From: Marcin Niesluchowski Date: Wed, 14 May 2014 09:36:18 +0000 (+0200) Subject: Add tests for security_server_app_has_privilege function. X-Git-Tag: security-manager_5.5_testing~247 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F13%2F21013%2F4;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Add tests for security_server_app_has_privilege function. security_server_app_has_privilege function has been restored and changed in security-server repository. See: -> 'Bring back part of app-permissions service' -> 'Adjust security_server_app_has_privilege to Tizen 3.0 model.' Verification: -> security-tests.sh ss-privilege --output=text --runignored (test should pass) Change-Id: I505c0d49f2bcbc739f63f5828edd81feb168cca3 --- diff --git a/packaging/security-tests.manifest b/packaging/security-tests.manifest index 23852f5..19720dd 100644 --- a/packaging/security-tests.manifest +++ b/packaging/security-tests.manifest @@ -12,6 +12,7 @@ + diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec index 113f1fe..70d3aef 100644 --- a/packaging/security-tests.spec +++ b/packaging/security-tests.spec @@ -73,6 +73,7 @@ osp-installer -u uqNfgEjqc7 /usr/bin/security-server-tests-client-smack /usr/bin/security-server-tests-server /usr/bin/security-server-tests-password +/usr/bin/security-server-tests-privilege /usr/bin/security-server-tests-stress /usr/bin/security-server-tests-dbus /etc/smack/test_smack_rules_full diff --git a/tests/security-server-tests/CMakeLists.txt b/tests/security-server-tests/CMakeLists.txt index 8bb9754..b22e3ca 100644 --- a/tests/security-server-tests/CMakeLists.txt +++ b/tests/security-server-tests/CMakeLists.txt @@ -38,6 +38,7 @@ SET(TARGET_SEC_SRV_COMMON "security-server-tests-common") SET(TARGET_SEC_SRV_CLIENT_SMACK_TESTS "security-server-tests-client-smack") SET(TARGET_SEC_SRV_TC_SERVER_TESTS "security-server-tests-server") SET(TARGET_SEC_SRV_PWD_TESTS "security-server-tests-password") +SET(TARGET_SEC_SRV_PRIVILEGE_TESTS "security-server-tests-privilege") SET(TARGET_SEC_SRV_STRESS_TESTS "security-server-tests-stress") SET(TARGET_SEC_SRV_MT_TESTS "security-server-tests-mt") SET(TARGET_SEC_SRV_DBUS_TESTS "security-server-tests-dbus") @@ -67,6 +68,11 @@ SET(SEC_SRV_PWD_SOURCES ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_clean_env.cpp ) +SET(SEC_SRV_PRIVILEGE_SOURCES + ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_privilege.cpp + ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp + ) + SET(SEC_SRV_STRESS_SOURCES ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_stress.cpp ) @@ -91,6 +97,7 @@ INCLUDE_DIRECTORIES(SYSTEM INCLUDE_DIRECTORIES( ${PROJECT_SOURCE_DIR}/tests/common/ ${PROJECT_SOURCE_DIR}/tests/security-server-tests/common/ + ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/ ) ADD_DEFINITIONS("-I/usr/include/dbus-1.0/dbus") @@ -101,6 +108,7 @@ ADD_LIBRARY(${TARGET_SEC_SRV_COMMON} STATIC ${SEC_SRV_COMMON_SOURCES}) ADD_EXECUTABLE(${TARGET_SEC_SRV_CLIENT_SMACK_TESTS} ${SEC_SRV_CLIENT_SMACK_SOURCES}) ADD_EXECUTABLE(${TARGET_SEC_SRV_TC_SERVER_TESTS} ${SEC_SRV_TC_SERVER_SOURCES}) ADD_EXECUTABLE(${TARGET_SEC_SRV_PWD_TESTS} ${SEC_SRV_PWD_SOURCES}) +ADD_EXECUTABLE(${TARGET_SEC_SRV_PRIVILEGE_TESTS} ${SEC_SRV_PRIVILEGE_SOURCES}) ADD_EXECUTABLE(${TARGET_SEC_SRV_STRESS_TESTS} ${SEC_SRV_STRESS_SOURCES}) ADD_EXECUTABLE(${TARGET_SEC_SRV_MT_TESTS} ${SEC_SRV_MT_SOURCES}) ADD_EXECUTABLE(${TARGET_SEC_SRV_DBUS_TESTS} ${SEC_SRV_DBUS_SOURCES}) @@ -121,6 +129,10 @@ TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_PWD_TESTS} ${SEC_SRV_TESTS_DEP_LIBRARIES} tests-common) +TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_PRIVILEGE_TESTS} + ${SEC_SRV_TESTS_DEP_LIBRARIES} + tests-common) + TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_STRESS_TESTS} ${SEC_SRV_TESTS_DEP_LIBRARIES} tests-common) @@ -143,7 +155,18 @@ TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_MEASURER} INSTALL(TARGETS ${TARGET_SEC_SRV_CLIENT_SMACK_TESTS} DESTINATION /usr/bin) INSTALL(TARGETS ${TARGET_SEC_SRV_TC_SERVER_TESTS} DESTINATION /usr/bin) INSTALL(TARGETS ${TARGET_SEC_SRV_PWD_TESTS} DESTINATION /usr/bin) +INSTALL(TARGETS ${TARGET_SEC_SRV_PRIVILEGE_TESTS} DESTINATION /usr/bin) INSTALL(TARGETS ${TARGET_SEC_SRV_STRESS_TESTS} DESTINATION /usr/bin) INSTALL(TARGETS ${TARGET_SEC_SRV_MT_TESTS} DESTINATION /usr/bin) INSTALL(TARGETS ${TARGET_SEC_SRV_DBUS_TESTS} DESTINATION /usr/bin) INSTALL(TARGETS ${TARGET_SEC_SRV_MEASURER} DESTINATION /usr/bin) + +INSTALL(FILES + ${PROJECT_SOURCE_DIR}/tests/security-server-tests/WRT_sstp_test_rules1.smack + DESTINATION /usr/share/privilege-control/ +) + +INSTALL(FILES + ${PROJECT_SOURCE_DIR}/tests/security-server-tests/WRT_sstp_test_rules2.smack + DESTINATION /usr/share/privilege-control/ +) diff --git a/tests/security-server-tests/WRT_sstp_test_rules1.smack b/tests/security-server-tests/WRT_sstp_test_rules1.smack new file mode 100644 index 0000000..4dece48 --- /dev/null +++ b/tests/security-server-tests/WRT_sstp_test_rules1.smack @@ -0,0 +1,2 @@ +~APP~ sstp_test_book_1 rwxatl +sstp_test_subject_1 ~APP~ rwxatl diff --git a/tests/security-server-tests/WRT_sstp_test_rules2.smack b/tests/security-server-tests/WRT_sstp_test_rules2.smack new file mode 100644 index 0000000..4dece48 --- /dev/null +++ b/tests/security-server-tests/WRT_sstp_test_rules2.smack @@ -0,0 +1,2 @@ +~APP~ sstp_test_book_1 rwxatl +sstp_test_subject_1 ~APP~ rwxatl diff --git a/tests/security-server-tests/security_server_tests_privilege.cpp b/tests/security-server-tests/security_server_tests_privilege.cpp new file mode 100644 index 0000000..c65e4c9 --- /dev/null +++ b/tests/security-server-tests/security_server_tests_privilege.cpp @@ -0,0 +1,128 @@ +#include + +#include + +#include + +#include +#include + +const char *SSTP_APP_ID = "sstp_test_app"; +const char *SSTP_OTHER_LABEL = "sstp_test_other_label"; + +const char *SSTP_PERMS[] = { + "sstp_test_rules1", + "sstp_test_rules2", + NULL +}; + +const char *SSTP_PERMS1[] = { + SSTP_PERMS[0], + NULL +}; + +const char *SSTP_PERMS2[] = { + SSTP_PERMS[1], + NULL +}; + +void check_security_server_app_has_privilege(const char *app_label, + const char *permission, + int is_enabled_expected) +{ + int result; + int is_enabled; + + result = security_server_app_has_privilege(app_label, APP_TYPE_WGT, permission, &is_enabled); + RUNNER_ASSERT_MSG_BT(result == PC_OPERATION_SUCCESS, + "Error calling security_server_app_has_privilege. Result: " << result); + + RUNNER_ASSERT_MSG_BT(is_enabled == is_enabled_expected, + "Result of security_server_app_has_privilege should be: " << is_enabled_expected); +} + +RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_PRIVILEGE); + +RUNNER_TEST(sstp_01_security_server_app_has_privilege) +{ + int result; + + DB_BEGIN + + result = perm_app_uninstall(SSTP_APP_ID); + RUNNER_ASSERT_MSG_BT(result == PC_OPERATION_SUCCESS, + "Error uninstalling app. Result" << result); + + result = perm_app_install(SSTP_APP_ID); + RUNNER_ASSERT_MSG_BT(result == PC_OPERATION_SUCCESS, + "Error installing app. Result" << result); + + result = perm_app_disable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS); + RUNNER_ASSERT_MSG_BT(result == PC_OPERATION_SUCCESS, + "Error disabling app r and no r permissions. Result: " << result); + + DB_END + + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 0); + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 0); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0); + + DB_BEGIN + + result = perm_app_enable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS1, false); + RUNNER_ASSERT_MSG_BT(result == PC_OPERATION_SUCCESS, + "Error registering app r permissions. Result: " << result); + + DB_END + + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 1); + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 0); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0); + + DB_BEGIN + + result = perm_app_enable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS2, false); + RUNNER_ASSERT_MSG_BT(result == PC_OPERATION_SUCCESS, + "Error registering app r permissions. Result: " << result); + + DB_END + + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 1); + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 1); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0); + + DB_BEGIN + + result = perm_app_disable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS1); + RUNNER_ASSERT_MSG_BT(result == PC_OPERATION_SUCCESS, + "Error disabling app r and no r permissions. Result: " << result); + + DB_END + + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 0); + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 1); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0); + + DB_BEGIN + + result = perm_app_disable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS2); + RUNNER_ASSERT_MSG_BT(result == PC_OPERATION_SUCCESS, + "Error disabling app r and no r permissions. Result: " << result); + + DB_END + + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 0); + check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 0); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0); + check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0); +} + +int main(int argc, char *argv[]) +{ + SummaryCollector::Register(); + return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv); +} diff --git a/tests/security-tests-all.sh b/tests/security-tests-all.sh index 4c171c0..8b87d94 100644 --- a/tests/security-tests-all.sh +++ b/tests/security-tests-all.sh @@ -20,6 +20,7 @@ security-tests.sh libprivilege-control --output=text --output=summary $ign security-tests.sh ss-clientsmack --output=text --output=summary $ign security-tests.sh ss-server --output=text --output=summary $ign security-tests.sh ss-password --output=text --output=summary $ign +security-tests.sh ss-privilege --output=text --output=summary $ign security-tests.sh ss-dbus --output=text --output=summary $ign security-tests.sh ss-stress --output=text --output=summary $ign security-tests.sh security-manager --output=text --output=summary $ign diff --git a/tests/security-tests.sh b/tests/security-tests.sh index 5b5036e..147aa48 100644 --- a/tests/security-tests.sh +++ b/tests/security-tests.sh @@ -64,6 +64,12 @@ case $1 in echo security-server-tests-password "${@:2}" ;; +"ss-privilege") + echo "=========================================================================" + echo "SECURITY SERVER TEST PRIVILEGE" + echo + security-server-tests-privilege "${@:2}" + ;; "ss-dbus") echo "=========================================================================" echo "SECURITY SERVER TEST DBUS" @@ -83,7 +89,7 @@ case $1 in echo echo "modules: smack, libprivilege-control, ss-clientsmack" echo " ss-server, ss-api-speed, ss-password, ss-stress" - echo " security-manager" + echo " ss-privilege, security-manager" ;; esac