From: Dariusz Michaluk Date: Fri, 24 Feb 2017 10:56:45 +0000 (+0100) Subject: Add test for global/local app defined privileges X-Git-Tag: security-manager_5.5_testing~15^2~7^2~10 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F86%2F116486%2F1;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Add test for global/local app defined privileges Change-Id: Ia9aae496fc5a23ec636c5746bbf1c872efe78c1b --- diff --git a/src/security-manager-tests/test_cases_app_defined_privilege.cpp b/src/security-manager-tests/test_cases_app_defined_privilege.cpp index 7535226..e412600 100644 --- a/src/security-manager-tests/test_cases_app_defined_privilege.cpp +++ b/src/security-manager-tests/test_cases_app_defined_privilege.cpp @@ -178,3 +178,77 @@ RUNNER_CHILD_TEST(app_defined_04_app_update) cynara.check(consumerLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED); } +RUNNER_CHILD_TEST(app_defined_05_global_local_install) +{ + const std::string privilegeA = "http://tizen.org/licensedPrivilege/app_defined_05a"; + const std::string privilegeB = "http://tizen.org/applicationDefinedPrivilege/app_defined_05b"; + const std::string privilegeC = "http://tizen.org/applicationDefinedPrivilege/app_defined_05c"; + const std::string providerAppId = "app_def_05_provider_appid"; + const std::string consumerAppId = "app_def_05_client_appid"; + const std::string ownerId = "5001"; + const std::string bobId = "5002"; + const std::string session = "S0M33S3SSI0N"; + + AppInstallHelper providerGlobal(providerAppId); + AppInstallHelper providerLocal(providerAppId, 5002); + AppInstallHelper consumerGlobal(consumerAppId); + AppInstallHelper consumerLocal(consumerAppId, 5002); + + std::string consumerGlobalLabel = consumerGlobal.generateAppLabel(); + std::string consumerLocalLabel = consumerLocal.generateAppLabel(); + + providerGlobal.addAppDefinedPrivilege(std::make_pair(privilegeA, SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED)); + providerGlobal.addAppDefinedPrivilege(std::make_pair(privilegeC, SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED)); + + providerLocal.addAppDefinedPrivilege(std::make_pair(privilegeA, SM_APP_DEFINED_PRIVILEGE_TYPE_UNTRUSTED)); + providerLocal.addAppDefinedPrivilege(std::make_pair(privilegeB, SM_APP_DEFINED_PRIVILEGE_TYPE_LICENSED)); + + consumerGlobal.addPrivilege(privilegeA); + consumerGlobal.addPrivilege(privilegeB); + consumerGlobal.addPrivilege(privilegeC); + + consumerLocal.addPrivilege(privilegeB); + consumerLocal.addPrivilege(privilegeC); + + CynaraTestClient::Client cynara; + + // local provider only and global consumer only + ScopedInstaller req1(providerLocal); + ScopedInstaller req2(consumerGlobal); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerGlobalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_ALLOWED); + cynara.check(consumerGlobalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED); + cynara.check(consumerGlobalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED); + + // local provider only and global/local consumer + ScopedInstaller req3(consumerLocal); + //cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED); + cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED); + + // global/local provider and global/local consumer + ScopedInstaller req4(providerGlobal); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED); + //cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED); + //cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED); + + // global provider only and global/local consumer + req1.uninstallApp(); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED); + //cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_ALLOWED); + + // global provider only and global consumer only + req3.uninstallApp(); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED); + cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED); +}