#include <app_install_helper.h>
#include <scoped_installer.h>
+namespace CynaraClient {
+class Client
+{
+public:
+ Client();
+ virtual ~Client();
+
+ void check(const std::string &client, const std::string &session,
+ const std::string &user, const std::string &privilege,
+ int expectedResult = CYNARA_API_ACCESS_ALLOWED);
+
+private:
+ struct cynara *m_cynara;
+};
+
+Client::Client()
+ : m_cynara(nullptr)
+{
+ int ret = cynara_initialize(&m_cynara, nullptr);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
+ "cynara_initialize failed. ret: " << ret);
+ RUNNER_ASSERT_MSG(m_cynara != nullptr, "cynara struct was not initialized");
+}
+
+Client::~Client()
+{
+ cynara_finish(m_cynara);
+}
+
+void Client::check(const std::string &client, const std::string &session,
+ const std::string &user, const std::string &privilege,
+ int expectedResult)
+{
+ int ret = cynara_check(m_cynara, client.c_str(), session.c_str(), user.c_str(), privilege.c_str());
+ RUNNER_ASSERT_MSG(ret == expectedResult,
+ "cynara_check returned wrong value: "
+ << ret << " != " << expectedResult << "."
+ << " client: " << formatCstr(client.c_str()) << ","
+ << " session: " << formatCstr(session.c_str()) << ","
+ << " user: " << formatCstr(user.c_str()) << ","
+ << " privilege: " << formatCstr(privilege.c_str()));
+}
+
+} //namespace CynaraClient
+
RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_APP_DEFINED_PRIVILEGE)
using namespace SecurityManagerTest;
+using namespace CynaraClient;
-RUNNER_CHILD_TEST(app_defined_01_global_install)
+RUNNER_CHILD_TEST(app_defined_01_global_install_untrusted)
{
const std::string privilege = "http://tizen.org/applicationDefinedPrivilege/app_defined_01";
const app_defined_privilege_type type = SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED;
const std::string ownerId = "5001";
const std::string session = "S0M3S3SSI0N";
- struct cynara *m_cynara = nullptr;
-
AppInstallHelper provider(providerAppId);
AppInstallHelper consumer(consumerAppId);
ScopedInstaller req1(provider);
ScopedInstaller req2(consumer);
- int ret = cynara_initialize(&m_cynara, nullptr);
- RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
- "cynara_initialize failed. ret: " << ret);
- RUNNER_ASSERT_MSG(m_cynara != nullptr, "cynara struct was not initialized");
-
- ret = cynara_check(
- m_cynara,
- consumerLabel.c_str(),
- session.c_str(),
- ownerId.c_str(),
- privilege.c_str());
+ Client cynara;
+ cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
- cynara_finish(m_cynara);
+ // uninstall provider
+ req1.uninstallApp();
- RUNNER_ASSERT_MSG(ret == CYNARA_API_ACCESS_ALLOWED,
- "cynara_check returned wrong value: "
- << ret << " != " << CYNARA_API_ACCESS_ALLOWED << "."
- << " client: " << consumerLabel << ","
- << " session: " << session << ","
- << " user: " << ownerId << ","
- << " privilege: " << privilege);
+ cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
}
-RUNNER_CHILD_TEST(app_defined_02_global_install)
+RUNNER_CHILD_TEST(app_defined_02_global_install_licensed)
{
const std::string privilege = "http://tizen.org/licensedPrivilege/app_defined_02";
const app_defined_privilege_type type = SM_APP_DEFINED_PRIVILEGE_TYPE_LICENSED;
const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
- struct cynara *m_cynara = nullptr;
-
AppInstallHelper provider(providerAppId);
AppInstallHelper consumer(consumerAppId);
ScopedInstaller req1(provider);
ScopedInstaller req2(consumer);
- int ret = cynara_initialize(&m_cynara, nullptr);
- RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
- "cynara_initialize failed. ret: " << ret);
- RUNNER_ASSERT_MSG(m_cynara != nullptr, "cynara struct was not initialized");
-
- ret = cynara_check(
- m_cynara,
- consumerLabel.c_str(),
- session.c_str(),
- ownerId.c_str(),
- privilege.c_str());
+ Client cynara;
+ cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
- cynara_finish(m_cynara);
+ // uninstall provider
+ req1.uninstallApp();
- RUNNER_ASSERT_MSG(ret == CYNARA_API_ACCESS_ALLOWED,
- "cynara_check returned wrong value: "
- << ret << " != " << CYNARA_API_ACCESS_ALLOWED << "."
- << " client: " << consumerLabel << ","
- << " session: " << session << ","
- << " user: " << ownerId << ","
- << " privilege: " << privilege);
+ cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
}
-RUNNER_CHILD_TEST(app_defined_03_database_update_fixed)
+RUNNER_CHILD_TEST(app_defined_03_database_update)
{
// Because of a bug in implementation during installation of
// providerB privileges of providerA were deleted from cynara
// database. This test should check if bug was fixed.
- const std::string privilegeA = "http://tizen.org/licensedPrivilege/app_define_03a";
- const std::string privilegeB = "http://tizen.org/licensedPrivilege/app_define_03b";
+ const std::string privilegeA = "http://tizen.org/licensedPrivilege/app_defined_03a";
+ const std::string privilegeB = "http://tizen.org/licensedPrivilege/app_defined_03b";
const app_defined_privilege_type type = SM_APP_DEFINED_PRIVILEGE_TYPE_LICENSED;
const std::string providerAppIdA = "app_def_03a_provider_appid";
const std::string providerAppIdB = "app_def_03b_provider_appid";
const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
- struct cynara *m_cynara = nullptr;
-
AppInstallHelper providerA(providerAppIdA);
AppInstallHelper providerB(providerAppIdB);
AppInstallHelper consumer(consumerAppId);
providerA.addAppDefinedPrivilege(std::make_pair(privilegeA, type));
providerB.addAppDefinedPrivilege(std::make_pair(privilegeB, type));
consumer.addPrivilege(privilegeA);
+ consumer.addPrivilege(privilegeB);
ScopedInstaller req1(providerA);
ScopedInstaller req2(providerB);
ScopedInstaller req3(consumer);
- int ret = cynara_initialize(&m_cynara, nullptr);
- RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
- "cynara_initialize failed. ret: " << ret);
- RUNNER_ASSERT_MSG(m_cynara != nullptr, "cynara struct was not initialized");
+ Client cynara;
+ cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
- ret = cynara_check(
- m_cynara,
- consumerLabel.c_str(),
- session.c_str(),
- ownerId.c_str(),
- privilegeA.c_str());
+ // uninstall providerA
+ req1.uninstallApp();
- cynara_finish(m_cynara);
-
- RUNNER_ASSERT_MSG(ret == CYNARA_API_ACCESS_ALLOWED,
- "cynara_check returned wrong value: "
- << ret << " != " << CYNARA_API_ACCESS_ALLOWED << "."
- << " client: " << consumerLabel << ","
- << " session: " << session << ","
- << " user: " << ownerId << ","
- << " privilege: " << privilegeA);
-}
+ cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ // uninstall providerB
+ req2.uninstallApp();
+ cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
+}
projects / platform / core / test / security-tests.git / commitdiff