projects / platform / core / test / security-tests.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Adjust AccessProvider api to current security-server.
[platform/core/test/security-tests.git] / tests / security-server-tests / server.cpp
diff --git a/tests/security-server-tests/server.cpp b/tests/security-server-tests/server.cpp
index fcbb478..56034e9 100644 (file)
--- a/tests/security-server-tests/server.cpp
+++ b/tests/security-server-tests/server.cpp
@@ -40,53 +40,22 @@ const char *TEST04_SUBJECT = "subject_57dfbfc5";
 const char *TEST07_SUBJECT = "subject_cd738844";
 const char *TEST08_SUBJECT = "subject_fd84ba7f";
 
-const char *API_PASSWD_SET    = "security-server::api-password-set";
-const char *API_PASSWD_CHECK  = "security-server::api-password-check";
-const char *API_PASSWD_RESET  = "security-server::api-password-reset";
-const char *API_RULE_REQUIRED = "w";
-
-int clear_password(char ** /*error*/)
+void clear_password()
 {
     int ret = -1;
     unsigned int attempt, max_attempt, expire_sec;
-    const char *subject_allow = "subject_allow";
-    struct smack_accesses *handle = NULL;
-
-    if (getuid() == 0) {
-        reset_security_server();
-
-        ret = smack_accesses_new(&handle);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
-
-        /* our subject 'subject_allow' has access to security-server::api-password-check */
-        ret = smack_accesses_add(handle, subject_allow, API_PASSWD_CHECK, API_RULE_REQUIRED);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
-
-        ret = smack_accesses_apply(handle);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
 
-        ret = smack_set_label_for_self(subject_allow);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
+    reset_security_server();
 
-        smack_accesses_free(handle);
-
-        attempt = max_attempt = expire_sec = UINT_MAX;
-        ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-
-        RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
-        RUNNER_ASSERT_BT(expire_sec == 0);
-        RUNNER_ASSERT_BT(max_attempt == 0);
-        RUNNER_ASSERT_BT(attempt == 0);
-
-        /* we revoke all rules for subject 'subject_allow' */
-        ret = smack_revoke_subject(subject_allow);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "Revoking subject didn't work.");
+    attempt = max_attempt = expire_sec = UINT_MAX;
+    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 
-        sleep(1);
+    RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
+    RUNNER_ASSERT_BT(expire_sec == 0);
+    RUNNER_ASSERT_BT(max_attempt == 0);
+    RUNNER_ASSERT_BT(attempt == 0);
 
-        return 0;
-    }
-    return -1;
+    sleep(1);
 }
 
 void check_API_passwd(bool smack) {
@@ -160,16 +129,10 @@ RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
 {
     const char *subject = "abc345v34sfa";
     const char *object = "efg678x2lkjz";
-    const char *server_api = "security-server::api-data-share";
-
-    SmackAccess smack;
-    smack.add(subject, object, "-----");
-    smack.add(object,  server_api, "rw");
-    smack.apply();
 
-    smack_set_label_for_self(object);
-
-    RUNNER_ASSERT_MSG_BT(drop_root_privileges() == 0, "uid = " << getuid());
+    SecurityServer::AccessProvider provider(object);
+    provider.allowSS();
+    provider.applyAndSwithToUser(APP_UID, APP_GID);
 
     security_server_app_give_access(subject, getpid());
 
@@ -238,17 +201,13 @@ RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow)
 {
     int ret = -1;
     unsigned int attempt, max_attempt, expire_sec;
-    char *str = (char*) malloc(256);
 
     attempt = max_attempt = expire_sec = 0;
 
-    ret = clear_password(&str);
-    RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << str);
+    clear_password();
 
     SecurityServer::AccessProvider provider(TEST03_SUBJECT);
-    provider.allowAPI(API_PASSWD_CHECK, API_RULE_REQUIRED);
-    provider.allowAPI(API_PASSWD_SET,   API_RULE_REQUIRED);
-    provider.allowAPI(API_PASSWD_RESET, API_RULE_REQUIRED);
+    provider.allowSS();
     provider.applyAndSwithToUser(APP_UID, APP_GID);
 
     ret = security_server_set_pwd_validity(10);
@@ -289,7 +248,7 @@ RUNNER_CHILD_TEST_NOSMACK(tc04_check_API_app_user_passwd_allow_nosmack)
 RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow)
 {
     SecurityServer::AccessProvider provider(TEST07_SUBJECT);
-    provider.allowFunction("security_server_app_give_access");
+    provider.allowSS();
     provider.applyAndSwithToUser(APP_UID, APP_GID);
 
     int ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
Domain: Security / Uncategorized;