From: Zbigniew Jasinski Date: Wed, 13 Apr 2016 14:58:08 +0000 (+0200) Subject: App install type tests X-Git-Tag: security-manager_5.5_testing~20^2~89 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F85%2F65985%2F4;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git App install type tests Run security-manager-tests --regexp='set_install_type' Change-Id: I10f0b25b9e3613ce68ddd8b7cb06e83357abbabe Signed-off-by: Zbigniew Jasinski --- diff --git a/src/security-manager-tests/common/sm_request.cpp b/src/security-manager-tests/common/sm_request.cpp index b8fc114..93b6d87 100644 --- a/src/security-manager-tests/common/sm_request.cpp +++ b/src/security-manager-tests/common/sm_request.cpp @@ -115,6 +115,16 @@ void InstallRequest::setAuthorId(std::string authorId, lib_retcode expectedResul m_authorId = std::move(authorId); } +void InstallRequest::setInstallType(const enum app_install_type &type, lib_retcode expectedResult) +{ + int result = security_manager_app_inst_req_set_install_type(m_req, type); + RUNNER_ASSERT_MSG((lib_retcode)result == expectedResult, + "setting install type returned wrong value." + << " Install type: " << type << ";" + << " Result: " << result << ";" + << " Expected result: " << expectedResult); +} + std::ostream& operator<<(std::ostream &os, const InstallRequest &request) { if (!request.m_appId.empty()) diff --git a/src/security-manager-tests/common/sm_request.h b/src/security-manager-tests/common/sm_request.h index 08dd477..59b9d2e 100644 --- a/src/security-manager-tests/common/sm_request.h +++ b/src/security-manager-tests/common/sm_request.h @@ -44,6 +44,7 @@ public: lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS); void setUid(const uid_t uid, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS); void setAuthorId(std::string authorId, lib_retcode expectedResult= SECURITY_MANAGER_SUCCESS); + void setInstallType(const enum app_install_type &type, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS); std::string getAppTizenVersion() const { return m_tizenVer; } app_inst_req *get() { return m_req; } diff --git a/src/security-manager-tests/security_manager_tests.cpp b/src/security-manager-tests/security_manager_tests.cpp index e182365..180962e 100644 --- a/src/security-manager-tests/security_manager_tests.cpp +++ b/src/security-manager-tests/security_manager_tests.cpp @@ -593,7 +593,6 @@ void check_exact_smack_accesses(const std::string &subject, const std::string &o RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER) - RUNNER_TEST(security_manager_01a_app_double_install_double_uninstall) { const char *const sm_app_id = "sm_test_01a_app_id_double"; @@ -935,6 +934,8 @@ static void removeTestDirs(const TemporaryTestUser &user, removeDir(nonAppDirPath(user)); } + + RUNNER_CHILD_TEST(security_manager_04a_app_install_uninstall_by_app_user_for_self) { int result; @@ -3839,6 +3840,189 @@ RUNNER_TEST(security_manager_48_groups_get) security_manager_groups_free(c_groups, count); } +RUNNER_TEST(security_manager_49a_global_user_set_install_type_global) +{ + const char *const sm_app_id = "sm_test_49a_app_id_global"; + const char *const sm_pkg_id = "sm_test_49a_pkg_id_global"; + + InstallRequest requestInst; + requestInst.setAppId(sm_app_id); + requestInst.setPkgId(sm_pkg_id); + requestInst.setInstallType(SM_APP_INSTALL_GLOBAL); + + Api::install(requestInst); + + // Check records in the security-manager database + check_app_after_install(sm_app_id, sm_pkg_id); + + InstallRequest requestUninst; + requestUninst.setAppId(sm_app_id); + + Api::uninstall(requestUninst); + + // Check records in the security-manager database + check_app_after_uninstall(sm_app_id, sm_pkg_id, TestSecurityManagerDatabase::REMOVED); +} + +RUNNER_TEST(security_manager_49b_global_user_set_install_type_local) +{ + const char *const sm_app_id = "sm_test_49b_app_id_local"; + const char *const sm_pkg_id = "sm_test_49b_pkg_id_local"; + + InstallRequest requestInst; + requestInst.setAppId(sm_app_id); + requestInst.setPkgId(sm_pkg_id); + requestInst.setInstallType(SM_APP_INSTALL_LOCAL); + + Api::install(requestInst, (lib_retcode)SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED); +} + +RUNNER_TEST(security_manager_49c_global_user_set_install_type_preloaded) +{ + const char *const sm_app_id = "sm_test_49c_app_id_preloaded"; + const char *const sm_pkg_id = "sm_test_49c_pkg_id_preloaded"; + + InstallRequest requestInst; + requestInst.setAppId(sm_app_id); + requestInst.setPkgId(sm_pkg_id); + requestInst.setInstallType(SM_APP_INSTALL_PRELOADED); + + Api::install(requestInst); + + // Check records in the security-manager database + check_app_after_install(sm_app_id, sm_pkg_id); + + InstallRequest requestUninst; + requestUninst.setAppId(sm_app_id); + + Api::uninstall(requestUninst); + + // Check records in the security-manager database + check_app_after_uninstall(sm_app_id, sm_pkg_id, TestSecurityManagerDatabase::REMOVED); +} + +RUNNER_CHILD_TEST(security_manager_49d_local_user_set_install_type_global) +{ + int result; + const char *const sm_app_id = "sm_test_49d_app_id_global"; + const char *const sm_pkg_id = "sm_test_49d_pkg_id_global"; + const std::string new_user_name = "sm_test_49d_user_name"; + + TemporaryTestUser testUser(new_user_name, GUM_USERTYPE_NORMAL, false); + testUser.create(); + + removeTestDirs(testUser, sm_app_id, sm_pkg_id); + createTestDirs(testUser, sm_app_id, sm_pkg_id); + + const std::string userAppDirPath = appDirPath(testUser, sm_app_id, sm_pkg_id); + + //switch user to non-root + result = drop_root_privileges(testUser.getUid(), testUser.getGid()); + RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed"); + + InstallRequest requestPrivateUser; + prepare_request(requestPrivateUser, sm_app_id, sm_pkg_id, + SECURITY_MANAGER_PATH_RW, userAppDirPath.c_str(), + false); + + requestPrivateUser.setInstallType((app_install_type)0, (lib_retcode)SECURITY_MANAGER_ERROR_INPUT_PARAM); + requestPrivateUser.setInstallType((app_install_type)22, (lib_retcode)SECURITY_MANAGER_ERROR_INPUT_PARAM); + requestPrivateUser.setInstallType(SM_APP_INSTALL_GLOBAL); + + for (auto &privilege : SM_ALLOWED_PRIVILEGES) + requestPrivateUser.addPrivilege(privilege.c_str()); + + /* + * It is possible for local user to install global application but one needs app_install privileges + * By default only global user or root can install global apps + */ + Api::install(requestPrivateUser, (lib_retcode)SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED); +} + +RUNNER_CHILD_TEST(security_manager_49e_local_user_set_install_type_local) +{ + int result; + const char *const sm_app_id = "sm_test_49e_app_id_local"; + const char *const sm_pkg_id = "sm_test_49e_pkg_id_local"; + const std::string new_user_name = "sm_test_49e_user_name"; + + TemporaryTestUser testUser(new_user_name, GUM_USERTYPE_NORMAL, false); + testUser.create(); + + removeTestDirs(testUser, sm_app_id, sm_pkg_id); + createTestDirs(testUser, sm_app_id, sm_pkg_id); + + const std::string userAppDirPath = appDirPath(testUser, sm_app_id, sm_pkg_id); + + //switch user to non-root + result = drop_root_privileges(testUser.getUid(), testUser.getGid()); + RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed"); + + InstallRequest requestPrivateUser; + prepare_request(requestPrivateUser, sm_app_id, sm_pkg_id, + SECURITY_MANAGER_PATH_RW, userAppDirPath.c_str(), + false); + + requestPrivateUser.setInstallType(SM_APP_INSTALL_LOCAL); + + for (auto &privilege : SM_ALLOWED_PRIVILEGES) + requestPrivateUser.addPrivilege(privilege.c_str()); + + Api::install(requestPrivateUser); + + check_app_permissions(sm_app_id, sm_pkg_id, + uidToStr(testUser.getUid()).c_str(), + SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES); + + //uninstall app as non-root user + InstallRequest request; + request.setAppId(sm_app_id); + + Api::uninstall(request); + + check_app_permissions(sm_app_id, sm_pkg_id, + uidToStr(testUser.getUid()).c_str(), + SM_NO_PRIVILEGES, SM_ALLOWED_PRIVILEGES); +} + +RUNNER_CHILD_TEST(security_manager_49f_local_user_set_install_type_preloaded) +{ + int result; + const char *const sm_app_id = "sm_test_49f_app_id_preloaded"; + const char *const sm_pkg_id = "sm_test_49f_pkg_id_preloaded"; + const std::string new_user_name = "sm_test_49f_user_name"; + + TemporaryTestUser testUser(new_user_name, GUM_USERTYPE_NORMAL, false); + testUser.create(); + + removeTestDirs(testUser, sm_app_id, sm_pkg_id); + createTestDirs(testUser, sm_app_id, sm_pkg_id); + + const std::string userAppDirPath = appDirPath(testUser, sm_app_id, sm_pkg_id); + + //switch user to non-root + result = drop_root_privileges(testUser.getUid(), testUser.getGid()); + RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed"); + + InstallRequest requestPrivateUser; + prepare_request(requestPrivateUser, sm_app_id, sm_pkg_id, + SECURITY_MANAGER_PATH_RW, userAppDirPath.c_str(), + false); + + requestPrivateUser.setInstallType((app_install_type)0, (lib_retcode)SECURITY_MANAGER_ERROR_INPUT_PARAM); + requestPrivateUser.setInstallType((app_install_type)22, (lib_retcode)SECURITY_MANAGER_ERROR_INPUT_PARAM); + requestPrivateUser.setInstallType(SM_APP_INSTALL_PRELOADED); + + for (auto &privilege : SM_ALLOWED_PRIVILEGES) + requestPrivateUser.addPrivilege(privilege.c_str()); + + /* + * It is possible for local user to install preloaded application but one needs app_install privileges + * By default only global user or root can install preloaded apps + */ + Api::install(requestPrivateUser, (lib_retcode)SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED); +} + int main(int argc, char *argv[]) { return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);