From: Zofia Abramowska Date: Tue, 20 Sep 2016 17:36:17 +0000 (+0200) Subject: SM : Enhance AppInstallHelper X-Git-Tag: security-manager_5.5_testing~20^2~40 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d188a51d46c8f43910c6e0977b19492fdb8835d5;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git SM : Enhance AppInstallHelper * Split into header and source file * Fix constructors * Change default uid * Add creating public dir * Add privileges * Add install type * Add author Change-Id: I1797c64c6cacd9ba4b52169b03b338d388e2a004 --- diff --git a/src/security-manager-tests/CMakeLists.txt b/src/security-manager-tests/CMakeLists.txt index a9b1455a..32776a79 100644 --- a/src/security-manager-tests/CMakeLists.txt +++ b/src/security-manager-tests/CMakeLists.txt @@ -49,6 +49,7 @@ SET(SEC_MGR_SOURCES ${PROJECT_SOURCE_DIR}/src/security-manager-tests/test_cases_register_paths.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/test_cases_trusted_sharing.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/security_manager_tests.cpp + ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/app_install_helper.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/policy_configuration.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_api.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_commons.cpp diff --git a/src/security-manager-tests/common/app_install_helper.cpp b/src/security-manager-tests/common/app_install_helper.cpp new file mode 100644 index 00000000..90d8ab30 --- /dev/null +++ b/src/security-manager-tests/common/app_install_helper.cpp @@ -0,0 +1,199 @@ +/* + * Copyright (c) 2014-2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include +#include + +#include "app_install_helper.h" + +std::string AppInstallHelper::getInstallDir() const { + return m_installDir + getPkgId(); +} + +std::string AppInstallHelper::getTrustedDir(int i) const { + return getInstallDir() + "/trustedDir" + std::to_string(i); +} + +std::string AppInstallHelper::getPrivateDir() const { + return getInstallDir() + "/app_dir/"; +} + +std::string AppInstallHelper::getPrivateRODir() const { + return getInstallDir() + "/app_dir_ro/"; +} + +std::string AppInstallHelper::getPublicDir() const { + return getInstallDir() + "/app_public_ro/"; +} + +std::string AppInstallHelper::getSharedPath(int i) const { + return getPrivateDir() + "shareme" + std::to_string(i); +} + +std::string AppInstallHelper::getSharedRODir() const { + return getInstallDir() + "/app_dir_rw_others_ro/"; +} + +std::string AppInstallHelper::getAppId() const { + return m_appName + "_app_id"; +} + +std::string AppInstallHelper::getPkgId() const { + return m_pkgName + "_pkg_id"; +} + +std::string AppInstallHelper::getVersion() const { + return m_version; +} + +int AppInstallHelper::getUID() const { + return m_uidGid; +} + +int AppInstallHelper::getGID() const { + return m_uidGid; +} + +void AppInstallHelper::createInstallDir() { + create(mkdir, getInstallDir()); +} + +void AppInstallHelper::createTrustedDir(int i) { + if (create(mkdir, getTrustedDir(i))) + m_dirTypeMap[SECURITY_MANAGER_PATH_TRUSTED_RW].emplace_back(getTrustedDir(i)); +} + +void AppInstallHelper::createPrivateDir() { + if (create(mkdir, getPrivateDir())) + m_dirTypeMap[SECURITY_MANAGER_PATH_RW].emplace_back(getPrivateDir()); +} + +void AppInstallHelper::createPublicDir() { + if (mkdir(getPublicDir().c_str(), 0777) == 0) { + m_dirTypeMap[SECURITY_MANAGER_PATH_PUBLIC_RO].emplace_back(getPublicDir()); + } +} + +void AppInstallHelper::createSharedFile(int i) { + if (create(creat, getSharedPath(i))) + m_fileTypeMap[SECURITY_MANAGER_PATH_RW].emplace_back(getSharedPath(i)); +} + +void AppInstallHelper::createSharedRODir() { + if (create(mkdir, getSharedRODir())) + m_dirTypeMap[SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO].emplace_back(getSharedRODir()); +} + +void AppInstallHelper::createPrivateRODir() { + if (create(mkdir, getPrivateRODir())) + m_dirTypeMap[SECURITY_MANAGER_PATH_RO].emplace_back(getPrivateRODir()); +} + +void AppInstallHelper::addPrivilege(const std::string &privilege) { + m_privileges.push_back(privilege); +} + +void AppInstallHelper::addPrivileges(const std::vector &privileges) { + std::copy(privileges.begin(), privileges.end(), std::back_inserter(m_privileges)); +} + +std::vector AppInstallHelper::getPrivileges() const { + return m_privileges; +} + +void AppInstallHelper::revokeRules() const { + RUNNER_ASSERT_MSG( + 0 == smack_revoke_subject(generateAppLabel().c_str()), + "Revoking smack subject failed"); +} + +std::string AppInstallHelper::generateAppLabel() const { + return generateProcessLabel(getAppId(), getPkgId()); +} + +std::string AppInstallHelper::generatePkgLabel() const { + return generatePathRWLabel(getPkgId()); +} + +const AppInstallHelper::TypePathsMap& AppInstallHelper::getDirsMap() const { + return m_dirTypeMap; +} + +const AppInstallHelper::TypePathsMap& AppInstallHelper::getFilesMap() const { + return m_fileTypeMap; +} + +void AppInstallHelper::removePaths() { + // FIXME - remove special treatment for shared ro + for (const auto &oneTypePaths : m_dirTypeMap) + if (oneTypePaths.first != SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO) + for (const auto& path : oneTypePaths.second) + rmdir(path.c_str()); + + m_dirTypeMap.clear(); + + for (const auto &oneTypePaths : m_fileTypeMap) + if (oneTypePaths.first != SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO) + for (const auto& path : oneTypePaths.second) + unlink(path.c_str()); + + m_fileTypeMap.clear(); + + rmdir(m_installDir.c_str()); +} + +void AppInstallHelper::setInstallPath() { + if (m_isLocal) + m_installDir = TzPlatformConfig::appDirPath(getUID()); + else + m_installDir = TzPlatformConfig::globalAppDir() + "/"; +} + +bool AppInstallHelper::create(std::function &&creatFun, const std::string &path) { + if (creatFun(path.c_str(), 0751) == 0) { + // Local paths need user change + if (!m_isLocal || chown(path.c_str(), m_uidGid, m_uidGid) == 0) + return true; + } + return false; +} + +void AppInstallHelper::setAuthor(const std::string &author) { + m_author = author; +} +std::string AppInstallHelper::getAuthor() const { + return m_author; +} + +void AppInstallHelper::setInstallType(app_install_type type) { + m_installType = type; +} +app_install_type AppInstallHelper::getInstallType() { + return m_installType; +} + diff --git a/src/security-manager-tests/common/app_install_helper.h b/src/security-manager-tests/common/app_install_helper.h index 32eaa239..776486b8 100644 --- a/src/security-manager-tests/common/app_install_helper.h +++ b/src/security-manager-tests/common/app_install_helper.h @@ -16,20 +16,14 @@ #pragma once #include +#include #include #include -#include -#include -#include +#include #include -#include #include -#include -#include -#include - const uid_t OWNER_UID = 5001; const std::string TIZEN_VERSION = "3.0"; @@ -38,180 +32,86 @@ struct AppInstallHelper { using TypePathsMap = std::map>; AppInstallHelper(const std::string &appName, const std::string &pkgName, - bool isLocal = false, - uid_t uid = OWNER_UID, - std::string version = TIZEN_VERSION) - : m_appName(appName), m_pkgName(pkgName), m_isLocal(isLocal), m_uidGid(uid), m_version(version) + bool isLocal, + uid_t uid, + std::string version) + : m_appName(appName), m_pkgName(pkgName), m_isLocal(isLocal), m_uidGid(uid), m_version(version), + m_installType(SM_APP_INSTALL_NONE) { setInstallPath(); } - AppInstallHelper(const std::string &appName, const std::string &pkgName, std::string version, bool isLocal = false) - : AppInstallHelper(appName, pkgName, isLocal, OWNER_UID, version) + AppInstallHelper(const std::string &name) + : AppInstallHelper(name, name, false, geteuid(), TIZEN_VERSION) {} - AppInstallHelper(const std::string &name, bool isLocal = false, uid_t uid = OWNER_UID) - : AppInstallHelper(name, name, isLocal, uid, TIZEN_VERSION) + AppInstallHelper(const std::string &appName, const std::string &pkgName) + : AppInstallHelper(appName, pkgName, false, geteuid(), TIZEN_VERSION) {} - AppInstallHelper(const std::string &appName, const std::string &pkgName, bool isLocal = false) - : AppInstallHelper(appName, pkgName, isLocal, OWNER_UID, TIZEN_VERSION) + AppInstallHelper(const std::string &appName, uid_t uid) + : AppInstallHelper(appName, appName, true, uid, TIZEN_VERSION) {} - /** - * This constructor needs to be defined, because in other tests : private_sharing - * when AppInstallHelper object is initialized from : {"app_id", "pkg_id"} - * none of arguments is std::string type, but const char*, so - * implicit conversion is done and AppInstallHelper(const std::string&, int, bool) is called - */ - AppInstallHelper(const char* const appName, const char* const pkgName, bool isLocal = false) - : m_appName(appName), m_pkgName(pkgName), m_isLocal(isLocal) - { - setInstallPath(); - } - - std::string getInstallDir() const { - return m_installDir + getPkgId(); - } - - std::string getTrustedDir(int i = 0) const { - return getInstallDir() + "/trustedDir" + std::to_string(i); - } - - std::string getPrivateDir() const { - return getInstallDir() + "/app_dir/"; - } - - std::string getSharedPath(int i = 0) const { - return getPrivateDir() + "shareme" + std::to_string(i); - } - - std::string getSharedRODir() const { - return getInstallDir() + "/app_dir_rw_others_ro/"; - } - - std::string getPrivateRODir() const { - return getInstallDir() + "/app_dir_ro/"; - } - - std::string getAppId() const { - return m_appName + "_app_id"; - } - - std::string getPkgId() const { - return m_pkgName + "_pkg_id"; - } - - std::string getVersion() const { - return m_version; - } - - int getUID() const { - return m_uidGid; - } - - int getGID() const { - return m_uidGid; - } - - void createInstallDir() { - create(mkdir, getInstallDir()); - } - - void createTrustedDir(int i = 0) { - if (create(mkdir, getTrustedDir(i))) - m_dirTypeMap[SECURITY_MANAGER_PATH_TRUSTED_RW].emplace_back(getTrustedDir(i)); - } - - void createPrivateDir() { - if (create(mkdir, getPrivateDir())) - m_dirTypeMap[SECURITY_MANAGER_PATH_RW].emplace_back(getPrivateDir()); - } - - void createSharedFile(int i = 0) { - if (create(creat, getSharedPath(i))) - m_fileTypeMap[SECURITY_MANAGER_PATH_RW].emplace_back(getSharedPath(i)); - } - - void createSharedRODir() { - if (create(mkdir, getSharedRODir())) - m_dirTypeMap[SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO].emplace_back(getSharedRODir()); - } - - void createPrivateRODir() { - if (create(mkdir, getPrivateRODir())) - m_dirTypeMap[SECURITY_MANAGER_PATH_RO].emplace_back(getPrivateRODir()); - } - - void revokeRules() const { - RUNNER_ASSERT_MSG( - 0 == smack_revoke_subject(generateAppLabel().c_str()), - "Revoking smack subject failed"); - } - - std::string generateAppLabel() const { - return generateProcessLabel(getAppId(), getPkgId()); - } - - std::string generatePkgLabel() const { - return generatePathRWLabel(getPkgId()); - } - - const TypePathsMap& getDirsMap() const { - return m_dirTypeMap; - } - - const TypePathsMap& getFilesMap() const { - return m_fileTypeMap; - } - - void removePaths() { - // FIXME - remove special treatment for shared ro - for (const auto &oneTypePaths : m_dirTypeMap) - if (oneTypePaths.first != SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO) - for (const auto& path : oneTypePaths.second) - rmdir(path.c_str()); - - m_dirTypeMap.clear(); - - for (const auto &oneTypePaths : m_fileTypeMap) - if (oneTypePaths.first != SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO) - for (const auto& path : oneTypePaths.second) - unlink(path.c_str()); - - m_fileTypeMap.clear(); - - rmdir(m_installDir.c_str()); - } + // App info getters and setters + std::string getAppId() const; + std::string getPkgId() const; + std::string getVersion() const; + int getUID() const; + int getGID() const; + void setAuthor(const std::string &author); + std::string getAuthor() const; + void setInstallType(app_install_type type); + app_install_type getInstallType(); + + // Path types creation and removal on file system + void createInstallDir(); + void createTrustedDir(int i = 0); + void createPrivateDir(); + void createPublicDir(); + void createSharedFile(int i = 0); + void createSharedRODir(); + void createPrivateRODir(); + void removePaths(); + + // Path getters + std::string getInstallDir() const; + std::string getTrustedDir(int i = 0) const; + std::string getPrivateDir() const; + std::string getPrivateRODir() const; + std::string getPublicDir() const; + std::string getSharedPath(int i = 0) const; + std::string getSharedRODir() const; + const TypePathsMap& getDirsMap() const; + const TypePathsMap& getFilesMap() const; + + // Privileges + void addPrivilege(const std::string &privilege); + void addPrivileges(const std::vector &privileges); + std::vector getPrivileges() const; + + // Smack + std::string generateAppLabel() const; + std::string generatePkgLabel() const; + void revokeRules() const; virtual ~AppInstallHelper() { removePaths(); } protected: - void setInstallPath() { - if (m_isLocal) - m_installDir = TzPlatformConfig::appDirPath(getUID()); - else - m_installDir = TzPlatformConfig::globalAppDir() + "/"; - } - - bool create(std::function &&creatFun, const std::string &path) { - if (creatFun(path.c_str(), 0751) == 0) { - // Local paths need user change - if (!m_isLocal || chown(path.c_str(), m_uidGid, m_uidGid) == 0) - return true; - } - return false; - } - + void setInstallPath(); + bool create(std::function &&creatFun, const std::string &path); std::string m_appName; std::string m_pkgName; bool m_isLocal; int m_uidGid; std::string m_version; + app_install_type m_installType; std::string m_installDir; TypePathsMap m_dirTypeMap; TypePathsMap m_fileTypeMap; + std::vector m_privileges; + std::string m_author; }; diff --git a/src/security-manager-tests/common/scoped_installer.h b/src/security-manager-tests/common/scoped_installer.h index 88d79153..584cffd5 100644 --- a/src/security-manager-tests/common/scoped_installer.h +++ b/src/security-manager-tests/common/scoped_installer.h @@ -42,15 +42,20 @@ public: instReq.setAppId(m_appInstallHelper.getAppId()); instReq.setPkgId(m_appInstallHelper.getPkgId()); instReq.setUid(m_appInstallHelper.getUID()); + if (m_appInstallHelper.getInstallType() != SM_APP_INSTALL_NONE) + instReq.setInstallType(m_appInstallHelper.getInstallType()); instReq.setAppTizenVersion(m_appInstallHelper.getVersion()); - + if (!m_appInstallHelper.getAuthor().empty()) + instReq.setAuthorId(m_appInstallHelper.getAuthor()); for (const auto& typePaths : m_appInstallHelper.getDirsMap()) for (const auto& path : typePaths.second) instReq.addPath(path, typePaths.first); for (const auto& typePaths : m_appInstallHelper.getFilesMap()) for (const auto& path : typePaths.second) instReq.addPath(path, typePaths.first); - + for (const auto &priv : m_appInstallHelper.getPrivileges()) { + instReq.addPrivilege(priv.c_str()); + } SecurityManagerTest::Api::install(instReq); } diff --git a/src/security-manager-tests/test_cases_public_sharing.cpp b/src/security-manager-tests/test_cases_public_sharing.cpp index 6e48951c..3e6f4205 100644 --- a/src/security-manager-tests/test_cases_public_sharing.cpp +++ b/src/security-manager-tests/test_cases_public_sharing.cpp @@ -65,7 +65,7 @@ AppInstallHelper prepAIH(const std::string &appName, bool isSharedRO) { bool appIsLocal = true; - AppInstallHelper appInstallHelper(appName, pkgName, version, appIsLocal); + AppInstallHelper appInstallHelper(appName, pkgName, appIsLocal, OWNER_UID, version); appInstallHelper.createInstallDir();