Add new class to test security-manager database records. 37/23837/1
authorMarcin Lis <m.lis@samsung.com>
Wed, 2 Jul 2014 13:38:41 +0000 (15:38 +0200)
committerMarcin Lis <m.lis@samsung.com>
Thu, 3 Jul 2014 14:05:01 +0000 (16:05 +0200)
Reuse the concept implemented in libprivilege-control tests.

The interface of the introduced class may be used in security-manager tests.
Currently it allows to check if app and pkg have been successfully installed
along with all requested privileges. Checking application uninstallation is
possible as well.

Change-Id: I1eb95312c7ace890402533ef17645b91485ad443
Signed-off-by: Marcin Lis <m.lis@samsung.com>
packaging/security-tests.spec
tests/security-manager-tests/CMakeLists.txt
tests/security-manager-tests/common/sm_db.cpp [new file with mode: 0644]
tests/security-manager-tests/common/sm_db.h [new file with mode: 0644]

index 47cf9d3af38750530cb1525de7871b2ea92e7c74..95ae4f40d969e3343fcca929a7f5323158fd3e68 100644 (file)
@@ -19,6 +19,7 @@ BuildRequires: pkgconfig(dbus-glib-1)
 BuildRequires: pkgconfig(libiri)
 BuildRequires: pkgconfig(sqlite3)
 BuildRequires: pkgconfig(cynara-client)
+BuildRequires: pkgconfig(libtzplatform-config)
 Requires:   smack
 Requires:   libprivilege-control
 
index 0ade86080455b186d382d821783462bdac58258f..854642c530ae0d20bee6cab7f8a5a655b585701a 100644 (file)
@@ -26,6 +26,8 @@ PKG_CHECK_MODULES(SEC_MGR_TESTS_DEP
     libsmack
     libprivilege-control
     security-manager
+    libtzplatform-config
+    sqlite3
     dpl-test-efl)
 
 
@@ -33,6 +35,7 @@ SET(TARGET_SEC_MGR_TESTS "security-manager-tests")
 
 SET(SEC_MGR_SOURCES
     ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/security_manager_tests.cpp
+    ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/common/sm_db.cpp
     ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp
    )
 
@@ -42,6 +45,7 @@ INCLUDE_DIRECTORIES(SYSTEM
 
 INCLUDE_DIRECTORIES(
     ${PROJECT_SOURCE_DIR}/tests/common/
+    ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/common/
     ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/
    )
 
diff --git a/tests/security-manager-tests/common/sm_db.cpp b/tests/security-manager-tests/common/sm_db.cpp
new file mode 100644 (file)
index 0000000..4bdc8bf
--- /dev/null
@@ -0,0 +1,179 @@
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *    Licensed under the Apache License, Version 2.0 (the "License");
+ *    you may not use this file except in compliance with the License.
+ *    You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS,
+ *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *    See the License for the specific language governing permissions and
+ *    limitations under the License.
+*/
+
+/*
+ * @file        sm_db.cpp
+ * @author      Marcin Lis (m.lis@samsung.com)
+ * @version     1.0
+ * @brief       security-manager tests database record check functions
+ */
+
+#include <tests_common.h>
+#include <tzplatform_config.h>
+#include <sstream>
+#include "sm_db.h"
+#include "db_sqlite.h"
+
+/* Keep this consistent with the database file path used in the security-manager */
+const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
+
+/* Initialize static constants */
+const bool TestSecurityManagerDatabase::NOT_REMOVED = false;
+const bool TestSecurityManagerDatabase::REMOVED     = true;
+
+TestSecurityManagerDatabase::TestSecurityManagerDatabase() : m_base(PRIVILEGE_DB_PATH)
+{
+}
+
+void TestSecurityManagerDatabase::test_db_after__app_install(const std::string &app_name,
+                                                             const std::string &pkg_name)
+{
+    const privileges_t dummy; /* just some empty privileges set */
+
+    test_db_after__app_install(app_name, pkg_name, dummy);
+}
+
+void TestSecurityManagerDatabase::test_db_after__app_install(const std::string &app_name,
+                                                             const std::string &pkg_name,
+                                                             const privileges_t &privileges)
+{
+    if (!m_base.is_open())
+        m_base.open();
+
+    RUNNER_ASSERT_MSG_BT(!app_name.empty(), "Request is corrupted, appId is empty");
+    RUNNER_ASSERT_MSG_BT(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
+
+    check_app_and_pkg(app_name, pkg_name, NOT_REMOVED);
+
+    if (!privileges.empty()) {
+        check_privileges(app_name, pkg_name, privileges);
+    }
+}
+
+void TestSecurityManagerDatabase::test_db_after__app_uninstall(const std::string &app_name,
+                                                               const std::string &pkg_name,
+                                                               const bool is_pkg_removed)
+{
+    const privileges_t dummy; /* just some empty privileges set */
+
+    test_db_after__app_uninstall(app_name, pkg_name, dummy, is_pkg_removed);
+}
+
+void TestSecurityManagerDatabase::test_db_after__app_uninstall(const std::string &app_name,
+                                                               const std::string &pkg_name,
+                                                               const privileges_t &privileges,
+                                                               const bool is_pkg_removed)
+{
+    if (!m_base.is_open())
+        m_base.open();
+
+    RUNNER_ASSERT_MSG_BT(!app_name.empty(), "Request is corrupted, appId is empty");
+    RUNNER_ASSERT_MSG_BT(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
+
+    check_app_and_pkg(app_name, pkg_name, REMOVED);
+    check_pkg(pkg_name, is_pkg_removed);
+
+    if (!privileges.empty()) {
+        check_privileges_removed(app_name, pkg_name, privileges);
+    }
+}
+
+void TestSecurityManagerDatabase::check_privileges(const std::string &app_name,
+                                                   const std::string &pkg_name,
+                                                   const privileges_t &privileges)
+{
+    bool result;
+
+    RUNNER_ASSERT_MSG_BT(!app_name.empty(), "Request is corrupted, appId is empty");
+    RUNNER_ASSERT_MSG_BT(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
+
+    for (auto it = privileges.begin(); it != privileges.end(); ++it) {
+        result = check_privilege(app_name, pkg_name, *it);
+
+        RUNNER_ASSERT_MSG_BT(result == true, "privilege: <" << *it << "> not added to app: <" <<
+                             app_name << ">  from pkg_id: <" << pkg_name << ">");
+    }
+}
+
+void TestSecurityManagerDatabase::check_privileges_removed(const std::string &app_name,
+                                                           const std::string &pkg_name,
+                                                           const privileges_t &privileges)
+{
+    bool result;
+
+    RUNNER_ASSERT_MSG_BT(!app_name.empty(), "Request is corrupted, appId is empty");
+    RUNNER_ASSERT_MSG_BT(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
+
+    for (auto it = privileges.begin(); it != privileges.end(); ++it) {
+        result = check_privilege(app_name, pkg_name, *it);
+
+        RUNNER_ASSERT_MSG_BT(result == false, "privilege: <" << *it << "> not removed for app: <" <<
+                             app_name << ">  from pkg_id: <" << pkg_name << ">");
+    }
+}
+
+void TestSecurityManagerDatabase::check_app_and_pkg(const std::string &app_name, const std::string &pkg_name,
+                                                    const bool is_app_removed)
+{
+    Sqlite3DBaseSelectResult result;
+    std::ostringstream sql;
+    sql << "SELECT app_name, pkg_name FROM app_pkg_view"
+           "  WHERE app_name == '" << app_name << "' "
+           "    AND pkg_name == '" << pkg_name << "' ;";
+    m_base.execute(sql.str(), result);
+
+    if (is_app_removed) /* expect 0 results */
+        RUNNER_ASSERT_MSG_BT(result.rows.size() == 0, "query : <" << sql.str() <<
+                             "> returned [" << result.rows.size() << "] rows, expected [0]");
+    else /* expect exactly 1 result with 2 columns */
+        RUNNER_ASSERT_MSG_BT(result.rows.size() == 1 && result.rows[0].size() == 2, "query : <" <<
+                             sql.str() << "> returned [" << result.rows.size() << "] rows, expected [1]");
+}
+
+void TestSecurityManagerDatabase::check_pkg(const std::string &pkg_name,
+                                            const bool is_pkg_removed)
+{
+    const unsigned expected_rows = is_pkg_removed ? 0 : 1;
+    Sqlite3DBaseSelectResult result;
+    std::ostringstream sql;
+    sql << "SELECT pkg_id FROM pkg"
+           "  WHERE name == '" << pkg_name << "' ;";
+    m_base.execute(sql.str(), result);
+
+    RUNNER_ASSERT_MSG_BT(result.rows.size() == expected_rows, "query : <" <<
+                         sql.str() << "> returned [" << result.rows.size() << "] rows, expected [" <<
+                         expected_rows << "] rows");
+}
+
+bool TestSecurityManagerDatabase::check_privilege(const std::string &app_name,
+                                                  const std::string &pkg_name,
+                                                  const std::string &privilege)
+{
+    Sqlite3DBaseSelectResult result;
+    std::ostringstream sql;
+    sql << "SELECT privilege_id FROM app_privilege_view"
+           "  WHERE app_name == '" << app_name << "' "
+           "    AND pkg_name == '" << pkg_name << "' "
+           "    AND privilege_name == '" << privilege << "' "
+           ";";
+    m_base.execute(sql.str(), result);
+
+    /* only 0 or 1 resulting rows are alowed */
+    RUNNER_ASSERT_MSG_BT(result.rows.size() == 0 || result.rows.size() == 1, "query : <" << sql.str() << "> returned [" <<
+                         result.rows.size() << "] rows");
+
+    return result.rows.size() == 1;
+}
diff --git a/tests/security-manager-tests/common/sm_db.h b/tests/security-manager-tests/common/sm_db.h
new file mode 100644 (file)
index 0000000..21a419a
--- /dev/null
@@ -0,0 +1,175 @@
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *    Licensed under the Apache License, Version 2.0 (the "License");
+ *    you may not use this file except in compliance with the License.
+ *    You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS,
+ *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *    See the License for the specific language governing permissions and
+ *    limitations under the License.
+*/
+
+/*
+ * @file        sm_db.h
+ * @author      Marcin Lis (m.lis@samsung.com)
+ * @version     1.0
+ * @brief       security-manager tests database record check functions
+ */
+
+#ifndef SECURITY_MANAGER_TEST_DB_H_
+#define SECURITY_MANAGER_TEST_DB_H_
+
+#include <string>
+#include "db_sqlite.h"
+
+typedef std::vector<std::string> privileges_t;
+
+/**
+ * @class       TestSecurityManagerDatabase
+ * @brief       Class containing methods for testing libprivlege database.
+ */
+class TestSecurityManagerDatabase
+{
+public:
+/**
+ * @brief A usefull constant to indicate that app/pkg should be present in db
+ */
+    const static bool NOT_REMOVED;
+/**
+ * @brief A usefull constant to indicate that app/pkg should not be present in db
+ */
+    const static bool REMOVED;
+/**
+ * @brief A constructor
+ */
+    TestSecurityManagerDatabase();
+
+/**
+ * @brief A destructor
+ */
+    ~TestSecurityManagerDatabase() = default;
+
+/**
+ * @brief Method for testing database after "security_manager_app_install" was run.
+ *
+ * It checks existence of proper: - app_name
+ *                                - pkg_name
+ *
+ * @param  app_name           name of the app previously used in security_manager_app_install.
+ * @param  pkg_name           name of the pkg previously used in security_manager_app_install.
+ */
+    void test_db_after__app_install(const std::string &app_name, const std::string &pkg_name);
+
+/**
+ * @brief Method for testing database after "security_manager_app_install" was run.
+ *
+ * It checks existence of proper: - app_name
+ *                                - pkg_name
+ *                                - privileges
+ * TODO: appPaths are currently not handled directly by security-manager, so they are not tested.
+ *
+ * @param  app_name           name of the app previously used in security_manager_app_install.
+ * @param  pkg_name           name of the pkg previously used in security_manager_app_install.
+ * @param  privileges         vector of privileges previously used in security_manager_app_install.
+ */
+    void test_db_after__app_install(const std::string &app_name, const std::string &pkg_name,
+                                    const privileges_t &privileges);
+
+/**
+ * @brief Method for testing database after "security_manager_app_uninstall" was run.
+ *
+ * It checks absence of proper: - app_name
+ *                              - optionally pkg_name
+ *
+ * @param  app_name           name of the app previously used in security_manager_app_uninstall.
+ * @param  pkg_name           name of the pkg previously used in security_manager_app_uninstall.
+ * @param  is_pkg_removed     tells if pkg_id is expected to remain in db or not.
+ */
+    void test_db_after__app_uninstall(const std::string &app_name, const std::string &pkg_name,
+                                      const bool is_pkg_removed);
+
+/**
+ * @brief Method for testing database after "security_manager_app_uninstall" was run.
+ *
+ * It checks absence of proper: - app_name
+ *                              - optionally pkg_name
+ *                              - app privileges
+ * TODO: appPaths are currently not handled directly by security-manager, so they are not tested.
+ *
+ * @param  app_name           name of the app previously used in security_manager_app_uninstall.
+ * @param  pkg_name           name of the pkg previously used in security_manager_app_uninstall.
+ * @param  privileges         vector of privileges previously used in security_manager_app_uninstall.
+ * @param  is_pkg_removed     tells if pkg_id is expected to remain in db or not.
+ */
+    void test_db_after__app_uninstall(const std::string &app_name, const std::string &pkg_name,
+                                      const privileges_t &privileges, const bool is_pkg_removed);
+
+/**
+ * @brief It checks db for existence of a all privileges from install request.
+ *
+ * @param  app_name           name of the app previously used i.e. in security_manager_app_install.
+ * @param  pkg_name           name of the pkg previously used i.e. in security_manager_app_install.
+ * @param  privileges         vector of privileges previously used i.e. in security_manager_app_install.
+ */
+    void check_privileges(const std::string &app_name, const std::string &pkg_name,
+                          const privileges_t &privileges);
+
+/**
+ * @brief It checks in db if all app privileges from install request are removed.
+ *
+ * @param  app_name           name of the app previously used i.e. in security_manager_app_uninstall.
+ * @param  pkg_name           name of the pkg previously used i.e. in security_manager_app_uninstall.
+ * @param  privileges         vector of privileges previously used i.e. in security_manager_app_uninstall.
+ */
+    void check_privileges_removed(const std::string &app_name, const std::string &pkg_name,
+                                  const privileges_t &privileges);
+
+private:
+/**
+ * @var base
+ * @brief Sqlite3DBase object giving simple access to database
+ *
+ * Connection to database is open first time it is needed
+ * and closed in destructor of TestSecurityManagerDatabase.
+ */
+    Sqlite3DBase m_base;
+
+/**
+ * @brief Check db for [non]existence of given app_name in pkg_name
+ *
+ * @param  app_name        name of application
+ * @param  pkg_name        name of package
+ * @param  is_app_removed  tells if app is expected in db
+ */
+    void check_app_and_pkg(const std::string &app_name, const std::string &pkg_name,
+                           const bool is_app_removed);
+
+/**
+ * @brief Check db for [non]existence of given pkg_name
+ *
+ * @param  pkg_name        name of the package
+ * @param  is_pkg_removed  tells if pkg is expected in db
+ */
+    void check_pkg(const std::string &pkg_name,
+                   const bool is_pkg_removed);
+
+/**
+ * @brief Check db for existence of a single privilege.
+ *
+ * @param  app_name        name of application
+ * @param  pkg_name        application's package name
+ * @param  privilege       name of the privilege
+ *
+ * @return true            when privilege present
+ *         false           when privilege not present
+ */
+    bool check_privilege(const std::string &app_name, const std::string &pkg_name,
+                         const std::string &privilege);
+};
+
+#endif /* SECURITY_MANAGER_TEST_DB_H_ */