records instead of existance of files.
[Issue#] SSDWSSP-644
[Feature] Tests need database records access
[Cause] Tests should verify libprivilege actions by
checking database records
[Solution] Sqlite3 access API, tests use database instead
of files
[Verification] Build security-tests, run two following
libprivilege-control tests on target:
privilege_control04_add_permissions_nosmack,
privilege_control11_app_enable_permissions_nosmack.
Change-Id: I0c229f67a6791e9f8f850494eedebc925cf63ad3
BuildRequires: pkgconfig(dlog)
BuildRequires: pkgconfig(dbus-1)
BuildRequires: pkgconfig(dbus-glib-1)
+BuildRequires: pkgconfig(libiri)
+BuildRequires: pkgconfig(sqlite3)
Requires: smack
Requires: libprivilege-control
# @file CMakeLists.txt
# @author Jan Olszak (j.olszak@samsung.com)
# @author Rafal Krypa (r.krypa@samsung.com)
+# @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
# @version 0.1
# @brief
#
libsmack
libprivilege-control
dpl-test-efl
+ sqlite3
REQUIRED
+ libiri
)
#files to compile
SET(LPC_TARGET_TEST_SOURCES
+ ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/db_sqlite.cpp
+ ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/db.cpp
+ ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/duplicates.cpp
${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/libprivilege-control-test.cpp
${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_cases.cpp
${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_cases_nosmack.cpp
--- /dev/null
+/*
+ * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file libprivilege-control_test_db.cpp
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
+ * @version 1.0
+ * @brief libprivilege-control tests database record check functions
+ */
+
+#include <dpl/test/test_runner.h>
+#include <privilege-control.h>
+#include <sstream>
+#include <string.h>
+#include "db.h"
+#include "db_sqlite.h"
+#include "duplicates.h"
+
+const std::string DBASE_PATH = "/opt/dbspace/.rules-db.db3";
+const std::string ALL_APPS ="ALL_APPS";
+
+const int PERMISSION_VOLATILE = 1;
+const int PERMISSION_PERSISTENT = 0;
+
+const int PERMISSION_ENABLED = 1;
+const int PERMISSION_DISABLED = 0;
+
+using std::ostringstream;
+using std::string;
+
+TestLibPrivilegeControlDatabase::TestLibPrivilegeControlDatabase() : m_base(DBASE_PATH)
+{
+}
+
+void TestLibPrivilegeControlDatabase::test_db_after__perm_app_install(const Tracker& tracker,
+ const char* name)
+{
+ if(!m_base.is_open())
+ m_base.open(tracker);
+
+ app_label(tracker, name);
+ app_permission(tracker, name, ALL_APPS, ALL_APPS,
+ PERMISSION_PERSISTENT, PERMISSION_ENABLED);
+}
+
+void TestLibPrivilegeControlDatabase::test_db_after__perm_app_uninstall(const Tracker& tracker,
+ const char* name)
+{
+ if(!m_base.is_open())
+ m_base.open(tracker);
+
+ app_not_label(tracker, name);
+}
+
+void TestLibPrivilegeControlDatabase::test_db_after__perm_app_enable_permissions(
+ const Tracker& tracker, const char* name, app_type_t app_type, const char** perm_list,
+ bool persistent)
+{
+ if(!m_base.is_open())
+ m_base.open(tracker);
+
+ string permission_type_name = app_type_name(app_type);
+ string permission_group_type_name = app_type_group_name(app_type);
+ const int is_volatile = persistent ? PERMISSION_PERSISTENT : PERMISSION_VOLATILE;
+ string permission_name;
+ int ret;
+
+ app_permission(tracker, name, permission_type_name, permission_type_name, is_volatile,
+ PERMISSION_ENABLED);
+
+ int i;
+ for(i = 0; perm_list[i] != NULL; ++i) {
+ // Ignore empty lines
+ if(strspn(perm_list[i], " \t\n") == strlen(perm_list[i]))
+ continue;
+
+ ret = base_name_from_perm(perm_list[i], permission_name);
+ RUNNER_ASSERT_MSG(ret == PC_OPERATION_SUCCESS,
+ "DB: Error testing \"" << __FUNCTION__ <<
+ "\": permission : <" << perm_list[i] <<
+ "> cannot be converted to basename (iri parse error)");
+ app_permission(tracker, name, permission_name, permission_group_type_name,
+ is_volatile, PERMISSION_ENABLED);
+ }
+}
+
+void TestLibPrivilegeControlDatabase::app_label(const Tracker& tracker, const std::string& app_name)
+{
+ Sqlite3DBaseSelectResult result;
+ ostringstream sql;
+ sql << "SELECT app_id FROM app "
+ "NATURAL JOIN label "
+ "WHERE name == '" << app_name << "' ;";
+ m_base.execute(tracker, sql.str(), result);
+
+ RUNNER_ASSERT_MSG(result.rows.size() == 1 && result.rows[0].size() == 1,
+ "DB: Error testing \"" << tracker.str() << "\": querry : <" << sql.str() <<
+ "> returned [" << result.rows.size() << "] rows");
+}
+
+void TestLibPrivilegeControlDatabase::app_not_label(const Tracker& tracker,
+ const std::string& app_name)
+{
+ Sqlite3DBaseSelectResult result;
+ ostringstream sql;
+ sql << "SELECT label_id FROM label "
+ "WHERE name == '" << app_name << "' ;";
+ m_base.execute(tracker, sql.str(), result);
+
+ RUNNER_ASSERT_MSG(result.rows.size() == 0,
+ "DB: Error testing \"" << tracker.str() << "\": querry : <" << sql.str() <<
+ "> returned [" << result.rows.size() << "] rows");
+}
+
+void TestLibPrivilegeControlDatabase::app_permission(const Tracker& tracker,
+ const std::string& app_name, const std::string& permission_name,
+ const std::string& permission_type_name, int is_volatile, int is_enabled)
+{
+ Sqlite3DBaseSelectResult result;
+ ostringstream sql;
+ sql << "SELECT * FROM app_permission "
+ "INNER JOIN app USING(app_id) "
+ "INNER JOIN permission USING(permission_id) "
+ "INNER JOIN permission_type USING(permission_type_id)"
+ "INNER JOIN label USING(label_id)"
+ "WHERE "
+ "label.name == '" << app_name << "' "
+ "AND app_permission.is_enabled == " << is_enabled << " "
+ "AND app_permission.is_volatile == " << is_volatile << " "
+ "AND permission.name == '" << permission_name << "' "
+ "AND permission_type.type_name == '" << permission_type_name << "' "
+ ";";
+ m_base.execute(tracker, sql.str(), result);
+
+ RUNNER_ASSERT_MSG(result.rows.size() == 1,
+ "DB: Error testing \"" << tracker.str() << "\": querry : <" << sql.str() <<
+ "> returned [" << result.rows.size() << "] rows");
+}
--- /dev/null
+/*
+ * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file libprivilege-control_test_db.h
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
+ * @version 1.0
+ * @brief libprivilege-control tests database record check functions
+ */
+
+#ifndef LIBPRIVILEGE_CONTROL_TEST_DB_H_
+#define LIBPRIVILEGE_CONTROL_TEST_DB_H_
+
+#include <privilege-control.h>
+#include <tracker.h>
+#include "db_sqlite.h"
+
+/**
+ * @class TestLibPrivilegeControlDatabase
+ * @brief Class containing methods for testing libprivlege database.
+ */
+class TestLibPrivilegeControlDatabase
+{
+public:
+/**
+ * @brief A constructor
+ */
+ TestLibPrivilegeControlDatabase();
+
+/**
+ * @brief A destructor
+ */
+ ~TestLibPrivilegeControlDatabase() = default;
+
+/**
+ * @brief Method for testing database after "perm_app_install" was run.
+ *
+ * It checks existence of proper: label, app records and permission for ALL_APPS for installed app.
+ *
+ * @param tracker make assertion comments if error more useful
+ * @param name name of installed app
+ */
+ void test_db_after__perm_app_install(const Tracker& tracker, const char* name);
+
+/**
+ * @brief Method for testing database after "perm_app_install" was run.
+ *
+ * It checks existence of proper: label, app records and permission for ALL_APPS for installed app.
+ *
+ * @param tracker make assertion comments if error more useful
+ * @param name name of installed app
+ */
+ void test_db_after__perm_app_uninstall(const Tracker& tracker, const char* name);
+
+/**
+ * @brief Method for testing database after "perm_app_enable_permissions" was run.
+ *
+ * It checks existence of proper permissions from perm_list and main permission for whole app_type.
+ *
+ * @param tracker make assertion comments if error more useful
+ * @param name name of application
+ * @param app_type type of application (EFL, WRT, etc. )
+ * @param perm_list list of permission to enable
+ * @param persistent persistence or volatileness of permissions
+ */
+ void test_db_after__perm_app_enable_permissions(const Tracker& tracker, const char* name,
+ app_type_t app_type, const char** perm_list, bool persistent);
+
+private:
+/**
+ * @var base
+ * @brief Sqlite3DBase object giving simple access to database
+ *
+ * Connection to database is open first time it is needed
+ * and closed in destructor of TestLibPrivilegeControlDatabase.
+ */
+ Sqlite3DBase m_base;
+
+/**
+ * @brief Check existence of label related records for given app.
+ *
+ * @param tracker make assertion comments if error more useful
+ * @param app_name name of application
+ */
+ void app_label(const Tracker& tracker, const std::string& app_name);
+
+/**
+ * @brief Check absence of label record for given app.
+ *
+ * @param tracker make assertion comments if error more useful
+ * @param app_name name of application
+ */
+ void app_not_label(const Tracker& tracker, const std::string& app_name);
+
+/**
+ * @brief It checks existence of single permission.
+ * @param tracker make assertion comments if error more useful
+ * @param app_name name of application
+ * @param permission_name name of permission
+ * @param permission_type_name name of permission type
+ * @param is_volatile persistence or volatileness of permissions
+ * @param is_enabled permission enable flag
+ */
+ void app_permission(const Tracker& tracker, const std::string& app_name,
+ const std::string& permission_name, const std::string& permission_type_name,
+ int is_volatile, int is_enabled);
+};
+
+#endif /* LIBPRIVILEGE_CONTROL_TEST_DB_H_ */
--- /dev/null
+/*
+ * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file libprivilege-control_test_db_sqlite.cpp
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
+ * @version 1.0
+ * @brief libprivilege-control tests API for sqlite3 database access
+ */
+
+#include <dpl/test/test_runner.h>
+#include "db_sqlite.h"
+
+Sqlite3DBase::Sqlite3DBase(const std::string& db_path, int flags)
+ : m_db_handle(NULL), m_db_path(db_path), m_flags(flags)
+{
+}
+
+Sqlite3DBase::~Sqlite3DBase()
+{
+ sqlite3_close(m_db_handle);
+}
+
+#define VFS_NOT_USED NULL
+
+void Sqlite3DBase::open(const Tracker& tracker)
+{
+ if(m_db_handle) //database already opened
+ return;
+
+ int ret = sqlite3_open_v2(m_db_path.c_str(), &m_db_handle, m_flags, VFS_NOT_USED);
+ RUNNER_ASSERT_MSG(m_db_handle,
+ "DB: Error testing \"" << tracker.str() <<
+ "\" Sqlite3DBase: Error opening the database: Unable to allocate memory.");
+ RUNNER_ASSERT_MSG(ret == SQLITE_OK,
+ "DB: Error testing \"" << tracker.str() <<
+ "\" Sqlite3DBase: Error opening the database: " <<
+ sqlite3_errmsg(m_db_handle));
+}
+
+void Sqlite3DBase::close(const Tracker& tracker)
+{
+ int ret = sqlite3_close(m_db_handle);
+ RUNNER_ASSERT_MSG(ret == SQLITE_OK,
+ "DB: Error testing \"" << tracker.str() <<
+ "\" Sqlite3DBase: Error closing the database: " <<
+ sqlite3_errmsg(m_db_handle));
+
+ m_db_handle = NULL;
+}
+
+bool Sqlite3DBase::is_open(void) const
+{
+ return !!m_db_handle;
+}
+
+void Sqlite3DBase::execute(const Tracker& tracker, const std::string& sql_querry,
+ Sqlite3DBaseSelectResult& result)
+{
+ char* tmp = NULL;
+ std::string errmsg;
+
+ int ret = sqlite3_exec(m_db_handle, sql_querry.c_str(), callback, &result, &tmp);
+ if(tmp) {
+ errmsg.assign(tmp);
+ }
+ sqlite3_free(tmp);
+
+ RUNNER_ASSERT_MSG(ret == SQLITE_OK || ret == SQLITE_ABORT,
+ "DB: Error testing \"" << tracker.str() <<
+ "\" Sqlite3DBase: Error executing statement <" << sql_querry << "> : " <<
+ errmsg);
+}
+
+int Sqlite3DBase::callback(void* p_result, int cols, char** data, char** header)
+{
+ int i;
+ Sqlite3DBaseSelectResult* result = static_cast<Sqlite3DBaseSelectResult*>(p_result);
+
+ // if this is first record get column names
+ if(result->rows.empty()) {
+ for(i = 0; i < cols; ++i) {
+ result->header.push_back(header[i] ? header[i] : "");
+ }
+ }
+ result->rows.push_back(Sqlite3Row());
+ for(i = 0; i < cols; ++i) {
+ result->rows.back().push_back(data[i] ? data[i] : "");
+ }
+ return SQLITE_OK;
+}
--- /dev/null
+/*
+ * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file libprivilege-control_test_db_sqlite.h
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
+ * @version 1.0
+ * @brief libprivilege-control tests API for sqlite3 database access
+ */
+
+#ifndef LIBPRIVILEGE_CONTROL_TEST_DB_SQLITE_H_
+#define LIBPRIVILEGE_CONTROL_TEST_DB_SQLITE_H_
+
+#include <vector>
+#include <string>
+#include <sqlite3.h>
+#include <tracker.h>
+
+/**
+ * @def DB_SQLITE_READWRITE_FLAG
+ * @brief Sqlite3 flag set for opening database in RW mode
+ */
+#define DB_SQLITE_READWRITE_FLAG SQLITE_OPEN_NOMUTEX | SQLITE_OPEN_PRIVATECACHE \
+ | SQLITE_OPEN_READWRITE
+
+/**
+ * @def DB_SQLITE_READONLY_FLAG
+ * @brief Sqlite3 flag set for opening database in RO mode
+ */
+#define DB_SQLITE_READONLY_FLAG SQLITE_OPEN_NOMUTEX | SQLITE_OPEN_PRIVATECACHE \
+ | SQLITE_OPEN_READONLY
+
+/**
+ * @typedef Sqlite3HeaderName
+ * @brief Holds single column name of sqlite select querry response.
+ */
+typedef std::string Sqlite3HeaderName;
+
+/**
+ * @typedef Sqlite3HeaderNameVector
+ * @brief Holds column names vector of sqlite select querry response.
+ */
+typedef std::vector<Sqlite3HeaderName> Sqlite3HeaderNameVector;
+
+/**
+ * @typedef Sqlite3RowCell
+ * @brief Holds single cell of row of sqlite select querry response.
+ */
+typedef std::string Sqlite3RowCell;
+
+/**
+ * @typedef Sqlite3Row
+ * @brief Holds single row of sqlite select querry response.
+ */
+typedef std::vector<Sqlite3RowCell> Sqlite3Row;
+
+/**
+ * @typedef Sqlite3RowVector
+ * @brief Holds multiple rows of sqlite select querry response.
+ */
+typedef std::vector<Sqlite3Row> Sqlite3RowVector;
+
+/**
+ * @class Sqlite3DBaseSelectResult
+ * @brief Sqlite3 select querry response.
+ *
+ * Fields are public as there is no complicated logic to operate on them
+ */
+struct Sqlite3DBaseSelectResult
+{
+/**
+ * @var header
+ * @brief Sqlite select querry column names
+ */
+ Sqlite3HeaderNameVector header;
+
+/**
+ * @var rows
+ * @brief Sqlite select querry rows vector
+ */
+ Sqlite3RowVector rows;
+};
+
+
+/**
+ * @class Sqlite3DBase
+ * @brief Simple interface for executing select statements on sqlite3 database
+ *
+ * Fields are public as there is no complicated logic to operate on them
+ */
+class Sqlite3DBase
+{
+public:
+/**
+ * @brief A constructor
+ *
+ * @param db_path path to database file
+ * @param flags sqlite3 flags defining database opening mode
+ * (default value DB_SQLITE_READONLY_FLAG)
+ */
+ Sqlite3DBase(const std::string& db_path, int flags = DB_SQLITE_READONLY_FLAG);
+
+/**
+ * @brief A destructor
+ */
+ ~Sqlite3DBase();
+
+/**
+ * @brief Open database.
+ *
+ * If database is already opened do nothing.
+ *
+ * @param tracker make assertion comments if error more useful
+ *
+ * @throw DPL::Test::TestRunner::TestFailed when opening database fails
+ */
+ void open(const Tracker& tracker);
+
+/**
+ * @brief Close database.
+ *
+ * @param tracker make assertion comments if error more useful
+ *
+ * @throw DPL::Test::TestRunner::TestFailed when closing database fails
+ */
+ void close(const Tracker& tracker);
+
+/**
+ * @brief Get database connection status.
+ *
+ * @return true if database is open
+ * false if database is closed
+ */
+ bool is_open(void) const;
+
+/**
+ * @brief Execute SQL querry on database
+ *
+ * @param tracker make assertion comments if error more useful
+ * @param sql_querry SQL querry
+ * @param result returned result
+ *
+ * @throw DPL::Test::TestRunner::TestFailed when execution of querry fails
+ */
+ void execute(const Tracker& tracker, const std::string& sql_querry,
+ Sqlite3DBaseSelectResult& result);
+
+private:
+/**
+ * @var db_handle
+ * @brief Handle to sqlite3 database
+ *
+ * NULL when database not opened.
+ */
+ sqlite3* m_db_handle;
+
+/**
+ * @var db_path
+ * @brief Path to database file
+ */
+ std::string m_db_path;
+
+/**
+ * @var flags
+ * @brief Sqlite3 flags defining database opening mode
+ */
+ int m_flags;
+
+/**
+ * @brief Callback used to aquire results from SQL query
+ *
+ * It is run by sqlite for every row in query result.
+ *
+ * @param p_result pointer to private data (Sqlite3DBaseSelectResult)
+ * @param cols number of columns in SQL result
+ * @param data array of strings containing single row
+ * @param header array of strings containing column names
+ * @return SQLITE_OK as we always know what to do with data
+ */
+ static int callback(void* p_result, int cols, char** data, char** header);
+};
+
+#endif /* LIBPRIVILEGE_CONTROL_TEST_DB_SQLITE_H_ */
--- /dev/null
+/*
+ * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file libprivilege-control_test_duplicates.cpp
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
+ * @version 1.0
+ * @brief libprivilege-control private functions duplicates
+ */
+
+#include <stdlib.h>
+#include <iri.h>
+#include <algorithm>
+#include <string>
+#include "duplicates.h"
+
+std::string app_type_name(app_type_t app_type)
+{
+ switch(app_type)
+ {
+ case PERM_APP_TYPE_WGT:
+ return "WRT";
+ case PERM_APP_TYPE_OSP:
+ return "OSP";
+ case PERM_APP_TYPE_WGT_PARTNER:
+ return "WRT_partner";
+ case PERM_APP_TYPE_WGT_PLATFORM:
+ return "WRT_platform";
+ case PERM_APP_TYPE_OSP_PARTNER:
+ return "OSP_partner";
+ case PERM_APP_TYPE_OSP_PLATFORM:
+ return "OSP_platform";
+ case PERM_APP_TYPE_EFL:
+ return "EFL";
+ default:
+ return "";
+ }
+}
+
+std::string app_type_group_name(app_type_t app_type)
+{
+ switch (app_type)
+ {
+ case PERM_APP_TYPE_WGT:
+ case PERM_APP_TYPE_WGT_PARTNER:
+ case PERM_APP_TYPE_WGT_PLATFORM:
+ return "WRT";
+ case PERM_APP_TYPE_OSP:
+ case PERM_APP_TYPE_OSP_PARTNER:
+ case PERM_APP_TYPE_OSP_PLATFORM:
+ return "OSP";
+ case PERM_APP_TYPE_EFL:
+ return "EFL";
+ default:
+ return "";
+ }
+}
+
+/*
+ * This function changes permission URI to basename for file name.
+ * For e.g. from http://tizen.org/privilege/contact.read will be
+ * created basename : org.tizen.privilege.contact.read
+ */
+int base_name_from_perm(const char *perm, std::string& name)
+{
+ iri_t *iris = iri_parse(perm);
+ if(iris == NULL || iris->host == NULL)
+ {
+ iri_destroy(iris);
+ return PC_ERR_INVALID_PARAM;
+ }
+
+ std::string host_dot;
+ std::string host;
+ std::string path;
+ std::string::size_type pos;
+
+ if(iris->path == NULL)
+ {
+ path = iris->host;
+ }
+ else
+ {
+ path = iris->path;
+ host = iris->host;
+ pos = host.rfind('.');
+ if(pos != std::string::npos)
+ {
+ host_dot = host.substr(pos + 1) + ".";
+ host = host.substr(0, pos);
+ }
+ }
+
+ iri_destroy(iris);
+
+ std::replace(path.begin(), path.end(), '/', '.');
+
+ name = host_dot + host + path;
+
+ return PC_OPERATION_SUCCESS;
+}
--- /dev/null
+/*
+ * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file libprivilege-control_test_duplicates.h
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
+ * @version 1.0
+ * @brief libprivilege-control private functions duplicates
+ */
+
+#ifndef LIBPRIVILEGE_CONTROL_TEST_DUPLICATES_H_
+#define LIBPRIVILEGE_CONTROL_TEST_DUPLICATES_H_
+
+#include <string>
+#include <privilege-control.h>
+
+/**
+ * @brief Get the permission family type name.
+ *
+ * @ingroup RDB internal functions test duplicate
+ *
+ * @param app_type type of the application
+ * @return PC_OPERATION_SUCCESS on success,
+ * error code otherwise
+ */
+std::string app_type_name(app_type_t app_type);
+
+/**
+ * @brief Get the permission type name
+ *
+ * @ingroup RDB internal functions test duplicate
+ *
+ * @param app_type type of the application
+ * @return PC_OPERATION_SUCCESS on success,
+ * error code otherwise
+ */
+std::string app_type_group_name(app_type_t app_type);
+
+/**
+ * @brief URI to basename conversion
+ *
+ * This function changes permission URI to basename for file name.
+ * For e.g. from http://tizen.org/privilege/contact.read will be
+ * created basename : org.tizen.privilege.contact.read
+ *
+ * @ingroup RDB internal functions test duplicate
+ *
+ * @param perm permission URI
+ * @param name created basename
+ * @return PC_OPERATION_SUCCESS on success,
+ * error code otherwise
+ */
+int base_name_from_perm(const char *perm, std::string& name);
+
+#endif /* LIBPRIVILEGE_CONTROL_TEST_DUPLICATES_H_ */
/*
* @file test_cases.cpp
* @author Zofia Abramowska (z.abramowska@samsung.com)
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
* @version 1.0
* @brief libprivilege-control tests commons
*/
#define SOCK_PATH "/tmp/test-smack-socket"
-#define SMACK_RULES_DIR "/opt/etc/smack-app/accesses.d/"
-
#define TEST_APP_DIR "/etc/smack/test_privilege_control_DIR/app_dir"
#define TEST_NON_APP_DIR "/etc/smack/test_privilege_control_DIR/non_app_dir"
int test_have_any_accesses(const rules_t &rules);
int test_have_nosmack_accesses(const rules_t &rules);
-void cleaning_smack_app_files (void);
-
void read_gids(std::set<unsigned> &set, const char *file_path);
void check_groups(const char *dac_file);
/**
* @file libprivilege-control-test.cpp
* @author Jan Olszak (j.olszak@samsung.com)
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
* @version 1.0
* @brief Main file for libprivilege-control unit tests.
*/
const char* PRIVS_AV[] = { "org.tizen.privilege.antivirus", NULL };
-void cleaning_smack_app_files (void)
-{
- unlink(SMACK_RULES_DIR APP_TEST_APP_1);
- unlink(SMACK_RULES_DIR APP_TEST_APP_2);
- unlink(SMACK_RULES_DIR APP_TEST_APP_3);
- unlink(SMACK_RULES_DIR APP_TEST_AV_1);
- unlink(SMACK_RULES_DIR APP_TEST_AV_2);
- unlink(SMACK_RULES_DIR APP_TEST_AV_3);
-}
-
/**
* Check if every rule is true.
* @return 1 if ALL rules in SMACK, 0 if ANY rule isn't, -1 on failure
* @file test_cases.cpp
* @author Jan Olszak (j.olszak@samsung.com)
* @author Rafal Krypa (r.krypa@samsung.com)
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
* @version 1.0
* @brief libprivilege-control test runner
*/
#include <dpl/log/log.h>
#include <tests_common.h>
#include <libprivilege-control_test_common.h>
+#include <tracker.h>
+#include "common/db.h"
#include <iostream>
RUNNER_TEST(privilege_control07_app_uninstall)
{
int result;
- int fd = -1;
DB_BEGIN
DB_END
- // checking if file really exists
- fd = open(SMACK_RULES_DIR APP_ID, O_RDONLY);
- RUNNER_ASSERT_MSG(fd == -1, "SMACK file NOT deleted after perm_app_uninstall");
- close(fd);
+ TestLibPrivilegeControlDatabase db_test;
+ db_test.test_db_after__perm_app_uninstall(TRACE_FROM_HERE, APP_ID);
}
/*
smack_revoke_subject(APP_TEST_AV_1);
smack_revoke_subject(APP_TEST_AV_2);
- cleaning_smack_app_files();
-
DB_BEGIN
// Adding two apps before antivir
// cleaning
smack_revoke_subject(APP_TEST_AV_1);
smack_revoke_subject(APP_TEST_AV_2);
-
- cleaning_smack_app_files();
}
#pragma GCC diagnostic warning "-Wdeprecated-declarations"
RUNNER_IGNORED_MSG("early rules are not implemented");
int result;
- int fd = -1;
int pass_1 = 0;
int pass_2 = 0;
char *single_line_format = NULL;
char rule_add[SMACK_ACC_LEN + 1] = {0};
char rule_remove[SMACK_ACC_LEN + 1] = {0};
- unlink(SMACK_RULES_DIR APP_ID);
-
DB_BEGIN
perm_app_uninstall(APP_ID);
DB_END
- // checking if file really exists
- fd = open(SMACK_RULES_DIR APP_ID, O_RDONLY);
- close(fd);
- RUNNER_ASSERT_MSG(fd >= 0, "File open failed: " << SMACK_RULES_DIR << APP_ID << " : " << fd << ". Errno: " << strerror(errno));
- fd = -1;
+ TestLibPrivilegeControlDatabase db_test;
+ db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, APP_ID);
+ db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, APP_TEST_APP_1);
DB_BEGIN
* @file test_cases.cpp
* @author Jan Olszak (j.olszak@samsung.com)
* @author Rafal Krypa (r.krypa@samsung.com)
+ * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com)
* @version 1.0
* @brief libprivilege-control test runner
*/
#include <privilege-control.h>
#include <tests_common.h>
#include <libprivilege-control_test_common.h>
+#include <tracker.h>
+#include "common/db.h"
#define APP_USER_NAME "app"
#define APP_HOME_DIR "/opt/home/app"
// Check if permission is assigned to app in db
check_app_has_permission(APP_ID, APP_TYPE_EFL, PRIVS_EFL, true);
+
+ TestLibPrivilegeControlDatabase db_test;
+ db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, APP_ID);
+ db_test.test_db_after__perm_app_enable_permissions(TRACE_FROM_HERE, APP_ID, APP_TYPE_EFL,
+ PRIVS_EFL, TRUE);
}
void set_app_privilege_nosmack(int line_no,
smack_revoke_subject(APP_TEST_AV_1);
smack_revoke_subject(APP_TEST_AV_2);
- cleaning_smack_app_files();
-
DB_BEGIN
// Adding two apps before antivir
// cleaning
smack_revoke_subject(APP_TEST_AV_1);
smack_revoke_subject(APP_TEST_AV_2);
-
- cleaning_smack_app_files();
-
}
#pragma GCC diagnostic warning "-Wdeprecated-declarations"
result = test_have_nosmack_accesses(rules2);
RUNNER_ASSERT_MSG(result == -1, "Permissions shouldn't be added. Result: " << result);
- // TODO check entry in database
+ TestLibPrivilegeControlDatabase db_test;
+ db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, WGT_APP_ID);
+ db_test.test_db_after__perm_app_enable_permissions(TRACE_FROM_HERE, WGT_APP_ID, APP_TYPE_WGT,
+ PRIVS2, TRUE);
DB_BEGIN
"Error revoking app permissions. Result: " << result);
DB_END
+
+ db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, WGT_APP_ID);
}
RUNNER_CHILD_TEST_NOSMACK(privilege_control11_app_enable_permissions_efl_nosmack)
projects / platform / core / test / security-tests.git / commitdiff