security_manager_policy_entry_free(m_entry);
}
+bool PolicyEntry::operator==(const PolicyEntry &other) const
+{
+ auto cmp = [](const std::pair<bool, std::string> &a, const std::pair<bool, std::string> &b)->bool
+ {
+ return (a.first) ? (b.first && a.second == b.second) : !b.first;
+ };
+
+ return (
+ cmp(m_appId, other.m_appId) &&
+ cmp(m_user, other.m_user) &&
+ cmp(m_privilege, other.m_privilege) &&
+ cmp(m_currentLevel, other.m_currentLevel) &&
+ cmp(m_maxLevel, other.m_maxLevel));
+}
+
+std::string PolicyEntry::toString() const
+{
+ std::stringstream ss;
+ auto append = [&](const std::pair<bool, std::string> &x)
+ {
+ if (x.first)
+ ss << x.second;
+ ss << '\0';
+ };
+
+ append(m_appId);
+ append(m_user);
+ append(m_privilege);
+ append(m_currentLevel);
+ append(m_maxLevel);
+
+ return ss.str();
+}
PolicyRequest::PolicyRequest()
: m_req(nullptr),
RUNNER_MULTIPROCESS_TEST(security_manager_12_privacy_manager_fetch_whole_policy_for_admin_privileged)
{
+ std::vector<PolicyEntry> oldPolicyVec;
+ Api::getPolicy(PolicyEntry(), oldPolicyVec);
+ std::unordered_set<PolicyEntry> oldPolicySet(oldPolicyVec.begin(), oldPolicyVec.end());
+
//TEST DATA
const std::vector<std::string> usernames = {"sm_test_12_user_name_1", "sm_test_12_user_name_2"};
- unsigned int privileges_count = 0;
+ unsigned int privileges_count = oldPolicyVec.size();
std::map<std::string, std::map<std::string, std::set<std::string>>> users2AppsMap;
std::map<std::string, std::set<std::string>> apps2PrivsMap;
for (const auto &username : usernames) {
-
for(unsigned int i = 0; i < MANY_APPS.size(); ++i) {
apps2PrivsMap.insert(std::pair<std::string, std::set<std::string>>(
MANY_APPS.at(i), std::set<std::string>(
privileges_count+=MANY_APPS_PRIVILEGES.at(i).size();
};
- users2AppsMap.insert(std::pair<std::string, std::map<std::string, std::set<std::string>>>(username, apps2PrivsMap));
+ users2AppsMap.insert(std::make_pair(username, apps2PrivsMap));
};
- users2AppsMap.at(usernames.at(1)).insert(std::pair<std::string, std::set<std::string>>(
- PRIVILEGE_MANAGER_APP, std::set<std::string>{PRIVILEGE_MANAGER_SELF_PRIVILEGE, PRIVILEGE_MANAGER_ADMIN_PRIVILEGE}));
+ users2AppsMap.at(usernames.at(1)).insert(std::make_pair(PRIVILEGE_MANAGER_APP,
+ std::set<std::string>{PRIVILEGE_MANAGER_SELF_PRIVILEGE, PRIVILEGE_MANAGER_ADMIN_PRIVILEGE}));
privileges_count += 2;
//TEST DATA END
RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
std::vector<PolicyEntry> policyEntries;
- PolicyEntry filter;
//this call should succeed as the calling user is privileged
- Api::getPolicy(filter, policyEntries);
+ Api::getPolicy(PolicyEntry(), policyEntries);
RUNNER_ASSERT_MSG(policyEntries.size() != 0, "Policy is empty");
RUNNER_ASSERT_MSG(policyEntries.size() == privileges_count, "Number of policies doesn't match - should be: " << privileges_count << " and is " << policyEntries.size());
for (const auto &policyEntry : policyEntries) {
+ if (oldPolicySet.count(policyEntry))
+ continue;
+
std::string user = policyEntry.getUser();
std::string app = policyEntry.getAppId();
std::string privilege = policyEntry.getPrivilege();
projects / platform / core / test / security-tests.git / commitdiff