--- /dev/null
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file sm_db.cpp
+ * @author Marcin Lis (m.lis@samsung.com)
+ * @version 1.0
+ * @brief security-manager tests database record check functions
+ */
+
+#include <tests_common.h>
+#include <tzplatform_config.h>
+#include <sstream>
+#include "sm_db.h"
+#include "db_sqlite.h"
+
+/* Keep this consistent with the database file path used in the security-manager */
+const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
+
+/* Initialize static constants */
+const bool TestSecurityManagerDatabase::NOT_REMOVED = false;
+const bool TestSecurityManagerDatabase::REMOVED = true;
+
+TestSecurityManagerDatabase::TestSecurityManagerDatabase() : m_base(PRIVILEGE_DB_PATH)
+{
+}
+
+void TestSecurityManagerDatabase::test_db_after__app_install(const std::string &app_name,
+ const std::string &pkg_name)
+{
+ const privileges_t dummy; /* just some empty privileges set */
+
+ test_db_after__app_install(app_name, pkg_name, dummy);
+}
+
+void TestSecurityManagerDatabase::test_db_after__app_install(const std::string &app_name,
+ const std::string &pkg_name,
+ const privileges_t &privileges)
+{
+ if (!m_base.is_open())
+ m_base.open();
+
+ RUNNER_ASSERT_MSG_BT(!app_name.empty(), "Request is corrupted, appId is empty");
+ RUNNER_ASSERT_MSG_BT(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
+
+ check_app_and_pkg(app_name, pkg_name, NOT_REMOVED);
+
+ if (!privileges.empty()) {
+ check_privileges(app_name, pkg_name, privileges);
+ }
+}
+
+void TestSecurityManagerDatabase::test_db_after__app_uninstall(const std::string &app_name,
+ const std::string &pkg_name,
+ const bool is_pkg_removed)
+{
+ const privileges_t dummy; /* just some empty privileges set */
+
+ test_db_after__app_uninstall(app_name, pkg_name, dummy, is_pkg_removed);
+}
+
+void TestSecurityManagerDatabase::test_db_after__app_uninstall(const std::string &app_name,
+ const std::string &pkg_name,
+ const privileges_t &privileges,
+ const bool is_pkg_removed)
+{
+ if (!m_base.is_open())
+ m_base.open();
+
+ RUNNER_ASSERT_MSG_BT(!app_name.empty(), "Request is corrupted, appId is empty");
+ RUNNER_ASSERT_MSG_BT(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
+
+ check_app_and_pkg(app_name, pkg_name, REMOVED);
+ check_pkg(pkg_name, is_pkg_removed);
+
+ if (!privileges.empty()) {
+ check_privileges_removed(app_name, pkg_name, privileges);
+ }
+}
+
+void TestSecurityManagerDatabase::check_privileges(const std::string &app_name,
+ const std::string &pkg_name,
+ const privileges_t &privileges)
+{
+ bool result;
+
+ RUNNER_ASSERT_MSG_BT(!app_name.empty(), "Request is corrupted, appId is empty");
+ RUNNER_ASSERT_MSG_BT(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
+
+ for (auto it = privileges.begin(); it != privileges.end(); ++it) {
+ result = check_privilege(app_name, pkg_name, *it);
+
+ RUNNER_ASSERT_MSG_BT(result == true, "privilege: <" << *it << "> not added to app: <" <<
+ app_name << "> from pkg_id: <" << pkg_name << ">");
+ }
+}
+
+void TestSecurityManagerDatabase::check_privileges_removed(const std::string &app_name,
+ const std::string &pkg_name,
+ const privileges_t &privileges)
+{
+ bool result;
+
+ RUNNER_ASSERT_MSG_BT(!app_name.empty(), "Request is corrupted, appId is empty");
+ RUNNER_ASSERT_MSG_BT(!pkg_name.empty(), "Request is corrupted, pkgId is empty");
+
+ for (auto it = privileges.begin(); it != privileges.end(); ++it) {
+ result = check_privilege(app_name, pkg_name, *it);
+
+ RUNNER_ASSERT_MSG_BT(result == false, "privilege: <" << *it << "> not removed for app: <" <<
+ app_name << "> from pkg_id: <" << pkg_name << ">");
+ }
+}
+
+void TestSecurityManagerDatabase::check_app_and_pkg(const std::string &app_name, const std::string &pkg_name,
+ const bool is_app_removed)
+{
+ Sqlite3DBaseSelectResult result;
+ std::ostringstream sql;
+ sql << "SELECT app_name, pkg_name FROM app_pkg_view"
+ " WHERE app_name == '" << app_name << "' "
+ " AND pkg_name == '" << pkg_name << "' ;";
+ m_base.execute(sql.str(), result);
+
+ if (is_app_removed) /* expect 0 results */
+ RUNNER_ASSERT_MSG_BT(result.rows.size() == 0, "query : <" << sql.str() <<
+ "> returned [" << result.rows.size() << "] rows, expected [0]");
+ else /* expect exactly 1 result with 2 columns */
+ RUNNER_ASSERT_MSG_BT(result.rows.size() == 1 && result.rows[0].size() == 2, "query : <" <<
+ sql.str() << "> returned [" << result.rows.size() << "] rows, expected [1]");
+}
+
+void TestSecurityManagerDatabase::check_pkg(const std::string &pkg_name,
+ const bool is_pkg_removed)
+{
+ const unsigned expected_rows = is_pkg_removed ? 0 : 1;
+ Sqlite3DBaseSelectResult result;
+ std::ostringstream sql;
+ sql << "SELECT pkg_id FROM pkg"
+ " WHERE name == '" << pkg_name << "' ;";
+ m_base.execute(sql.str(), result);
+
+ RUNNER_ASSERT_MSG_BT(result.rows.size() == expected_rows, "query : <" <<
+ sql.str() << "> returned [" << result.rows.size() << "] rows, expected [" <<
+ expected_rows << "] rows");
+}
+
+bool TestSecurityManagerDatabase::check_privilege(const std::string &app_name,
+ const std::string &pkg_name,
+ const std::string &privilege)
+{
+ Sqlite3DBaseSelectResult result;
+ std::ostringstream sql;
+ sql << "SELECT privilege_id FROM app_privilege_view"
+ " WHERE app_name == '" << app_name << "' "
+ " AND pkg_name == '" << pkg_name << "' "
+ " AND privilege_name == '" << privilege << "' "
+ ";";
+ m_base.execute(sql.str(), result);
+
+ /* only 0 or 1 resulting rows are alowed */
+ RUNNER_ASSERT_MSG_BT(result.rows.size() == 0 || result.rows.size() == 1, "query : <" << sql.str() << "> returned [" <<
+ result.rows.size() << "] rows");
+
+ return result.rows.size() == 1;
+}
--- /dev/null
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+/*
+ * @file sm_db.h
+ * @author Marcin Lis (m.lis@samsung.com)
+ * @version 1.0
+ * @brief security-manager tests database record check functions
+ */
+
+#ifndef SECURITY_MANAGER_TEST_DB_H_
+#define SECURITY_MANAGER_TEST_DB_H_
+
+#include <string>
+#include "db_sqlite.h"
+
+typedef std::vector<std::string> privileges_t;
+
+/**
+ * @class TestSecurityManagerDatabase
+ * @brief Class containing methods for testing libprivlege database.
+ */
+class TestSecurityManagerDatabase
+{
+public:
+/**
+ * @brief A usefull constant to indicate that app/pkg should be present in db
+ */
+ const static bool NOT_REMOVED;
+/**
+ * @brief A usefull constant to indicate that app/pkg should not be present in db
+ */
+ const static bool REMOVED;
+/**
+ * @brief A constructor
+ */
+ TestSecurityManagerDatabase();
+
+/**
+ * @brief A destructor
+ */
+ ~TestSecurityManagerDatabase() = default;
+
+/**
+ * @brief Method for testing database after "security_manager_app_install" was run.
+ *
+ * It checks existence of proper: - app_name
+ * - pkg_name
+ *
+ * @param app_name name of the app previously used in security_manager_app_install.
+ * @param pkg_name name of the pkg previously used in security_manager_app_install.
+ */
+ void test_db_after__app_install(const std::string &app_name, const std::string &pkg_name);
+
+/**
+ * @brief Method for testing database after "security_manager_app_install" was run.
+ *
+ * It checks existence of proper: - app_name
+ * - pkg_name
+ * - privileges
+ * TODO: appPaths are currently not handled directly by security-manager, so they are not tested.
+ *
+ * @param app_name name of the app previously used in security_manager_app_install.
+ * @param pkg_name name of the pkg previously used in security_manager_app_install.
+ * @param privileges vector of privileges previously used in security_manager_app_install.
+ */
+ void test_db_after__app_install(const std::string &app_name, const std::string &pkg_name,
+ const privileges_t &privileges);
+
+/**
+ * @brief Method for testing database after "security_manager_app_uninstall" was run.
+ *
+ * It checks absence of proper: - app_name
+ * - optionally pkg_name
+ *
+ * @param app_name name of the app previously used in security_manager_app_uninstall.
+ * @param pkg_name name of the pkg previously used in security_manager_app_uninstall.
+ * @param is_pkg_removed tells if pkg_id is expected to remain in db or not.
+ */
+ void test_db_after__app_uninstall(const std::string &app_name, const std::string &pkg_name,
+ const bool is_pkg_removed);
+
+/**
+ * @brief Method for testing database after "security_manager_app_uninstall" was run.
+ *
+ * It checks absence of proper: - app_name
+ * - optionally pkg_name
+ * - app privileges
+ * TODO: appPaths are currently not handled directly by security-manager, so they are not tested.
+ *
+ * @param app_name name of the app previously used in security_manager_app_uninstall.
+ * @param pkg_name name of the pkg previously used in security_manager_app_uninstall.
+ * @param privileges vector of privileges previously used in security_manager_app_uninstall.
+ * @param is_pkg_removed tells if pkg_id is expected to remain in db or not.
+ */
+ void test_db_after__app_uninstall(const std::string &app_name, const std::string &pkg_name,
+ const privileges_t &privileges, const bool is_pkg_removed);
+
+/**
+ * @brief It checks db for existence of a all privileges from install request.
+ *
+ * @param app_name name of the app previously used i.e. in security_manager_app_install.
+ * @param pkg_name name of the pkg previously used i.e. in security_manager_app_install.
+ * @param privileges vector of privileges previously used i.e. in security_manager_app_install.
+ */
+ void check_privileges(const std::string &app_name, const std::string &pkg_name,
+ const privileges_t &privileges);
+
+/**
+ * @brief It checks in db if all app privileges from install request are removed.
+ *
+ * @param app_name name of the app previously used i.e. in security_manager_app_uninstall.
+ * @param pkg_name name of the pkg previously used i.e. in security_manager_app_uninstall.
+ * @param privileges vector of privileges previously used i.e. in security_manager_app_uninstall.
+ */
+ void check_privileges_removed(const std::string &app_name, const std::string &pkg_name,
+ const privileges_t &privileges);
+
+private:
+/**
+ * @var base
+ * @brief Sqlite3DBase object giving simple access to database
+ *
+ * Connection to database is open first time it is needed
+ * and closed in destructor of TestSecurityManagerDatabase.
+ */
+ Sqlite3DBase m_base;
+
+/**
+ * @brief Check db for [non]existence of given app_name in pkg_name
+ *
+ * @param app_name name of application
+ * @param pkg_name name of package
+ * @param is_app_removed tells if app is expected in db
+ */
+ void check_app_and_pkg(const std::string &app_name, const std::string &pkg_name,
+ const bool is_app_removed);
+
+/**
+ * @brief Check db for [non]existence of given pkg_name
+ *
+ * @param pkg_name name of the package
+ * @param is_pkg_removed tells if pkg is expected in db
+ */
+ void check_pkg(const std::string &pkg_name,
+ const bool is_pkg_removed);
+
+/**
+ * @brief Check db for existence of a single privilege.
+ *
+ * @param app_name name of application
+ * @param pkg_name application's package name
+ * @param privilege name of the privilege
+ *
+ * @return true when privilege present
+ * false when privilege not present
+ */
+ bool check_privilege(const std::string &app_name, const std::string &pkg_name,
+ const std::string &privilege);
+};
+
+#endif /* SECURITY_MANAGER_TEST_DB_H_ */
projects / platform / core / test / security-tests.git / commitdiff