Revert "Fix security-server server tests"

[platform/core/test/security-tests.git] / tests / security-server-tests / server.cpp

diff --git a/tests/security-server-tests/server.cpp b/tests/security-server-tests/server.cpp
index 0899f1b..7c90047 100644 (file)
--- a/tests/security-server-tests/server.cpp
+++ b/tests/security-server-tests/server.cpp
@@ -40,53 +40,22 @@ const char *TEST04_SUBJECT = "subject_57dfbfc5";
 const char *TEST07_SUBJECT = "subject_cd738844";
 const char *TEST08_SUBJECT = "subject_fd84ba7f";
 
-const char *API_PASSWD_SET    = "security-server::api-password-set";
-const char *API_PASSWD_CHECK  = "security-server::api-password-check";
-const char *API_PASSWD_RESET  = "security-server::api-password-reset";
-const char *API_RULE_REQUIRED = "w";
-
-int clear_password(char ** /*error*/)
+void clear_password()
 {
     int ret = -1;
     unsigned int attempt, max_attempt, expire_sec;
-    const char *subject_allow = "subject_allow";
-    struct smack_accesses *handle = NULL;
-
-    if (getuid() == 0) {
-        reset_security_server();
-
-        ret = smack_accesses_new(&handle);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
-
-        /* our subject 'subject_allow' has access to security-server::api-password-check */
-        ret = smack_accesses_add(handle, subject_allow, API_PASSWD_CHECK, API_RULE_REQUIRED);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
-
-        ret = smack_accesses_apply(handle);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
 
-        ret = smack_set_label_for_self(subject_allow);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret);
+    reset_security_server();
 
-        smack_accesses_free(handle);
-
-        attempt = max_attempt = expire_sec = UINT_MAX;
-        ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-
-        RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
-        RUNNER_ASSERT_BT(expire_sec == 0);
-        RUNNER_ASSERT_BT(max_attempt == 0);
-        RUNNER_ASSERT_BT(attempt == 0);
-
-        /* we revoke all rules for subject 'subject_allow' */
-        ret = smack_revoke_subject(subject_allow);
-        RUNNER_ASSERT_MSG_BT(ret == 0, "Revoking subject didn't work.");
+    attempt = max_attempt = expire_sec = UINT_MAX;
+    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
 
-        sleep(1);
+    RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
+    RUNNER_ASSERT_BT(expire_sec == 0);
+    RUNNER_ASSERT_BT(max_attempt == 0);
+    RUNNER_ASSERT_BT(attempt == 0);
 
-        return 0;
-    }
-    return -1;
+    sleep(1);
 }
 
 void check_API_passwd(bool smack) {
@@ -160,16 +129,10 @@ RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
 {
     const char *subject = "abc345v34sfa";
     const char *object = "efg678x2lkjz";
-    const char *server_api = "security-server::api-data-share";
-
-    SmackAccess smack;
-    smack.add(subject, object, "-----");
-    smack.add(object,  server_api, "rw");
-    smack.apply();
 
-    smack_set_label_for_self(object);
-
-    RUNNER_ASSERT_MSG_BT(drop_root_privileges() == 0, "uid = " << getuid());
+    SecurityServer::AccessProvider provider(object);
+    provider.allowSS();
+    provider.applyAndSwithToUser(APP_UID, APP_GID);
 
     security_server_app_give_access(subject, getpid());
 
@@ -199,7 +162,6 @@ RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
 
 RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access)
 {
-    RUNNER_IGNORED_MSG("Security-server sockets are not labeled.");
     const char *subject = "xxx45v34sfa";
     const char *object = "yyy78x2lkjz";
 
@@ -219,6 +181,7 @@ RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access)
 
 RUNNER_TEST_SMACK(tc02_check_privilege_by_pid)
 {
+    RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
     int ret;
     int pid;
 
@@ -237,17 +200,13 @@ RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow)
 {
     int ret = -1;
     unsigned int attempt, max_attempt, expire_sec;
-    char *str = (char*) malloc(256);
 
     attempt = max_attempt = expire_sec = 0;
 
-    ret = clear_password(&str);
-    RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << str);
+    clear_password();
 
     SecurityServer::AccessProvider provider(TEST03_SUBJECT);
-    provider.allowAPI(API_PASSWD_CHECK, API_RULE_REQUIRED);
-    provider.allowAPI(API_PASSWD_SET,   API_RULE_REQUIRED);
-    provider.allowAPI(API_PASSWD_RESET, API_RULE_REQUIRED);
+    provider.allowSS();
     provider.applyAndSwithToUser(APP_UID, APP_GID);
 
     ret = security_server_set_pwd_validity(10);
@@ -276,7 +235,6 @@ RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow)
 
 RUNNER_CHILD_TEST_SMACK(tc04_check_API_passwd_denied)
 {
-    RUNNER_IGNORED_MSG("Security-server sockets are not labeled.");
     check_API_passwd(true);
 }
 
@@ -288,7 +246,7 @@ RUNNER_CHILD_TEST_NOSMACK(tc04_check_API_app_user_passwd_allow_nosmack)
 RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow)
 {
     SecurityServer::AccessProvider provider(TEST07_SUBJECT);
-    provider.allowFunction("security_server_app_give_access");
+    provider.allowSS();
     provider.applyAndSwithToUser(APP_UID, APP_GID);
 
     int ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
@@ -297,7 +255,6 @@ RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow)
 
 RUNNER_CHILD_TEST_SMACK(tc08_check_API_data_share_denied)
 {
-    RUNNER_IGNORED_MSG("Security-server sockets are not labeled.");
     SecurityServer::AccessProvider provider(TEST08_SUBJECT);
     provider.applyAndSwithToUser(APP_UID, APP_GID);
 
@@ -349,6 +306,7 @@ RUNNER_CHILD_TEST_NOSMACK(tc01_security_server_app_give_access_nosmack)
  */
 RUNNER_TEST_NOSMACK(tc02_check_privilege_by_pid_nosmack)
 {
+    RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
     int ret;
     int pid;