SM : Check if askuser is disabled in app policy tests

Change-Id: I2148b8eccddd561ac2514ab10348b885f2fdc48d

diff --git a/src/security-manager-tests/common/sm_commons.cpp b/src/security-manager-tests/common/sm_commons.cpp
index 8f4b740ab5a7e22d91d86b938eaf3b486a676e15..bd583a23e521dfe3f0d47c37dc6c86477856ebc2 100644 (file)
--- a/src/security-manager-tests/common/sm_commons.cpp
+++ b/src/security-manager-tests/common/sm_commons.cpp
@@ -16,6 +16,7 @@
 
 #include <algorithm>
 #include <cstring>
+#include <fcntl.h>
 #include <ftw.h>
 #include <grp.h>
 #include <string>
@@ -457,6 +458,21 @@ void runSystemAccessTest(uid_t uid, gid_t gid, const std::string &testPath, int
         runAccessTest(label, uid, gid, testPath, accessType);
 }
 
+bool isAskuserDisabled() {
+    static bool isAskuserDisabled = false;
+    static bool isChecked = false;
+
+    if (isChecked)
+        return isAskuserDisabled;
+
+    std::string sysShare = TzPlatformConfig::getPath(TZ_SYS_SHARE);
+    std::string askDisableFile = sysShare + "/askuser_disable";
+
+    isAskuserDisabled = (access(askDisableFile.c_str(), F_OK) != -1);
+    isChecked = true;
+    return isAskuserDisabled;
+}
+
 bool isPrivilegePrivacy(const std::string &priv) {
     return (1 == privilege_info_is_privacy(priv.c_str()));
 }

diff --git a/src/security-manager-tests/common/sm_commons.h b/src/security-manager-tests/common/sm_commons.h
index 804e887c7ce97362b0bd58d8c3252aebff575020..346c1f70b2ba9b65a682777acfe0c1c3df5c4818 100644 (file)
--- a/src/security-manager-tests/common/sm_commons.h
+++ b/src/security-manager-tests/common/sm_commons.h
@@ -78,6 +78,7 @@ void runAccessTest(const std::string &label, uid_t uid, gid_t gid,
 void runAccessTest(const AppInstallHelper &app, const std::string &testPath, int accessType);
 void runSystemAccessTest(uid_t uid, gid_t gid, const std::string &testPath, int accessType);
 
+bool isAskuserDisabled();
 bool isPrivilegePrivacy(const std::string &priv);
 int countPrivacyPrivileges(const PrivilegeVector &privs);
 int countPrivacyPrivileges(const std::vector<std::string> &privs);

diff --git a/src/security-manager-tests/common/tzplatform.cpp b/src/security-manager-tests/common/tzplatform.cpp
index 522f74eb5a361d9a89bc6bfaecf7fe9254cbaddd..3d3dce7f8495d9a747b2a3fddd71547e0ddf5c24 100644 (file)
--- a/src/security-manager-tests/common/tzplatform.cpp
+++ b/src/security-manager-tests/common/tzplatform.cpp
@@ -16,7 +16,6 @@
 
 #include <pwd.h>
 #include <sys/types.h>
-#include <tzplatform_config.h>
 
 #include <dpl/test/test_runner.h>
 #include <memory.h>
@@ -79,5 +78,17 @@ const std::string globalAppDir()
     return appDir;
 }
 
+const std::string getPath(enum tzplatform_variable id) {
+    struct tzplatform_context *tzCtxPtr = nullptr;
+
+    RUNNER_ASSERT_MSG(0 == tzplatform_context_create(&tzCtxPtr), "Couldn't create tzplatform context");
+    TzPlatformContextPtr tzCtxPtrSmart(tzCtxPtr);
+
+    const char *path = tzplatform_context_getenv(tzCtxPtr, id);
+    RUNNER_ASSERT_MSG(nullptr != path,
+                          "tzplatform_context_getenv failed for getting " << static_cast<int>(id));
+    return path;
+}
+
 }
 

diff --git a/src/security-manager-tests/common/tzplatform.h b/src/security-manager-tests/common/tzplatform.h
index 443fae36e218e705480da6a5d1d37bccbca044d5..fff4f5e46aae1a70a827c6c498e6a8894d1b2954 100644 (file)
--- a/src/security-manager-tests/common/tzplatform.h
+++ b/src/security-manager-tests/common/tzplatform.h
@@ -18,10 +18,14 @@
 
 #include <string>
 
+#include <tzplatform_config.h>
+
 #include <temp_test_user.h>
 
 namespace TzPlatformConfig {
 
+const std::string getPath(enum tzplatform_variable id);
+
 uid_t getGlobalUserId(void);
 
 uid_t getGlobalGroupId(void);

diff --git a/src/security-manager-tests/test_cases_app_policy.cpp b/src/security-manager-tests/test_cases_app_policy.cpp
index 0ead2538fdf6c2a04850d4c2635ed67e7cd2a185..afd9a09f573ad216c0c01385f4a93d93bdf9d2aa 100644 (file)
--- a/src/security-manager-tests/test_cases_app_policy.cpp
+++ b/src/security-manager-tests/test_cases_app_policy.cpp
@@ -45,7 +45,9 @@ RUNNER_CHILD_TEST(security_manager_ap1_app_policy_fetch_for_self) {
 
     unsigned expectedPolicyCount = countPrivacyPrivileges(app.getPrivileges());
 
-    RUNNER_ASSERT_MSG(expectedPolicyCount > 0, "Application won't be installed with any privacy privileges, fix test");
+    // If askuser is disabled there will be no privacy policy to expect
+    RUNNER_ASSERT_MSG(isAskuserDisabled() || expectedPolicyCount > 0,
+            "Application won't be installed with any privacy privileges, fix test");
 
     ScopedInstaller appInstall(app);
 
@@ -65,6 +67,10 @@ RUNNER_CHILD_TEST(security_manager_ap1_app_policy_fetch_for_self) {
 
             std::vector<PolicyEntry> policyEntries;
             Api::getPolicyForSelf(filter, policyEntries);
+            if (isAskuserDisabled()) {
+                //further checks do not make sense, but we've checked if app has permission to perform policy fetch
+                continue;
+            }
 
             RUNNER_ASSERT_MSG(policyEntries.size() != 0, "Policy is empty");
             RUNNER_ASSERT_MSG(policyEntries.size() == 1,