninstall(sm_app_id, sm_pkg_id, true);
+}
+
+RUNNER_CHILD_TEST(security_manager_08_user_double_add_double_remove)
+{
+ UserRequest addUserRequest;
+
+ const char *const sm_app_id = "sm_test_08_app_id_user";
+ const char *const sm_pkg_id = "sm_test_08_pkg_id_user";
+ const char *const new_user_name = "sm_test_08_user_name";
+ std::string uid_string;
+
+ // gumd user add
+ TemporaryTestUser test_user(new_user_name, GUM_USERTYPE_NORMAL, false);
+ uid_string = std::to_string(static_cast<unsigned int>(test_user.getUid()));
+
+ addUserRequest.setUid(test_user.getUid());
+ addUserRequest.setUserType(SM_USER_TYPE_NORMAL);
+
+ //sm user add
+ Api::addUser(addUserRequest);
+
+ install_app(sm_app_id, sm_pkg_id, test_user.getUid());
+
+ check_app_after_install(sm_app_id, sm_pkg_id);
+
+ test_user.remove();
+
+ UserRequest deleteUserRequest;
+ deleteUserRequest.setUid(test_user.getUid());
+
+ Api::deleteUser(deleteUserRequest);
+
+ check_app_permissions(sm_app_id, sm_pkg_id, uid_string.c_str(), SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES);
+
+ check_app_after_uninstall(sm_app_id, sm_pkg_id, true);
+}
+
+RUNNER_CHILD_TEST(security_manager_09_add_user_offline)
+{
+ const char *const app_id = "security_manager_09_add_user_offline_app";
+ const char *const pkg_id = "security_manager_09_add_user_offline_pkg";
+ const std::string username("sm_test_09_user_name");
+ DBusAccess dbusAccess("security-manager.service");
+ dbusAccess.maskService();
+ dbusAccess.stopService();
+
+ TemporaryTestUser user(username, GUM_USERTYPE_NORMAL, true);
+
+ install_app(app_id, pkg_id, user.getUid());
+
+ check_app_after_install(app_id, pkg_id);
+
+ dbusAccess.unmaskService();
+ dbusAccess.startService();
+
+ user.remove();
+
+ check_app_after_uninstall(app_id, pkg_id, true);
+}
+
int main(int argc, char *argv[])
{
- SummaryCollector::Register();
return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
}
projects / platform / core / test / security-tests.git / blobdiff