From: Lukasz Pawelczyk Date: Tue, 27 Dec 2016 12:01:29 +0000 (+0900) Subject: SM: TestSecurityManagerDatabase class removed X-Git-Tag: security-manager_5.5_testing~20^2~8 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=fffe411306ea4dfd29c53bfe1c6a566d9cc959de;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git SM: TestSecurityManagerDatabase class removed - most checks implemented using security_manager_get_app_pkgid() - checks whether package has been removed after app uninstall removed - privileges test in security_manager_02_app_install_uninstall_full implemented using policy privileges (no need to inject priv:group) - get_author_id() function has no counterpart currently - some changes in the PolicyConfiguration class to add functionality required by the tests now Change-Id: I6c5d4b308ad43bac71794b3a082c75ee76dbee13 --- diff --git a/src/security-manager-tests/CMakeLists.txt b/src/security-manager-tests/CMakeLists.txt index 46d9558..fad06f1 100644 --- a/src/security-manager-tests/CMakeLists.txt +++ b/src/security-manager-tests/CMakeLists.txt @@ -56,7 +56,6 @@ SET(SEC_MGR_SOURCES ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/policy_configuration.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_api.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_commons.cpp - ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_db.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_label_monitor.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_request.cpp ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_sharing_request.cpp diff --git a/src/security-manager-tests/common/policy_configuration.cpp b/src/security-manager-tests/common/policy_configuration.cpp index be7636d..1259b36 100644 --- a/src/security-manager-tests/common/policy_configuration.cpp +++ b/src/security-manager-tests/common/policy_configuration.cpp @@ -102,6 +102,13 @@ PolicyConfiguration::GidVector PolicyConfiguration::groupToGid(const PolicyConfi return result; } +PolicyConfiguration::PrivGroupMap PolicyConfiguration::getPrivGroupMap() +{ + if (m_privGroupMap.empty()) + loadPrivGroupMap(); + return m_privGroupMap; +} + bool PolicyConfiguration::getIsAskuserEnabled() { #ifdef ASKUSER_ENABLED return true; diff --git a/src/security-manager-tests/common/policy_configuration.h b/src/security-manager-tests/common/policy_configuration.h index 6062e73..d7bc1c1 100644 --- a/src/security-manager-tests/common/policy_configuration.h +++ b/src/security-manager-tests/common/policy_configuration.h @@ -31,6 +31,7 @@ public: typedef std::vector GidVector; typedef std::vector GroupVector; typedef std::vector PrivVector; + typedef std::map PrivGroupMap; struct UserDescription { PrivVector privVector; @@ -48,6 +49,8 @@ public: GroupVector getGroup(); UserDescription& getUserDescription(UserType userType); gid_t groupToGid(const std::string &gname); + PrivGroupMap getPrivGroupMap(); + GroupVector privToGroup(const PrivVector &privVector); static bool getIsAskuserEnabled(); @@ -55,10 +58,9 @@ private: GidVector groupToGid(const GroupVector &groupVector); UserDescription loadUserDescription(UserType userType); PrivVector loadPrivFile(const std::string &path); - GroupVector privToGroup(const PrivVector &privVector); void loadPrivGroupMap(void); - std::map m_privGroupMap; + PrivGroupMap m_privGroupMap; std::map m_groupGidMap; std::map m_userDescriptionMap; }; diff --git a/src/security-manager-tests/common/scoped_installer.h b/src/security-manager-tests/common/scoped_installer.h index 7f965f0..639aa11 100644 --- a/src/security-manager-tests/common/scoped_installer.h +++ b/src/security-manager-tests/common/scoped_installer.h @@ -27,7 +27,6 @@ #include #include -#include #include #include #include diff --git a/src/security-manager-tests/common/sm_commons.cpp b/src/security-manager-tests/common/sm_commons.cpp index 5eb69fa..5010227 100644 --- a/src/security-manager-tests/common/sm_commons.cpp +++ b/src/security-manager-tests/common/sm_commons.cpp @@ -30,6 +30,7 @@ #include #include +#include #include #include @@ -37,18 +38,14 @@ #include #include #include -#include #include #include #include +#include #include "tzplatform.h" using namespace SecurityManagerTest; -// Common const values - -const std::vector SM_ALLOWED_GROUPS = {"db_browser", "db_alarm"}; - // Common implementation details std::string generateProcessLabel(const std::string &appId, const std::string &pkgId, bool isHybrid) @@ -216,10 +213,27 @@ void sm_app_has_privileges(const AppInstallHelper &app, } } +static void check_app(const std::string &appId, const std::string &pkgId, bool shouldBeInstalled) +{ + char *retPkgId; + int ret = security_manager_get_app_pkgid(&retPkgId, appId.c_str()); + + if (shouldBeInstalled) { + RUNNER_ASSERT_MSG(ret == SECURITY_MANAGER_SUCCESS, "The given appId is not installed."); + + if (ret == SECURITY_MANAGER_SUCCESS) { + CStringPtr retPkgIdPtr(retPkgId); + RUNNER_ASSERT_MSG(strcmp(pkgId.c_str(), retPkgId) == 0, + "The given appId does not belong to the given pkgId."); + } + } else { + RUNNER_ASSERT_MSG(ret == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT, "The given appId is installed."); + } +} + void check_app_after_install(const std::string &app_id, const std::string &pkg_id) { - TestSecurityManagerDatabase dbtest; - dbtest.test_db_after__app_install(app_id, pkg_id); + check_app(app_id, pkg_id, true); } static void check_app_gids(const std::string &app_id, const std::vector &allowed_gids) @@ -255,23 +269,19 @@ static const char *const ANY_USER_REPRESENTATION = "anyuser";/*this may be actua void check_app_after_install(const std::string &app_id, const std::string &pkg_id, const privileges_t &allowed_privs, const privileges_t &denied_privs, - const std::vector &allowed_groups, bool isHybrid) { - TestSecurityManagerDatabase dbtest; - dbtest.test_db_after__app_install(app_id, pkg_id); + check_app(app_id, pkg_id, true); - /*Privileges should be granted to all users if root installs app*/ + /* Privileges should be granted to all users if root installs app */ check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, allowed_privs, denied_privs, isHybrid); - /* Setup mapping of gids to privileges */ - /* Do this for each privilege for extra check */ - for (const auto &privilege : allowed_privs) { - dbtest.setup_privilege_groups(privilege, allowed_groups); - } + PolicyConfiguration policy; + const PolicyConfiguration::GroupVector allowed_groups = policy.privToGroup(allowed_privs); + RUNNER_ASSERT_MSG(allowed_groups.size() == allowed_privs.size(), + "Some privileges given were not found in the policy"); std::vector allowed_gids; - for (const auto &groupName : allowed_groups) { errno = 0; struct group* grp = getgrnam(groupName.c_str()); @@ -292,29 +302,24 @@ void check_path(const std::string &path, const std::string &label, bool transmut RUNNER_ASSERT_MSG(result == 0, "Unable to check Smack labels for " << path); } -void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id, - const bool is_pkg_removed) +void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id) { - TestSecurityManagerDatabase dbtest; - dbtest.test_db_after__app_uninstall(app_id, pkg_id, is_pkg_removed); + check_app(app_id, pkg_id, false); } void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id, - const privileges_t &privileges, const bool is_pkg_removed, - bool isHybrid) + const privileges_t &privileges, bool isHybrid) { - TestSecurityManagerDatabase dbtest; - dbtest.test_db_after__app_uninstall(app_id, pkg_id, is_pkg_removed); - + check_app(app_id, pkg_id, false); - /*Privileges should not be granted anymore to any user*/ + /* Privileges should not be granted anymore to any user */ check_app_permissions(app_id, pkg_id, ANY_USER_REPRESENTATION, {}, privileges, isHybrid); } std::string access_opposite(std::string &access) { static const std::map access_mapping = {{'r', 0}, {'w', 1}, {'x', 2}, {'a', 3}, {'t', 4}, {'l', 5}}; - //May write implies may lock + // May write implies may lock if (access.find('w') != std::string::npos && access.find('l') == std::string::npos) { access.append("l"); } diff --git a/src/security-manager-tests/common/sm_commons.h b/src/security-manager-tests/common/sm_commons.h index fd42680..70cfb8b 100644 --- a/src/security-manager-tests/common/sm_commons.h +++ b/src/security-manager-tests/common/sm_commons.h @@ -28,7 +28,6 @@ #include #include -#include #include #include @@ -36,8 +35,6 @@ DEFINE_SMARTPTR(cap_free, _cap_struct, CapsSetsUniquePtr); const int FTW_MAX_FDS = 16; -extern const std::vector SM_ALLOWED_GROUPS; - std::string generateProcessLabel(const std::string &appId, const std::string &pkgId, bool isHybrid = false); std::string generatePathRWLabel(const std::string &pkgId); std::string generatePathROLabel(const std::string &pkgId); @@ -45,6 +42,8 @@ std::string generatePathSharedROLabel(const std::string &pkgId); std::string generatePathTrustedLabel(int64_t authorId); std::string getPublicPathLabel(); +typedef std::vector privileges_t; + int nftw_remove_labels(const char *fpath, const struct stat* /*sb*/, int /*typeflag*/, struct FTW* /*ftwbuf*/); void check_app_permissions(const std::string &app_id, const std::string &pkg_id, @@ -57,15 +56,12 @@ void check_app_after_install(const std::string &app_id, const std::string &pkg_i void check_app_after_install(const std::string &app_id, const std::string &pkg_id, const privileges_t &allowed_privs, const privileges_t &denied_privs, - const std::vector &allowed_groups, bool isHybrid = false); void check_path(const std::string &path, const std::string &label, bool transmute = true, bool execute = false); +void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id); void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id, - const bool is_pkg_removed); -void check_app_after_uninstall(const std::string &app_id, const std::string &pkg_id, - const privileges_t &privileges, const bool is_pkg_removed, - bool isHybrid = false); + const privileges_t &privileges, bool isHybrid = false); std::string access_opposite(std::string &access); void check_exact_smack_accesses(const std::string &subject, diff --git a/src/security-manager-tests/common/sm_db.cpp b/src/security-manager-tests/common/sm_db.cpp deleted file mode 100644 index a31cf2f..0000000 --- a/src/security-manager-tests/common/sm_db.cpp +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Copyright (c) 2014-2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. -*/ - -/* - * @file sm_db.cpp - * @author Marcin Lis (m.lis@samsung.com) - * @version 1.0 - * @brief security-manager tests database record check functions - */ - -#include -#include -#include -#include "sm_db.h" -#include "db_sqlite.h" - -/* Keep this consistent with the database file path used in the security-manager */ -const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db"); - -/* Initialize static constants */ -const bool TestSecurityManagerDatabase::NOT_REMOVED = false; -const bool TestSecurityManagerDatabase::REMOVED = true; - -TestSecurityManagerDatabase::TestSecurityManagerDatabase() : m_base(PRIVILEGE_DB_PATH, SQLITE_OPEN_READWRITE) -{ -} - -void TestSecurityManagerDatabase::test_db_after__app_install(const std::string &app_name, - const std::string &pkg_name) -{ - if (!m_base.is_open()) - m_base.open(); - - RUNNER_ASSERT_MSG(!app_name.empty(), "Request is corrupted, appId is empty"); - RUNNER_ASSERT_MSG(!pkg_name.empty(), "Request is corrupted, pkgId is empty"); - - check_app_and_pkg(app_name, pkg_name, NOT_REMOVED); -} - -void TestSecurityManagerDatabase::test_db_after__app_uninstall(const std::string &app_name, - const std::string &pkg_name, - const bool is_pkg_removed) -{ - if (!m_base.is_open()) - m_base.open(); - - RUNNER_ASSERT_MSG(!app_name.empty(), "Request is corrupted, appId is empty"); - RUNNER_ASSERT_MSG(!pkg_name.empty(), "Request is corrupted, pkgId is empty"); - - check_app_and_pkg(app_name, pkg_name, REMOVED); - check_pkg(pkg_name, is_pkg_removed); -} - -void TestSecurityManagerDatabase::check_app_and_pkg(const std::string &app_name, const std::string &pkg_name, - const bool is_app_removed) -{ - Sqlite3DBaseSelectResult result; - std::ostringstream sql; - sql << "SELECT app_name, pkg_name FROM user_app_pkg_view" - " WHERE app_name == '" << app_name << "' " - " AND pkg_name == '" << pkg_name << "' ;"; - m_base.execute(sql.str(), result); - - if (is_app_removed) /* expect 0 results */ - RUNNER_ASSERT_MSG(result.rows.size() == 0, "query : <" << sql.str() << - "> returned [" << result.rows.size() << "] rows, expected [0]"); - else /* expect exactly 1 result with 2 columns */ - RUNNER_ASSERT_MSG(result.rows.size() == 1 && result.rows[0].size() == 2, "query : <" << - sql.str() << "> returned [" << result.rows.size() << "] rows, expected [1]"); -} - -void TestSecurityManagerDatabase::check_pkg(const std::string &pkg_name, - const bool is_pkg_removed) -{ - const unsigned expected_rows = is_pkg_removed ? 0 : 1; - Sqlite3DBaseSelectResult result; - std::ostringstream sql; - sql << "SELECT pkg_id FROM pkg" - " WHERE name == '" << pkg_name << "' ;"; - m_base.execute(sql.str(), result); - - RUNNER_ASSERT_MSG(result.rows.size() == expected_rows, "query : <" << - sql.str() << "> returned [" << result.rows.size() << "] rows, expected [" << - expected_rows << "] rows"); -} - -void TestSecurityManagerDatabase::setup_privilege_groups(const std::string &privilege, - const std::vector &groups) -{ - Sqlite3DBaseSelectResult result; - std::ostringstream sql; - - if (!m_base.is_open()) - m_base.open(); - - for (const auto &group : groups) { - sql.clear(); - sql.str(""); - sql << "INSERT OR IGNORE INTO privilege_group (privilege_name, group_name) " - "VALUES (" - << "'" << privilege << "'" << "," - << "'" << group << "'" << ")"; - m_base.execute(sql.str(), result); - } -} - -int64_t TestSecurityManagerDatabase::get_author_id(const std::string &authorName) -{ - Sqlite3DBaseSelectResult result; - std::ostringstream sql; - - if (!m_base.is_open()) - m_base.open(); - - sql.clear(); - sql.str("SELECT author_id FROM author where name=\"" + authorName + "\""); - m_base.execute(sql.str(), result); - - if(result.rows.empty()) - return 0; - - std::istringstream os(result.rows[0][0]); - int64_t id; - os >> id; - return id; -} - -std::string TestSecurityManagerDatabase::get_path_label(const std::string &path) -{ - Sqlite3DBaseSelectResult result; - std::ostringstream sql; - if (!m_base.is_open()) - m_base.open(); - sql.clear(); - sql.str("SELECT path_label FROM shared_path WHERE path=\"" + path + "\""); - m_base.execute(sql.str(), result); - - if(result.rows.empty()) - return ""; - - return result.rows[0][0]; -} diff --git a/src/security-manager-tests/common/sm_db.h b/src/security-manager-tests/common/sm_db.h deleted file mode 100644 index 1536a57..0000000 --- a/src/security-manager-tests/common/sm_db.h +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Copyright (c) 2014-2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. -*/ - -/* - * @file sm_db.h - * @author Marcin Lis (m.lis@samsung.com) - * @version 1.0 - * @brief security-manager tests database record check functions - */ - -#ifndef SECURITY_MANAGER_TEST_DB_H_ -#define SECURITY_MANAGER_TEST_DB_H_ - -#include -#include "db_sqlite.h" - -typedef std::vector privileges_t; - -/** - * @class TestSecurityManagerDatabase - * @brief Class containing methods for testing libprivlege database. - */ -class TestSecurityManagerDatabase -{ -public: -/** - * @brief A usefull constant to indicate that app/pkg should be present in db - */ - const static bool NOT_REMOVED; -/** - * @brief A usefull constant to indicate that app/pkg should not be present in db - */ - const static bool REMOVED; -/** - * @brief A constructor - */ - TestSecurityManagerDatabase(); - -/** - * @brief A destructor - */ - ~TestSecurityManagerDatabase() = default; - -/** - * @brief Method for testing database after "security_manager_app_install" was run. - * - * It checks existence of proper: - app_name - * - pkg_name - * - * @param app_name name of the app previously used in security_manager_app_install. - * @param pkg_name name of the pkg previously used in security_manager_app_install. - */ - void test_db_after__app_install(const std::string &app_name, const std::string &pkg_name); - -/** - * @brief Method for testing database after "security_manager_app_uninstall" was run. - * - * It checks absence of proper: - app_name - * - optionally pkg_name - * - * @param app_name name of the app previously used in security_manager_app_uninstall. - * @param pkg_name name of the pkg previously used in security_manager_app_uninstall. - * @param is_pkg_removed tells if pkg_id is expected to remain in db or not. - */ - void test_db_after__app_uninstall(const std::string &app_name, const std::string &pkg_name, - const bool is_pkg_removed); - -/** - * @brief Method for setting privilege to groups mapping in security-manager database - * - * @param privilege name of the privilege - * @param groups vector of group names - */ - void setup_privilege_groups(const std::string &privilege, - const std::vector &groups); - -/** - * @brief Method for getting author id from database. - */ - int64_t get_author_id(const std::string &authorName); -/** - * @brief Method for path label from database. - */ - std::string get_path_label(const std::string &path); -private: -/** - * @var base - * @brief Sqlite3DBase object giving simple access to database - * - * Connection to database is open first time it is needed - * and closed in destructor of TestSecurityManagerDatabase. - */ - Sqlite3DBase m_base; - -/** - * @brief Check db for [non]existence of given app_name in pkg_name - * - * @param app_name name of application - * @param pkg_name name of package - * @param is_app_removed tells if app is expected in db - */ - void check_app_and_pkg(const std::string &app_name, const std::string &pkg_name, - const bool is_app_removed); - -/** - * @brief Check db for [non]existence of given pkg_name - * - * @param pkg_name name of the package - * @param is_pkg_removed tells if pkg is expected in db - */ - void check_pkg(const std::string &pkg_name, - const bool is_pkg_removed); -}; - -#endif /* SECURITY_MANAGER_TEST_DB_H_ */ diff --git a/src/security-manager-tests/test_cases.cpp b/src/security-manager-tests/test_cases.cpp index 6daea32..2c2f979 100644 --- a/src/security-manager-tests/test_cases.cpp +++ b/src/security-manager-tests/test_cases.cpp @@ -64,15 +64,12 @@ RUNNER_TEST(security_manager_01a_app_double_install_double_uninstall) AppInstallHelper app("sm_test_01a_app"); { ScopedInstaller appInstall(app); - // FIXME - whitebox - db check_app_after_install(app.getAppId(), app.getPkgId()); { ScopedInstaller appInstall2(app); - // FIXME - whitebox - db check_app_after_install(app.getAppId(), app.getPkgId()); } - // FIXME - whitebox - db - check_app_after_uninstall(app.getAppId(), app.getPkgId(), TestSecurityManagerDatabase::REMOVED); + check_app_after_uninstall(app.getAppId(), app.getPkgId()); } } @@ -88,11 +85,9 @@ RUNNER_TEST(security_manager_01b_app_double_install_wrong_pkg_id) Api::install(requestInst2, SECURITY_MANAGER_ERROR_INPUT_PARAM); - // FIXME - whitebox - db check_app_after_install(app.getAppId(), app.getPkgId()); } - // FIXME - whitebox - db - check_app_after_uninstall(app.getAppId(), app.getPkgId(), TestSecurityManagerDatabase::REMOVED); + check_app_after_uninstall(app.getAppId(), app.getPkgId()); } RUNNER_TEST(security_manager_01c_app_uninstall_pkg_id_ignored) @@ -100,7 +95,6 @@ RUNNER_TEST(security_manager_01c_app_uninstall_pkg_id_ignored) AppInstallHelper app("sm_test_01c"); ScopedInstaller appInstall(app); - // FIXME - whitebox - db check_app_after_install(app.getAppId(), app.getPkgId()); InstallRequest requestUninst; @@ -109,8 +103,7 @@ RUNNER_TEST(security_manager_01c_app_uninstall_pkg_id_ignored) Api::uninstall(requestUninst); - // FIXME - whitebox - db - check_app_after_uninstall(app.getAppId(), app.getPkgId(), TestSecurityManagerDatabase::REMOVED); + check_app_after_uninstall(app.getAppId(), app.getPkgId()); // ScopedInstaller destructor (app second uninstallation) won't have any effect } @@ -153,15 +146,24 @@ RUNNER_TEST(security_manager_01d_app_install_complicated_dir_tree) RUNNER_TEST(security_manager_02_app_install_uninstall_full) { - const privileges_t allowedPrivs = { - "http://tizen.org/privilege/display", - "http://tizen.org/privilege/nfc" - }; - - const privileges_t someDeniedPrivs = { - "http://tizen.org/privilege/bluetooth", - "http://tizen.org/privilege/power" - }; + PolicyConfiguration policy; + PolicyConfiguration::PrivGroupMap privGroupMap = policy.getPrivGroupMap(); + + RUNNER_ASSERT_MSG(privGroupMap.size() >= 4, "Failed to get policy of a suitable size"); + + privileges_t allowedPrivs; + privileges_t someDeniedPrivs; + + int counter = 0; + for (auto const &it: privGroupMap) { + if (counter < 2) + allowedPrivs.push_back(it.first); + else if (counter < 4) + someDeniedPrivs.push_back(it.first); + else + break; + ++counter; + } AppInstallHelper app("sm_test_02"); app.createPrivateDir(); @@ -172,9 +174,8 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full) { ScopedInstaller appInstall(app); - // FIXME - whitebox - db, groups check_app_after_install(app.getAppId(), app.getPkgId(), - app.getPrivileges(), someDeniedPrivs, SM_ALLOWED_GROUPS); + app.getPrivileges(), someDeniedPrivs); check_path(app.getPrivateDir(), generatePathRWLabel(app.getPkgId())); check_path(app.getPrivateRODir(), generatePathROLabel(app.getPkgId()), false); @@ -182,9 +183,7 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full) check_path(app.getSharedRODir(), generatePathSharedROLabel(app.getPkgId())); } - // FIXME - whitebox - db - check_app_after_uninstall(app.getAppId(), app.getPkgId(), - app.getPrivileges(), TestSecurityManagerDatabase::REMOVED); + check_app_after_uninstall(app.getAppId(), app.getPkgId(), app.getPrivileges()); } RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_appid) @@ -365,6 +364,7 @@ RUNNER_TEST(security_manager_07a_user_add_app_install) check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(), {}, merge(allowedPrivs, someDeniedPrivs)); + // TODO - check if app is uninstalled } @@ -381,13 +381,11 @@ RUNNER_TEST(security_manager_07b_user_add_offline) AppInstallHelper app("sm_test_07b", testUser.getUid()); ScopedInstaller appInstall(app); - // FIXME - whitebox - db + serviceManager.startService(); check_app_after_install(app.getAppId(), app.getPkgId()); - serviceManager.startService(); testUser.remove(); - // FIXME - whitebox - db - check_app_after_uninstall(app.getAppId(), app.getPkgId(), true); + check_app_after_uninstall(app.getAppId(), app.getPkgId()); } RUNNER_TEST(security_manager_08_user_double_add_double_remove) @@ -409,15 +407,13 @@ RUNNER_TEST(security_manager_08_user_double_add_double_remove) AppInstallHelper app("sm_test_08", testUser.getUid()); ScopedInstaller appInstall(app); - // FIXME - whitebox - db check_app_after_install(app.getAppId(), app.getPkgId()); check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(), {}, somePrivs); // gumd testUser.remove(); - // FIXME - whitebox - db - check_app_after_uninstall(app.getAppId(), app.getPkgId(), true); + check_app_after_uninstall(app.getAppId(), app.getPkgId()); check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(), {}, somePrivs); // security-manager @@ -716,12 +712,11 @@ RUNNER_TEST(security_manager_25a_global_user_set_install_type_global) { ScopedInstaller appInstall(app); - // FIXME - whitebox - db check_app_after_install(app.getAppId(), app.getPkgId()); } // Check records in the security-manager database - check_app_after_uninstall(app.getAppId(), app.getPkgId(), TestSecurityManagerDatabase::REMOVED); + check_app_after_uninstall(app.getAppId(), app.getPkgId()); } RUNNER_TEST(security_manager_25b_global_user_set_install_type_local) @@ -742,11 +737,9 @@ RUNNER_TEST(security_manager_25c_global_user_set_install_type_preloaded) app.setInstallType(SM_APP_INSTALL_PRELOADED); { ScopedInstaller appInstall(app); - // FIXME - whitebox - db check_app_after_install(app.getAppId(), app.getPkgId()); } - // FIXME - whitebox - db - check_app_after_uninstall(app.getAppId(), app.getPkgId(), TestSecurityManagerDatabase::REMOVED); + check_app_after_uninstall(app.getAppId(), app.getPkgId()); } RUNNER_TEST(security_manager_25d_local_user_set_install_type_invalid) diff --git a/src/security-manager-tests/test_cases_register_paths.cpp b/src/security-manager-tests/test_cases_register_paths.cpp index 77e4052..9a12555 100644 --- a/src/security-manager-tests/test_cases_register_paths.cpp +++ b/src/security-manager-tests/test_cases_register_paths.cpp @@ -379,8 +379,6 @@ RUNNER_TEST(security_manager_70_path_req_trusted_rw_positive) Api::registerPaths(preq); - // check labels - TestSecurityManagerDatabase dbtest; - int64_t authorDb = dbtest.get_author_id(app.getAuthor()); - check_path(app.getTrustedDir(), generatePathTrustedLabel(authorDb)); + // TODO: check labels, e.g. install second label with same author and compare them + //check_path(app.getTrustedDir(), generatePathTrustedLabel(authorDb)); } diff --git a/src/security-manager-tests/test_cases_trusted_sharing.cpp b/src/security-manager-tests/test_cases_trusted_sharing.cpp index 0060fa2..76cb0f5 100644 --- a/src/security-manager-tests/test_cases_trusted_sharing.cpp +++ b/src/security-manager-tests/test_cases_trusted_sharing.cpp @@ -29,7 +29,6 @@ #include #include #include -#include #include #include #include