From: Aleksander Zdyb <a.zdyb@partner.samsung.com>
Date: Thu, 29 May 2014 12:39:17 +0000 (+0200)
Subject: Add tests for Cynara RE (Rush-Edition)
X-Git-Tag: security-manager_5.5_testing~242
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=519d9cf7f9ff46cfda290ab8842f648ab05b63c5;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

Add tests for Cynara RE (Rush-Edition)

Change-Id: I628a242f40001a2e81ac1728e19402ed30b11934
Signed-off-by: Aleksander Zdyb <a.zdyb@partner.samsung.com>
---

diff --git a/packaging/security-tests.manifest b/packaging/security-tests.manifest
index 8533a46..2cfdbcc 100644
--- a/packaging/security-tests.manifest
+++ b/packaging/security-tests.manifest
@@ -16,6 +16,7 @@
         <filesystem path="/usr/bin/security-server-tests-stress" exec_label="_" />
         <filesystem path="/usr/bin/security-server-tests-dbus" exec_label="_" />
         <filesystem path="/usr/bin/security-manager-tests" exec_label="_" />
+        <filesystem path="/usr/bin/cynara-tests" exec_label="_" />
 
         <filesystem path="/usr/bin/test-app-efl" exec_label="User" />
         <filesystem path="/usr/bin/test-app-osp" exec_label="User" />
diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec
index 33b04aa..55cf105 100644
--- a/packaging/security-tests.spec
+++ b/packaging/security-tests.spec
@@ -18,6 +18,7 @@ BuildRequires: pkgconfig(dbus-1)
 BuildRequires: pkgconfig(dbus-glib-1)
 BuildRequires: pkgconfig(libiri)
 BuildRequires: pkgconfig(sqlite3)
+BuildRequires: pkgconfig(cynara-client)
 Requires:   smack
 Requires:   libprivilege-control
 
@@ -83,4 +84,4 @@ echo "security-tests postinst done ..."
 /usr/bin/test-app-efl
 /usr/bin/test-app-osp
 /usr/bin/test-app-wgt
-
+/usr/bin/cynara-test
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index c98a356..db4ee57 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -64,3 +64,4 @@ ADD_SUBDIRECTORY(libprivilege-control-tests)
 ADD_SUBDIRECTORY(libsmack-tests)
 ADD_SUBDIRECTORY(security-server-tests)
 ADD_SUBDIRECTORY(security-manager-tests)
+ADD_SUBDIRECTORY(cynara-tests)
diff --git a/tests/cynara-tests/CMakeLists.txt b/tests/cynara-tests/CMakeLists.txt
new file mode 100644
index 0000000..7b7a6bf
--- /dev/null
+++ b/tests/cynara-tests/CMakeLists.txt
@@ -0,0 +1,52 @@
+cmake_minimum_required(VERSION 2.8.3)
+
+INCLUDE(FindPkgConfig)
+SET(CYNARA_TARGET_TEST "cynara-test")
+
+PKG_CHECK_MODULES(CYNARA_TARGET_DEP
+    REQUIRED
+    dpl-test-efl
+    libprivilege-control
+    cynara-client
+    )
+
+#files to compile
+SET(CYNARA_TARGET_TEST_SOURCES
+    ${PROJECT_SOURCE_DIR}/tests/cynara-tests/cynara-test.cpp
+    ${PROJECT_SOURCE_DIR}/tests/cynara-tests/cynara_client.cpp
+    )
+
+#header directories
+INCLUDE_DIRECTORIES(SYSTEM
+    ${CYNARA_TARGET_DEP_INCLUDE_DIRS}
+    )
+
+INCLUDE_DIRECTORIES(
+    ${PROJECT_SOURCE_DIR}/tests/common/
+    )
+
+#output format
+ADD_EXECUTABLE(${CYNARA_TARGET_TEST} ${CYNARA_TARGET_TEST_SOURCES})
+
+#linker directories
+TARGET_LINK_LIBRARIES(${CYNARA_TARGET_TEST}
+    ${CYNARA_TARGET_DEP_LIBRARIES}
+    tests-common
+    )
+
+#place for output file
+INSTALL(TARGETS ${CYNARA_TARGET_TEST}
+    DESTINATION /usr/bin
+    PERMISSIONS OWNER_READ
+                OWNER_WRITE
+                OWNER_EXECUTE
+                GROUP_READ
+                GROUP_EXECUTE
+                WORLD_READ
+                WORLD_EXECUTE
+    )
+
+INSTALL(FILES
+    ${PROJECT_SOURCE_DIR}/tests/cynara-tests/WRT_test_for_cynara_rules.smack
+    DESTINATION /usr/share/privilege-control/
+)
diff --git a/tests/cynara-tests/WRT_test_for_cynara_rules.smack b/tests/cynara-tests/WRT_test_for_cynara_rules.smack
new file mode 100644
index 0000000..3582e27
--- /dev/null
+++ b/tests/cynara-tests/WRT_test_for_cynara_rules.smack
@@ -0,0 +1,14 @@
+~APP~ cynara_test_1 r
+~APP~ cynara_test_2 w
+~APP~ cynara_test_3 x
+~APP~ cynara_test_4 rw
+~APP~ cynara_test_5 rx
+~APP~ cynara_test_6 wx
+~APP~ cynara_test_7 rwx
+cynara_subject_1 ~APP~ r
+cynara_subject_2 ~APP~ w
+cynara_subject_3 ~APP~ x
+cynara_subject_4 ~APP~ rw
+cynara_subject_5 ~APP~ rx
+cynara_subject_6 ~APP~ wx
+cynara_subject_7 ~APP~ rwx
diff --git a/tests/cynara-tests/cynara-test.cpp b/tests/cynara-tests/cynara-test.cpp
new file mode 100644
index 0000000..cb00aef
--- /dev/null
+++ b/tests/cynara-tests/cynara-test.cpp
@@ -0,0 +1,9 @@
+#include <dpl/test/test_runner.h>
+#include <summary_collector.h>
+
+int main (int argc, char *argv[])
+{
+    SummaryCollector::Register();
+    int status = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+    return status;
+}
diff --git a/tests/cynara-tests/cynara_client.cpp b/tests/cynara-tests/cynara_client.cpp
new file mode 100644
index 0000000..a74ff59
--- /dev/null
+++ b/tests/cynara-tests/cynara_client.cpp
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2014 Samsung Electronics Co., Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the License);
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an AS IS BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * @file        cynara_client.cpp
+ * @author      Aleksander Zdyb <a.zdyb@partner.samsung.com>
+ * @version     1.0
+ * @brief       Tests for libcynara-client
+ */
+
+#include <tests_common.h>
+#include <privilege-control.h>
+#include <cynara/cynara-client.h>
+
+#include <memory>
+#include <functional>
+
+
+static const char *FAKE_PRIV_1 = "test_for_cynara_rules";
+static const char *FAKE_PRIV_2 = "0fbc6f4f45c4641b373bfcc1bf4c1ad9";
+static const char *PRIVILEGES_1[] = { FAKE_PRIV_1, NULL };
+static const char *FAKE_APP_1 = "fake_app_1";
+
+
+static void install_app_with_perms(const char *app_id, const char **perms) {
+    DB_BEGIN
+    int install_check = perm_app_install(app_id);
+    RUNNER_ASSERT_MSG_BT(install_check == PC_OPERATION_SUCCESS,
+        "Unable to install app " << perm_strerror(install_check));
+    int enable_perm_check = perm_app_enable_permissions(
+        app_id, APP_TYPE_WGT, perms, true);
+    RUNNER_ASSERT_MSG_BT(enable_perm_check == PC_OPERATION_SUCCESS,
+         "Unable to enable privileges " << perm_strerror(enable_perm_check));
+    DB_END
+}
+
+static void remove_perms_and_uninstall(const char *app_id, const char **perms) {
+    DB_BEGIN
+    int disable_perm_check = perm_app_disable_permissions(app_id, APP_TYPE_WGT, perms);
+    RUNNER_ASSERT_MSG_BT(disable_perm_check == PC_OPERATION_SUCCESS,
+        "Unable to disable privileges " << perm_strerror(disable_perm_check));
+    int uninstall_check = perm_app_uninstall(app_id);
+    RUNNER_ASSERT_MSG_BT(uninstall_check == PC_OPERATION_SUCCESS,
+        "Unable to install app " << perm_strerror(uninstall_check));
+    DB_END
+}
+
+static void do_cynara_finish(cynara *cynara_data) {
+    cynara_api_result finish_ret = static_cast<cynara_api_result>(cynara_finish(cynara_data));
+    if(std::uncaught_exception() == false)
+        RUNNER_ASSERT_MSG_BT(finish_ret == CYNARA_API_SUCCESS, "Cynara finish failed");
+}
+
+// cynara is an incomplete type, so deleter signature needs to be explicitly declared
+static std::unique_ptr<cynara, std::function<decltype(do_cynara_finish)>> do_cynara_initialize() {
+    cynara *cynara_data = nullptr;
+    cynara_api_result init_ret = static_cast<cynara_api_result>(
+            cynara_initialize(&cynara_data, NULL));
+    RUNNER_ASSERT_MSG_BT(init_ret == CYNARA_API_SUCCESS, "Cynara initialize failed");
+    return std::function<decltype(do_cynara_initialize)>::result_type(cynara_data, do_cynara_finish);
+}
+
+
+RUNNER_TEST_GROUP_INIT(cynara_client)
+
+RUNNER_TEST(initialize) {
+    auto cynara_data = do_cynara_initialize();
+    RUNNER_ASSERT_MSG_BT(cynara_data != nullptr, "Cynara initialize data invalid");
+}
+
+RUNNER_TEST(check_grant) {
+    install_app_with_perms(FAKE_APP_1, PRIVILEGES_1);
+
+    auto cynara_data = do_cynara_initialize();
+    cynara_api_result check_ret = static_cast<cynara_api_result>(cynara_check(
+        cynara_data.get(), "User", "", "", PRIVILEGES_1[0]));
+
+    remove_perms_and_uninstall(FAKE_APP_1, PRIVILEGES_1);
+    RUNNER_ASSERT_MSG_BT(check_ret == CYNARA_API_SUCCESS,
+        "Cynara check failed (ret=" << check_ret << ")");
+}
+
+RUNNER_TEST(check_deny) {
+    auto cynara_data = do_cynara_initialize();
+    cynara_api_result check_ret = static_cast<cynara_api_result>(cynara_check(
+        cynara_data.get(), "User", "", "", FAKE_PRIV_2));
+
+    RUNNER_ASSERT_MSG_BT(check_ret == CYNARA_API_ACCESS_DENIED,
+        "Cynara check failed (ret=" << check_ret << ")");
+}
diff --git a/tests/security-tests-all.sh b/tests/security-tests-all.sh
index 8b87d94..8029c7b 100644
--- a/tests/security-tests-all.sh
+++ b/tests/security-tests-all.sh
@@ -24,6 +24,7 @@ security-tests.sh ss-privilege --output=text --output=summary $ign
 security-tests.sh ss-dbus --output=text --output=summary $ign
 security-tests.sh ss-stress --output=text --output=summary $ign
 security-tests.sh security-manager --output=text --output=summary $ign
+security-tests.sh cynara --output=text --output=summary $ign
 
 # print summary
 tests-summary.sh $summary_file
diff --git a/tests/security-tests.sh b/tests/security-tests.sh
index 147aa48..d175ef8 100644
--- a/tests/security-tests.sh
+++ b/tests/security-tests.sh
@@ -82,14 +82,19 @@ case $1 in
     echo
     security-manager-tests "${@:2}"
     ;;
-
+"cynara")
+    echo "========================================================================="
+    echo "CYNARA TEST"
+    echo
+    cynara-test "${@:2}"
+    ;;
 *)
     echo "Correct using:"
     echo "    security_test.sh <module> <args_for_module>"
     echo
     echo "modules: smack, libprivilege-control, ss-clientsmack"
     echo "         ss-server, ss-api-speed, ss-password, ss-stress"
-    echo "         ss-privilege, security-manager"
+    echo "         ss-privilege, security-manager, cynara"
     ;;
 
 esac