Add support for Application Defined Privileges

Change-Id: I51122a50ac1b6f0c169659c07fcc9da02bd3ef36

diff --git a/src/security-manager-tests/common/app_install_helper.cpp b/src/security-manager-tests/common/app_install_helper.cpp
index 0436241c3c993023d89d0946de4c04ca9ebea6ea..cd352f6452c855bf44c24183369af9499c7d2f9b 100644 (file)
--- a/src/security-manager-tests/common/app_install_helper.cpp
+++ b/src/security-manager-tests/common/app_install_helper.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2017 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -153,6 +153,14 @@ std::vector<std::string> AppInstallHelper::getPrivileges() const {
     return m_privileges;
 }
 
+void AppInstallHelper::addAppDefinedPrivilege(const std::string &privilege) {
+    m_appDefinedPrivileges.push_back(privilege);
+}
+
+std::vector<std::string> AppInstallHelper::getAppDefinedPrivileges() const {
+    return m_appDefinedPrivileges;
+}
+
 void AppInstallHelper::revokeRules() const {
     RUNNER_ASSERT_MSG(
         0 == smack_revoke_subject(generateAppLabel().c_str()),

diff --git a/src/security-manager-tests/common/app_install_helper.h b/src/security-manager-tests/common/app_install_helper.h
index 883dd0ec6f8e9d84e1619e46d228f692a9373035..c4d083ee0733c6d06aa27365032defa6079b91fe 100644 (file)
--- a/src/security-manager-tests/common/app_install_helper.h
+++ b/src/security-manager-tests/common/app_install_helper.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2017 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -110,6 +110,9 @@ struct AppInstallHelper {
     void addPrivileges(const std::vector<std::string> &privileges);
     std::vector<std::string> getPrivileges() const;
 
+    void addAppDefinedPrivilege(const std::string &privilege);
+    std::vector<std::string> getAppDefinedPrivileges() const;
+
     // Smack
     std::string generateAppLabel() const;
     std::string generatePkgLabel() const;
@@ -134,6 +137,7 @@ protected:
     TypePathsMap m_dirTypeMap;
     TypePathsMap m_fileTypeMap;
     std::vector<std::string> m_privileges;
+    std::vector<std::string> m_appDefinedPrivileges;
     std::string m_author;
 
     pid_t m_creatorPid;

diff --git a/src/security-manager-tests/common/scoped_installer.h b/src/security-manager-tests/common/scoped_installer.h
index 639aa1164400d7337c7a709e185c19dd8548e313..6ec37c25492efb0d13b6715ae63c81e7ae3dd11c 100644 (file)
--- a/src/security-manager-tests/common/scoped_installer.h
+++ b/src/security-manager-tests/common/scoped_installer.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2016-2017 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -60,9 +60,11 @@ public:
         for (const auto& typePaths : app.getFilesMap())
             for (const auto& path : typePaths.second)
                 instReq.addPath(path, typePaths.first);
-        for (const auto &priv : app.getPrivileges()) {
+        for (const auto &priv : app.getPrivileges())
             instReq.addPrivilege(priv.c_str());
-        }
+        for (const auto &priv : app.getAppDefinedPrivileges())
+            instReq.addAppDefinedPrivilege(priv);
+
         SecurityManagerTest::Api::install(instReq);
     }
 

diff --git a/src/security-manager-tests/common/sm_request.cpp b/src/security-manager-tests/common/sm_request.cpp
index 2bba17ca0b15532a122124e79cfe75152913f193..5f5f5a2b29049e433fa3761b5cb526fa62078d10 100644 (file)
--- a/src/security-manager-tests/common/sm_request.cpp
+++ b/src/security-manager-tests/common/sm_request.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2017 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -95,6 +95,17 @@ void InstallRequest::addPrivilege(const std::string &privilege, lib_retcode expe
     m_privileges.push_back(privilege);
 }
 
+void InstallRequest::addAppDefinedPrivilege(const std::string &privilege, lib_retcode expectedResult)
+{
+    int result = security_manager_app_inst_req_add_app_defined_privilege(m_req, privilege.c_str());
+    RUNNER_ASSERT_MSG((lib_retcode)result == expectedResult,
+                      "adding app defined privilege returned wrong value."
+                          << " Privilege: " << privilege << ";"
+                          << " Result: " << result << ";"
+                          << " Expected result: " << expectedResult);
+    m_appDefinedPrivileges.push_back(privilege);
+}
+
 void InstallRequest::addPath(std::string path, app_install_path_type pathType, lib_retcode expectedResult)
 {
     int result = security_manager_app_inst_req_add_path(m_req, path.c_str(), pathType);
@@ -162,6 +173,13 @@ std::ostream& operator<<(std::ostream &os, const InstallRequest &request)
         }
         os << " ]";
     }
+    if (!request.m_appDefinedPrivileges.empty()) {
+        os << "app defined privileges: [ " << request.m_appDefinedPrivileges[0];
+        for (size_t i = 1; i < request.m_appDefinedPrivileges.size(); ++i)
+            os << "; " << request.m_appDefinedPrivileges[i];
+        os << " ]";
+    }
+
     if (!request.m_paths.empty()) {
         os << "paths: [ " << "< " << request.m_paths[0].first << "; "
                                   << request.m_paths[0].second << " >";

diff --git a/src/security-manager-tests/common/sm_request.h b/src/security-manager-tests/common/sm_request.h
index ee725217ff4ee949e9180bec09022429e5d3b8c2..abdbb42f2ea6453dc9435ff78a05bac7f34861f2 100644 (file)
--- a/src/security-manager-tests/common/sm_request.h
+++ b/src/security-manager-tests/common/sm_request.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2017 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -59,6 +59,7 @@ public:
     void setAppId(std::string appId, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
     void setPkgId(std::string pkgId, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
     void addPrivilege(const std::string &privilege, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
+    void addAppDefinedPrivilege(const std::string &privilege, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
     void addPath(std::string path, app_install_path_type pathType,
                  lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
     void setUid(const uid_t uid, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
@@ -78,6 +79,7 @@ private:
     std::string m_pkgId;
     std::string m_authorId;
     std::vector<std::string> m_privileges;
+    std::vector<std::string> m_appDefinedPrivileges;
     std::vector<std::pair<std::string, app_install_path_type> > m_paths;
     std::pair<bool, uid_t> m_uid;
 };