Add test for global/local app defined privileges

Change-Id: Ia9aae496fc5a23ec636c5746bbf1c872efe78c1b

diff --git a/src/security-manager-tests/test_cases_app_defined_privilege.cpp b/src/security-manager-tests/test_cases_app_defined_privilege.cpp
index 7535226..e412600 100644 (file)
--- a/src/security-manager-tests/test_cases_app_defined_privilege.cpp
+++ b/src/security-manager-tests/test_cases_app_defined_privilege.cpp
@@ -178,3 +178,77 @@ RUNNER_CHILD_TEST(app_defined_04_app_update)
     cynara.check(consumerLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
 }
 
+RUNNER_CHILD_TEST(app_defined_05_global_local_install)
+{
+    const std::string privilegeA = "http://tizen.org/licensedPrivilege/app_defined_05a";
+    const std::string privilegeB = "http://tizen.org/applicationDefinedPrivilege/app_defined_05b";
+    const std::string privilegeC = "http://tizen.org/applicationDefinedPrivilege/app_defined_05c";
+    const std::string providerAppId = "app_def_05_provider_appid";
+    const std::string consumerAppId = "app_def_05_client_appid";
+    const std::string ownerId = "5001";
+    const std::string bobId = "5002";
+    const std::string session = "S0M33S3SSI0N";
+
+    AppInstallHelper providerGlobal(providerAppId);
+    AppInstallHelper providerLocal(providerAppId, 5002);
+    AppInstallHelper consumerGlobal(consumerAppId);
+    AppInstallHelper consumerLocal(consumerAppId, 5002);
+
+    std::string consumerGlobalLabel = consumerGlobal.generateAppLabel();
+    std::string consumerLocalLabel = consumerLocal.generateAppLabel();
+
+    providerGlobal.addAppDefinedPrivilege(std::make_pair(privilegeA, SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED));
+    providerGlobal.addAppDefinedPrivilege(std::make_pair(privilegeC, SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED));
+
+    providerLocal.addAppDefinedPrivilege(std::make_pair(privilegeA, SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED));
+    providerLocal.addAppDefinedPrivilege(std::make_pair(privilegeB, SM_APP_DEFINED_PRIVILEGE_TYPE_LICENSED));
+
+    consumerGlobal.addPrivilege(privilegeA);
+    consumerGlobal.addPrivilege(privilegeB);
+    consumerGlobal.addPrivilege(privilegeC);
+
+    consumerLocal.addPrivilege(privilegeB);
+    consumerLocal.addPrivilege(privilegeC);
+
+    CynaraTestClient::Client cynara;
+
+    // local provider only and global consumer only
+    ScopedInstaller req1(providerLocal);
+    ScopedInstaller req2(consumerGlobal);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerGlobalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(consumerGlobalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(consumerGlobalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+
+    // local provider only and global/local consumer
+    ScopedInstaller req3(consumerLocal);
+    //cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+
+    // global/local provider and global/local consumer
+    ScopedInstaller req4(providerGlobal);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+    //cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+    //cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+
+    // global provider only and global/local consumer
+    req1.uninstallApp();
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+    //cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+
+    // global provider only and global consumer only
+    req3.uninstallApp();
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+}