From: Zofia Abramowska <z.abramowska@samsung.com>
Date: Tue, 8 Aug 2017 09:13:46 +0000 (+0200)
Subject: SM : Check if askuser is disabled in app policy tests
X-Git-Tag: security-manager_5.5_testing~14^2~3
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ebca0711d6dfa55d94b4d4abdd5a19213c895d3e;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

SM : Check if askuser is disabled in app policy tests

Change-Id: I2148b8eccddd561ac2514ab10348b885f2fdc48d
---

diff --git a/src/security-manager-tests/common/sm_commons.cpp b/src/security-manager-tests/common/sm_commons.cpp
index 8f4b740a..bd583a23 100644
--- a/src/security-manager-tests/common/sm_commons.cpp
+++ b/src/security-manager-tests/common/sm_commons.cpp
@@ -16,6 +16,7 @@
 
 #include <algorithm>
 #include <cstring>
+#include <fcntl.h>
 #include <ftw.h>
 #include <grp.h>
 #include <string>
@@ -457,6 +458,21 @@ void runSystemAccessTest(uid_t uid, gid_t gid, const std::string &testPath, int
         runAccessTest(label, uid, gid, testPath, accessType);
 }
 
+bool isAskuserDisabled() {
+    static bool isAskuserDisabled = false;
+    static bool isChecked = false;
+
+    if (isChecked)
+        return isAskuserDisabled;
+
+    std::string sysShare = TzPlatformConfig::getPath(TZ_SYS_SHARE);
+    std::string askDisableFile = sysShare + "/askuser_disable";
+
+    isAskuserDisabled = (access(askDisableFile.c_str(), F_OK) != -1);
+    isChecked = true;
+    return isAskuserDisabled;
+}
+
 bool isPrivilegePrivacy(const std::string &priv) {
     return (1 == privilege_info_is_privacy(priv.c_str()));
 }
diff --git a/src/security-manager-tests/common/sm_commons.h b/src/security-manager-tests/common/sm_commons.h
index 804e887c..346c1f70 100644
--- a/src/security-manager-tests/common/sm_commons.h
+++ b/src/security-manager-tests/common/sm_commons.h
@@ -78,6 +78,7 @@ void runAccessTest(const std::string &label, uid_t uid, gid_t gid,
 void runAccessTest(const AppInstallHelper &app, const std::string &testPath, int accessType);
 void runSystemAccessTest(uid_t uid, gid_t gid, const std::string &testPath, int accessType);
 
+bool isAskuserDisabled();
 bool isPrivilegePrivacy(const std::string &priv);
 int countPrivacyPrivileges(const PrivilegeVector &privs);
 int countPrivacyPrivileges(const std::vector<std::string> &privs);
diff --git a/src/security-manager-tests/common/tzplatform.cpp b/src/security-manager-tests/common/tzplatform.cpp
index 522f74eb..3d3dce7f 100644
--- a/src/security-manager-tests/common/tzplatform.cpp
+++ b/src/security-manager-tests/common/tzplatform.cpp
@@ -16,7 +16,6 @@
 
 #include <pwd.h>
 #include <sys/types.h>
-#include <tzplatform_config.h>
 
 #include <dpl/test/test_runner.h>
 #include <memory.h>
@@ -79,5 +78,17 @@ const std::string globalAppDir()
     return appDir;
 }
 
+const std::string getPath(enum tzplatform_variable id) {
+    struct tzplatform_context *tzCtxPtr = nullptr;
+
+    RUNNER_ASSERT_MSG(0 == tzplatform_context_create(&tzCtxPtr), "Couldn't create tzplatform context");
+    TzPlatformContextPtr tzCtxPtrSmart(tzCtxPtr);
+
+    const char *path = tzplatform_context_getenv(tzCtxPtr, id);
+    RUNNER_ASSERT_MSG(nullptr != path,
+                          "tzplatform_context_getenv failed for getting " << static_cast<int>(id));
+    return path;
+}
+
 }
 
diff --git a/src/security-manager-tests/common/tzplatform.h b/src/security-manager-tests/common/tzplatform.h
index 443fae36..fff4f5e4 100644
--- a/src/security-manager-tests/common/tzplatform.h
+++ b/src/security-manager-tests/common/tzplatform.h
@@ -18,10 +18,14 @@
 
 #include <string>
 
+#include <tzplatform_config.h>
+
 #include <temp_test_user.h>
 
 namespace TzPlatformConfig {
 
+const std::string getPath(enum tzplatform_variable id);
+
 uid_t getGlobalUserId(void);
 
 uid_t getGlobalGroupId(void);
diff --git a/src/security-manager-tests/test_cases_app_policy.cpp b/src/security-manager-tests/test_cases_app_policy.cpp
index 0ead2538..afd9a09f 100644
--- a/src/security-manager-tests/test_cases_app_policy.cpp
+++ b/src/security-manager-tests/test_cases_app_policy.cpp
@@ -45,7 +45,9 @@ RUNNER_CHILD_TEST(security_manager_ap1_app_policy_fetch_for_self) {
 
     unsigned expectedPolicyCount = countPrivacyPrivileges(app.getPrivileges());
 
-    RUNNER_ASSERT_MSG(expectedPolicyCount > 0, "Application won't be installed with any privacy privileges, fix test");
+    // If askuser is disabled there will be no privacy policy to expect
+    RUNNER_ASSERT_MSG(isAskuserDisabled() || expectedPolicyCount > 0,
+            "Application won't be installed with any privacy privileges, fix test");
 
     ScopedInstaller appInstall(app);
 
@@ -65,6 +67,10 @@ RUNNER_CHILD_TEST(security_manager_ap1_app_policy_fetch_for_self) {
 
             std::vector<PolicyEntry> policyEntries;
             Api::getPolicyForSelf(filter, policyEntries);
+            if (isAskuserDisabled()) {
+                //further checks do not make sense, but we've checked if app has permission to perform policy fetch
+                continue;
+            }
 
             RUNNER_ASSERT_MSG(policyEntries.size() != 0, "Policy is empty");
             RUNNER_ASSERT_MSG(policyEntries.size() == 1,