Implement test for adding new WRT rules in libprivilege-control

[Issue#]       SSDWSSP-599
[Feature]      New test for perm_app_setup_path with
               new option PERM_APP_PATH_RUNTIME.
[Cause]        New functionality.
[Solution]     New test case nr 20 in libprivilege tests.
               Currently ignored tc 20 switched to tc 21.
[Verification] Build, install, run:
               # libprivilege-control-test --output=text
               Verify that tc20 npruntime is passing and no
               other test cases are affected.

               Synchronize libprivilege with the following commit:
               http://slp-info.sec.samsung.net/gerrit/#/c/314185/

Change-Id: I468a6091997d608ff2b10ebd893b88fca8bf641f

diff --git a/tests/libprivilege-control-tests/test_cases.cpp b/tests/libprivilege-control-tests/test_cases.cpp
index bd7032c..66a1dae 100644 (file)
--- a/tests/libprivilege-control-tests/test_cases.cpp
+++ b/tests/libprivilege-control-tests/test_cases.cpp
@@ -66,6 +66,9 @@
 
 #define APP_TEST "app_test"
 
+#define APP_NPRUNTIME       "app_np_test"
+#define APP_NPRUNTIME_FILE  "/etc/smack/test_privilege_control_DIR/app_dir/exec"
+
 namespace {
 
 const char *PRIVS2_NO_R[] = { "test_privilege_control_rules2_no_r", NULL };
@@ -1646,7 +1649,57 @@ RUNNER_TEST_SMACK(privilege_control19_app_setup_path_settings)
     test_app_setup_path(__LINE__, APP_PATH_SETTINGS_RW);
 }
 
-RUNNER_TEST(privilege_control20_early_rules)
+RUNNER_TEST(privilege_control20_app_setup_path_npruntime)
+{
+    int result = 0;
+    std::unique_ptr<char, std::function<void(void*)> > labelPtr(NULL,free);
+    std::string nptargetlabel = std::string(APP_NPRUNTIME) + ".npruntime";
+    char *label = NULL;
+
+    DB_BEGIN
+
+    result = perm_app_uninstall(APP_NPRUNTIME);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_uninstall. " << result);
+
+    result = perm_app_install(APP_NPRUNTIME);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_install. " << result);
+
+    result = perm_app_setup_path(APP_NPRUNTIME, APP_NPRUNTIME_FILE, PERM_APP_PATH_NPRUNTIME);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_setup_path. " << result);
+
+    DB_END
+
+    RUNNER_ASSERT(0 == smack_lgetlabel(APP_NPRUNTIME_FILE, &label, SMACK_LABEL_EXEC));
+    labelPtr.reset(label);
+    label = NULL;
+    RUNNER_ASSERT(0 == strcmp(labelPtr.get(), nptargetlabel.c_str()));
+
+    // test smack accesses
+    result = smack_have_access(APP_NPRUNTIME, nptargetlabel.c_str(), "rw");
+    RUNNER_ASSERT_MSG(result == 1,
+        "Error: subject: " << APP_NPRUNTIME << " has not rw access to object: "
+       << nptargetlabel.c_str() << ". Result: " << result);
+
+    result = smack_have_access(nptargetlabel.c_str(), APP_NPRUNTIME, "rxat");
+    RUNNER_ASSERT_MSG(result == 1,
+        "Error: subject: " << nptargetlabel.c_str() << " has not rxat access to object: "
+       << APP_NPRUNTIME << ". Result: " << result);
+
+    result = smack_have_access(nptargetlabel.c_str(), "system::homedir", "rxat");
+    RUNNER_ASSERT_MSG(result == 1,
+        "Error: subject: " << nptargetlabel.c_str() << " has not rxat access to object: "
+       << "system::homedir. Result: " << result);
+
+    result = smack_have_access(nptargetlabel.c_str(), "xorg", "rw");
+    RUNNER_ASSERT_MSG(result == 1,
+        "Error: subject: " << nptargetlabel.c_str() << " has not rw access to object: "
+       << "xorg. Result: " << result);
+
+    result = perm_app_uninstall(APP_NPRUNTIME);
+    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS, "Error in perm_app_uninstall. " << result);
+}
+
+RUNNER_TEST(privilege_control21_early_rules)
 {
     RUNNER_IGNORED_MSG("early rules are not implemented");