From: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
Date: Mon, 15 Sep 2014 12:17:57 +0000 (+0200)
Subject: Check integrity after partial policy set
X-Git-Tag: security-manager_5.5_testing~207
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F32%2F27532%2F3;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

Check integrity after partial policy set

cynara_admin_set_policy() API function sets whole collection of policies
in single call. Setting some of them may fail. In such case no policies
should be applied to cynara service.

This test confirms existance of detected bug. Try to set 2 policies
(one good and one that is not allowed) leads to setPolicies() error,
however 1st policy remains in cynara's storage.

Verification: until bug is fixed in cynara's storage test should fail.

Change-Id: I3449ccbcfacb03bdcdc7a5cfb4a3b639d9b694ce
---

diff --git a/tests/cynara-tests/test_cases.cpp b/tests/cynara-tests/test_cases.cpp
index be3ca37..afc8c03 100644
--- a/tests/cynara-tests/test_cases.cpp
+++ b/tests/cynara-tests/test_cases.cpp
@@ -571,6 +571,40 @@ void tc13_admin_set_policies_to_extra_bucket_func()
     cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
 }
 
+void tc14_admin_set_policies_integrity_func()
+{
+    const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+    const char *bucket = "bucket14";
+    const char *client = "client14";
+    const char *session = "session14";
+    const char *user = "user14";
+    const char *privilege = "privilege14";
+    const char *extraResult = nullptr;
+
+    {
+        CynaraTestClient cynara;
+        cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+    }
+
+    {
+        CynaraTestAdmin admin;
+        CynaraPoliciesContainer cp;
+        cp.add(bucketDefault,
+               client, user, privilege,
+               CYNARA_ADMIN_ALLOW, extraResult);
+        cp.add(bucket,
+               client, user, privilege,
+               CYNARA_ADMIN_ALLOW, extraResult);
+        admin.setPolicies(cp, CYNARA_ADMIN_API_BUCKET_NOT_FOUND);
+    }
+
+    {
+        CynaraTestClient cynara;
+        cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+    }
+
+}
+
 RUNNER_TEST_GROUP_INIT(cynara_tests)
 
 RUN_CYNARA_TEST(tc01_cynara_initialize)
@@ -589,3 +623,4 @@ RUN_CYNARA_TEST(tc10_admin_change_extra_bucket)
 RUN_CYNARA_TEST(tc11_admin_bucket_not_found)
 RUN_CYNARA_TEST(tc12_admin_delete_bucket_with_policies_pointing_to_it)
 RUN_CYNARA_TEST(tc13_admin_set_policies_to_extra_bucket)
+RUN_CYNARA_TEST(tc14_admin_set_policies_integrity)