--- /dev/null
+/*
+ * Copyright (c) 2014-2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#pragma once
+
+#include <string>
+#include <utility>
+#include <vector>
+
+#include <security-manager-types.h>
+
+typedef std::pair<std::string, app_defined_privilege_type> AppDefPrivilege;
+typedef std::vector<AppDefPrivilege> AppDefPrivilegeVector;
+
return m_privileges;
}
-void AppInstallHelper::addAppDefinedPrivilege(const std::pair<std::string, int> &privilege) {
+void AppInstallHelper::addAppDefinedPrivilege(const AppDefPrivilege &privilege) {
m_appDefinedPrivileges.push_back(privilege);
}
-std::vector<std::pair<std::string, int>> AppInstallHelper::getAppDefinedPrivileges() const {
+AppDefPrivilegeVector AppInstallHelper::getAppDefinedPrivileges() const {
return m_appDefinedPrivileges;
}
#include <fcntl.h>
#include <functional>
+#include <sys/types.h>
+#include <unistd.h>
+
#include <map>
#include <string>
-#include <sys/types.h>
+#include <utility>
#include <vector>
-#include <unistd.h>
#include <security-manager-types.h>
+#include <app_def_privilege.h>
struct AppInstallHelper {
void addPrivileges(const std::vector<std::string> &privileges);
std::vector<std::string> getPrivileges() const;
- void addAppDefinedPrivilege(const std::pair<std::string, int> &privilege);
- std::vector<std::pair<std::string, int>> getAppDefinedPrivileges() const;
+ void addAppDefinedPrivilege(const AppDefPrivilege &privilege);
+ AppDefPrivilegeVector getAppDefinedPrivileges() const;
// Smack
std::string generateAppLabel() const;
TypePathsMap m_dirTypeMap;
TypePathsMap m_fileTypeMap;
std::vector<std::string> m_privileges;
- std::vector<std::pair<std::string, int>> m_appDefinedPrivileges;
+ AppDefPrivilegeVector m_appDefinedPrivileges;
std::string m_author;
pid_t m_creatorPid;
m_privileges.push_back(privilege);
}
-void InstallRequest::addAppDefinedPrivilege(const std::pair<std::string, int> &privilege, lib_retcode expectedResult)
+void InstallRequest::addAppDefinedPrivilege(const AppDefPrivilege &privilege, lib_retcode expectedResult)
{
int result = security_manager_app_inst_req_add_app_defined_privilege(m_req, privilege.first.c_str(),
static_cast<app_defined_privilege_type>(privilege.second));
#include <vector>
#include <security-manager.h>
+#include <app_def_privilege.h>
namespace SecurityManagerTest {
class InstallRequest;
void setAppId(std::string appId, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
void setPkgId(std::string pkgId, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
void addPrivilege(const std::string &privilege, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
- void addAppDefinedPrivilege(const std::pair<std::string, int> &privilege, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
+ void addAppDefinedPrivilege(const AppDefPrivilege &privilege, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
void addPath(std::string path, app_install_path_type pathType,
lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
void setUid(const uid_t uid, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
std::string m_pkgId;
std::string m_authorId;
std::vector<std::string> m_privileges;
- std::vector<std::pair<std::string, int>> m_appDefinedPrivileges;
+ AppDefPrivilegeVector m_appDefinedPrivileges;
std::vector<std::pair<std::string, app_install_path_type> > m_paths;
std::pair<bool, uid_t> m_uid;
};
using namespace SecurityManagerTest;
-RUNNER_CHILD_TEST(app_define_01_global_install)
+RUNNER_CHILD_TEST(app_defined_01_global_install)
{
- const std::string privilege = "http://tizen.org/applicationDefinedPrivilege/alamakota";
+ const std::string privilege = "http://tizen.org/applicationDefinedPrivilege/app_defined_01";
const app_defined_privilege_type type = SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED;
const std::string providerAppId = "app_def_01_provider_appid";
const std::string consumerAppId = "app_def_01_client_appid";
<< " privilege: " << privilege);
}
-RUNNER_CHILD_TEST(app_define_02_global_install)
+RUNNER_CHILD_TEST(app_defined_02_global_install)
{
- const std::string privilege = "http://tizen.org/licensedPrivilege/alamakota";
+ const std::string privilege = "http://tizen.org/licensedPrivilege/app_defined_02";
const app_defined_privilege_type type = SM_APP_DEFINED_PRIVILEGE_TYPE_LICENSED;
const std::string providerAppId = "app_def_02_provider_appid";
const std::string consumerAppId = "app_def_02_client_appid";
<< " privilege: " << privilege);
}
+RUNNER_CHILD_TEST(app_defined_03_database_update_fixed)
+{
+ // Because of a bug in implementation during installation of
+ // providerB privileges of providerA were deleted from cynara
+ // database. This test should check if bug was fixed.
+ const std::string privilegeA = "http://tizen.org/licensedPrivilege/app_define_03a";
+ const std::string privilegeB = "http://tizen.org/licensedPrivilege/app_define_03b";
+ const app_defined_privilege_type type = SM_APP_DEFINED_PRIVILEGE_TYPE_LICENSED;
+ const std::string providerAppIdA = "app_def_03a_provider_appid";
+ const std::string providerAppIdB = "app_def_03b_provider_appid";
+ const std::string consumerAppId = "app_def_03_client_appid";
+ const std::string ownerId = "5001";
+ const std::string session = "S0M33S3SSI0N";
+
+ struct cynara *m_cynara = nullptr;
+
+ AppInstallHelper providerA(providerAppIdA);
+ AppInstallHelper providerB(providerAppIdB);
+ AppInstallHelper consumer(consumerAppId);
+
+ std::string consumerLabel = consumer.generateAppLabel();
+
+ providerA.addAppDefinedPrivilege(std::make_pair(privilegeA, type));
+ providerB.addAppDefinedPrivilege(std::make_pair(privilegeB, type));
+ consumer.addPrivilege(privilegeA);
+
+ ScopedInstaller req1(providerA);
+ ScopedInstaller req2(providerB);
+ ScopedInstaller req3(consumer);
+
+ int ret = cynara_initialize(&m_cynara, nullptr);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
+ "cynara_initialize failed. ret: " << ret);
+ RUNNER_ASSERT_MSG(m_cynara != nullptr, "cynara struct was not initialized");
+
+ ret = cynara_check(
+ m_cynara,
+ consumerLabel.c_str(),
+ session.c_str(),
+ ownerId.c_str(),
+ privilegeA.c_str());
+
+ cynara_finish(m_cynara);
+
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_ACCESS_ALLOWED,
+ "cynara_check returned wrong value: "
+ << ret << " != " << CYNARA_API_ACCESS_ALLOWED << "."
+ << " client: " << consumerLabel << ","
+ << " session: " << session << ","
+ << " user: " << ownerId << ","
+ << " privilege: " << privilegeA);
+}
+
+