From: Dariusz Michaluk Date: Mon, 13 Feb 2017 12:27:20 +0000 (+0100) Subject: Tests for app defined privileges in db X-Git-Tag: submit/tizen/20170519.102945~3^2~18 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=76e5950731f72e09d2df2be6e29734a97eaf4acf;p=platform%2Fcore%2Fsecurity%2Fsecurity-manager.git Tests for app defined privileges in db Change-Id: I6b08cac6488f564a51443597b8ddd7c48e3124a2 --- diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 57e2308f..14b04feb 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -50,6 +50,7 @@ SET(SM_TESTS_SOURCES ${SM_TEST_SRC}/test_privilege_db_app_remove.cpp ${SM_TEST_SRC}/test_privilege_db_privilege.cpp ${SM_TEST_SRC}/test_privilege_db_sharing.cpp + ${SM_TEST_SRC}/test_privilege_db_app_defined_privileges.cpp ${SM_TEST_SRC}/test_smack-labels.cpp ${SM_TEST_SRC}/test_smack-rules.cpp ${DPL_PATH}/core/src/assert.cpp diff --git a/test/test_privilege_db_app_defined_privileges.cpp b/test/test_privilege_db_app_defined_privileges.cpp new file mode 100644 index 00000000..6faf30dd --- /dev/null +++ b/test/test_privilege_db_app_defined_privileges.cpp @@ -0,0 +1,130 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file test_privilege_db_app_defined_privileges.cpp + * @author Dariusz Michaluk (d.michaluk@samsung.com) + * @version 1.0 + */ + +#include +#include + +#include + +#include "privilege_db.h" +#include "privilege_db_fixture.h" +#include "security-manager-types.h" + +namespace { + +struct AppDefinedPrivilegeFixture : public PrivilegeDBFixture { + void checkAppDefinedPrivileges(const std::string &app, uid_t uid, + const PrivilegesVector &expected); +}; + +void AppDefinedPrivilegeFixture::checkAppDefinedPrivileges(const std::string &app, uid_t uid, + const PrivilegesVector &expected) +{ + PrivilegesVector privileges; + testPrivDb->GetAppDefinedPrivileges(app, uid, privileges); + BOOST_REQUIRE_MESSAGE(privileges.size() == expected.size(), "Vector sizes differ"); + + for (unsigned int i = 0; i < privileges.size(); ++i) { + BOOST_REQUIRE(privileges[i].first == expected[i].first); + BOOST_REQUIRE(privileges[i].second == expected[i].second); + } +} + +} // anonymous namespace + +BOOST_FIXTURE_TEST_SUITE(PRIVILEGE_DB_TEST_APP_DEFINED_PRIVILEGES, AppDefinedPrivilegeFixture) + +BOOST_AUTO_TEST_CASE(T1300_app_defined_privileges) +{ + // add some privileges + PrivilegesVector privileges; + privileges.push_back(std::make_pair("org.tizen.my_app.gps", SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED)); + privileges.push_back(std::make_pair("org.tizen.my_app.sso", SM_APP_DEFINED_PRIVILEGE_TYPE_LICENSED)); + + // non-existing application + checkAppDefinedPrivileges(app(1), uid(1), {}); + + // add first application + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + + // privileges not defined + checkAppDefinedPrivileges(app(1), uid(1), {}); + + // add privilege to non-existing application + BOOST_REQUIRE_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(1), privileges[0]), + PrivilegeDb::Exception::ConstraintError); + + // first application defines first privilege + BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(1), uid(1), privileges[0])); + + // check non-existing privilege + std::string appName; + BOOST_REQUIRE_NO_THROW(testPrivDb->GetAppForAppDefinedPrivilege(privileges[1], uid(1), appName)); + BOOST_REQUIRE(appName.empty()); + + // first application defines second privilege + BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(1), uid(1), privileges[1])); + + // check existing privilege application name + BOOST_REQUIRE_NO_THROW(testPrivDb->GetAppForAppDefinedPrivilege(privileges[1], uid(1), appName)); + BOOST_REQUIRE(appName == app(1)); + + // check first application privileges + checkAppDefinedPrivileges(app(1), uid(1), privileges); + + // add second application + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(1), author(2), Hybrid); + + // privilege already defined by first application + BOOST_REQUIRE_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(2), privileges[0]), + PrivilegeDb::Exception::ConstraintError); + + // remove first application privileges + BOOST_REQUIRE_NO_THROW(testPrivDb->RemoveAppDefinedPrivileges(app(1), uid(1))); + checkAppDefinedPrivileges(app(1), uid(1), {}); + + // uninstall first application and check privileges + removeAppSuccess(app(1), uid(1)); + checkAppDefinedPrivileges(app(1), uid(1), {}); + + // second application defines privileges + BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(2), privileges[0])); + BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(2), privileges[1])); + checkAppDefinedPrivileges(app(2), uid(2), privileges); + + // install second application for different user and add privileges + addAppSuccess(app(2), pkg(2), uid(3), tizenVer(1), author(2), Hybrid); + BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(3), privileges[0])); + BOOST_REQUIRE_NO_THROW(testPrivDb->AddAppDefinedPrivilege(app(2), uid(3), privileges[1])); + checkAppDefinedPrivileges(app(2), uid(3), privileges); + + // uninstall second application and check privileges + removeAppSuccess(app(2), uid(2)); + checkAppDefinedPrivileges(app(2), uid(2), {}); + checkAppDefinedPrivileges(app(2), uid(3), privileges); + + removeAppSuccess(app(2), uid(3)); + checkAppDefinedPrivileges(app(2), uid(2), {}); + checkAppDefinedPrivileges(app(2), uid(3), {}); +} + +BOOST_AUTO_TEST_SUITE_END()