--- /dev/null
+#include <unistd.h>
+#include <getopt.h>
+
+#include <iostream>
+#include <string>
+#include <map>
+#include <sys/types.h>
+#include <dbuspolicy1/libdbuspolicy1.h>
+#include "internal/internal.h"
+#include "internal/policy.hpp"
+#include "internal/naive_policy_checker.hpp"
+#include "internal/serializer.hpp"
+#include "internal/include/fb_generated.h"
+#include "internal/storage_backend_serialized.hpp"
+#include "internal/storage_backend_serialized.hpp"
+#include "libdbuspolicy1-private.h"
+
+using namespace ldp_xml_parser;
+using namespace ldp_serialized;
+
+enum class Choice {
+ ALL,
+ XML,
+ FB,
+};
+
+std::map<Decision, const char*> DECISIONS {
+ { Decision::ANY, "ANY" },
+ { Decision::ALLOW, "ALLOW" },
+ { Decision::DENY, "DENY" },
+ { Decision::CHECK, "CHECK" }
+};
+
+struct Test {
+ Decision expected_result;
+ uid_t user;
+ gid_t group;
+ const char *label;
+ const char *destination;
+ const char *path;
+ const char *interface;
+ const char *member;
+ ldp_xml_parser::MessageType type;
+};
+
+const int ROOT = 0;
+
+#define TC(expected_result, names) \
+ {(expected_result), ROOT, ROOT, "User::Shell", (names), "/", "a.b", "d", ldp_xml_parser::MessageType::METHOD_CALL}
+
+/**
+ * This test set tests ability to parse xml db
+ * and check sending privilege in use cases
+ * checking send_destination_prefix
+ */
+struct Test tests[]={
+ /* straight-forward tests - base allow */
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.f.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.apf"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.apf.f.f.f.f"),
+ /* multiple names owned */
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.ap.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.f org.tizen.test.dest_prefix.ao"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ap.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.f org.tizen.test.dest_prefix.do"),
+ /* target holes in default allow */
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.d"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.dp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f org.tizen.test.dest_prefix.ao"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f org.tizen.test.dest_prefix.ap"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"),
+ /* target holes in holes in default allow */
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.d.ap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.d.ap.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.ap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.ap.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.1.dp.a"),
+ /* check redefinitions in default allow */
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.d"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.a"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.a"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap.f.f.f"),
+ /* totally cancelling previous definitions in default allow */
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.a"),
+ /* straight-forward tests - base deny */
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.f.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dpf"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dpf.f.f.f.f"),
+ /* multiple names owned */
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.dp.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.f org.tizen.test.dest_prefix.do"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.dp.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.f org.tizen.test.dest_prefix.ao"),
+ /* target holes in default deny */
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.a"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f org.tizen.test.dest_prefix.do"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f org.tizen.test.dest_prefix.dp"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"),
+ /* target holes in holes in default demy */
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.a.dp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.a.dp.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.ap.dp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.ap.dp.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.1.ap.d"),
+ /* check redefinitions in default deny */
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.f.f.f"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.a"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.d"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.d"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp.f.f.f"),
+ /* totally cancelling previous definitions in default deny */
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp.f.f.f.f"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.d"),
+ /* checking order in multiple names case */
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.do"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.ao.ao org.tizen.test.dest_prefix.do"),
+ TC(Decision::DENY, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ao"),
+ TC(Decision::ALLOW, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ao.ao"),
+};
+
+void test_print(const struct Test* t, Decision result) {
+ printf("uid = %lu, gid = %lu, label = %s, destination = %s, expected = %s, result = %s",
+ (unsigned long)t->user, (unsigned long)t->group, t->label, t->destination, DECISIONS[t->expected_result], DECISIONS[result]);
+}
+
+template <typename DB>
+void send_prefix_test(const DB &db)
+{
+ for (const auto &test : tests) {
+ MatchItemSend m_item(test.interface, test.member, test.path, test.type);
+ m_item.addNames(test.destination);
+
+ auto ret = db.getDecisionItemContextMandatory(m_item);
+
+ if (ret.getDecision() == Decision::ANY)
+ ret = db.getDecisionItemUser(test.user, m_item);
+
+ if (ret.getDecision() == Decision::ANY)
+ ret = db.getDecisionItemGroup(test.group, m_item);
+
+ if (ret.getDecision() == Decision::ANY)
+ ret = db.getDecisionItemContextDefault(m_item);
+ }
+}
+
+void run_x_times(std::function<void(void)> func, size_t times) {
+ clock_t begin = clock();
+ for (size_t i = 0; i < times; i++)
+ func();
+ clock_t end = clock();
+
+ std::cout << "run: " << static_cast<double>(end - begin)/CLOCKS_PER_SEC << std::endl;
+}
+
+void run_policy_db(const char *conf_file, size_t count) {
+ __internal_init(SYSTEM_BUS, conf_file);
+ auto &db = policy_checker().getPolicyDb(SYSTEM_BUS);
+
+ printf("XML:\n");
+ run_x_times([&db](){ send_prefix_test(db); }, count);
+}
+
+void run_fb(const char *conf_file, size_t count) {
+ Serializer serializer;
+ size_t size;
+ uint8_t *buff = serializer.serialize(conf_file, size);
+
+ const FB::File *file = FB::GetFile(buff);
+
+ StorageBackendSerialized storage;
+ storage.init(file);
+
+ printf("FLATBUFFERS:\n");
+ run_x_times([&storage](){ send_prefix_test(storage); }, count);
+}
+
+void run_tests(const char *conf_file, size_t c, Choice ch) {
+ if (ch == Choice::ALL || ch == Choice::XML)
+ run_policy_db(conf_file, c);
+
+ if (ch == Choice::ALL || ch == Choice::FB)
+ run_fb(conf_file, c);
+}
+
+void print_help(const char *name) {
+ cout << endl;
+ cout << "usage: " << name << " {-f|-x|-a} {--system|--session|-c <config_xml>} <count>" << endl;
+ cout << endl;
+ cout << " -f - Flatbuffers" << endl;
+ cout << " -x - XML" << endl;
+ cout << " -a - Flatbuffers and XML" << endl;
+ cout << endl;
+}
+
+static const struct option options[] {
+ {"system", no_argument, 0, 0},
+ {"session", no_argument, 0, 0}
+};
+
+int main(int argc, char *argv[])
+{
+ int c;
+ std::string input_filename = system_bus_conf_file_primary();
+ size_t count = 100;
+ Choice choice = Choice::ALL;
+
+ while (1) {
+ int option_index;
+ c = getopt_long(argc, argv, "fxac:", options, &option_index);
+ if (c == -1)
+ break;
+ switch(c) {
+ case 0:
+ if (option_index == 1)
+ input_filename = session_bus_conf_file_primary();
+ break;
+ case 'f':
+ choice = Choice::FB;
+ break;
+ case 'x':
+ choice = Choice::XML;
+ break;
+ case 'c':
+ input_filename = optarg;
+ break;
+ }
+ }
+
+ if (optind < argc) {
+ count = stoi(argv[optind]);
+ } else {
+ print_help(argv[0]);
+ return 1;
+ }
+
+ __internal_init_once();
+ run_tests(input_filename.c_str(), count, choice);
+
+ return 0;
+}
projects / platform / core / system / libdbuspolicy.git / commitdiff