From: Yunjin Lee <yunjin-.lee@samsung.com>
Date: Wed, 5 Aug 2020 07:45:28 +0000 (+0900)
Subject: Add default privilege mapping for IoT profile
X-Git-Tag: submit/tizen/20200806.054000~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F15%2F240315%2F2;p=platform%2Fcore%2Fsecurity%2Fprivilege-checker.git

Add default privilege mapping for IoT profile

- Add web default privilege mapping for IoT profile. (core default
privilege mapping has no difference with common profile so there's no
update for core privilege.)
- Minimum api-version for IoT profile is native 5.0 / web & csharp 5.5.
- Fix askuser enable determination of local tc.
  It refers to https://review.tizen.org/gerrit/#/c/platform/core/security/privilege-checker/+/234846/

Change-Id: I730d02d879033561b238303bd435bc0a81822db3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
---

diff --git a/capi/res/dbspace/wrt_privilege_mapping.csv b/capi/res/dbspace/wrt_privilege_mapping.csv
index 376e355..76fd91b 100644
--- a/capi/res/dbspace/wrt_privilege_mapping.csv
+++ b/capi/res/dbspace/wrt_privilege_mapping.csv
@@ -173,7 +173,6 @@ mobile,http://tizen.org/privilege/internal/default/platform,2.2.1,9.9,http://tiz
 mobile,http://tizen.org/privilege/internal/default/platform,2.2.1,2.3,http://tizen.org/privilege/recorder
 wearable,http://tizen.org/privilege/internal/default/public,2.2.1,9.9,http://tizen.org/privilege/appmanager.launch
 wearable,http://tizen.org/privilege/internal/default/public,2.2.1,2.3,http://tizen.org/privilege/call
-wearable,http://tizen.org/privilege/internal/default/public,2.2.1,2.3,http://tizen.org/privilege/call
 wearable,http://tizen.org/privilege/internal/default/public,2.2.1,2.3,http://tizen.org/privilege/camera
 wearable,http://tizen.org/privilege/internal/default/public,2.2.1,9.9,http://tizen.org/privilege/display
 wearable,http://tizen.org/privilege/internal/default/public,2.2.1,4,http://tizen.org/privilege/externalstorage
@@ -265,3 +264,27 @@ tv,http://tizen.org/privilege/internal/default/platform,2.3,9.9,http://tizen.org
 tv,http://tizen.org/privilege/internal/default/platform,2.3,9.9,http://tizen.org/privilege/notification
 tv,http://tizen.org/privilege/internal/default/platform,2.3,9.9,http://tizen.org/privilege/packagemanager.info
 tv,http://tizen.org/privilege/internal/default/platform,2.3,2.4,http://tizen.org/privilege/recorder
+iot,http://tizen.org/privilege/internal/default/public,5.5,9.9,http://tizen.org/privilege/appmanager.launch
+iot,http://tizen.org/privilege/internal/default/public,5.5,9.9,http://tizen.org/privilege/display
+iot,http://tizen.org/privilege/internal/default/public,5.5,9.9,http://tizen.org/privilege/haptic
+iot,http://tizen.org/privilege/internal/default/public,5.5,9.9,http://tizen.org/privilege/internal/buxton/network.get
+iot,http://tizen.org/privilege/internal/default/public,5.5,9.9,http://tizen.org/privilege/internal/buxton/telephony
+iot,http://tizen.org/privilege/internal/default/public,5.5,9.9,http://tizen.org/privilege/network.get
+iot,http://tizen.org/privilege/internal/default/public,5.5,9.9,http://tizen.org/privilege/notification
+iot,http://tizen.org/privilege/internal/default/public,5.5,9.9,http://tizen.org/privilege/packagemanager.info
+iot,http://tizen.org/privilege/internal/default/partner,5.5,9.9,http://tizen.org/privilege/appmanager.launch
+iot,http://tizen.org/privilege/internal/default/partner,5.5,9.9,http://tizen.org/privilege/display
+iot,http://tizen.org/privilege/internal/default/partner,5.5,9.9,http://tizen.org/privilege/haptic
+iot,http://tizen.org/privilege/internal/default/partner,5.5,9.9,http://tizen.org/privilege/internal/buxton/network.get
+iot,http://tizen.org/privilege/internal/default/partner,5.5,9.9,http://tizen.org/privilege/internal/buxton/telephony
+iot,http://tizen.org/privilege/internal/default/partner,5.5,9.9,http://tizen.org/privilege/network.get
+iot,http://tizen.org/privilege/internal/default/partner,5.5,9.9,http://tizen.org/privilege/notification
+iot,http://tizen.org/privilege/internal/default/partner,5.5,9.9,http://tizen.org/privilege/packagemanager.info
+iot,http://tizen.org/privilege/internal/default/platform,5.5,9.9,http://tizen.org/privilege/appmanager.launch
+iot,http://tizen.org/privilege/internal/default/platform,5.5,9.9,http://tizen.org/privilege/display
+iot,http://tizen.org/privilege/internal/default/platform,5.5,9.9,http://tizen.org/privilege/haptic
+iot,http://tizen.org/privilege/internal/default/platform,5.5,9.9,http://tizen.org/privilege/internal/buxton/network.get
+iot,http://tizen.org/privilege/internal/default/platform,5.5,9.9,http://tizen.org/privilege/internal/buxton/telephony
+iot,http://tizen.org/privilege/internal/default/platform,5.5,9.9,http://tizen.org/privilege/network.get
+iot,http://tizen.org/privilege/internal/default/platform,5.5,9.9,http://tizen.org/privilege/notification
+iot,http://tizen.org/privilege/internal/default/platform,5.5,9.9,http://tizen.org/privilege/packagemanager.info
diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt
index 197ff3a..157d85a 100755
--- a/test/CMakeLists.txt
+++ b/test/CMakeLists.txt
@@ -16,6 +16,8 @@ SET(TC3_SRCS ${TC3_NAME}.c ${TC_COMMON_SRCS})
 SET(TC4_SRCS ${TC4_NAME}.c ${TC_COMMON_SRCS})
 SET(TC5_SRCS ${TC5_NAME}.c ${TC_COMMON_SRCS})
 
+ADD_DEFINITIONS(-DASKUSER_RUNTIME_DISABLE_PATH="${TZ_SYS_SHARE}/askuser_disable")
+
 INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/capi/include)
 INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/test)
 
diff --git a/test/tc-common.h b/test/tc-common.h
index 53f7fb4..5e8e123 100755
--- a/test/tc-common.h
+++ b/test/tc-common.h
@@ -6,6 +6,7 @@
 #include <glib.h>
 #include <privilege_manager.h>
 #include <privilege_db_manager.h>
+#include <unistd.h>
 
 #define BRIGHTNESS 0
 #define RED 31
@@ -98,5 +99,5 @@ typedef enum {
 
 extern tizen_profile_t _get_tizen_profile();
 
-#define ENABLE_ASKUSER ((_get_tizen_profile()) & (TIZEN_PROFILE_MOBILE | TIZEN_PROFILE_WEARABLE))
-#define DISABLE_ASKUSER (!ENABLE_ASKUSER)
+#define DISABLE_ASKUSER (access(ASKUSER_RUNTIME_DISABLE_PATH, F_OK) == 0)
+#define ENABLE_ASKUSER (!DISABLE_ASKUSER)
diff --git a/test/tc-privilege-db-manager.c b/test/tc-privilege-db-manager.c
index 071591a..8c25b59 100755
--- a/test/tc-privilege-db-manager.c
+++ b/test/tc-privilege-db-manager.c
@@ -337,7 +337,7 @@ void __test_privilege_db_manager_get_privacy_by_privilege()
 	ret = privilege_db_manager_get_privacy_by_privilege("http://tizen.org/privilege/account.read", &privacy_name);
 	ret = privilege_db_manager_get_privacy_id_by_privilege("http://tizen.org/privilege/account.read", &privacy_id);
 	printf("privacy name = %s, privacy_id = %d\n", privacy_name, privacy_id);
-	if ((ENABLE_ASKUSER && ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/account") && privacy_id == 0) || (DISABLE_ASKUSER && ret == PRIVILEGE_DB_MANAGER_ERR_NO_EXIST_RESULT)) {
+	if (ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/account") && privacy_id == 0) {
 		success_cnt++;
 		printf_green("success\n");
 	} else {
@@ -354,7 +354,7 @@ void __test_privilege_db_manager_get_privacy_by_privilege()
 	ret = privilege_db_manager_get_privacy_by_privilege("http://tizen.org/privilege/location", &privacy_name);
 	ret = privilege_db_manager_get_privacy_id_by_privilege("http://tizen.org/privilege/location", &privacy_id);
 	printf("privacy name = %s, privacy_id = %d\n", privacy_name, privacy_id);
-	if ((ENABLE_ASKUSER && ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/location") && privacy_id == 7) || (DISABLE_ASKUSER && ret == PRIVILEGE_DB_MANAGER_ERR_NO_EXIST_RESULT)) {
+	if (ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/location") && privacy_id == 7) {
 		success_cnt++;
 		printf_green("success\n");
 	} else {
@@ -370,7 +370,7 @@ void __test_privilege_db_manager_get_privacy_by_privilege()
 	ret = privilege_db_manager_get_privacy_by_privilege("http://tizen.org/privilege/call", &privacy_name);
 	ret = privilege_db_manager_get_privacy_id_by_privilege("http://tizen.org/privilege/call", &privacy_id);
 	printf("privacy name = %s, privacy_id = %d\n", privacy_name, privacy_id);
-	if ((ENABLE_ASKUSER && ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/call") && privacy_id == 3) || (DISABLE_ASKUSER && ret == PRIVILEGE_DB_MANAGER_ERR_NO_EXIST_RESULT)) {
+	if (ret == 0 && !strcmp(privacy_name, "http://tizen.org/privacy/call") && privacy_id == 3) {
 		success_cnt++;
 		printf_green("success\n");
 	} else {