security-manager: add tests for security_manager_app_has_privilege

Change-Id: I77ba0e25c95d6dd6dcce3ade7d938884a8896f77

diff --git a/src/security-manager-tests/common/sm_api.cpp b/src/security-manager-tests/common/sm_api.cpp
index a8339693d9a1a9304d1bd3c09e2c6b0e286d2da9..a6e5adf4a11a0e4e3c9ef8a78b63a809d052fb2e 100644 (file)
--- a/src/security-manager-tests/common/sm_api.cpp
+++ b/src/security-manager-tests/common/sm_api.cpp
@@ -259,6 +259,16 @@ void getPkgIdByPid(pid_t pid, std::string *pkgId, std::string *appId, lib_retcod
     }
 }
 
+void appHasPrivilege(const char *appId, const char *privilege, uid_t user, int &value, lib_retcode expectedResult)
+{
+    int result = security_manager_app_has_privilege(appId, privilege, user, &value);
+
+    RUNNER_ASSERT_MSG((lib_retcode)result == expectedResult,
+                      "checking application privilege returned wrong result."
+                          << " Result: " << result << ";"
+                          << " Expected result: " << expectedResult);
+}
+
 } // namespace Api
 
 } // namespace SecurityManagerTest

diff --git a/src/security-manager-tests/common/sm_api.h b/src/security-manager-tests/common/sm_api.h
index 21faa8556116d687478bd6265bb71bae7eae14a3..f5ec89d69eecbc37fe2716bdf8f3086f1e08c687 100644 (file)
--- a/src/security-manager-tests/common/sm_api.h
+++ b/src/security-manager-tests/common/sm_api.h
@@ -45,6 +45,7 @@ void applySharing(const SharingRequest &req, lib_retcode expectedResult = SECURI
 void dropSharing(const SharingRequest &req, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
 void getPkgIdBySocket(int socketFd, std::string *pkgId, std::string *appId, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
 void getPkgIdByPid(pid_t pid, std::string *pkgId, std::string *appId, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
+void appHasPrivilege(const char *appId, const char *privilege, uid_t user, int &value, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
 } // namespace Api
 
 } // namespace SecurityManagerTest

diff --git a/src/security-manager-tests/security_manager_tests.cpp b/src/security-manager-tests/security_manager_tests.cpp
index 4c32b03f9e9b44f1a65e935c90cd4cd7fe6a7996..f25e818bbf10477dc7579b4e4ce298d0e726cc4b 100644 (file)
--- a/src/security-manager-tests/security_manager_tests.cpp
+++ b/src/security-manager-tests/security_manager_tests.cpp
@@ -3638,6 +3638,38 @@ RUNNER_CHILD_TEST(security_manager_46e_get_id_by_pid)
     Api::uninstall(requestUninst);
 }
 
+RUNNER_CHILD_TEST(security_manager_47_app_has_privilege)
+{
+    const char *const sm_app_id = "sm_test_47_app";
+    const char *const sm_pkg_id = "sm_test_47_pkg";
+    const std::string new_user_name = "sm_test_47_user_name";
+
+    InstallRequest requestInst;
+    requestInst.setAppId(sm_app_id);
+    requestInst.setPkgId(sm_pkg_id);
+    for (auto const &privilege : SM_ALLOWED_PRIVILEGES)
+        requestInst.addPrivilege(privilege.c_str());
+    Api::install(requestInst);
+
+    for (auto const &privilege : SM_ALLOWED_PRIVILEGES) {
+        int result;
+        Api::appHasPrivilege(sm_app_id, privilege.c_str(), getGlobalUserId(), result);
+        RUNNER_ASSERT_MSG(result == 1, "Application " << sm_app_id <<
+            " should have access to privilege " << privilege);
+    }
+
+    for (auto const &privilege : SM_DENIED_PRIVILEGES) {
+        int result;
+        Api::appHasPrivilege(sm_app_id, privilege.c_str(), getGlobalUserId(), result);
+        RUNNER_ASSERT_MSG(result == 0, "Application " << sm_app_id <<
+            " should not have access to privilege " << privilege);
+    }
+
+    InstallRequest requestUninst;
+    requestUninst.setAppId(sm_app_id);
+    Api::uninstall(requestUninst);
+}
+
 int main(int argc, char *argv[])
 {
     return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);