${PROJECT_SOURCE_DIR}/src/common/message_pipe.cpp
${PROJECT_SOURCE_DIR}/src/common/synchronization_pipe.cpp
${PROJECT_SOURCE_DIR}/src/common/timeout.cpp
- ${PROJECT_SOURCE_DIR}/src/common/temp_test_user.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/test_user.cpp
${PROJECT_SOURCE_DIR}/src/common/cynara_helpers_creds.cpp
${PROJECT_SOURCE_DIR}/src/common/label_generator.cpp
${PROJECT_SOURCE_DIR}/src/common/app_install_helper.cpp
launch(runInAppContext);
}
-ScopedAppLauncher::ScopedAppLauncher(const AppInstallHelper &app, const TemporaryTestUser &user,
+ScopedAppLauncher::ScopedAppLauncher(const AppInstallHelper &app, const TestUser &user,
const std::function<void(void)> &runInAppContext)
: m_uid(user.getUid()),
#include <app_install_helper.h>
#include <synchronization_pipe.h>
-#include <temp_test_user.h>
+#include <test_user.h>
class ScopedAppLauncher final {
public:
explicit ScopedAppLauncher(const AppInstallHelper& app,
const std::function<void(void)>& runInAppContext = []{});
- ScopedAppLauncher(const AppInstallHelper& app, const TemporaryTestUser& user,
+ ScopedAppLauncher(const AppInstallHelper& app, const TestUser& user,
const std::function<void(void)>& runInAppContext = []{});
~ScopedAppLauncher();
#include <memory.h>
#include <sm_request.h>
#include <sm_api.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <synchronization_pipe.h>
#include <dpl/test/safe_cleanup.h>
#include <dpl/test/test_runner.h>
#include <memory.h>
+#include <scoped_app_launcher.h>
#include <sm_api.h>
#include <sm_commons.h>
#include <tests_common.h>
#include "tzplatform.h"
-#include <temp_test_user.h>
+#include <test_user.h>
#include "dac.h"
Api::cleanupApp(app.getAppId(), app.getUID(), pid);
}
+void runAccessTest(const AppInstallHelper &app, const TestUser &user,
+ const std::string &testPath, int accessType) {
+ ScopedAppLauncher(app, user, [&] { accessTest(app.getAppId(), testPath, accessType);});
+}
+
void runAccessTest(const AppInstallHelper &app, const std::string &testPath,
uid_t uid, gid_t gid, int accessType) {
auto fun = [&](){
return ret;
}
-int setLauncherSecurityAttributes(TemporaryTestUser &user)
+int setLauncherSecurityAttributes(TestUser &user)
{
return setLauncherSecurityAttributes(user.getUid(), user.getGid());
}
#include <app_install_helper.h>
#include <memory.h>
-#include <temp_test_user.h>
+#include <test_user.h>
DEFINE_SMARTPTR(cap_free, _cap_struct, CapsSetsUniquePtr);
void runAccessTest(const AppInstallHelper &app, const std::string &testPath, int accessType);
void runAccessTest(const AppInstallHelper &app, const std::string &testPath,
uid_t uid, gid_t gid, int accessType);
+void runAccessTest(const AppInstallHelper &app, const TestUser &user, const std::string &testPath,
+ int accessType);
void runSystemAccessTest(uid_t uid, gid_t gid, const std::string &testPath, int accessType);
bool isAskuserDisabled();
int countPrivacyPrivileges(const std::vector<std::string> &privs);
int setLauncherSecurityAttributes(uid_t uid, gid_t gid);
-int setLauncherSecurityAttributes(TemporaryTestUser &user);
+int setLauncherSecurityAttributes(TestUser &user);
+++ /dev/null
-/*
- * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-*/
-
-/*
- * @file temp_test_user.cpp
- * @author Jan Cybulski (j.cybulski@partner.samsung.com)
- * @author Rafal Krypa (j.cybulski@samsung.com)
- * @version 1.0
- * @brief File with class for users management
- */
-
-
-#include <exception>
-#include <memory.h>
-#include <tests_common.h>
-#include <temp_test_user.h>
-#include <glib-object.h>
-#include <dpl/test/test_runner.h>
-#include <unistd.h>
-#include <signal.h>
-#include <sys/prctl.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-
-TemporaryTestUser::TemporaryTestUser(TemporaryTestUser &&other)
- : m_uid(other.m_uid), m_gid(other.m_gid), m_userName(std::move(other.m_userName)),
- m_userType(other.m_userType), m_offline(other.m_offline), m_creatorPid(other.m_creatorPid)
-{
- other.m_creatorPid = -1;
-}
-
-void TemporaryTestUser::create(void)
-{
- if (m_uid != 0)
- remove();
-
-/*
- Below line of code is a hack for Gumd commit that removes Smack management capabilities:
-
- | commit 9b45c1afa49103dcb4101f4b28bf7c145f3294a6
- |/ Author: Yunmi Ha <yunmi.ha@samsung.com>
- | Date: Tue Jul 5 13:40:16 2016 +0900
- |
- | Remove smack capability
- |
- | with wearable profile, CAP_MAC_ADMIN and CAP_MAC_OVERRIDE capabilities are removed.
- | (can't use useradd/del/modify function without offline option.)
- | with other profile, only CAP_MAC_OVERRIDE capability is removed.
- |
- | For this, gumd launcher was changed to systemd.
- |
- | Change-Id: Ic95fceed41afc41e37e93606c3abf830536ac7d6
- | Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
-*/
- m_offline = true;
-
- bool ret = m_runner.userCreate(m_userName, m_userType, m_offline, m_uid, m_gid);
- RUNNER_ASSERT_MSG(ret, "Failed to add user");
- RUNNER_ASSERT_MSG(m_uid != 0, "Something strange happened during user creation. uid == 0.");
- RUNNER_ASSERT_MSG(m_gid != 0, "Something strange happened during user creation. gid == 0.");
-}
-
-void TemporaryTestUser::remove(void)
-{
- if (m_uid == 0)
- return;
-
- m_runner.userRemove(m_uid, m_offline);
- m_uid = m_gid = 0;
-}
-
-TemporaryTestUser::~TemporaryTestUser()
-{
- if (m_creatorPid == getpid())
- remove();
-}
-
-TemporaryTestUser::GumdRunner TemporaryTestUser::m_runner = TemporaryTestUser::GumdRunner();
-
-TemporaryTestUser::GumdRunner::GumdRunner()
-{
- int sock[2];
- int ret = socketpair(AF_UNIX, SOCK_STREAM, 0, sock);
- RUNNER_ASSERT_MSG(ret != -1, "socketpair() failed");
-
- pid_t parent_pid = getpid();
- pid_t pid = fork();
- RUNNER_ASSERT_MSG(pid != -1, "fork() failed");
- if (pid) { // parent
- m_sock = sock[0];
- close(sock[1]);
- return;
- } else { // child
- m_sock = sock[1];
- close(sock[0]);
- prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // Don't outlive parent process
- // If the parent died before prctl(), we won't be SIGKILLed
- if (parent_pid != getppid())
- std::terminate();
- run(); // Never returns
- }
-}
-
-TemporaryTestUser::GumdRunner::~GumdRunner()
-{
- close(m_sock);
-}
-
-bool TemporaryTestUser::GumdRunner::userCreate(std::string userName,
- GumUserType userType, bool offline, uid_t &uid, gid_t &gid)
-{
- put(static_cast<int>(opType::USER_CREATE));
- put(userName.size());
- put(userName.c_str(), userName.size());
- put(userType);
- put(offline);
-
- bool ret = get<bool>();
- if (ret) {
- uid = get<uid_t>();
- gid = get<gid_t>();
- }
- return ret;
-}
-
-bool TemporaryTestUser::GumdRunner::userRemove(uid_t uid, bool offline)
-{
- put(static_cast<int>(opType::USER_REMOVE));
- put(uid);
- put(offline);
- return get<bool>();
-}
-
-
-void TemporaryTestUser::GumdRunner::run()
-{
- DEFINE_SMARTPTR(g_object_unref, GumUser, GumUserPtr);
-
- while (true) {
- switch(static_cast<opType>(get<int>())) {
- case opType::USER_CREATE:
- {
- size_t userNameLen = get<size_t>();
- std::unique_ptr<char[]> userNamePtr(new char[userNameLen + 1]);
- get(userNamePtr.get(), userNameLen);
- userNamePtr[userNameLen] = '\0';
- GumUserType userType = get<GumUserType>();
- bool offline = get<bool>();
-
- bool result = false;
- uid_t uid;
- gid_t gid;
-
- GumUserPtr userPtr(gum_user_create_sync(offline));
- if (userPtr) {
- g_object_set(G_OBJECT(userPtr.get()),
- "username", userNamePtr.get(),
- "usertype", userType,
- nullptr);
- gboolean ret = gum_user_add_sync(userPtr.get());
- if (ret == TRUE) {
- g_object_get(G_OBJECT(userPtr.get()), "uid", &uid, nullptr);
- g_object_get(G_OBJECT(userPtr.get()), "gid", &gid, nullptr);
- result = true;
- }
- }
-
- put(result);
- if (result) {
- put(uid);
- put(gid);
- }
- }
- break;
-
- case opType::USER_REMOVE:
- {
- uid_t uid = get<uid_t>();
- bool offline = get<bool>();
- bool result = false;
-
- GumUserPtr userPtr(gum_user_get_sync(uid, offline));
- if (userPtr) {
- gboolean ret = gum_user_delete_sync(userPtr.get(), TRUE);
- result = (ret == TRUE);
- }
- put(static_cast<bool>(result));
- }
- break;
- }
- }
-}
-
-void TemporaryTestUser::GumdRunner::get(void *buf, size_t cnt)
-{
- int ret;
- for (size_t pos = 0; pos < cnt; pos += ret) {
- ret = TEMP_FAILURE_RETRY(
- read(m_sock, static_cast<char *>(buf) + pos, cnt - pos));
- RUNNER_ASSERT_MSG(ret != -1, "read() failed");
- RUNNER_ASSERT_MSG(ret > 0, "expected " << cnt << " bytes, but read only " << pos
- << " and the socket closed");
- }
-}
-
-void TemporaryTestUser::GumdRunner::put(const void *buf, size_t cnt)
-{
- int ret;
- for (size_t pos = 0; pos < cnt; pos += ret) {
- ret = TEMP_FAILURE_RETRY(
- write(m_sock, static_cast<const char *>(buf) + pos, cnt - pos));
- RUNNER_ASSERT_MSG(ret != -1, "write() failed");
- }
-}
-
-template<typename T>
-T TemporaryTestUser::GumdRunner::get()
-{
- T x;
- get(&x, sizeof(x));
- return std::move(x);
-}
-
-template<typename T>
-void TemporaryTestUser::GumdRunner::put(const T x)
-{
- put(&x, sizeof(x));
-}
+++ /dev/null
-/*
- * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-*/
-
-#ifndef TEMP_TEST_USER_H
-#define TEMP_TEST_USER_H
-
-#include <string>
-#include <sys/types.h>
-#include <gum-user.h>
-#include <common/gum-user-types.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-class TemporaryTestUser {
-public:
- TemporaryTestUser(std::string userName, GumUserType userType, bool offline = false) :
- m_uid(0),
- m_gid(0),
- m_userName(userName),
- m_userType(userType),
- m_offline(offline),
- m_creatorPid(getpid())
- {};
- TemporaryTestUser(const TemporaryTestUser &) = delete;
- TemporaryTestUser(TemporaryTestUser &&other);
- TemporaryTestUser& operator=(const TemporaryTestUser &) = delete;
- ~TemporaryTestUser();
- void remove(void);
- uid_t getUid() const {return m_uid;}
- uid_t getGid() const {return m_gid;}
- void create(void);
- std::string getUidString() const {return std::to_string(static_cast<unsigned int>(m_uid));}
- const std::string& getUserName() const {return m_userName;}
- GumUserType getUserType() const {return m_userType;}
-
-private:
- class GumdRunner {
- public:
- GumdRunner();
- ~GumdRunner();
- bool userCreate(std::string userName, GumUserType userType, bool offline,
- uid_t &uid, gid_t &gid);
- bool userRemove(uid_t uid, bool offline);
-
- private:
- enum class opType {USER_CREATE, USER_REMOVE};
- int m_sock;
-
- void run();
- void get(void *buf, size_t count);
- void put(const void *buf, size_t count);
- template<typename T> T get();
- template<typename T> void put(const T x);
- };
-
- static GumdRunner m_runner;
- uid_t m_uid;
- uid_t m_gid;
- std::string m_userName;
- GumUserType m_userType;
- bool m_offline;
- pid_t m_creatorPid;
-};
-
-#endif
--- /dev/null
+/*
+ * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file test_user.cpp
+ * @author Jan Cybulski (j.cybulski@partner.samsung.com)
+ * @author Rafal Krypa (j.cybulski@samsung.com)
+ * @version 1.0
+ * @brief File with class for users management
+ */
+
+
+#include <exception>
+#include <iostream>
+#include <string_view>
+#include <memory.h>
+#include <tests_common.h>
+#include <test_user.h>
+#include <glib-object.h>
+#include <glib.h>
+#include <dpl/test/test_runner.h>
+#include <unistd.h>
+#include <signal.h>
+#include <sys/prctl.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <gum-user-service.h>
+#include <unordered_set>
+#include <unordered_map>
+
+namespace {
+
+constexpr uid_t OWNER_UID = 5001;
+
+const static std::unordered_set<std::string_view> SYSTEM_USER_NAMES = {
+ "owner",
+};
+
+const static std::unordered_map<SystemUser, uid_t> SYSTEM_USER_IDS = {
+ {SystemUser::OWNER, OWNER_UID}
+};
+
+bool isSystemUser(const std::string_view &userName) {
+ return SYSTEM_USER_NAMES.find(userName) != SYSTEM_USER_NAMES.end();
+}
+
+uid_t systemUserId(SystemUser user) {
+ return SYSTEM_USER_IDS.at(user);
+}
+
+#define FAIL_IF(cond, message) \
+ do \
+ { \
+ if (!(cond)) \
+ { \
+ std::cerr << "Failed: " #cond " : " << message << std::endl; \
+ exit(1); \
+ } \
+ } while (0)
+
+class GumdRunner {
+public:
+ GumdRunner()
+ {
+ int sock[2];
+ int ret = socketpair(AF_UNIX, SOCK_STREAM, 0, sock);
+ FAIL_IF(ret != -1, "socketpair() failed");
+
+ pid_t parent_pid = getpid();
+ pid_t pid = fork();
+ FAIL_IF(pid != -1, "fork() failed");
+ if (pid) { // parent
+ m_sock = sock[0];
+ close(sock[1]);
+ return;
+ } else { // child
+ m_sock = sock[1];
+ close(sock[0]);
+ prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // Don't outlive parent process
+ // If the parent died before prctl(), we won't be SIGKILLed
+ if (parent_pid != getppid())
+ std::terminate();
+ try {
+ run(); // Never returns
+ } catch (...) {
+ FAIL_IF(true, "Run process failed");
+ }
+ }
+ }
+
+ ~GumdRunner()
+ {
+ close(m_sock);
+ }
+
+ bool userExists(const std::string_view &userName, bool offline, bool &exists){
+ put(opType::USER_EXISTS);
+ put(userName);
+ put(offline);
+
+ auto ret = get<bool>();
+ if (ret) {
+ exists = get<bool>();
+ }
+
+ return ret;
+ }
+
+ bool userGet(uid_t uid, bool offline, gid_t &gid,
+ std::string &userName, GumUserType &userType)
+ {
+ put(opType::USER_GET);
+ put(uid);
+ put(offline);
+
+ auto ret = get<bool>();
+ if (ret) {
+ gid = get<gid_t>();
+ userName = get<std::string>();
+ userType = get<GumUserType>();
+ }
+
+ return ret;
+ }
+
+ bool userGetByName(const std::string_view &userName, bool offline,
+ uid_t &uid, gid_t &gid, GumUserType &userType)
+ {
+ put(static_cast<int>(opType::USER_GET_BY_NAME));
+ put(userName);
+ put(offline);
+
+ auto ret = get<bool>();
+ if (ret) {
+ uid = get<uid_t>();
+ gid = get<gid_t>();
+ userType = get<GumUserType>();
+ }
+
+ return ret;
+ }
+
+ bool userCreate(const std::string_view &userName, GumUserType userType, bool offline,
+ uid_t &uid, gid_t &gid)
+ {
+ put(opType::USER_CREATE);
+ put(userName);
+ put(userType);
+ put(offline);
+
+ auto ret = get<bool>();
+ if (ret) {
+ uid = get<uid_t>();
+ gid = get<gid_t>();
+ }
+ return ret;
+ }
+
+ bool userRemove(uid_t uid, bool offline)
+ {
+ put(opType::USER_REMOVE);
+ put(uid);
+ put(offline);
+ return get<bool>();
+ }
+
+private:
+ enum class opType {USER_EXISTS, USER_GET, USER_GET_BY_NAME, USER_CREATE, USER_REMOVE};
+ int m_sock;
+
+ [[noreturn]]
+ void run()
+ {
+ DEFINE_SMARTPTR(g_object_unref, GumUser, GumUserPtr);
+ DEFINE_SMARTPTR(g_object_unref, GumUserService, GumUserServicePtr);
+ DEFINE_SMARTPTR(gum_user_service_list_free, GumUserList, GumUserListPtr);
+
+ while (true) {
+ switch(get<opType>()) {
+ case opType::USER_EXISTS:
+ {
+ auto userName = get<std::string>();
+ auto offline = get<bool>();
+
+ bool result = false;
+ bool exists = false;
+
+ GumUserServicePtr servicePtr(gum_user_service_create_sync(offline));
+ if (!servicePtr) {
+ put(result);
+ break;
+ }
+ const gchar *const types[] = {"normal", "admin", nullptr};
+ GumUserListPtr userList(
+ gum_user_service_get_user_list_sync(servicePtr.get(), types));
+
+ if (!userList) {
+ put(result);
+ break;
+ }
+
+ GList *last = userList.get();
+ result = true;
+ for (; last != NULL; last = last->next) {
+ GumUser *user = static_cast<GumUser *>(last->data);
+ gchar *exUserName;
+ g_object_get(G_OBJECT(user), "username", &exUserName, nullptr);
+
+ if (userName == exUserName) {
+ exists = true;
+ break;
+ }
+ }
+
+ put(result);
+ put(exists);
+ }
+ break;
+ case opType::USER_GET:
+ {
+ auto uid = get<uid_t>();
+ auto offline = get<bool>();
+
+ bool result = false;
+ gid_t gid;
+ gchar *username;
+ GumUserType userType;
+
+ GumUserPtr userPtr(gum_user_get_sync(uid, offline));
+ if (userPtr) {
+ g_object_get(G_OBJECT(userPtr.get()), "gid", &gid, nullptr);
+ g_object_get(G_OBJECT(userPtr.get()), "username", &username, nullptr);
+ g_object_get(G_OBJECT(userPtr.get()), "usertype", &userType, nullptr);
+ result = true;
+ }
+
+ put(result);
+ if (result) {
+ put(gid);
+ put(username);
+ put(userType);
+ }
+ }
+ break;
+
+ case opType::USER_GET_BY_NAME:
+ {
+ auto userName = get<std::string>();
+ auto offline = get<bool>();
+
+ bool result = false;
+ uid_t uid;
+ gid_t gid;
+ GumUserType userType;
+
+ GumUserPtr userPtr(gum_user_get_by_name_sync(userName.c_str(), offline));
+ if (userPtr) {
+ g_object_get(G_OBJECT(userPtr.get()), "uid", &uid, nullptr);
+ g_object_get(G_OBJECT(userPtr.get()), "gid", &gid, nullptr);
+ g_object_get(G_OBJECT(userPtr.get()), "usertype", &userType, nullptr);
+ result = true;
+ }
+
+ put(result);
+ if (result) {
+ put(uid);
+ put(gid);
+ put(userType);
+ }
+ }
+ break;
+
+ case opType::USER_CREATE:
+ {
+ auto userName = get<std::string>();
+ auto userType = get<GumUserType>();
+ auto offline = get<bool>();
+
+ bool result = false;
+ uid_t uid;
+ gid_t gid;
+
+ GumUserPtr userPtr(gum_user_create_sync(offline));
+ if (userPtr) {
+ g_object_set(G_OBJECT(userPtr.get()),
+ "username", userName.c_str(),
+ "usertype", userType,
+ nullptr);
+ gboolean ret = gum_user_add_sync(userPtr.get());
+ if (ret == TRUE) {
+ g_object_get(G_OBJECT(userPtr.get()), "uid", &uid, nullptr);
+ g_object_get(G_OBJECT(userPtr.get()), "gid", &gid, nullptr);
+ result = true;
+ }
+ }
+
+ put(result);
+ if (result) {
+ put(uid);
+ put(gid);
+ }
+ }
+ break;
+
+ case opType::USER_REMOVE:
+ {
+ auto uid = get<uid_t>();
+ auto offline = get<bool>();
+
+ auto result = false;
+
+ GumUserPtr userPtr(gum_user_get_sync(uid, offline));
+ if (userPtr) {
+ gboolean ret = gum_user_delete_sync(userPtr.get(), TRUE);
+ result = (ret == TRUE);
+ }
+ put(result);
+ }
+ break;
+ }
+ }
+ }
+
+ void get(void *buf, size_t cnt)
+ {
+ int ret;
+ for (size_t pos = 0; pos < cnt; pos += ret) {
+ ret = TEMP_FAILURE_RETRY(
+ read(m_sock, static_cast<char *>(buf) + pos, cnt - pos));
+ RUNNER_ASSERT_MSG(ret != -1, "read() failed");
+ RUNNER_ASSERT_MSG(ret > 0, "expected " << cnt << " bytes, but read only " << pos
+ << " and the socket closed");
+ }
+ }
+
+ void put(const void *buf, size_t cnt)
+ {
+ int ret;
+ for (size_t pos = 0; pos < cnt; pos += ret) {
+ ret = TEMP_FAILURE_RETRY(
+ write(m_sock, static_cast<const char *>(buf) + pos, cnt - pos));
+ RUNNER_ASSERT_MSG(ret != -1, "write() failed");
+ }
+ }
+
+ template<typename T,
+ typename std::enable_if_t<std::is_trivially_copyable_v<T> && !std::is_pointer_v<T>,
+ int> = 0>
+ T get()
+ {
+ T x;
+ get(&x, sizeof(x));
+ return std::move(x);
+ }
+
+ template<typename T,
+ typename std::enable_if_t<std::is_same_v<T, std::string>, int> = 0>
+ T get()
+ {
+ auto len = get<size_t>();
+
+ std::string str(len, '\0');
+ get(str.data(), len);
+
+ return str;
+ }
+
+ void put(const std::string_view &str)
+ {
+ put(static_cast<size_t>(str.size()));
+ put(str.data(), str.size());
+ }
+
+ template<typename T,
+ typename std::enable_if_t<std::is_trivially_copyable_v<T> && !std::is_pointer_v<T>,
+ int> = 0>
+ void put(const T& x)
+ {
+ put(&x, sizeof(x));
+ }
+};
+
+__attribute__((constructor))
+GumdRunner& getGumdRunner() {
+ static auto runner = GumdRunner{};
+ return runner;
+}
+
+}
+
+TestUser::TestUser(TestUser &&other)
+ : m_uid(other.m_uid), m_gid(other.m_gid), m_userName(std::move(other.m_userName)),
+ m_userType(other.m_userType), m_offline(other.m_offline), m_creatorPid(other.m_creatorPid),
+ m_created(other.m_created)
+{
+ other.m_creatorPid = -1;
+ other.m_created = false;
+}
+
+TestUser& TestUser::operator=(TestUser &&other) {
+ if (this == &other) {
+ return *this;
+ }
+
+ m_uid = other.m_uid;
+ m_gid = other.m_gid;
+ m_userName = std::move(other.m_userName);
+ m_userType = other.m_userType;
+ m_offline = other.m_offline;
+ m_creatorPid = other.m_creatorPid;
+ other.m_creatorPid = -1;
+ m_created = other.m_created;
+ other.m_created = false;
+
+ return *this;
+}
+
+TestUser TestUser::createTemporary(const std::string_view& userName, GumUserType userType, bool offline)
+{
+ RUNNER_ASSERT_MSG(!isSystemUser(userName), "Cannot create a system user " << userName);
+
+ bool exists = false;
+ RUNNER_ASSERT_MSG(getGumdRunner().userExists(userName, offline, exists),
+ "Failed to check if user " << userName << " exists");
+ if (exists) {
+ uid_t uid;
+ gid_t gid;
+ GumUserType userType;
+ RUNNER_ASSERT_MSG(getGumdRunner().userGetByName(userName, offline, uid, gid, userType),
+ "Failed to get user " << userName);
+ getGumdRunner().userRemove(uid, offline);
+ }
+
+/*
+ Below line of code is a hack for Gumd commit that removes Smack management capabilities:
+
+ | commit 9b45c1afa49103dcb4101f4b28bf7c145f3294a6
+ |/ Author: Yunmi Ha <yunmi.ha@samsung.com>
+ | Date: Tue Jul 5 13:40:16 2016 +0900
+ |
+ | Remove smack capability
+ |
+ | with wearable profile, CAP_MAC_ADMIN and CAP_MAC_OVERRIDE capabilities are removed.
+ | (can't use useradd/del/modify function without offline option.)
+ | with other profile, only CAP_MAC_OVERRIDE capability is removed.
+ |
+ | For this, gumd launcher was changed to systemd.
+ |
+ | Change-Id: Ic95fceed41afc41e37e93606c3abf830536ac7d6
+ | Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
+*/
+ offline = true;
+ uid_t uid;
+ gid_t gid;
+
+ bool ret = getGumdRunner().userCreate(userName, userType, offline, uid, gid);
+ RUNNER_ASSERT_MSG(ret, "Failed to add user");
+ RUNNER_ASSERT_MSG(uid != 0, "Something strange happened during user creation. uid == 0.");
+ RUNNER_ASSERT_MSG(gid != 0, "Something strange happened during user creation. gid == 0.");
+
+ return TestUser(uid, gid, userName, userType, true, offline);
+}
+
+void TestUser::remove(void)
+{
+ if (!m_created)
+ return;
+
+ getGumdRunner().userRemove(m_uid, m_offline);
+ m_created = false;
+}
+
+const TestUser& TestUser::getSystemUser(SystemUser systemUser, bool offline)
+{
+ static std::map<uid_t, TestUser> systemUsers;
+ uid_t uid = systemUserId(systemUser);
+
+ auto it = systemUsers.find(uid);
+ if (it != systemUsers.end()) {
+ return it->second;
+ }
+
+ gid_t gid;
+ std::string userName;
+ GumUserType userType;
+
+ bool ret = getGumdRunner().userGet(uid, offline, gid, userName, userType);
+
+ RUNNER_ASSERT_MSG(ret, "Failed to get user with uid=" << uid);
+
+ TestUser user(uid, gid, userName, userType, false, offline);
+
+ // oh, how I love std::pair
+ return systemUsers.try_emplace(uid, std::move(user)).first->second;
+}
+
+TestUser::~TestUser()
+{
+ if (m_creatorPid == getpid())
+ remove();
+}
--- /dev/null
+/*
+ * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+#ifndef TEST_USER_H
+#define TEST_USER_H
+
+#include <cstring>
+#include <string>
+#include <string_view>
+#include <sys/types.h>
+#include <gum-user.h>
+#include <common/gum-user-types.h>
+#include <sys/types.h>
+#include <type_traits>
+#include <unistd.h>
+#include <map>
+#include <vector>
+
+enum class SystemUser {OWNER};
+
+class TestUser {
+public:
+ static TestUser createTemporary(const std::string_view &userName,
+ GumUserType userType, bool offline = false);
+ static const TestUser& getSystemUser(SystemUser user, bool offline = false);
+
+ TestUser(TestUser &&);
+ TestUser& operator=(TestUser &&);
+ TestUser(const TestUser &) = delete;
+ TestUser& operator=(const TestUser &) = delete;
+
+ ~TestUser();
+
+ void remove(void);
+ uid_t getUid() const { return m_uid; }
+ gid_t getGid() const { return m_gid; }
+
+ std::string getUidString() const { return std::to_string(m_uid); }
+ const std::string& getUserName() const { return m_userName; }
+ GumUserType getUserType() const { return m_userType; }
+
+private:
+ TestUser(uid_t uid, gid_t gid, const std::string_view &userName,
+ GumUserType userType, bool isCreated, bool offline)
+ : m_uid(uid),
+ m_gid(gid),
+ m_userName(userName),
+ m_userType(userType),
+ m_offline(offline),
+ m_creatorPid(getpid()),
+ m_created(isCreated)
+ {}
+
+ uid_t m_uid;
+ gid_t m_gid;
+ std::string m_userName;
+ GumUserType m_userType;
+ bool m_offline;
+ pid_t m_creatorPid;
+ bool m_created;
+};
+
+#endif
#include <dpl/test/test_runner.h>
#include <memory.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <tzplatform.h>
namespace TzPlatformConfig {
return pw->pw_gid;
}
-const std::string appDirPath(const TemporaryTestUser &user, const std::string &appId,
+const std::string appDirPath(const TestUser &user, const std::string &appId,
const std::string &pkgId)
{
return appDirPath(user.getUid()) + pkgId + "/" + appId;
#include <tzplatform_config.h>
-#include <temp_test_user.h>
+#include <test_user.h>
namespace TzPlatformConfig {
uid_t getGlobalGroupId(void);
-const std::string appDirPath(const TemporaryTestUser &user, const std::string &appId,
+const std::string appDirPath(const TestUser &user, const std::string &appId,
const std::string &pkgId);
const std::string appDirPath(uid_t uid);
#include <scoped_installer.h>
#include <sm_commons.h>
#include <tests_common.h>
+#include <test_user.h>
#include <dpl/test/safe_cleanup.h>
{
public:
TemporaryNormalTestUser(const std::string &userName)
- : m_user(userName, GUM_USERTYPE_NORMAL, false)
- {
- m_user.create();
- }
+ : m_user(TestUser::createTemporary(userName, GUM_USERTYPE_NORMAL, false))
+ {}
uid_t getUid() const
{
}
private:
- TemporaryTestUser m_user;
+ TestUser m_user;
};
#include <dpl/test/test_runner.h>
#include <dpl/test/test_runner_child.h>
#include <dpl/log/log.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <app_install_helper.h>
#include <tests_common.h>
#include <scoped_installer.h>
"instead of the ODE_ERROR_PERMISSION_DENIED. "
"Needs improvement in ode module.");
- TemporaryTestUser adminUserToSwitch("ode_test_T1021_user", GUM_USERTYPE_ADMIN);
- adminUserToSwitch.create();
+ TestUser adminUserToSwitch =
+ TestUser::createTemporary("ode_test_T1021_user", GUM_USERTYPE_ADMIN);
+
AppInstallHelper appInstallHelper("ode_test_T1021_app_install_helper",
adminUserToSwitch.getUid());
#include <dpl/test/test_runner.h>
#include <dpl/test/test_runner_child.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <app_install_helper.h>
#include <tests_common.h>
#include <scoped_installer.h>
RUNNER_IGNORED_MSG("Test ignored because the ODE_ERROR_UNKNOWN is returned "
"instead of the ODE_ERROR_PERMISSION_DENIED.");
- TemporaryTestUser adminUserToSwitch("ode_test_T2016_user", GUM_USERTYPE_ADMIN);
- adminUserToSwitch.create();
+ TestUser adminUserToSwitch =
+ TestUser::createTemporary("ode_test_T2016_user", GUM_USERTYPE_ADMIN);
AppInstallHelper appInstallHelper("ode_test_T2016_app_install_helper",
adminUserToSwitch.getUid());
#include <sm_commons.h>
#include <sm_request.h>
#include <synchronization_pipe.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <tests_common.h>
#include <tzplatform.h>
#include <uds.h>
const PrivilegeVector allowedPrivs = {PRIV_BLUETOOTH, PRIV_POWER};
const PrivilegeVector someDeniedPrivs = {PRIV_DISPLAY, PRIV_NFC};
- TemporaryTestUser testUser("sm_test_04a_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_04a_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_04a", testUser.getUid());
app.addPrivileges(allowedPrivs);
const PrivilegeVector allowedPrivs = {PRIV_INTERNET, PRIV_LED};
const PrivilegeVector someDeniedPrivs = {PRIV_LOCATION, PRIV_NOTIFICATION};
- TemporaryTestUser testUser("sm_test_04b_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_04b_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_04b", testUser.getUid());
app.addPrivileges(allowedPrivs);
const PrivilegeVector allowedPrivs = {PRIV_INTERNET, PRIV_LED};
const PrivilegeVector someDeniedPrivs = {PRIV_LOCATION, PRIV_NOTIFICATION};
- TemporaryTestUser testUser("sm_test_07a_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_07a_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_07a", testUser.getUid());
app.addPrivileges(allowedPrivs);
ServiceManager serviceManager("security-manager.socket");
serviceManager.stopService();
- TemporaryTestUser testUser("sm_test_07b_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_07b_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app("sm_test_07b", testUser.getUid());
ScopedInstaller appInstall(app);
const PrivilegeVector somePrivs = {PRIV_LED, PRIV_NOTIFICATION};
// gumd
- TemporaryTestUser testUser("sm_test_08_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_08_user_name", GUM_USERTYPE_NORMAL);
// security-manager
UserRequest addUserRequest;
Api::update(request);
};
- TemporaryTestUser users[] = {
- {"sm_test_09_user_name_0", GUM_USERTYPE_NORMAL, false},
- {"sm_test_09_user_name_1", GUM_USERTYPE_NORMAL, false}
+ TestUser users[] = {
+ TestUser::createTemporary("sm_test_09_user_name_0", GUM_USERTYPE_NORMAL, false),
+ TestUser::createTemporary("sm_test_09_user_name_1", GUM_USERTYPE_NORMAL, false)
};
- for (auto& gu : users)
- gu.create();
-
const char *const pkgIdPrefix[] = {"sm_test_09_0", "sm_test_09_1"};
const char *const appIdPrefix[] = {"sm_test_09_0", "sm_test_09_1"};
const char *const version[] = {"sm_test_09_0_version", "sm_test_09_1_version"};
RUNNER_CHILD_TEST(security_manager_12a_internet_access_positive)
{
- TemporaryTestUser testUser("sm_test_12a_internet_access", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_12a_internet_access", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_12a", "sm_test_12a", testUser.getUid());
app.addPrivilege(PRIV_INTERNET);
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_12b_internet_access_negative)
{
- TemporaryTestUser testUser("sm_test_12b_internet_access", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_12b_internet_access", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_12b", "sm_test_12b", testUser.getUid());
ScopedInstaller appInstall(app);
const char *const USER_TYPE_NORMAL_BUCKET = "USER_TYPE_NORMAL";
CynaraTestAdmin::Admin admin;
- TemporaryTestUser user("sm_test_20_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_20_user_name", GUM_USERTYPE_NORMAL, false);
std::string uid_string = user.getUidString();
CynaraTestAdmin::CynaraPoliciesContainer nonemptyContainer;
const PrivilegeVector allowedPrivsAfterChange = {PRIV_DATASHARING};
const PrivilegeVector deniedPrivsAfterChange = {PRIV_INTERNET};
- TemporaryTestUser adminUser("sm_test_21_admin_user_name", GUM_USERTYPE_ADMIN, false);
- TemporaryTestUser normalUser("sm_test_21_normal_user_name", GUM_USERTYPE_NORMAL, false);
-
- adminUser.create();
- normalUser.create();
+ TestUser adminUser =
+ TestUser::createTemporary("sm_test_21_admin_user_name", GUM_USERTYPE_ADMIN, false);
+ TestUser normalUser =
+ TestUser::createTemporary("sm_test_21_normal_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper adminApp("sm_test_21_admin", adminUser.getUid());
adminApp.addPrivileges(adminRequiredPrivs);
const std::string pkg_id = "sm_test_22_pkg_id";
const std::string username("sm_test_22_user_name");
- TemporaryTestUser user(username, GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary(username, GUM_USERTYPE_NORMAL);
const std::string path1 = TzPlatformConfig::appDirPath(user, app_id, pkg_id) + "/p1";
const std::string path2 = TzPlatformConfig::appDirPath(user, app_id, pkg_id) + "/p2";
{
const int SUCCESS = 0;
const int FAILURE = 256;
- TemporaryTestUser user("sm_test_23_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_23_user_name", GUM_USERTYPE_NORMAL, false);
const std::string uidopt = " --uid=" + user.getUidString();
struct operation {
{
RUNNER_IGNORED_MSG("This test is turned off because multiuser feature is not supported by platform correctly");
- TemporaryTestUser testUser("sm_test_25e_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_25e_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_25e");
{
RUNNER_IGNORED_MSG("This test is turned off because multiuser feature is not supported by platform correctly");
- TemporaryTestUser testUser("sm_test_25f_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_25f_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_25f");
const PrivilegeVector allowedPrivs = {PRIV_VOLUME_SET, PRIV_SYSTEMMONITOR, PRIV_INTERNET};
const PrivilegeVector someDeniedPrivs = {PRIV_PUSH, PRIV_POWER, PRIV_NOTIFICATION};
- TemporaryTestUser testUser("sm_test_25g_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_25g_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_25g", testUser.getUid());
app.createPrivateDir();
RUNNER_CHILD_TEST(security_manager_25h_local_path_global_install)
{
- TemporaryTestUser testUser("sm_test_25h_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_25h_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_25h", testUser.getUid());
app.createPrivateDir();
RUNNER_CHILD_TEST(security_manager_25i_local_path_preloaded_install)
{
- TemporaryTestUser testUser("sm_test_25i_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_25i_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_25i", testUser.getUid());
app.createPrivateDir();
RUNNER_CHILD_TEST(security_manager_25j_global_path_local_install)
{
- TemporaryTestUser testUser("sm_test_25j_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_25j_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelper appLocal("sm_test_25j", testUser.getUid());
RUNNER_CHILD_TEST(security_manager_26_hybrid_pkg_uninstall_artifacts_check)
{
- TemporaryTestUser testUser("sm_test_26_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_26_user_name", GUM_USERTYPE_NORMAL);
const PrivilegeVector allowedPrivs = {PRIV_WIFIDIRECT, PRIV_TELEPHONY};
RUNNER_CHILD_TEST(security_manager_26_1a_security_manager_get_app_owner_uid)
{
- TemporaryTestUser testUser("sm_test_26_1a_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_26_1a_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_26_1a", "sm_test_26_1a", testUser.getUid());
ScopedInstaller appInstall(app);
}
};
- TemporaryTestUser testUser("sm_test_26_1b_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_26_1b_user_name", GUM_USERTYPE_NORMAL);
runInChildParentWait([&]{
test();
RUNNER_CHILD_TEST(security_manager_26_2_security_manager_self_is_app)
{
- TemporaryTestUser testUser("sm_test_26_2_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_26_2_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_26_2");
{
RUNNER_CHILD_TEST(security_manager_26_3_security_manager_is_app_from_pid)
{
SynchronizationPipe pipe;
- TemporaryTestUser testUser("sm_test_26_3_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_26_3_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelperExt app("sm_test_26_3");
{
RUNNER_CHILD_TEST(security_manager_26_4a_security_manager_get_app_full_credentials_from_pid)
{
- TemporaryTestUser testUser("sm_test_26_4_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
- AppInstallHelperExt app("sm_test_26_4", "sm_test_26_4", testUser.getUid());
+ TestUser testUser = TestUser::createTemporary("sm_test_26_4a_user_name", GUM_USERTYPE_NORMAL);
+
+ AppInstallHelperExt app("sm_test_26_4a", "sm_test_26_4a", testUser.getUid());
ScopedInstaller appInstall(app);
auto pid = runInChildParentWait([&]{
// child - the actual application
RUNNER_CHILD_TEST(security_manager_26_4b_security_manager_get_app_full_credentials_from_pid)
{
- TemporaryTestUser testUser("sm_test_26_4_user_name", GUM_USERTYPE_NORMAL);
- testUser.create();
- AppInstallHelperExt app("sm_test_26_4", "sm_test_26_4", testUser.getUid());
+ TestUser testUser = TestUser::createTemporary("sm_test_26_4b_user_name", GUM_USERTYPE_NORMAL);
+
+ AppInstallHelperExt app("sm_test_26_4b", "sm_test_26_4b", testUser.getUid());
app.setHybrid();
ScopedInstaller appInstall(app);
auto pid = runInChildParentWait([&]{
#include <sm_api.h>
#include <sm_commons.h>
#include <sm_request.h>
+#include <test_user.h>
#include <tests_common.h>
#include <tzplatform.h>
#include <app_install_helper.h>
using namespace SecurityManagerTest;
using namespace PrivilegeNames;
+namespace {
+
+const std::string& ownerId() {
+ static const auto &ownerId = TestUser::getSystemUser(SystemUser::OWNER).getUidString();
+ return ownerId;
+}
+};
+
RUNNER_CHILD_TEST(app_defined_01_global_install_untrusted)
{
const Privilege privilege(
Privilege::UNTRUSTED);
const std::string providerAppId = "app_def_01_provider";
const std::string clientAppId = "app_def_01_client";
- const std::string ownerId = "5001";
+
const std::string session = "S0M3S3SSI0N";
AppInstallHelper provider(providerAppId);
ScopedInstaller req2(client);
CynaraTestClient::Client cynara;
- cynara.check(clientLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), privilege, CYNARA_API_ACCESS_ALLOWED);
// uninstall provider
req1.uninstallApp();
- cynara.check(clientLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), privilege, CYNARA_API_ACCESS_DENIED);
}
RUNNER_CHILD_TEST(app_defined_02_global_install_licensed)
"/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
const std::string providerAppId = "app_def_provider_01";
const std::string clientAppId = "app_def_client_01";
- const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper provider(providerAppId);
ScopedInstaller req2(client);
CynaraTestClient::Client cynara;
- cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), clientPrivilegeLicense, CYNARA_API_ACCESS_ALLOWED);
// uninstall provider
req1.uninstallApp();
- cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
}
RUNNER_CHILD_TEST(app_defined_03_database_update)
const std::string providerAppIdA = "app_def_provider_01";
const std::string providerAppIdB = "app_def_provider_02";
const std::string clientAppId = "app_def_client_01";
- const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper providerA(providerAppIdA);
ScopedInstaller req3(client);
CynaraTestClient::Client cynara;
- cynara.check(clientLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), privilegeB, CYNARA_API_ACCESS_ALLOWED);
// uninstall providerA
req1.uninstallApp();
- cynara.check(clientLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), privilegeB, CYNARA_API_ACCESS_ALLOWED);
// uninstall providerB
req2.uninstallApp();
- cynara.check(clientLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), privilegeB, CYNARA_API_ACCESS_DENIED);
}
RUNNER_CHILD_TEST(app_defined_04_app_update)
const std::string providerAppId = "app_def_provider_01";
const std::string clientAppId = "app_def_client_01";
- const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper providerV1(providerAppId);
ScopedInstaller req2(client);
CynaraTestClient::Client cynara;
- cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseC, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), clientPrivilegeLicenseA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), clientPrivilegeLicenseC, CYNARA_API_ACCESS_DENIED);
// update provider version, remove privilegeA, add privilegeC
providerV2.addAppDefinedPrivilege(privilegeB);
ScopedInstaller req3(providerV2);
- cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
- cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId(), clientPrivilegeLicenseC, CYNARA_API_ACCESS_ALLOWED);
}
RUNNER_CHILD_TEST(app_defined_05_global_local_install)
const std::string providerAppId = "app_def_provider_01";
const std::string clientAppId = "app_def_client_01";
- const std::string ownerId = "5001";
const std::string bobId = "5002";
const std::string session = "S0M33S3SSI0N";
// local provider only and global consumer only
ScopedInstaller req1(providerLocal);
ScopedInstaller req2(clientGlobal);
- cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
- cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId(), privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId(), clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId(), privilegeC, CYNARA_API_ACCESS_DENIED);
cynara.check(clientGlobalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
cynara.check(clientGlobalLabel, session, bobId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
cynara.check(clientGlobalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
// global/local provider and global/local consumer
ScopedInstaller req4(providerGlobal);
- cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
- cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId(), privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId(), clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId(), privilegeC, CYNARA_API_ACCESS_ALLOWED);
cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
//cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
// global provider only and global/local consumer
req1.uninstallApp();
- cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
- cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId(), privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId(), clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId(), privilegeC, CYNARA_API_ACCESS_ALLOWED);
cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
// global provider only and global consumer only
req3.uninstallApp();
- cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
- cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId(), privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId(), clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId(), privilegeC, CYNARA_API_ACCESS_ALLOWED);
}
RUNNER_CHILD_TEST(app_defined_06_get_provider)
"http://tizen.org/untrusted/gamestudio/running",
Privilege::UNTRUSTED);
const std::string providerAppId = "app_def_06_provider";
- uid_t uid = 5001;
+ uid_t uid = TestUser::getSystemUser(SystemUser::OWNER).getUid();
AppInstallHelper providerGlobal(providerAppId);
AppInstallHelper providerLocal(providerAppId, uid);
"/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
const std::string providerAppId = "app_def_provider_01";
const std::string clientAppId = "app_def_client_01";
- const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper provider(providerAppId);
ScopedInstaller req2(client);
CynaraTestClient::Client cynara;
- cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
}
RUNNER_CHILD_TEST(app_defined_12_invalid_common_name)
"/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
const std::string providerAppId = "app_def_provider_02";
const std::string clientAppId = "app_def_client_01";
- const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper provider(providerAppId);
ScopedInstaller req2(client);
CynaraTestClient::Client cynara;
- cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId(), clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
}
#include <scoped_installer.h>
#include <sm_api.h>
#include <sm_commons.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <tests_common.h>
#include <dpl/test/test_runner.h>
RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_APP_POLICY)
RUNNER_CHILD_TEST(security_manager_ap1_app_policy_fetch_for_self) {
- TemporaryTestUser tmpUser("sm_test_ap1_user_name", GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary("sm_test_ap1_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_ap1", tmpUser.getUid());
app.addPrivileges(TEST_PRIVACY_PRIVILEGES);
}
RUNNER_CHILD_TEST(security_manager_ap2_app_policy_fetch_for_self_different_user) {
- TemporaryTestUser tmpUser("sm_test_ap2_1_user_name", GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
- TemporaryTestUser tmpUser2("sm_test_ap2_2_user_name", GUM_USERTYPE_NORMAL, false);
- tmpUser2.create();
+ TestUser tmpUser =
+ TestUser::createTemporary("sm_test_ap2_1_user_name", GUM_USERTYPE_NORMAL, false);
+ TestUser tmpUser2 =
+ TestUser::createTemporary("sm_test_ap2_2_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_ap2", tmpUser.getUid());
app.addPrivileges(TEST_PRIVACY_PRIVILEGES);
}
RUNNER_CHILD_TEST(security_manager_ap3_app_policy_fetch_for_self_different_user_global) {
- TemporaryTestUser tmpUser("sm_test_ap3_1_user_name", GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
- TemporaryTestUser tmpUser2("sm_test_ap3_2_user_name", GUM_USERTYPE_NORMAL, false);
- tmpUser2.create();
+ TestUser tmpUser =
+ TestUser::createTemporary("sm_test_ap3_1_user_name", GUM_USERTYPE_NORMAL, false);
+ TestUser tmpUser2 =
+ TestUser::createTemporary("sm_test_ap3_2_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_ap3");
app.setInstallType(SM_APP_INSTALL_GLOBAL);
}
RUNNER_CHILD_TEST(security_manager_ap3_app_policy_fetch_for_self_different_app) {
- TemporaryTestUser tmpUser("sm_test_ap3_user_name", GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary("sm_test_ap3_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app1("sm_test_ap3_1", tmpUser.getUid());
app1.addPrivileges(TEST_PRIVACY_PRIVILEGES);
#include <sm_commons.h>
#include <sm_label_monitor.h>
#include <synchronization_pipe.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <tests_common.h>
using namespace SecurityManagerTest;
RUNNER_CHILD_TEST(security_manager_71_app_label_monitor_user_local_global)
{
SynchronizationPipe synchPipe;
- TemporaryTestUser testUser("sm_test_71_user_name", GUM_USERTYPE_NORMAL, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_71_user_name", GUM_USERTYPE_NORMAL, false);
pid_t pid = runInChild([&] {
synchPipe.claimChildEp();
RUNNER_CHILD_TEST(security_manager_72_app_label_monitor_user_local)
{
SynchronizationPipe synchPipe;
- TemporaryTestUser testUser("sm_test_75_user_name", GUM_USERTYPE_NORMAL, false);
- testUser.create();
-
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_75_user_name", GUM_USERTYPE_NORMAL, false);
pid_t pid = runInChild([&] {
synchPipe.claimChildEp();
const std::string appLocalName = "sm_test_73_local";
const std::string appGlobalName = "sm_test_73_global";
- TemporaryTestUser testUser1("sm_test_73_user_name_1", GUM_USERTYPE_NORMAL, false);
- testUser1.create();
+ TestUser testUser1 =
+ TestUser::createTemporary("sm_test_73_user_name_1", GUM_USERTYPE_NORMAL, false);
- TemporaryTestUser testUser2("sm_test_73_user_name_2", GUM_USERTYPE_NORMAL, false);
- testUser2.create();
+ TestUser testUser2 =
+ TestUser::createTemporary("sm_test_73_user_name_2", GUM_USERTYPE_NORMAL, false);
AppInstallHelper appLocal(appLocalName, testUser1.getUid());
appLocal.setInstallType(SM_APP_INSTALL_LOCAL);
ScopedInstaller appGlobalInstall2(appGlobal2);
runInChildParentWait([&] { // child
- TemporaryTestUser testUser("sm_test_74_user_name", GUM_USERTYPE_NORMAL, false);
-
setCaps("all=eip");
RUNNER_ASSERT_ERRNO_MSG(prctl(PR_SET_KEEPCAPS, 1, 0, 0) == 0, "prctl keeping caps failed");
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_74_user_name", GUM_USERTYPE_NORMAL, false);
RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(testUser.getUid(), testUser.getGid()) == 0,
"drop_root_privileges failed");
setCaps("cap_mac_admin=eip");
const std::string appLocalName2 = "sm_test_75_local2";
const std::string appLocalName3 = "sm_test_75_local3";
const std::string new_user_name = "sm_test_75";
- TemporaryTestUser testUser("sm_test_75_user_name", GUM_USERTYPE_NORMAL, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_75_user_name", GUM_USERTYPE_NORMAL, false);
SynchronizationPipe synchPipe;
pid_t pid = runInChild([&] {
#include <sm_api.h>
#include <sm_policy_request.h>
#include <sm_user_request.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <privilege_names.h>
#include <security-manager.h>
RUNNER_CHILD_TEST(nss_01_normal_user_without_inter_daemon_groups) {
const std::string newUserName = "nss_01_user";
- TemporaryTestUser testUser(newUserName, GUM_USERTYPE_NORMAL, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary(newUserName, GUM_USERTYPE_NORMAL, false);
UserRequest addUserRequest;
addUserRequest.setUid(testUser.getUid());
RUNNER_CHILD_TEST(nss_02_guest_user_without_inter_daemon_groups) {
const std::string newUserName = "nss_02_user";
- TemporaryTestUser testUser(newUserName, GUM_USERTYPE_GUEST, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary(newUserName, GUM_USERTYPE_GUEST, false);
UserRequest addUserRequest;
addUserRequest.setUid(testUser.getUid());
RUNNER_CHILD_TEST(nss_03_guest_user_without_inter_daemon_groups_unaffected_by_cynara) {
const std::string newUserName = "nss_03_user";
- TemporaryTestUser testUser(newUserName, GUM_USERTYPE_GUEST, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary(newUserName, GUM_USERTYPE_GUEST, false);
UserRequest addUserRequest;
addUserRequest.setUid(testUser.getUid());
#include <app_install_helper.h>
#include <dpl/test/test_runner.h>
#include <scoped_installer.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <label_generator.h>
#include <sm_commons.h>
RUNNER_TEST(security_manager_102_paths_local_extended)
{
- TemporaryTestUser user("sm_test_102", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_102", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_102", user.getUid());
app.createPrivateDir(0, AppInstallHelper::RootType::EXTENDED);
RUNNER_TEST(security_manager_104_paths_local_skel)
{
- TemporaryTestUser user("sm_test_104", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_104", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_104", user.getUid());
app.createPrivateDir(0, AppInstallHelper::RootType::SKEL);
req.addPath(app.getPrivateDir(0, AppInstallHelper::RootType::SKEL), SECURITY_MANAGER_PATH_RW);
Api::install(req, SECURITY_MANAGER_ERROR_NOT_PATH_OWNER);
}
-
#include <sm_commons.h>
#include <sm_label_monitor.h>
#include <synchronization_pipe.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <tests_common.h>
using namespace SecurityManagerTest;
writeToPermissibleFile(path);
}
-static void clientMonitorProcess(const TemporaryTestUser &testUser)
+static void clientMonitorProcess(const TestUser &testUser)
{
runInChildParentWait([&] {
setCaps("cap_mac_admin+ep cap_setuid+ep cap_setgid+ep");
RUNNER_CHILD_TEST(security_manager_121b_repair_permissible_file_daemon_local)
{
- TemporaryTestUser testUser("sm_test_121b_user_name", GUM_USERTYPE_NORMAL, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_121b_user_name", GUM_USERTYPE_NORMAL, false);
uid_t uid = testUser.getUid();
AppInstallHelper appLocal("sm_test_121b_local", uid);
RUNNER_CHILD_TEST(security_manager_122a_repair_permissible_file_client_global)
{
- TemporaryTestUser testUser("sm_test_122a_user_name", GUM_USERTYPE_NORMAL, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_122a_user_name", GUM_USERTYPE_NORMAL, false);
corruptFile();
RUNNER_CHILD_TEST(security_manager_122b_repair_permissible_file_client_local)
{
- TemporaryTestUser testUser("sm_test_122b_user_name", GUM_USERTYPE_NORMAL, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_122b_user_name", GUM_USERTYPE_NORMAL, false);
corruptFile(testUser.getUid());
RUNNER_CHILD_TEST(security_manager_122c_repair_permissible_file_client_both)
{
- TemporaryTestUser testUser("sm_test_122c_user_name", GUM_USERTYPE_NORMAL, false);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_122c_user_name", GUM_USERTYPE_NORMAL, false);
corruptFile();
corruptFile(testUser.getUid());
RUNNER_CHILD_TEST(security_manager_100_synchronize_credentials_test)
{
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("app100", tmpUser.getUid());
app.setAuthor("author");
RUNNER_CHILD_TEST(security_manager_100_synchronize_credentials_no_author_test)
{
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("app100", tmpUser.getUid());
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_101_create_namespace_test_n)
{
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("app100_n", tmpUser.getUid());
app.setAuthor("author");
RUNNER_CHILD_TEST(security_manager_101_create_namespace_test_p)
{
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("app101", tmpUser.getUid());
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_102_check_propagation_test)
{
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("app102", tmpUser.getUid());
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_103_policy_change_test)
{
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("app103", tmpUser.getUid());
app.addPrivileges({PRIV_EXTERNALSTORAGE, PRIV_MEDIASTORAGE});
RUNNER_CHILD_TEST(security_manager_104_policy_change_kill_app_test)
{
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("app104", tmpUser.getUid());
app.addPrivileges({PRIV_EXTERNALSTORAGE, PRIV_MEDIASTORAGE});
RUNNER_CHILD_TEST(security_manager_190_prepare_app_threads_malloc)
{
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
const auto uid = tmpUser.getUid();
constexpr int8_t nConcurrentAppsSamples[] = { 0 /* 1 app w/ nThreads */, 1, 2, 4, 8, 16, 32 };
constexpr uint64_t minTotalBenchTime = 60 * 1000ULL*1000*1000; // 60s
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
struct App {
AppInstallHelper hlp;
RUNNER_CHILD_TEST(security_manager_300_prepare_app_recursive_threads)
{
std::srand(std::time(nullptr)); // use current time as seed for random generator
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("app300", tmpUser.getUid());
app.addPrivileges({PRIV_EXTERNALSTORAGE, PRIV_MEDIASTORAGE});
RUNNER_CHILD_TEST(security_manager_400_prepare_app_with_concurrent_install)
{
std::srand(std::time(nullptr)); // use current time as seed for random generator
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
// few iterations of the test...
for (int i = 0; i < 5; ++i) {
RUNNER_CHILD_TEST(security_manager_400_prepare_app_series_with_concurrent_install_stress)
{
std::srand(std::time(nullptr)); // use current time as seed for random generator
- TemporaryTestUser tmpUser(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary(APP_TEST_USER, GUM_USERTYPE_NORMAL, false);
pid_t pid = runInChild([&] {
// install an app, and in a loop - fork + launch it
#include <sm_policy_request.h>
#include <sm_request.h>
#include <synchronization_pipe.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <tests_common.h>
#include <privilege_names.h>
#include <app_def_privilege.h>
RUNNER_CHILD_TEST(security_manager_10_privacy_manager_fetch_whole_policy_for_self)
{
- TemporaryTestUser tmpUser("sm_test_10_user_name", GUM_USERTYPE_NORMAL, false);
- tmpUser.create();
+ TestUser tmpUser =
+ TestUser::createTemporary("sm_test_10_user_name", GUM_USERTYPE_NORMAL, false);
unsigned expectedPolicyCount = 0;
std::map<std::string, AppInstallHelper> appIdToAIH;
const std::vector<UserInfo> userInfos = {{normalNameToSwitch, GUM_USERTYPE_NORMAL},
{"sm_test_11_user_name_admin", GUM_USERTYPE_ADMIN}};
- std::map<std::string, TemporaryTestUser> usernameToTTU;
+ std::map<std::string, TestUser> usernameToTTU;
// uid + app_id -> AppInstallHelper (different users can have same app_id installed)
std::map<std::pair<uid_t,std::string>, AppInstallHelper> userAppIdToAIH;
unsigned expectedPolicyCount = 0;
for (unsigned int u_i = 0; u_i < userInfos.size(); u_i++) {
- TemporaryTestUser user(userInfos[u_i].userName, userInfos[u_i].userType);
- user.create();
+ TestUser user =
+ TestUser::createTemporary(userInfos[u_i].userName, userInfos[u_i].userType);
for (unsigned int p_i = 0; p_i < TEST_PRIVILEGES.size(); p_i++) {
AppInstallHelper app("sm_test_11_" + std::to_string(p_i), user.getUid());
usernameToTTU.emplace(userInfos[u_i].userName, std::move(user));
};
- TemporaryTestUser &normalUserToSwitch = usernameToTTU.at(normalNameToSwitch);
+ TestUser &normalUserToSwitch = usernameToTTU.at(normalNameToSwitch);
AppInstallHelper privManager("sm_test_11_priv_manager", normalUserToSwitch.getUid());
std::string privManagerAppId = privManager.getAppId();
const std::vector<UserInfo> userInfos = {{"sm_test_12_user_name_normal",GUM_USERTYPE_NORMAL},
{adminNameToSwitch, GUM_USERTYPE_ADMIN}};
- std::map<std::string, TemporaryTestUser> usernameToTTU;
+ std::map<std::string, TestUser> usernameToTTU;
std::vector<std::string> uidStrings;
// uidstring + app_id -> AppInstallHelper
std::map<std::pair<uid_t, std::string>, AppInstallHelper> userAppIdToAIH;
unsigned expectedPolicyCount = oldPolicyVec.size();
for (unsigned int u_i = 0; u_i < userInfos.size(); u_i++) {
- TemporaryTestUser user(userInfos[u_i].userName, userInfos[u_i].userType);
- user.create();
+ TestUser user =
+ TestUser::createTemporary(userInfos[u_i].userName, userInfos[u_i].userType);
uidStrings.push_back(user.getUidString());
for (unsigned int p_i = 0; p_i < TEST_PRIVILEGES.size(); p_i++) {
usernameToTTU.emplace(user.getUserName(), std::move(user));
};
- TemporaryTestUser &adminUserToSwitch = usernameToTTU.at(adminNameToSwitch);
+ TestUser &adminUserToSwitch = usernameToTTU.at(adminNameToSwitch);
AppInstallHelper privManager("sm_test_12_priv_manager", adminUserToSwitch.getUid());
std::string privManagerAppId = privManager.getAppId();
const std::vector<UserInfo> userInfos = {{normalName,GUM_USERTYPE_NORMAL},
{adminName, GUM_USERTYPE_ADMIN}};
- std::map<std::string, TemporaryTestUser> usernameToTTU;
+ std::map<std::string, TestUser> usernameToTTU;
std::map<uid_t, std::vector<AppInstallHelper>> uidToAIHs;
unsigned expectedPolicyCount = 0;
std::string privManagerAppId;
for (unsigned int u_i = 0; u_i < userInfos.size(); u_i++) {
//Only entries for one of the users will be listed
- TemporaryTestUser user(userInfos[u_i].userName, userInfos[u_i].userType);
- user.create();
+ TestUser user =
+ TestUser::createTemporary(userInfos[u_i].userName, userInfos[u_i].userType);
for (unsigned int p_i = 0; p_i < TEST_PRIVILEGES.size(); p_i++) {
AppInstallHelper app("sm_test_13_" + std::to_string(p_i), user.getUid());
scopedInstallations.emplace_back(ScopedInstaller(aih));
}
- TemporaryTestUser &adminUser = usernameToTTU.at(adminName);
- TemporaryTestUser &normalUser = usernameToTTU.at(normalName);
+ TestUser &adminUser = usernameToTTU.at(adminName);
+ TestUser &normalUser = usernameToTTU.at(normalName);
runInChildParentWait([&] {
Api::setAppProcessIdentity(privManagerAppId);
RUNNER_CHILD_TEST(security_manager_14_privacy_manager_fetch_and_update_policy_for_admin)
{
- TemporaryTestUser adminUserToSwitch("sm_test_14_user_name_admin", GUM_USERTYPE_ADMIN);
- adminUserToSwitch.create();
+ TestUser adminUserToSwitch =
+ TestUser::createTemporary("sm_test_14_user_name_admin", GUM_USERTYPE_ADMIN);
AppInstallHelper privManager("sm_test_14_priv_manager", adminUserToSwitch.getUid());
privManager.addPrivilege(ADMIN_PRIVILEGE);
{
const std::string& updatePriv = PRIV_LED;
- TemporaryTestUser adminUser("sm_test_15_username", GUM_USERTYPE_ADMIN);
- adminUser.create();
+ TestUser adminUser =
+ TestUser::createTemporary("sm_test_15_username", GUM_USERTYPE_ADMIN);
AppInstallHelper updatedApp("security_manager_15_update");
ScopedInstaller updatedAppInstall(updatedApp);
{
const std::string& updatePriv = PRIV_LED;
- TemporaryTestUser adminUser("sm_test_15_username", GUM_USERTYPE_ADMIN);
- adminUser.create();
+ TestUser adminUser =
+ TestUser::createTemporary("sm_test_15_username", GUM_USERTYPE_ADMIN);
AppInstallHelper app("security_manager_15");
ScopedInstaller appInstall(app);
{
const std::string& updatePriv = PRIV_LED;
- TemporaryTestUser user("sm_test_15_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_15_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_15");
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_16_policy_levels_get)
{
- TemporaryTestUser user("sm_test_16_user_name", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_16_user_name", GUM_USERTYPE_NORMAL);
runInChildParentWait([&] {
RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(user.getUid(), user.getGid()) == 0,
{
const std::string& updatePriv = PRIV_LED;
- TemporaryTestUser user("sm_test_17a_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_17a_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_17a");
ScopedInstaller appInstall(app);
{
const std::string& updatePriv = PRIV_LED;
- TemporaryTestUser user("sm_test_17b_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_17b_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_17b");
ScopedInstaller appInstall(app);
std::map<std::string, unsigned> privToCount;
unsigned policyCount = 0;
- TemporaryTestUser user(username, static_cast<GumUserType>(GUM_USERTYPE_NORMAL), false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary(username, GUM_USERTYPE_NORMAL, false);
for (unsigned int i = 0; i < TEST_PRIVILEGES.size(); i++) {
AppInstallHelper app("sm_test_17_" + std::to_string(i), user.getUid());
RUNNER_CHILD_TEST(security_manager_18_privacy_manager_privacy_related_privileges_policy_install_remove)
{
- TemporaryTestUser user("sm_test_18_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_18_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_18", user.getUid());
app.addPrivileges(TEST_PRIVACY_PRIVILEGES[0]);
}
void test_privacy_related_privileges(bool isHybrid) {
- TemporaryTestUser user("sm_test_19_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_19_username", GUM_USERTYPE_NORMAL);
const std::string pkgId = "sm_test_19_pkg_id";
RUNNER_CHILD_TEST(security_manager_20_privacy_manager_privacy_related_privileges_policy_admin_check)
{
- TemporaryTestUser user("sm_test_20_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_20_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_20", user.getUid());
app.addPrivileges(TEST_PRIVACY_PRIVILEGES[0]);
RUNNER_CHILD_TEST(security_manager_23_fetch_app_manifest_invalid_user)
{
- TemporaryTestUser user("sm_test_23_fetch_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_23_fetch_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_23_fetch", user.getUid());
app.setInstallType(SM_APP_INSTALL_LOCAL);
RUNNER_CHILD_TEST(security_manager_24_fetch_app_manifest_global_app)
{
- TemporaryTestUser user("sm_test_24_fetch_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_24_fetch_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_24_fetch");
app.setInstallType(SM_APP_INSTALL_GLOBAL);
RUNNER_CHILD_TEST(security_manager_25_fetch_app_manifest_local_app)
{
- TemporaryTestUser user("sm_test_25_fetch_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_25_fetch_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_25_fetch", user.getUid());
app.setInstallType(SM_APP_INSTALL_LOCAL);
RUNNER_CHILD_TEST(security_manager_26_fetch_app_manifest_both_apps)
{
- TemporaryTestUser user("sm_test_26_fetch_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_26_fetch_username", GUM_USERTYPE_NORMAL);
AppInstallHelper appGlobal("security_manager_26_fetch");
appGlobal.setInstallType(SM_APP_INSTALL_GLOBAL);
RUNNER_CHILD_TEST(security_manager_27_fetch_app_manifest_app_context_local_positive)
{
- TemporaryTestUser user("sm_test_27_fetch_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_27_fetch_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_27_fetch", user.getUid());
app.setInstallType(SM_APP_INSTALL_LOCAL);
RUNNER_CHILD_TEST(security_manager_28_fetch_app_manifest_app_context_global_positive)
{
- TemporaryTestUser user("sm_test_28_fetch_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_28_fetch_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_28_fetch");
app.setInstallType(SM_APP_INSTALL_GLOBAL);
RUNNER_CHILD_TEST(security_manager_29_fetch_app_manifest_app_context_local_different_uid)
{
- TemporaryTestUser user("sm_test_29_fetch_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_29_fetch_username", GUM_USERTYPE_NORMAL);
- TemporaryTestUser user1("sm_test_29_fetch_username_1", GUM_USERTYPE_NORMAL);
- user1.create();
+ TestUser user1 =
+ TestUser::createTemporary("sm_test_29_fetch_username_1", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_29_fetch", user.getUid());
app.setInstallType(SM_APP_INSTALL_LOCAL);
RUNNER_CHILD_TEST(security_manager_30_fetch_app_manifest_app_context_local_different_label)
{
- TemporaryTestUser user("sm_test_30_fetch_username", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_30_fetch_username", GUM_USERTYPE_NORMAL);
AppInstallHelper app("security_manager_30_fetch", user.getUid());
app.setInstallType(SM_APP_INSTALL_LOCAL);
RUNNER_CHILD_TEST(security_manager_31_fetch_app_manifest_app_context_local_different_label_with_privilege)
{
- TemporaryTestUser user("sm_test_31_fetch_username", GUM_USERTYPE_ADMIN);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_31_fetch_username", GUM_USERTYPE_ADMIN);
AppInstallHelper app("security_manager_31_fetch", user.getUid());
app.setInstallType(SM_APP_INSTALL_LOCAL);
namespace {
-const uid_t OWNER_UID = 5001;
-const uid_t OWNER_GID = 100;
-
const std::vector<std::string> versions = {
"2.4",
"3.0"
const VersionCombinations versionCombinations = makeVersionCombinations(versions);
+const TestUser& ownerUser() {
+ static const auto &user = TestUser::getSystemUser(SystemUser::OWNER);
+ return user;
+}
+
} //anonymous namespace
RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_SHARED_RO)
*/
RUNNER_CHILD_TEST(security_manager_76_owner_access)
{
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
+
for (const auto &version : versions) {
- AppInstallHelper app("sm_test_76a", OWNER_UID, version);
+ AppInstallHelper app("sm_test_76a", ownerUid, version);
app.createSharedRODir();
ScopedInstaller sharedROPkgApp(app);
- runAccessTest(app, app.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(app, owner, app.getSharedRODir(), R_OK|W_OK|X_OK);
}
}
RUNNER_CHILD_TEST(security_manager_7x_test)
{
- AppInstallHelper ownerApp("owner_7x", OWNER_UID);
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
+
+ AppInstallHelper ownerApp("owner_7x", ownerUid);
ownerApp.createSharedRODir();
ScopedInstaller ownerAppInstall(ownerApp);
- AppInstallHelper otherApp("other_7x", OWNER_UID);
+ AppInstallHelper otherApp("other_7x", ownerUid);
otherApp.createSharedRODir();
ScopedInstaller otherAppInstall(otherApp);
- runAccessTest(ownerApp, ownerApp.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK | W_OK | X_OK);
- runAccessTest(ownerApp, otherApp.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK | X_OK);
+ runAccessTest(ownerApp, owner, ownerApp.getSharedRODir(), R_OK | W_OK | X_OK);
+ runAccessTest(ownerApp, owner, otherApp.getSharedRODir(), R_OK | X_OK);
}
/**
*/
RUNNER_CHILD_TEST(security_manager_77_owner_other_access_version_combinations)
{
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
+
for (const auto &version : versionCombinations) {
- AppInstallHelper sharedApp("sm_test_77_shared", OWNER_UID, version.first);
+ AppInstallHelper sharedApp("sm_test_77_shared", ownerUid, version.first);
sharedApp.createSharedRODir();
sharedApp.createPrivateDir();
ScopedInstaller sharedAppInstall(sharedApp);
- AppInstallHelper nonSharedApp("sm_test_77_nonshared", OWNER_UID, version.second);
+ AppInstallHelper nonSharedApp("sm_test_77_nonshared", ownerUid, version.second);
ScopedInstaller nonSharedAppInstall(nonSharedApp);
- runAccessTest(sharedApp, sharedApp.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp, owner, sharedApp.getSharedRODir(), R_OK|W_OK|X_OK);
- runAccessTest(nonSharedApp, sharedApp.getPrivateDir(), OWNER_UID, OWNER_GID, 0);
- runAccessTest(nonSharedApp, sharedApp.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|X_OK);
+ runAccessTest(nonSharedApp, owner, sharedApp.getPrivateDir(), 0);
+ runAccessTest(nonSharedApp, owner, sharedApp.getSharedRODir(), R_OK|X_OK);
}
}
*/
RUNNER_CHILD_TEST(security_manager_78_another_pkg_shared_ro_have_ro_access_to_shared_ro)
{
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
+
for (const auto &version : versionCombinations) {
- AppInstallHelper sharedApp1("sm_test_78_shared1", OWNER_UID, version.first);
+ AppInstallHelper sharedApp1("sm_test_78_shared1", ownerUid, version.first);
sharedApp1.createSharedRODir();
sharedApp1.createPrivateDir();
ScopedInstaller sharedAppInstall1(sharedApp1);
- AppInstallHelper sharedApp2("sm_test_78_shared2", OWNER_UID, version.second);
+ AppInstallHelper sharedApp2("sm_test_78_shared2", ownerUid, version.second);
sharedApp2.createSharedRODir();
sharedApp2.createPrivateDir();
ScopedInstaller sharedApp2Install(sharedApp2);
- runAccessTest(sharedApp1, sharedApp2.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|X_OK);
- runAccessTest(sharedApp1, sharedApp1.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
- runAccessTest(sharedApp1, sharedApp2.getPrivateDir(), OWNER_UID, OWNER_GID, 0);
+ runAccessTest(sharedApp1, owner, sharedApp2.getSharedRODir(), R_OK|X_OK);
+ runAccessTest(sharedApp1, owner, sharedApp1.getSharedRODir(), R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp1, owner, sharedApp2.getPrivateDir(), 0);
- runAccessTest(sharedApp2, sharedApp1.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|X_OK);
- runAccessTest(sharedApp2, sharedApp2.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
- runAccessTest(sharedApp2, sharedApp1.getPrivateDir(), OWNER_UID, OWNER_GID, 0);
+ runAccessTest(sharedApp2, owner, sharedApp1.getSharedRODir(), R_OK|X_OK);
+ runAccessTest(sharedApp2, owner, sharedApp2.getSharedRODir(), R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp2, owner, sharedApp1.getPrivateDir(), 0);
}
}
RUNNER_CHILD_TEST(security_manager_79a_same_pkg_shared_ro_have_ro_access_to_shared_ro)
{
const std::string sharedPkgName = "sm_test_79a";
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
for (const auto &version : versions) {
- AppInstallHelper sharedApp1("sm_test_79a_shared1", sharedPkgName, OWNER_UID, version);
+ AppInstallHelper sharedApp1("sm_test_79a_shared1", sharedPkgName, ownerUid, version);
sharedApp1.createSharedRODir();
ScopedInstaller sharedAppInstall1(sharedApp1);
- AppInstallHelper sharedApp2("sm_test_79a_shared2", sharedPkgName, OWNER_UID, version);
+ AppInstallHelper sharedApp2("sm_test_79a_shared2", sharedPkgName, ownerUid, version);
sharedApp2.createSharedRODir();
ScopedInstaller sharedAppInstall2(sharedApp2);
-
- runAccessTest(sharedApp1, sharedApp2.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
- runAccessTest(sharedApp2, sharedApp1.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp1, owner, sharedApp2.getSharedRODir(), R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp2, owner, sharedApp1.getSharedRODir(), R_OK|W_OK|X_OK);
}
}
RUNNER_CHILD_TEST(security_manager_79b_same_pkg_shared_ro_have_ro_access_to_shared_ro)
{
const std::string sharedPkgName = "sm_test_79b";
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
for (const auto &version : versions) {
- AppInstallHelper sharedApp("sm_test_79b_shared1", sharedPkgName, OWNER_UID, version);
+ AppInstallHelper sharedApp("sm_test_79b_shared1", sharedPkgName, ownerUid, version);
sharedApp.createSharedRODir();
ScopedInstaller sharedAppInstall(sharedApp);
- AppInstallHelper nonSharedApp("sm_test_79b_shared2", sharedPkgName, OWNER_UID, version);
+ AppInstallHelper nonSharedApp("sm_test_79b_shared2", sharedPkgName, ownerUid, version);
ScopedInstaller nonSharedAppInstall(nonSharedApp);
- runAccessTest(nonSharedApp, sharedApp.getSharedRODir(),
- OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(nonSharedApp, owner, sharedApp.getSharedRODir(), R_OK|W_OK|X_OK);
}
}
RUNNER_CHILD_TEST(security_manager_80_same_pkg_shared_ro_have_no_access_to_shared_ro_app_ro_dir)
{
std::string sharedPkgName = "sm_test_80";
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
+
for (const auto &version : versions) {
- AppInstallHelper sharedApp1("sm_test_80_shared1", sharedPkgName, OWNER_UID, version);
+ AppInstallHelper sharedApp1("sm_test_80_shared1", sharedPkgName, ownerUid, version);
sharedApp1.createPrivateDir(1);
sharedApp1.createSharedRODir(1);
ScopedInstaller sharedAppInstall1(sharedApp1);
- AppInstallHelper sharedApp2("sm_test_80_shared2", sharedPkgName, OWNER_UID, version);
+ AppInstallHelper sharedApp2("sm_test_80_shared2", sharedPkgName, ownerUid, version);
sharedApp2.createPrivateDir(2);
sharedApp2.createSharedRODir(2);
ScopedInstaller sharedAppInstall2(sharedApp2);
- AppInstallHelper nonSharedApp("sm_test_80_nonshared", sharedPkgName, OWNER_UID, version);
+ AppInstallHelper nonSharedApp("sm_test_80_nonshared", sharedPkgName, owner.getUid(), version);
ScopedInstaller nonSharedAppInstall(nonSharedApp);
- runAccessTest(sharedApp1, sharedApp2.getPrivateDir(2),
- OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
- runAccessTest(sharedApp2, sharedApp1.getPrivateDir(1),
- OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp1, owner, sharedApp2.getPrivateDir(2), R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp2, owner, sharedApp1.getPrivateDir(1), R_OK|W_OK|X_OK);
- runAccessTest(nonSharedApp, sharedApp1.getPrivateDir(1),
- OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
- runAccessTest(nonSharedApp, sharedApp2.getPrivateDir(2),
- OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(nonSharedApp, owner, sharedApp1.getPrivateDir(1), R_OK|W_OK|X_OK);
+ runAccessTest(nonSharedApp, owner, sharedApp2.getPrivateDir(2), R_OK|W_OK|X_OK);
sharedAppInstall1.uninstallApp();
- runAccessTest(nonSharedApp, sharedApp2.getPrivateDir(2),
- OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(nonSharedApp, owner, sharedApp2.getPrivateDir(2), R_OK|W_OK|X_OK);
}
}
*/
RUNNER_CHILD_TEST(security_manager_81_add_path_to_app_and_check_all)
{
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
+
for (const auto &version : versionCombinations) {
- AppInstallHelper sharedApp("sm_test_83_shared1", OWNER_UID, version.first);
+ AppInstallHelper sharedApp("sm_test_83_shared1", ownerUid, version.first);
sharedApp.createPrivateDir();
sharedApp.createSharedRODir();
ScopedInstaller sharedAppInstall(sharedApp);
- AppInstallHelper nonSharedApp("sm_test_83_nonshared", OWNER_UID, version.first);
+ AppInstallHelper nonSharedApp("sm_test_83_nonshared", ownerUid, version.first);
ScopedInstaller nonSharedAppInstall(nonSharedApp);
- AppInstallHelper sharedApp2("sm_test_83_shared2", OWNER_UID, version.second);
+ AppInstallHelper sharedApp2("sm_test_83_shared2", ownerUid, version.second);
ScopedInstaller nonSharedAppInstall2(sharedApp2);
//Post install
Api::registerPaths(sharedRORequest);
- runAccessTest(sharedApp, sharedApp.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
- runAccessTest(sharedApp, sharedApp.getPrivateDir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp, owner, sharedApp.getSharedRODir(), R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp, owner, sharedApp.getPrivateDir(), R_OK|W_OK|X_OK);
- runAccessTest(sharedApp2, sharedApp2.getSharedRODir(),
- OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
- runAccessTest(sharedApp2, sharedApp.getSharedRODir(),
- OWNER_UID, OWNER_GID, R_OK|X_OK);
- runAccessTest(sharedApp2, sharedApp.getPrivateDir(), OWNER_UID, OWNER_GID, 0);
+ runAccessTest(sharedApp2, owner, sharedApp2.getSharedRODir(), R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp2, owner, sharedApp.getSharedRODir(), R_OK|X_OK);
+ runAccessTest(sharedApp2, owner, sharedApp.getPrivateDir(), 0);
- runAccessTest(nonSharedApp, sharedApp.getSharedRODir(),
- OWNER_UID, OWNER_GID, R_OK|X_OK);
- runAccessTest(nonSharedApp, sharedApp2.getSharedRODir(),
- OWNER_UID, OWNER_GID, R_OK|X_OK);
- runAccessTest(nonSharedApp, sharedApp.getPrivateDir(), OWNER_UID, OWNER_GID, 0);
+ runAccessTest(nonSharedApp, owner, sharedApp.getSharedRODir(), R_OK|X_OK);
+ runAccessTest(nonSharedApp, owner, sharedApp2.getSharedRODir(), R_OK|X_OK);
+ runAccessTest(nonSharedApp, owner, sharedApp.getPrivateDir(), 0);
}
}
*/
RUNNER_CHILD_TEST(security_manager_82_add_invalid_path_to_app_and_check_all)
{
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
+
for (const auto &version : versionCombinations) {
- AppInstallHelper sharedApp("sm_test_84_shared", OWNER_UID, version.first);
+ AppInstallHelper sharedApp("sm_test_84_shared", ownerUid, version.first);
sharedApp.createSharedRODir();
ScopedInstaller sharedAppInstall(sharedApp);
- AppInstallHelper nonSharedApp("sm_test_84_nonshared", OWNER_UID, version.second);
+ AppInstallHelper nonSharedApp("sm_test_84_nonshared", ownerUid, version.second);
ScopedInstaller nonSharedAppInstall(nonSharedApp);
PathsRequest sharedRORequest;
*/
RUNNER_CHILD_TEST(security_manager_83_install_uninstall_shared_ro_app_and_check_cleaning)
{
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
+
for (const auto &verComb : versionCombinations) {
- AppInstallHelper sharedApp1("sm_test_85_shared1", OWNER_UID, verComb.first);
+ AppInstallHelper sharedApp1("sm_test_85_shared1", ownerUid, verComb.first);
sharedApp1.createSharedRODir();
ScopedInstaller sharedAppInstall1(sharedApp1);
- AppInstallHelper sharedApp2("sm_test_85_shared2", OWNER_UID, verComb.second);
+ AppInstallHelper sharedApp2("sm_test_85_shared2", ownerUid, verComb.second);
sharedApp2.createSharedRODir();
ScopedInstaller sharedAppInstall2(sharedApp2);
- AppInstallHelper nonSharedApp("sm_test_85_nonshared", OWNER_UID, verComb.second);
+ AppInstallHelper nonSharedApp("sm_test_85_nonshared", owner.getUid(), verComb.second);
ScopedInstaller nonSharedAppInstall(nonSharedApp);
sharedAppInstall1.uninstallApp();
sharedApp1.removePaths();
+ runAccessTest(nonSharedApp, owner, sharedApp1.getSharedRODir(), 0);
+ runAccessTest(nonSharedApp, owner, sharedApp2.getSharedRODir(), R_OK|X_OK);
- runAccessTest(nonSharedApp, sharedApp1.getSharedRODir(), OWNER_UID, OWNER_GID, 0);
- runAccessTest(nonSharedApp, sharedApp2.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|X_OK);
-
- runAccessTest(sharedApp2, sharedApp1.getSharedRODir(), OWNER_UID, OWNER_GID, 0);
- runAccessTest(sharedApp2, sharedApp2.getSharedRODir(), OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(sharedApp2, owner, sharedApp1.getSharedRODir(), 0);
+ runAccessTest(sharedApp2, owner, sharedApp2.getSharedRODir(), R_OK|W_OK|X_OK);
}
}
RUNNER_CHILD_TEST(security_manager_84_install_uninstall_shared_ro_two_apps_in_one_pkg)
{
std::string sharedPkgName = "sm_test_86";
+ auto &owner = ownerUser();
+ auto ownerUid = owner.getUid();
for (const auto &version : versionCombinations) {
- AppInstallHelper nonSharedApp("sm_test_86_nonshared", OWNER_UID, version.first);
+ AppInstallHelper nonSharedApp("sm_test_86_nonshared", ownerUid, version.first);
ScopedInstaller nonSharedAppInstall(nonSharedApp);
// Apps from the same package
- AppInstallHelper sharedApp1("sm_test_86_shared1", sharedPkgName, OWNER_UID, version.second);
+ AppInstallHelper sharedApp1("sm_test_86_shared1", sharedPkgName, ownerUid, version.second);
sharedApp1.createSharedRODir(1);
ScopedInstaller sharedAppInstall1(sharedApp1);
- AppInstallHelper sharedApp2("sm_test_86_shared2", sharedPkgName, OWNER_UID, version.second);
+ AppInstallHelper sharedApp2("sm_test_86_shared2", sharedPkgName, ownerUid, version.second);
sharedApp2.createSharedRODir(2);
ScopedInstaller sharedAppInstall2(sharedApp2);
sharedAppInstall1.uninstallApp();
- runAccessTest(nonSharedApp, sharedApp2.getSharedRODir(2), OWNER_UID, OWNER_GID, R_OK|X_OK);
- runAccessTest(sharedApp2, sharedApp2.getSharedRODir(2),
- OWNER_UID, OWNER_GID, R_OK|W_OK|X_OK);
+ runAccessTest(nonSharedApp, owner, sharedApp2.getSharedRODir(2), R_OK|X_OK);
+ runAccessTest(sharedApp2, owner, sharedApp2.getSharedRODir(2), R_OK|W_OK|X_OK);
}
}
#include <scoped_installer.h>
#include <sm_api.h>
#include <sm_commons.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <tests_common.h>
#include <tzplatform.h>
RUNNER_TEST(security_manager_54_path_req_no_pkg)
{
- TemporaryTestUser user("sm_test_54_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_54_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_54", user.getUid());
app.createPrivateDir();
RUNNER_TEST(security_manager_55_path_req_empty_pkg)
{
- TemporaryTestUser user("sm_test_55_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_55_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_55", user.getUid());
app.createPrivateDir();
RUNNER_TEST(security_manager_57_path_req_wrong_uid)
{
- TemporaryTestUser user("sm_test_57_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_57_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_57", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_TEST(security_manager_58_path_req_empty_paths)
{
- TemporaryTestUser user("sm_test_58_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_58_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_58", user.getUid());
PathsRequest req;
RUNNER_TEST(security_manager_59_path_req_as_root_positive)
{
- TemporaryTestUser user("sm_test_59_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_59_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_59", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_TEST(security_manager_59a_path_req_as_root_positive_realpath_check)
{
- TemporaryTestUser user("sm_test_59a_user_name", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_59a_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_59a", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_60_path_req_as_user_positive)
{
- TemporaryTestUser user("sm_test_60_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_60_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_60", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_60a_path_req_as_user_positive_realpath_check)
{
- TemporaryTestUser user("sm_test_60a_user_name", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_60a_user_name", GUM_USERTYPE_NORMAL);
AppInstallHelper app("sm_test_60a", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_61_path_req_different_user)
{
- TemporaryTestUser user1("sm_test_61_1_user_name", GUM_USERTYPE_NORMAL, false);
- user1.create();
- TemporaryTestUser user2("sm_test_61_2_user_name", GUM_USERTYPE_NORMAL, false);
- user2.create();
+ TestUser user1 =
+ TestUser::createTemporary("sm_test_61_1_user_name", GUM_USERTYPE_NORMAL, false);
+ TestUser user2 =
+ TestUser::createTemporary("sm_test_61_2_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_61", user2.getUid());
ScopedInstaller appInstall(app);
RUNNER_TEST(security_manager_62_path_req_path_outside)
{
- TemporaryTestUser user1("sm_test_62_1_user_name", GUM_USERTYPE_NORMAL, false);
- user1.create();
- TemporaryTestUser user2("sm_test_62_2_user_name", GUM_USERTYPE_NORMAL, false);
- user2.create();
+ TestUser user1 =
+ TestUser::createTemporary("sm_test_62_1_user_name", GUM_USERTYPE_NORMAL, false);
+ TestUser user2 =
+ TestUser::createTemporary("sm_test_62_2_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_62", user1.getUid());
AppInstallHelper differentUserApp("sm_test_62", user2.getUid());
RUNNER_CHILD_TEST(security_manager_63a_path_req_as_user)
{
- TemporaryTestUser user("sm_test_63_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_63_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_63", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_63b_path_req_preloaded_as_user)
{
- TemporaryTestUser user("sm_test_63_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_63_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_63", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_TEST(security_manager_64a_path_req_as_local_as_root)
{
- TemporaryTestUser user("sm_test_64_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_64_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_64", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_CHILD_TEST(security_manager_64b_path_req_as_local_as_global_user)
{
- TemporaryTestUser user("sm_test_64_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_64_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_64", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_TEST(security_manager_67_path_req_shared_ro_3_0)
{
- TemporaryTestUser user("sm_test_67_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_67_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_67", user.getUid());
app.setVersion("3.0");
RUNNER_TEST(security_manager_68_path_req_shared_ro_2_X)
{
- TemporaryTestUser user("sm_test_68_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_68_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_68", user.getUid());
app.setVersion("2.4");
RUNNER_TEST(security_manager_69_path_req_trusted_rw_no_author)
{
- TemporaryTestUser user("sm_test_69_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_69_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_69", user.getUid());
ScopedInstaller appInstall(app);
RUNNER_TEST(security_manager_70_path_req_trusted_rw_positive)
{
- TemporaryTestUser user("sm_test_70_user_name", GUM_USERTYPE_NORMAL, false);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_70_user_name", GUM_USERTYPE_NORMAL, false);
AppInstallHelper app("sm_test_70", user.getUid());
app.setAuthor("sm_test_70_author");
#include <scoped_installer.h>
#include <scoped_app_launcher.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <app_install_helper_ext.h>
#include <sm_policy_request.h>
#include <privilege_names.h>
RUNNER_CHILD_TEST(smack_privileges_40_different_users_one_after_another, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_40_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_40_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app("sm_test_sp_40_app");
app.addPrivileges({PRIV_INTERNET});
RUNNER_CHILD_TEST(smack_privileges_70_different_users_simultaneously, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_70_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_70_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app("sm_test_sp_70_app");
app.addPrivileges({PRIV_INTERNET});
RUNNER_CHILD_TEST(smack_privileges_90_user_removal, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_90_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_90_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app("sm_test_sp_90_app", testUser.getUid());
app.addPrivileges({PRIV_INTERNET});
RUNNER_CHILD_TEST(smack_privileges_120_policy_change_while_running, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_120_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_120_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app("sm_test_sp_120_app", testUser.getUid());
app.addPrivileges({PRIV_INTERNET});
RUNNER_CHILD_TEST(smack_privileges_130_different_users_and_policies, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_130_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_130_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app("sm_test_sp_130_app");
app.addPrivileges({PRIV_INTERNET});
RUNNER_CHILD_TEST(smack_privileges_140_two_users_sequence, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_140_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_140_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app("sm_test_sp_140_app");
app.addPrivileges({PRIV_INTERNET});
RUNNER_CHILD_TEST(smack_privileges_150_independent_apps, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_150_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_150_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app1("sm_test_sp_150_app1", testUser.getUid());
AppInstallHelperExt app2("sm_test_sp_150_app2", testUser.getUid());
RUNNER_CHILD_TEST(smack_privileges_160_nonhybrid_package, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_160_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_160_user_name", GUM_USERTYPE_NORMAL, true);
constexpr char pkgPrefix[] = "sm_test_sp_160_pkg";
RUNNER_CHILD_TEST(smack_privileges_170_hybrid_package, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_170_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_170_user_name", GUM_USERTYPE_NORMAL, true);
constexpr char pkgPrefix[] = "sm_test_sp_170_pkg";
RUNNER_CHILD_TEST(smack_privileges_180_hybrid_package_both_apps_privileged, InternetOnlySetup)
{
- TemporaryTestUser testUser("sm_test_180_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_180_user_name", GUM_USERTYPE_NORMAL, true);
constexpr char pkgPrefix[] = "sm_test_sp_180_pkg";
RUNNER_CHILD_TEST(smack_privileges_320_multi_policy_all_privs, MultiplePrivsSetup)
{
- TemporaryTestUser testUser("sm_test_320_user_name", GUM_USERTYPE_NORMAL, true);
- testUser.create();
+ TestUser testUser =
+ TestUser::createTemporary("sm_test_320_user_name", GUM_USERTYPE_NORMAL, true);
AppInstallHelperExt app("sm_test_sp_320_app", testUser.getUid());
app.addPrivileges({PRIV_CAMERA, PRIV_INTERNET});
#include <sm_api.h>
#include <sm_commons.h>
#include <sm_request.h>
-#include <temp_test_user.h>
+#include <test_user.h>
#include <tests_common.h>
#include <tzplatform.h>
RUNNER_CHILD_TEST(security_manager_43_app_install_with_trusted_path)
{
- TemporaryTestUser user("sm_test_43_user_name", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_43_user_name", GUM_USERTYPE_NORMAL);
const std::string authorId = "sm_test_43_author_id";
* Deinstalation of app1 must not remove access from system processes to trusted paths
*/
void test_46_pkgId_deinstallation(bool isFirstOneHybrid, bool isSecondOneHybrid) {
- TemporaryTestUser user("sm_test_46_user_name", GUM_USERTYPE_NORMAL);
- user.create();
+ TestUser user =
+ TestUser::createTemporary("sm_test_46_user_name", GUM_USERTYPE_NORMAL);
const std::string authorId = "sm_test_46_author_id";
projects / platform / core / test / security-tests.git / commitdiff