From: Marcin Niesluchowski Date: Thu, 17 Jul 2014 13:48:23 +0000 (+0200) Subject: Add single wildcard policies cynara test X-Git-Tag: security-manager_5.5_testing~220 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ebad4aac8e06f1185a18df69a799e6230c9c983b;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Add single wildcard policies cynara test Change-Id: If3dc244bcc93b6d02c981fcb3f9cd5cbc7004705 --- diff --git a/tests/cynara-tests/test_cases.cpp b/tests/cynara-tests/test_cases.cpp index 5e2e0847..59191a23 100644 --- a/tests/cynara-tests/test_cases.cpp +++ b/tests/cynara-tests/test_cases.cpp @@ -288,3 +288,96 @@ RUNNER_TEST(tc08_admin_set_policies_allow_remove3) cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED); cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED); } + +void checkAllDeny(const std::vector< std::vector > &data, + const char *session) +{ + CynaraTestClient cynara; + + for (auto it = data.begin(); it != data.end(); ++it) { + RUNNER_ASSERT_MSG_BT(it->size() == 3, "Wrong test data size"); + } + + for (auto itClient = data.begin(); itClient != data.end(); ++itClient) { + for (auto itUser = data.begin(); itUser != data.end(); ++itUser) { + for (auto itPrivilege = data.begin(); itPrivilege != data.end(); ++itPrivilege) { + cynara.check(itClient->at(0), session, itUser->at(1), itPrivilege->at(2), CYNARA_API_ACCESS_DENIED); + } + } + } +} + +void checkSingleWildcardData(const std::vector< std::vector > &data) +{ + RUNNER_ASSERT_MSG_BT(data.size() == 3, "Wrong test data size"); + for (auto it = data.begin(); it != data.end(); ++it) { + RUNNER_ASSERT_MSG_BT(it->size() == 3, "Wrong test data size"); + } +} + +void checkSingleWildcardAllowRestDeny(const std::vector< std::vector > &data, + const char *session) +{ + CynaraTestClient cynara; + + checkSingleWildcardData(data); + + for (size_t c = 0; c < data.size(); ++c) { + for (size_t u = 0; u < data.size(); ++u) { + for (size_t p = 0; p < data.size(); ++p) { + if ((u == 0 && p == 0) + || (c == 1 && p == 1) + || (c == 2 && u == 2)) { + cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_SUCCESS); + } else { + cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_ACCESS_DENIED); + } + } + } + } +} + +void setSingleWildcardPolicies(const char *bucket, + const std::vector< std::vector > &data, + const int result, const char* resultExtra) +{ + CynaraTestAdmin admin; + CynaraPoliciesContainer cp; + + checkSingleWildcardData(data); + + cp.add(bucket, + CYNARA_ADMIN_WILDCARD, data[0][1], data[0][2], + result, resultExtra); + cp.add(bucket, + data[1][0], CYNARA_ADMIN_WILDCARD, data[1][2], + result, resultExtra); + cp.add(bucket, + data[2][0], data[2][1], CYNARA_ADMIN_WILDCARD, + result, resultExtra); + + admin.setPolicies(cp); +} + +RUNNER_TEST(tc09_admin_set_policies_wildcard_accesses) +{ + const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET; + const char *session = "session09"; + const char *resultExtra = nullptr; + + const std::vector< std::vector > data = { + { "client09_a", "user09_a", "privilege09_a" }, + { "client09_b", "user09_b", "privilege09_b" }, + { "client09_c", "user09_c", "privilege09_c" } + }; + + checkAllDeny(data, session); + + setSingleWildcardPolicies(bucket, data, CYNARA_ADMIN_ALLOW, resultExtra); + + checkSingleWildcardAllowRestDeny(data, session); + + setSingleWildcardPolicies(bucket, data, CYNARA_ADMIN_DELETE, resultExtra); + + checkAllDeny(data, session); +}