security-manager-tests: fix security_manager_48_groups_get

This test case is verifying whether security_manager_groups_get() returns
proper array of groups currently mapped to any of known privileges.

The test case expected the function only to return groups explicitly added
by security-tests. But now this feature is actively used on the image. There
are groups mapped to privileges, that are not setup by security-tests, but
are part of the system security policy.

Fix the test case by reading mapping from
/usr/share/security-manager/policy/privilege-group.list.
The groups configured in that file are now also expected.

Change-Id: I01ccc45a773b774144ab7f04f7c48bb2192c5ce1

diff --git a/src/security-manager-tests/security_manager_tests.cpp b/src/security-manager-tests/security_manager_tests.cpp
index 02ae726..73e6c21 100644 (file)
--- a/src/security-manager-tests/security_manager_tests.cpp
+++ b/src/security-manager-tests/security_manager_tests.cpp
@@ -15,6 +15,7 @@
 
 #include <algorithm>
 #include <fstream>
+#include <regex>
 #include <string>
 #include <unordered_set>
 
@@ -3682,19 +3683,42 @@ RUNNER_CHILD_TEST(security_manager_47_app_has_privilege)
     Api::uninstall(requestUninst);
 }
 
-void setupPriviligeGroups(const privileges_t &priviliges, const std::vector<std::string> &groups)
+void setupPrivilegeGroups(const privileges_t &privileges, const std::vector<std::string> &groups)
 {
     TestSecurityManagerDatabase db;
-    for (const auto &privilege : priviliges) {
+    for (const auto &privilege : privileges) {
         db.setup_privilege_groups(privilege, groups);
     }
 }
 
+std::vector<std::string> readPrivilegeGroups()
+{
+    std::vector<std::string> groups;
+    const static std::string privilegeGroupMappingPath("/usr/share/security-manager/policy/privilege-group.list");
+    std::ifstream mappingFile(privilegeGroupMappingPath);
+
+    RUNNER_ASSERT_MSG(mappingFile.is_open(),
+        "Unable to read group mapping file " << privilegeGroupMappingPath);
+
+    std::string line;
+    std::regex r("^[^ #]+ +(.*)");
+    while (std::getline(mappingFile, line)) {
+        std::smatch m;
+        if (std::regex_search(line, m, r))
+            groups.push_back(m[1]);
+    }
+
+    return groups;
+}
+
 RUNNER_TEST(security_manager_48_groups_get)
 {
-    const auto &groups = SM_ALLOWED_GROUPS;
-    const auto &priviliges = SM_ALLOWED_PRIVILEGES;
-    setupPriviligeGroups(priviliges, groups);
+    setupPrivilegeGroups(SM_ALLOWED_PRIVILEGES, SM_ALLOWED_GROUPS);
+
+    std::unordered_set<std::string> groups;
+    auto tmp = readPrivilegeGroups();
+    groups.insert(tmp.begin(), tmp.end());
+    groups.insert(SM_ALLOWED_GROUPS.begin(), SM_ALLOWED_GROUPS.end());
 
     char ** c_groups;
     size_t count = 0;
@@ -3711,7 +3735,7 @@ RUNNER_TEST(security_manager_48_groups_get)
                 break;
             }
         }
-        RUNNER_ASSERT_MSG(found, "PriviligeGroup: " << group << " was not found");
+        RUNNER_ASSERT_MSG(found, "PrivilegeGroup: " << group << " was not found");
     }
     security_manager_groups_free(c_groups, count);
 }