App install type tests

Run security-manager-tests --regexp='set_install_type'

Change-Id: I10f0b25b9e3613ce68ddd8b7cb06e83357abbabe
Signed-off-by: Zbigniew Jasinski <z.jasinski@samsung.com>

diff --git a/src/security-manager-tests/common/sm_request.cpp b/src/security-manager-tests/common/sm_request.cpp
index b8fc114..93b6d87 100644 (file)
--- a/src/security-manager-tests/common/sm_request.cpp
+++ b/src/security-manager-tests/common/sm_request.cpp
@@ -115,6 +115,16 @@ void InstallRequest::setAuthorId(std::string authorId, lib_retcode expectedResul
     m_authorId = std::move(authorId);
 }
 
+void InstallRequest::setInstallType(const enum app_install_type &type, lib_retcode expectedResult)
+{
+    int result = security_manager_app_inst_req_set_install_type(m_req, type);
+    RUNNER_ASSERT_MSG((lib_retcode)result == expectedResult,
+                      "setting install type returned wrong value."
+                          << " Install type: " << type << ";"
+                          << " Result: " << result << ";"
+                          << " Expected result: " << expectedResult);
+}
+
 std::ostream& operator<<(std::ostream &os, const InstallRequest &request)
 {
     if (!request.m_appId.empty())

diff --git a/src/security-manager-tests/common/sm_request.h b/src/security-manager-tests/common/sm_request.h
index 08dd477..59b9d2e 100644 (file)
--- a/src/security-manager-tests/common/sm_request.h
+++ b/src/security-manager-tests/common/sm_request.h
@@ -44,6 +44,7 @@ public:
                  lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
     void setUid(const uid_t uid, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
     void setAuthorId(std::string authorId, lib_retcode expectedResult= SECURITY_MANAGER_SUCCESS);
+    void setInstallType(const enum app_install_type &type, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
 
     std::string getAppTizenVersion() const { return m_tizenVer; }
     app_inst_req *get() { return m_req; }

diff --git a/src/security-manager-tests/security_manager_tests.cpp b/src/security-manager-tests/security_manager_tests.cpp
index e182365..180962e 100644 (file)
--- a/src/security-manager-tests/security_manager_tests.cpp
+++ b/src/security-manager-tests/security_manager_tests.cpp
@@ -593,7 +593,6 @@ void check_exact_smack_accesses(const std::string &subject, const std::string &o
 
 RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
 
-
 RUNNER_TEST(security_manager_01a_app_double_install_double_uninstall)
 {
     const char *const sm_app_id = "sm_test_01a_app_id_double";
@@ -935,6 +934,8 @@ static void removeTestDirs(const TemporaryTestUser &user,
     removeDir(nonAppDirPath(user));
 }
 
+
+
 RUNNER_CHILD_TEST(security_manager_04a_app_install_uninstall_by_app_user_for_self)
 {
     int result;
@@ -3839,6 +3840,189 @@ RUNNER_TEST(security_manager_48_groups_get)
     security_manager_groups_free(c_groups, count);
 }
 
+RUNNER_TEST(security_manager_49a_global_user_set_install_type_global)
+{
+    const char *const sm_app_id = "sm_test_49a_app_id_global";
+    const char *const sm_pkg_id = "sm_test_49a_pkg_id_global";
+
+    InstallRequest requestInst;
+    requestInst.setAppId(sm_app_id);
+    requestInst.setPkgId(sm_pkg_id);
+    requestInst.setInstallType(SM_APP_INSTALL_GLOBAL);
+
+    Api::install(requestInst);
+
+    // Check records in the security-manager database
+    check_app_after_install(sm_app_id, sm_pkg_id);
+
+    InstallRequest requestUninst;
+    requestUninst.setAppId(sm_app_id);
+
+    Api::uninstall(requestUninst);
+
+    // Check records in the security-manager database
+    check_app_after_uninstall(sm_app_id, sm_pkg_id, TestSecurityManagerDatabase::REMOVED);
+}
+
+RUNNER_TEST(security_manager_49b_global_user_set_install_type_local)
+{
+    const char *const sm_app_id = "sm_test_49b_app_id_local";
+    const char *const sm_pkg_id = "sm_test_49b_pkg_id_local";
+
+    InstallRequest requestInst;
+    requestInst.setAppId(sm_app_id);
+    requestInst.setPkgId(sm_pkg_id);
+    requestInst.setInstallType(SM_APP_INSTALL_LOCAL);
+
+    Api::install(requestInst, (lib_retcode)SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED);
+}
+
+RUNNER_TEST(security_manager_49c_global_user_set_install_type_preloaded)
+{
+    const char *const sm_app_id = "sm_test_49c_app_id_preloaded";
+    const char *const sm_pkg_id = "sm_test_49c_pkg_id_preloaded";
+
+    InstallRequest requestInst;
+    requestInst.setAppId(sm_app_id);
+    requestInst.setPkgId(sm_pkg_id);
+    requestInst.setInstallType(SM_APP_INSTALL_PRELOADED);
+
+    Api::install(requestInst);
+
+    // Check records in the security-manager database
+    check_app_after_install(sm_app_id, sm_pkg_id);
+
+    InstallRequest requestUninst;
+    requestUninst.setAppId(sm_app_id);
+
+    Api::uninstall(requestUninst);
+
+    // Check records in the security-manager database
+    check_app_after_uninstall(sm_app_id, sm_pkg_id, TestSecurityManagerDatabase::REMOVED);
+}
+
+RUNNER_CHILD_TEST(security_manager_49d_local_user_set_install_type_global)
+{
+    int result;
+    const char *const sm_app_id = "sm_test_49d_app_id_global";
+    const char *const sm_pkg_id = "sm_test_49d_pkg_id_global";
+    const std::string new_user_name = "sm_test_49d_user_name";
+
+    TemporaryTestUser testUser(new_user_name, GUM_USERTYPE_NORMAL, false);
+    testUser.create();
+
+    removeTestDirs(testUser, sm_app_id, sm_pkg_id);
+    createTestDirs(testUser, sm_app_id, sm_pkg_id);
+
+    const std::string userAppDirPath = appDirPath(testUser, sm_app_id, sm_pkg_id);
+
+    //switch user to non-root
+    result = drop_root_privileges(testUser.getUid(), testUser.getGid());
+    RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
+
+    InstallRequest requestPrivateUser;
+    prepare_request(requestPrivateUser, sm_app_id, sm_pkg_id,
+                    SECURITY_MANAGER_PATH_RW, userAppDirPath.c_str(),
+                    false);
+
+    requestPrivateUser.setInstallType((app_install_type)0, (lib_retcode)SECURITY_MANAGER_ERROR_INPUT_PARAM);
+    requestPrivateUser.setInstallType((app_install_type)22, (lib_retcode)SECURITY_MANAGER_ERROR_INPUT_PARAM);
+    requestPrivateUser.setInstallType(SM_APP_INSTALL_GLOBAL);
+
+    for (auto &privilege : SM_ALLOWED_PRIVILEGES)
+        requestPrivateUser.addPrivilege(privilege.c_str());
+
+    /*
+     * It is possible for local user to install global application but one needs app_install privileges
+     * By default only global user or root can install global apps
+     */
+    Api::install(requestPrivateUser, (lib_retcode)SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED);
+}
+
+RUNNER_CHILD_TEST(security_manager_49e_local_user_set_install_type_local)
+{
+    int result;
+    const char *const sm_app_id = "sm_test_49e_app_id_local";
+    const char *const sm_pkg_id = "sm_test_49e_pkg_id_local";
+    const std::string new_user_name = "sm_test_49e_user_name";
+
+    TemporaryTestUser testUser(new_user_name, GUM_USERTYPE_NORMAL, false);
+    testUser.create();
+
+    removeTestDirs(testUser, sm_app_id, sm_pkg_id);
+    createTestDirs(testUser, sm_app_id, sm_pkg_id);
+
+    const std::string userAppDirPath = appDirPath(testUser, sm_app_id, sm_pkg_id);
+
+    //switch user to non-root
+    result = drop_root_privileges(testUser.getUid(), testUser.getGid());
+    RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
+
+    InstallRequest requestPrivateUser;
+    prepare_request(requestPrivateUser, sm_app_id, sm_pkg_id,
+                    SECURITY_MANAGER_PATH_RW, userAppDirPath.c_str(),
+                    false);
+
+    requestPrivateUser.setInstallType(SM_APP_INSTALL_LOCAL);
+
+    for (auto &privilege : SM_ALLOWED_PRIVILEGES)
+        requestPrivateUser.addPrivilege(privilege.c_str());
+
+    Api::install(requestPrivateUser);
+
+    check_app_permissions(sm_app_id, sm_pkg_id,
+                          uidToStr(testUser.getUid()).c_str(),
+                          SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES);
+
+    //uninstall app as non-root user
+    InstallRequest request;
+    request.setAppId(sm_app_id);
+
+    Api::uninstall(request);
+
+    check_app_permissions(sm_app_id, sm_pkg_id,
+                          uidToStr(testUser.getUid()).c_str(),
+                          SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES);
+}
+
+RUNNER_CHILD_TEST(security_manager_49f_local_user_set_install_type_preloaded)
+{
+    int result;
+    const char *const sm_app_id = "sm_test_49f_app_id_preloaded";
+    const char *const sm_pkg_id = "sm_test_49f_pkg_id_preloaded";
+    const std::string new_user_name = "sm_test_49f_user_name";
+
+    TemporaryTestUser testUser(new_user_name, GUM_USERTYPE_NORMAL, false);
+    testUser.create();
+
+    removeTestDirs(testUser, sm_app_id, sm_pkg_id);
+    createTestDirs(testUser, sm_app_id, sm_pkg_id);
+
+    const std::string userAppDirPath = appDirPath(testUser, sm_app_id, sm_pkg_id);
+
+    //switch user to non-root
+    result = drop_root_privileges(testUser.getUid(), testUser.getGid());
+    RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
+
+    InstallRequest requestPrivateUser;
+    prepare_request(requestPrivateUser, sm_app_id, sm_pkg_id,
+                    SECURITY_MANAGER_PATH_RW, userAppDirPath.c_str(),
+                    false);
+
+    requestPrivateUser.setInstallType((app_install_type)0, (lib_retcode)SECURITY_MANAGER_ERROR_INPUT_PARAM);
+    requestPrivateUser.setInstallType((app_install_type)22, (lib_retcode)SECURITY_MANAGER_ERROR_INPUT_PARAM);
+    requestPrivateUser.setInstallType(SM_APP_INSTALL_PRELOADED);
+
+    for (auto &privilege : SM_ALLOWED_PRIVILEGES)
+        requestPrivateUser.addPrivilege(privilege.c_str());
+
+    /*
+     * It is possible for local user to install preloaded application but one needs app_install privileges
+     * By default only global user or root can install preloaded apps
+     */
+    Api::install(requestPrivateUser, (lib_retcode)SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED);
+}
+
 int main(int argc, char *argv[])
 {
     return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);