platform/core/test/security-tests.git
10 years agoIgnore tests failing on file label removal 04/30404/2
Marcin Niesluchowski [Mon, 17 Nov 2014 16:36:16 +0000 (17:36 +0100)]
Ignore tests failing on file label removal

Change-Id: Ib4f97f1bfdda0cf2229852096bf47582dc68aa3b

10 years agosecurity-server tests commented out from all tests 89/29789/5
Michal Eljasiewicz [Tue, 4 Nov 2014 11:15:00 +0000 (12:15 +0100)]
security-server tests commented out from all tests

Change-Id: I549718922f98f08c242b9bde313ecad839392b8e
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
10 years agosecurity_server_tests_dbus moved to separate directory 89/29889/4
Michal Eljasiewicz [Wed, 5 Nov 2014 13:04:51 +0000 (14:04 +0100)]
security_server_tests_dbus moved to separate directory

tests moved out of security_server directory and renamed

Change-Id: If3a3aedecc91f43803dfb349ac6a06a79ed4eccd
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
10 years agolibprivilege-control tests commented out from all tests 87/29787/1
Michal Eljasiewicz [Tue, 4 Nov 2014 10:51:04 +0000 (11:51 +0100)]
libprivilege-control tests commented out from all tests

Change-Id: Id76b6b0ba3b9b5c2ee8948fb2078c44e5a444fdc
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>
10 years agoMove HTML collector to separate files 93/28693/5
Marcin Niesluchowski [Mon, 13 Oct 2014 13:05:27 +0000 (15:05 +0200)]
Move HTML collector to separate files

Change-Id: I9e3d507cbde42bced1daac0eae351c55b925a63c

10 years agoMove Console collector to separate files 92/28692/5
Marcin Niesluchowski [Mon, 13 Oct 2014 11:39:02 +0000 (13:39 +0200)]
Move Console collector to separate files

Change-Id: Ia7c23d144db858f94eac34e79e12dd11faad9de4

10 years agoMove XML collector to separate files 91/28691/5
Marcin Niesluchowski [Mon, 13 Oct 2014 09:09:48 +0000 (11:09 +0200)]
Move XML collector to separate files

Change-Id: I7c82a9415bbf9969ab2bc5bc008878b8b61bbcc4

10 years agoMove statistic class to separate file 90/28690/5
Marcin Niesluchowski [Mon, 13 Oct 2014 09:42:33 +0000 (11:42 +0200)]
Move statistic class to separate file

Change-Id: Ife2fd4e0e2952d6145096a8c4de14ed5bbfdb369

10 years agoRemove CSV collector 89/28689/5
Marcin Niesluchowski [Mon, 13 Oct 2014 08:24:02 +0000 (10:24 +0200)]
Remove CSV collector

Change-Id: Iae8c4bbb7cfd415e228426885f224412122ce52f

10 years agoRemove TAP collector 88/28688/5
Marcin Niesluchowski [Mon, 13 Oct 2014 08:13:47 +0000 (10:13 +0200)]
Remove TAP collector

Change-Id: Ie9022778cf489eaaba0177ba8b84c5d0dd425fdb

10 years agoRemove unnecessary includes from test_results_collector.cpp 87/28687/4
Marcin Niesluchowski [Mon, 13 Oct 2014 13:21:49 +0000 (15:21 +0200)]
Remove unnecessary includes from test_results_collector.cpp

Change-Id: I7caaf12269eb63f1a1e7ec2dc3afaa203aa8ad82

10 years agoRevert commits to cynara tests 00/29100/1
Marcin Niesluchowski [Tue, 21 Oct 2014 09:34:12 +0000 (11:34 +0200)]
Revert commits to cynara tests

Some commits to cynara tests making security-tests not buildable
with cynara release.

This reverts commits:
1c357c2 "Fix cynara_check return codes"
d2eb84f "Add tests for cynara_admin_check function"
a58d784 "Enhance CynaraTestAdmin with adminCheck() method"
e0b08a3 "Add tests for none bucket"

Change-Id: If344771ef62de103c24cd551cd40a6b9b8be44a3

10 years agoRevert commits to security-manager tests 99/29099/1
Marcin Niesluchowski [Tue, 21 Oct 2014 09:43:03 +0000 (11:43 +0200)]
Revert commits to security-manager tests

Some commits to security-manager tests making security-tests not buildable
with security-manager release.

This reverts commits:
e3e2809 "security-manager: test security_manager_set_process_groups_from_appid"

Change-Id: I009c33811a3af23451e5cac6db142a555f248408

10 years agoBuilding: better handling of deprecated 24/28724/1
José Bollo [Tue, 14 Oct 2014 15:39:19 +0000 (17:39 +0200)]
Building: better handling of deprecated

It is useful to keep deprecated items as warning.
For doing that, this new option is needed.

Change-Id: Iaf140652f40d8a990d246741091119106c7b132b
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
10 years agoFix cynara_check return codes 61/28561/3
Lukasz Wojciechowski [Thu, 9 Oct 2014 16:28:29 +0000 (18:28 +0200)]
Fix cynara_check return codes

After merging "151ad89 Change client API error codes"
into cynara values returned by cynara_check() changed.

In case of access allowed cynara_check returns
CYNARA_API_ACCESS_ALLOWED instead of CYNARA_API_SUCCESS.

Change-Id: I98ff68068c9c67648601c339b0ff51af7e3e1280

10 years agoAdd tests for cynara_admin_check function 74/27974/3
Lukasz Wojciechowski [Tue, 23 Sep 2014 15:56:03 +0000 (17:56 +0200)]
Add tests for cynara_admin_check function

cynara_admin_check() function provides simmilar functionality to
cynara_check() from client's API. Differences between those two are:
* admin version can start check search in any given bucket;
* admin version can constrain search to single bucket (no recursion);
* in admin version policy types are returned without being interpreted
  by plugins in cynara service (e.g. no UI popups are launched).

There are 4 tests added:
* tc16_admin_check_single_bucket - for trivial single bucket checks;
* tc17_admin_check_nested_bucket - for testing proper check search
  scope (recursion and start bucket);
* tc18_admin_check_multiple_matches - for testing if minimum policy
  is found, when there is more than a single policy matching;
* tc19_admin_check_none_bucket - for testing proper behaviour, when
  default and only matching policy in bucket is of type NONE.

Verification:
After cynara patch https://review.tizen.org/gerrit/27971 is applied
test should pass. They can fail before due to policy types enumeration
inconsistency between external and internal caynara layers.

Change-Id: Ia37df3491fbc31beb9c638daa515ce5a6b92eb59

10 years agoEnhance CynaraTestAdmin with adminCheck() method 73/27973/3
Lukasz Wojciechowski [Mon, 22 Sep 2014 14:03:36 +0000 (16:03 +0200)]
Enhance CynaraTestAdmin with adminCheck() method

adminCheck() method allows running and checking result of
cynara_admin_check() form libcynara-admin API.

It asserts result of cynara_admin_check() function call
and values of check results with expected values.

Change-Id: Id2a35b3b1f43f2802ccee14355b6efb8a5f5c511

10 years agoMake expected result of cynara client check default 14/26914/4
Marcin Niesluchowski [Mon, 1 Sep 2014 09:38:06 +0000 (11:38 +0200)]
Make expected result of cynara client check default

Change-Id: If5e51ff720c8b03aa2d3beabefce459b65306fca

10 years agoAdd tests for none bucket 03/26303/7
Marcin Niesluchowski [Wed, 20 Aug 2014 09:13:28 +0000 (11:13 +0200)]
Add tests for none bucket

Change-Id: I546ded4f234470ab3754338080ab9800dde18279

10 years agosecurity-manager: test security_manager_set_process_groups_from_appid 61/27461/8
Rafal Krypa [Tue, 16 Sep 2014 14:28:07 +0000 (16:28 +0200)]
security-manager: test security_manager_set_process_groups_from_appid

New security-manager API supports setting process groups based on
privilege settings. This is intended for launchers. Check it during
application installation check to verify if gid-mapped privileges
are handled correctly.

Change-Id: Ie558bf985dbbc5cd1451ae743aa2f26f519fef5e
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
10 years agosecurity-manager: drop testing of obsolete TIZENEXEC label on symlinks 60/27460/5
Rafal Krypa [Fri, 12 Sep 2014 15:14:25 +0000 (17:14 +0200)]
security-manager: drop testing of obsolete TIZENEXEC label on symlinks

This feature is just being removed from security-manager. No labels
will be set on symlinks.

Change-Id: I9f19cb0b4f2d273407654f9e04f15d6d4823ed05
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
10 years agosecurity-manager: use Smack label for verifying Cynara rules, not pkgId 59/27459/5
Rafal Krypa [Fri, 12 Sep 2014 15:10:27 +0000 (17:10 +0200)]
security-manager: use Smack label for verifying Cynara rules, not pkgId

Since security-manager doesn't provide function for that, tests
need to reimplement it. It should be kept in line with security-manager
code. For now there is only one label for all apps: "User".

Change-Id: I79eafea8c38bb86a3ec775a851d7e7605c1865e8
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
10 years agoCheck integrity after partial policy set 32/27532/3
Lukasz Wojciechowski [Mon, 15 Sep 2014 12:17:57 +0000 (14:17 +0200)]
Check integrity after partial policy set

cynara_admin_set_policy() API function sets whole collection of policies
in single call. Setting some of them may fail. In such case no policies
should be applied to cynara service.

This test confirms existance of detected bug. Try to set 2 policies
(one good and one that is not allowed) leads to setPolicies() error,
however 1st policy remains in cynara's storage.

Verification: until bug is fixed in cynara's storage test should fail.

Change-Id: I3449ccbcfacb03bdcdc7a5cfb4a3b639d9b694ce

10 years agoAdded ckm tests. 68/27668/1
Maciej J. Karpiuk [Wed, 17 Sep 2014 09:45:37 +0000 (11:45 +0200)]
Added ckm tests.

Change-Id: I69ba5318e73ee9f6844787f2ba6a29afec293f45

10 years agoAdd include for strerror() 04/27004/1
Aleksander Zdyb [Wed, 3 Sep 2014 06:11:47 +0000 (08:11 +0200)]
Add include for strerror()

Change-Id: Idf24aaca911199e40b87c78ac2dd4c03d378afbd

10 years agoChange NULL to nullptr 67/25467/5
Marcin Niesluchowski [Wed, 27 Aug 2014 07:51:12 +0000 (09:51 +0200)]
Change NULL to nullptr

Change-Id: I316a253e25a2460c9e2ff85a791550073ebde51a

10 years agoAdjust README to actual version of security-tests 59/25159/19
Marcin Niesluchowski [Wed, 30 Jul 2014 10:41:12 +0000 (12:41 +0200)]
Adjust README to actual version of security-tests

Change-Id: I575d19fb5abe525b168c1610ed24ca70f9d684c0

10 years agoUse SocketUniquePtr in libprivilege-control tests 38/26138/7
Marcin Niesluchowski [Mon, 18 Aug 2014 09:34:44 +0000 (11:34 +0200)]
Use SocketUniquePtr in libprivilege-control tests

Change-Id: I47a95cf3f8d6e4c830d1c26e1bfef70ed78747e3

10 years agoReorder and change test macros 37/25137/23
Marcin Niesluchowski [Wed, 30 Jul 2014 07:54:08 +0000 (09:54 +0200)]
Reorder and change test macros

Change-Id: Id05a92516053ca7128198fe61f8f5c805637d645

10 years agoAdjust security-manager tests 29/25929/9
Jan Cybulski [Tue, 12 Aug 2014 10:54:57 +0000 (12:54 +0200)]
Adjust security-manager tests

Security-manager is no longer using libprivilege-control
Tests should now use cynara to check if privileges
were granted during application installation.

Change-Id: I4a0fea8edfad31cb9265c89b9498d6fd27d47676

10 years agoAllow to run tests without arguments 84/25584/4
Jan Cybulski [Thu, 7 Aug 2014 06:31:48 +0000 (08:31 +0200)]
Allow to run tests without arguments

If no arguments are given, then tests will be run
as if argument was '--output=text', which already
implemented. The only obstracle is check for number
of arguments that is removed in this commit.
To verify this just run any tests without arguments.

Change-Id: I17f60518d6d137c12a5a53f7852653e5f07d7599
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
10 years agoMove test framework from wrt-commons to security-tests 89/25089/18
Marcin Niesluchowski [Mon, 28 Jul 2014 08:49:13 +0000 (10:49 +0200)]
Move test framework from wrt-commons to security-tests

Change-Id: If185e7401ded389f40d1a07e610c5d999ff152c1

10 years agoAdd tests for installing apps by different users 97/24697/15
Jan Cybulski [Fri, 18 Jul 2014 07:59:10 +0000 (09:59 +0200)]
Add tests for installing apps by different users

Change-Id: I65f78b92c974f5711f91a526593e4d222e1bd43b

10 years agoAdd cynara test environment class 15/24515/25
Marcin Niesluchowski [Tue, 15 Jul 2014 16:54:35 +0000 (18:54 +0200)]
Add cynara test environment class

Change-Id: I6a83f3aab6e5ff4de4d6a9092b0b882af0eb22be

10 years agoAdd extra bucket cynara tests 62/24662/9
Marcin Niesluchowski [Thu, 17 Jul 2014 17:06:37 +0000 (19:06 +0200)]
Add extra bucket cynara tests

Change-Id: I195ac63e423b79b422978003892d78b863cfc2e0

10 years agoAdd single wildcard policies cynara test 44/24644/11
Marcin Niesluchowski [Thu, 17 Jul 2014 13:48:23 +0000 (15:48 +0200)]
Add single wildcard policies cynara test

Change-Id: If3dc244bcc93b6d02c981fcb3f9cd5cbc7004705

10 years agoAdd allow remove set policies cynara tests 35/24635/9
Marcin Niesluchowski [Thu, 17 Jul 2014 11:43:59 +0000 (13:43 +0200)]
Add allow remove set policies cynara tests

Change-Id: I4be35a4242e381fbac176ad5591d2a90e50dc423

10 years agoAdd empty bucket cynara tests 28/24628/14
Marcin Niesluchowski [Thu, 17 Jul 2014 09:29:43 +0000 (11:29 +0200)]
Add empty bucket cynara tests

Change-Id: Ie3eb6ece201e31490e72180d0c4f53397c8976e8

10 years agoAdd cynara invalid params tests 18/24518/21
Marcin Niesluchowski [Tue, 15 Jul 2014 17:34:43 +0000 (19:34 +0200)]
Add cynara invalid params tests

Change-Id: I45a63f43911c57b2d1ceb8b69410e41b527066bc

10 years agoAdd cynara test client class 79/24279/20
Marcin Niesluchowski [Wed, 9 Jul 2014 13:52:12 +0000 (15:52 +0200)]
Add cynara test client class

Change-Id: I8ef613c06d5fbe2a3764aaac7fa1b0b1009a860b

10 years agoAdd cynara test admin class 78/24278/20
Marcin Niesluchowski [Wed, 9 Jul 2014 12:17:15 +0000 (14:17 +0200)]
Add cynara test admin class

Change-Id: I6871e7e51d6f78df03948d7dc83a88e5fe0ffeb3

10 years agoMake DBusAccess class more generic 47/24347/15
Marcin Niesluchowski [Thu, 10 Jul 2014 11:22:03 +0000 (13:22 +0200)]
Make DBusAccess class more generic

DBusAccess class should be able to restart any service.

Change-Id: I035321e9cd6fb219f2affc01b06299ace9c8af18

10 years agoAdd tests for setting current process label 08/24408/4
Jacek Bukarewicz [Fri, 11 Jul 2014 13:56:53 +0000 (15:56 +0200)]
Add tests for setting current process label

Change-Id: I020b8c812526c7e13d86df8ffe72c4d80a1e0fe0
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
10 years agoRefactor test for smack_*getlabel and smack_*setlabel. 98/23298/9
Marcin Niesluchowski [Mon, 16 Jun 2014 09:48:12 +0000 (11:48 +0200)]
Refactor test for smack_*getlabel and smack_*setlabel.

Change-Id: I65b60e6d13137b3d6a3ece46becde5050f4aa0b0

10 years agoUse tzplatform_mkpath to get path to .rules-db.db3 database 82/24482/1
Jacek Bukarewicz [Tue, 15 Jul 2014 08:07:59 +0000 (10:07 +0200)]
Use tzplatform_mkpath to get path to .rules-db.db3 database

Change-Id: I6b834fe93551349954480dbc809e483f6a146dfd
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
10 years agoAdd security-manager database records testing. 39/23839/2
Marcin Lis [Thu, 3 Jul 2014 13:47:09 +0000 (15:47 +0200)]
Add security-manager database records testing.

Use the TestSecurityManagerDatabase class to test installation and privilege
assignment process in security-manager's database.

Change-Id: I08155d56904c31fe2a124d86d089014e9da95008
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoAdd parameters to security-manager tests functions. 38/23838/2
Marcin Lis [Thu, 3 Jul 2014 13:45:38 +0000 (15:45 +0200)]
Add parameters to security-manager tests functions.

This commit pre-reorganizes tests. It prepares security-manager tests
to implement database records checks in next step.

Change-Id: I4687a71f12117c8b5c02e90cb71851ec95aacf16
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoAdd new class to test security-manager database records. 37/23837/1
Marcin Lis [Wed, 2 Jul 2014 13:38:41 +0000 (15:38 +0200)]
Add new class to test security-manager database records.

Reuse the concept implemented in libprivilege-control tests.

The interface of the introduced class may be used in security-manager tests.
Currently it allows to check if app and pkg have been successfully installed
along with all requested privileges. Checking application uninstallation is
possible as well.

Change-Id: I1eb95312c7ace890402533ef17645b91485ad443
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoMove generic Sqlite3DBase test files to common part. 36/23836/1
Marcin Lis [Tue, 1 Jul 2014 15:06:21 +0000 (17:06 +0200)]
Move generic Sqlite3DBase test files to common part.

Prepare DB-test framework for later use in security-manager tests.

Change-Id: I9454431db2654adc0019446e08615ae72051a0fd
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoAdd test for libprivilege permissions update. 83/23383/4
Marcin Lis [Wed, 18 Jun 2014 13:17:42 +0000 (15:17 +0200)]
Add test for libprivilege permissions update.

This commit introduces tests for the following change:
https://review.tizen.org/gerrit/#/c/23382/

Change-Id: I42c228dac84c9aee8f7f55de4a9d4773f97f11f1
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoRemove security_manager_app_inst_req_add_allowed_user from tests. 07/23307/1
Marcin Niesluchowski [Mon, 23 Jun 2014 10:26:21 +0000 (12:26 +0200)]
Remove security_manager_app_inst_req_add_allowed_user from tests.

Function security_manager_app_inst_req_add_allowed_user will be
removed from security-manager.

Change-Id: I89aafc3d1ae49044bdcb860545181e6e355d6f28

10 years agoAdd test for security-manager installer service. 73/22773/3
Marcin Niesluchowski [Tue, 3 Jun 2014 12:36:59 +0000 (14:36 +0200)]
Add test for security-manager installer service.

Verification:
-> secuirty-tests.sh security-manager --output=text --runignored
   (all should pass)

Change-Id: I43b10b0032300cbf4b21faceae85d1f1dc1a982f

10 years agoTest labeling links to execs by security-manager 34/22534/4
Jan Cybulski [Thu, 5 Jun 2014 13:02:04 +0000 (15:02 +0200)]
Test labeling links to execs by security-manager

Security manager's installer service labels links to execs
with a special xattr: security.TIZEN_EXEC_LABEL.
This commit checks that functionality.

Change-Id: Iac86bc6a55aba4b3648ec2f4e475c28121b025f0
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
10 years agoUse /tmp/ as location for smack test files 68/22568/3
Jacek Bukarewicz [Fri, 6 Jun 2014 13:09:53 +0000 (15:09 +0200)]
Use /tmp/ as location for smack test files

Smack laccess tests used /opt/home/app previously, but it does not
necessarily exist so replace it with /tmp/.

Change-Id: Id711c60ef49e0078519f8acc77d5b034a23c1596

10 years agoAdd tests for security manager's installer service 12/21612/11
Jan Cybulski [Thu, 5 Jun 2014 13:00:42 +0000 (15:00 +0200)]
Add tests for security manager's installer service

Add more specific tests for security manager's
security_manager_app_inst_req_add_path:
Tests for SM_PUBLIC_PATH and SM_PUBLIC_RO_PATH added.

Change-Id: I505fca28ef992676f967fa6cf29bc2d6343388c1
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
10 years agoFix return value of smack_have_access 65/22465/2
Jan Cybulski [Wed, 4 Jun 2014 12:47:19 +0000 (14:47 +0200)]
Fix return value of smack_have_access

Libsmack's smack_have_access returns 0 on no access and -1 on errors.
Checking rule that does not exist should not return -1

Change-Id: I604eed75634c9bc1dfbeb41a70d0a11211be96f0
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
10 years agoFix segmentation fault on libsmack tests 64/22464/2
Jan Cybulski [Wed, 4 Jun 2014 12:44:44 +0000 (14:44 +0200)]
Fix segmentation fault on libsmack tests

Change-Id: I6fbae1e6513a6121aae53863193d862b03da257a
Signed-off-by: Jan Cybulski <j.cybulski@samsung.com>
10 years agoAdd tests for Cynara RE (Rush-Edition) 25/20525/12
Aleksander Zdyb [Thu, 29 May 2014 12:39:17 +0000 (14:39 +0200)]
Add tests for Cynara RE (Rush-Edition)

Change-Id: I628a242f40001a2e81ac1728e19402ed30b11934
Signed-off-by: Aleksander Zdyb <a.zdyb@partner.samsung.com>
10 years agoFix tc_unit_09_02_app_user_cookie_API_access_deny test. 00/21600/2
Marcin Niesluchowski [Fri, 23 May 2014 09:00:06 +0000 (11:00 +0200)]
Fix tc_unit_09_02_app_user_cookie_API_access_deny test.

Verfication:
-> security-server-tests-server --output=text --runignored \
   --regexp=tc_unit_09_02_app_user_cookie_API_access_deny
   (with smack; test should not fail)

Change-Id: I03e696482ce797a67c3de9b77418d448970c5f23

10 years agoDon't use OSP and WRT installers in security tests 30/21530/3
Jacek Bukarewicz [Wed, 21 May 2014 15:02:09 +0000 (17:02 +0200)]
Don't use OSP and WRT installers in security tests

Security tests used to install WRT and OSP test applications in
post installation script. This is not necessary and can be replaced by
shipping binaries and symlinks required by test in RPM package.

To verify check if libprivilege-control tests' results are unaffected by
this change.

Change-Id: Id1d73bfb0249bc63bd33613c40d04a673783642d
Signed-off-by: Jacek Bukarewicz <j.bukarewicz@samsung.com>
10 years agoRevert "Fix security-server server tests" 37/21537/2
Marcin Niesluchowski [Thu, 22 May 2014 12:18:21 +0000 (14:18 +0200)]
Revert "Fix security-server server tests"

This reverts commit df5967df7e0c2d61ca4829c3add727a1696cd058.

Conflicts:

tests/security-server-tests/server.cpp

Change-Id: I10296aab70f267f90e7a94432672fd0b94b9b129

10 years agoAdjust AccessProvider api to current security-server. 55/21455/2
Marcin Niesluchowski [Wed, 21 May 2014 06:51:52 +0000 (08:51 +0200)]
Adjust AccessProvider api to current security-server.

Sockets in security-server has been moved to /run labeled with
System::Run label and AccessProvider provided old smack accesses.
Previous references to sockets' old smack labels has been removed.

Verification:
-> security-tests-all.sh
   (server, cookie-api, clientsmack and dbus tests should pass,
    no changes in other tests)

Change-Id: I9796fb0b52890553767783de5cffdc7b5ecb8746

10 years agoAdd tests for security_server_app_has_privilege function. 13/21013/4
Marcin Niesluchowski [Wed, 14 May 2014 09:36:18 +0000 (11:36 +0200)]
Add tests for security_server_app_has_privilege function.

security_server_app_has_privilege function has been restored
and changed in security-server repository.
See:
-> 'Bring back part of app-permissions service'
-> 'Adjust security_server_app_has_privilege to Tizen 3.0 model.'

Verification:
-> security-tests.sh ss-privilege --output=text --runignored
   (test should pass)

Change-Id: I505c0d49f2bcbc739f63f5828edd81feb168cca3

10 years agoAdd security-manager tests. 53/20753/11
Marcin Niesluchowski [Thu, 8 May 2014 18:28:43 +0000 (20:28 +0200)]
Add security-manager tests.

security-manager service has been added to security-server repository.
See:
-> 'Implement installer service'
-> 'Added security-manager API'

Verification:
-> security-tests.sh security-manager --output=text
   (test should pass)

Change-Id: Idb69adada46864373208eb932f46402a4561e31e

10 years agoRefactor perm_app_setup_path libprivilege-control tests. 00/20500/9
Marcin Niesluchowski [Wed, 7 May 2014 13:27:44 +0000 (15:27 +0200)]
Refactor perm_app_setup_path libprivilege-control tests.

New design provides only three ways of labelling path in libprivilege-control.
See:
-> 'Added APP_PATH_PUBLIC and APP_PATH_FLOOR types to perm_app_setup_path function.'

Verification:
-> libprivilege-control-test --output=text --runignored
   (following tests should pass:
    -> privilege_control02_perm_app_setup_path_01_PRIVATE
    -> privilege_control02_perm_app_setup_path_02_FLOOR
    -> privilege_control02_perm_app_setup_path_03_PUBLIC_RO
    -> privilege_control02_perm_app_setup_path_03_PUBLIC_RO_nosmack)

Change-Id: I90ffeaf1eac585bf0c999705940544263ac3214c

10 years agoAdd tests to libprivilege-control perm_app_has_permission function. 24/20524/6
Marcin Niesluchowski [Thu, 8 May 2014 10:03:25 +0000 (12:03 +0200)]
Add tests to libprivilege-control perm_app_has_permission function.

libprivilege-control function perm_app_has_permission has been restored
and changed.
See:
-> 'Restore perm_app_has_permission API function.'
-> 'Adjust perm_app_has_permission API function to Tizen 3.0 model.'

Verification:
-> security-tests.sh libprivilege-control --output=text --runignored
   (following tests should pass:
    -> privilege_control20_perm_app_has_permission
    -> privilege_control21m_incorrect_params_perm_app_has_permission)

Change-Id: I62d38b4665e5cc51f50b284378a3197dc8daefd2

10 years agoAdapt tests to new exec labelling design. 17/20017/2
Marcin Niesluchowski [Thu, 24 Apr 2014 13:54:54 +0000 (15:54 +0200)]
Adapt tests to new exec labelling design.

Remove smack exec label checks for links.
See:
-> 'Adapt to tizenorg: Change implementation of exec labels for links to binaries'

Verification:
-> libprivilege-control-test --output=text \
   --regexp=privilege_control02_app_label_dir
   (test should pass)

Change-Id: Ided8c081c8fbd3b672f34a325373ccbbba653ef8

10 years agoFix memory managment 53/19953/5
Zofia Abramowska [Fri, 18 Apr 2014 12:50:22 +0000 (14:50 +0200)]
Fix memory managment

Organize used smart pointers.
Fix memory leaks inside libsmack test cases.

Change-Id: I7c63af01b463d0f5a2f3ac8c1c4dad1734f30ce5

10 years agoAdapt tests to change in libprivilege-control. 85/20385/1
Marcin Niesluchowski [Wed, 30 Apr 2014 14:37:53 +0000 (16:37 +0200)]
Adapt tests to change in libprivilege-control.

See libprivilege-control change:
-> 'Adapt to tizenorg: Generate app label from pkg_id'

Verification:
-> security-tests.sh libprivilege-control --runignored --output=text
   (tests from libprvilegecontrol and libprivilegecontrol_nosmack
    groups should pass)

Change-Id: I3b9a29dc10b33ee1ae488142bf16c4e4b4d69987

10 years agoRewriting cleanup functions for libsmack test cases 52/19952/2
Zofia Abramowska [Thu, 17 Apr 2014 12:51:00 +0000 (14:51 +0200)]
Rewriting cleanup functions for libsmack test cases

Simplifying cleanup functions.
This is a preparation commit for total refactoring
of cleanup mechanism in libsmack test cases

Change-Id: I1963b71188446b912f85ade0e9838eeb9f1af34f

10 years agoRemove unnecessary verify_chk_pwd_basic function. 74/18974/2
Marcin Niesluchowski [Thu, 3 Apr 2014 09:18:54 +0000 (11:18 +0200)]
Remove unnecessary verify_chk_pwd_basic function.

Verification:
-> security-tests.sh ss-password --output=text --runignored
   (no changes)

Change-Id: I804a3fc1d63da369eb155f7f776b9ac104542fbd

10 years agoAdapt tizen.org tests to newest security-server changes 80/19880/2
Janusz Kozerski [Mon, 14 Apr 2014 14:02:25 +0000 (16:02 +0200)]
Adapt tizen.org tests to newest security-server changes

Mark all tests that check security-server functions:
 - security_server_check_privilege_by_sockfd,
 - security_server_check_privilege_by_pid,
 - security_server_check_privilege_by_cookie,
as ignored.

Verification: Build with the newest security-server. All security-server test should pass.

Change-Id: I3eea20e03f4e0e7b31a9c18f6b75e9b650a4a517
Signed-off-by: Janusz Kozerski <j.kozerski@samsung.com>
10 years agoFix groups issue in tests using perm_app_set_privilege api. 59/18159/9
Marcin Niesluchowski [Thu, 13 Mar 2014 15:33:53 +0000 (16:33 +0100)]
Fix groups issue in tests using perm_app_set_privilege api.

Due to current policy process calling perm_app_set_privilege is added
to current groups of app user and additional groups associated with
smack label in database. Previous tests did not take into account
current groups of app user.

Verification:
-> security-tests.sh libprivilege-control --runignored --output=text

Change-Id: I03a7e96c46da20af6a01c86b290fc7180425afb5

10 years agoRewrite files_compare function 81/19781/3
Zofia Abramowska [Thu, 17 Apr 2014 12:03:14 +0000 (14:03 +0200)]
Rewrite files_compare function

Refactoring files_compare function now, when backtrack functionality
is available.

Change-Id: I5bde968289a3dea7b4c6aff2d9b075b5c22953de

10 years agoFixing failing 'smack13_4_*' libsmack tests 61/19761/3
Zbigniew Jasinski [Wed, 16 Apr 2014 15:14:12 +0000 (17:14 +0200)]
Fixing failing 'smack13_4_*' libsmack tests

[Bug/Feature] Failing 'smack13_4_*' libsmack tests.
[Cause] Not enough privileges for testing suite to access /opt/home/app
[Solution] Set the right access 'x' to 'User' label.
[Verification] Build, install and run tests on smack kernel:
libsmack-test --output=text --regexp='smack13_4_*'

Change-Id: Ia811b3fe8af8b5b3f35ecd5fb991d6a6738f5d1b

10 years agoFix Security Server tc_unit_03_04_security_server_check_privilege_neg. 05/19605/1
Radoslaw Bartosiak [Wed, 16 Apr 2014 10:01:51 +0000 (12:01 +0200)]
Fix Security Server tc_unit_03_04_security_server_check_privilege_neg.

[Bug/Feature]  Test failed with "Reading pipe error" message.
[Cause]        SEGFAULT in a test thread.
[Solution]     Fixed usage of std::vector::erase.
[Verification] Build, install and run tests on smack and non-smack env.
               tc_unit_03_04_security_server_check_privilege_neg is OK.

Change-Id: I79d8c7f39dcabb988b27ac902f211dab68b6cde8
Signed-off-by: Radoslaw Bartosiak <r.bartosiak@samsung.com>
10 years agoAdd SECURITY_SERVER_API_ERROR_NO_SUCH_SERVICE error check. 69/19569/2
Marcin Niesluchowski [Tue, 15 Apr 2014 11:54:01 +0000 (13:54 +0200)]
Add SECURITY_SERVER_API_ERROR_NO_SUCH_SERVICE error check.

Due to change in following commit in security-server repository
another connection error has been added.
-> 'Signalling attempt to access a non-existent service'

Verification:
-> security-tests.sh ss-api-speed --runignored --output=text

Change-Id: I088117a163d34ab37aba4de4a193c39c5c1a0b25

10 years agoFix Security Server no-smack stress tests. 02/19202/2
Marcin Lis [Fri, 4 Apr 2014 12:49:13 +0000 (14:49 +0200)]
Fix Security Server no-smack stress tests.

[Bug/Feature]  Security-server stress tests failure with smack disabled.
[Cause]        Security-server is able to handle only 5 clients in
               waiting queue.
[Solution]     Reduce the number of threads to 5.
[Verification] Build, install and run tests on smack and non-smack
               environment, stress tests should pass.

Change-Id: I099df21a279ede482d4a4e214f9e83f9a0db654e
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoRemove tests that use deprecated libprivilege-control API. 10/19210/2
Marcin Lis [Tue, 8 Apr 2014 15:33:35 +0000 (17:33 +0200)]
Remove tests that use deprecated libprivilege-control API.

[Feature]      Adapt tests to tizen.org
[Cause]        Libprivilege contained a lot of API that was marked deprecated
               for a long time. This API is removed in the following commit:
                   https://review.tizen.org/gerrit/#/c/19194/
[Solution]     Remove tests, macros, variables associated with old API:
               - app_register_av
               - app_add_friend
[Verification] Build, install and run tests on smack and non-smack environment.
               Ensure that libprivilege-control rpm built from the commit linked
               above is installed on the target.
               Removed tests should not be present.

Change-Id: I59ef71c5684a29a4fb6ba6a8f6a4a667e3f99ab0
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoAdjustment needed for performance tests in wrt-commons 23/18823/5
Janusz Kozerski [Tue, 1 Apr 2014 13:02:02 +0000 (15:02 +0200)]
Adjustment needed for performance tests in wrt-commons

The change "Add summary view to all security tests" colids with DPL
performance test in wrt-commons (commit: Add RUNNER_PERF_TEST_BEGIN()
and RUNNER_PERF_TEST_END() macros for performance tests). Without
this patch a build-break in security-test will occur after applying
performance tests feature to wrt-commons repository.
This patch fix the build break - security-tests can be build with
and without performance test in wrt-commons.

Verify:
    Build wrt-commons with patch "Add RUNNER_PERF_TEST_BEGIN()
and RUNNER_PERF_TEST_END() macros for performance tests". Then build
security-tests. Run all tests - there should be no changes in test
results.

Change-Id: If49834dcdd5396434a782e936d9906035b02fd32
Signed-off-by: Janusz Kozerski <j.kozerski@samsung.com>
10 years agoFix system include dirs dependencies for test commons 91/19191/1
Zofia Abramowska [Tue, 8 Apr 2014 09:15:11 +0000 (11:15 +0200)]
Fix system include dirs dependencies for test commons

[Bug] System include dirs dependencies not marked as such
[Cause] Wrong settting in CMakeLists
[Solution] Add inlude_directories with system setting for test
commons dependencies
[Verification] Successfull build

Change-Id: I00a87a0cf21497612fa84e6e718667be2515a48f

10 years agoFix tc_unit_06_01_security_server_get_smacklabel_cookie test. 26/18826/2
Marcin Niesluchowski [Tue, 1 Apr 2014 16:44:41 +0000 (18:44 +0200)]
Fix tc_unit_06_01_security_server_get_smacklabel_cookie test.

Test tc_unit_06_01_security_server_get_smacklabel_cookie fails with
smack disabled.

Verification:
-> security-tests.sh ss-server --output=text --runignored
   (tc_unit_06_01_security_server_get_smacklabel_cookie_* should pass
    with no changes in other tests)

Change-Id: Ia6a56120c777234faed3718a89b01caf91c7281f

10 years agoSome tests that call smack_revoke_subject should run with smack 23/18523/5
Sebastian Grabowski [Mon, 24 Mar 2014 13:52:29 +0000 (14:52 +0100)]
Some tests that call smack_revoke_subject should run with smack

[Bug/Feature]   Some tests calling smack_revoke_subject fails when run without
                smack
[Cause]         Tests need smack to run properly
[Solution]      Run those test only when smack is enabled. Moreover, if
                it was possible, added similar nosmack versions
                of these tests.
[Verification]  Build, install and run tests, i.e.:
                security-tests.sh ss-server --runignored --output=text

Change-Id: I1319c64581cce3739e1168a9d3dc45a1878892a8
Signed-off-by: Sebastian Grabowski <s.grabowski@partner.samsung.com>
10 years agoFix failing tests from SECURITY_SERVER_API_SPEED_MEASURER group. 58/18758/2
Marcin Niesluchowski [Thu, 27 Mar 2014 18:00:16 +0000 (19:00 +0100)]
Fix failing tests from SECURITY_SERVER_API_SPEED_MEASURER group.

Following tests fail with smack disabled:
-> m060_security_server_check_privilege_by_cookie
-> m070_security_server_check_privilege_by_sockfd

Verification:
-> security-tests.sh ss-server --output=text --runignored
   (no changes)
-> security-tests.sh ss-api-speed --output=text --runignored
   (m060* and m070* should pass)

Change-Id: Ie93a803bc498448c6d374bcc552be0b2afcca3d4

10 years agoRemoved use of pid_cycle file and ENVIRONMENT macros 37/18537/8
Sebastian Grabowski [Tue, 25 Mar 2014 12:44:13 +0000 (13:44 +0100)]
Removed use of pid_cycle file and ENVIRONMENT macros

[Bug/Feature]   Security-server client tests failure with smack disabled
                while test environment preparations
[Cause]         pid_cycle file was created in a nonexistent directory.
                Moreover, this file seems to be unused in any way
                further and not deleted either.
[Solution]      Get rid of pid_cycle file usage. In addition,
                ENVIRONMENT and ENVIRONMENT_NOSMACK macros were deleted
                in favour of drop_root_privileges function for nonsmack
                tests and AccessProvider class for smack tests.
                There were also duplicated tests about security server
                cookies - they were moved to cookie_api.cpp.
                Tests run as app user in cookie_api.cpp are now distinguished
                from others with changed name having "_app_user_" string.
[Verification]  Build, install and run tests, i.e.:
                security-tests.sh ss-server --runignored --output=text
                security-tests.sh ss-clientsmack --runignored --output=text

Change-Id: I68ad3f0bb12f437fa927660327c5e44f91e91446
Signed-off-by: Sebastian Grabowski <s.grabowski@partner.samsung.com>
10 years agoRewrite macro defines as consts 63/18663/2
Zofia Abramowska [Thu, 27 Mar 2014 14:08:51 +0000 (15:08 +0100)]
Rewrite macro defines as consts

Removing unnecessary macros and replace them with const variables.

Change-Id: I867e54eebbd4e01ca7947abf67a5642c6f965c2e

10 years agoFix error messages for access denial tests 90/18490/2
Zofia Abramowska [Fri, 21 Mar 2014 17:00:37 +0000 (18:00 +0100)]
Fix error messages for access denial tests

Error messages stated that function failed instead of saying
that access should not have been granted.

Change-Id: Ifcd1bca4f5b6b12c5d907b0301afdc727e73739a

10 years agoFix security-server server tests 00/18400/3
Zofia Abramowska [Fri, 21 Mar 2014 16:40:49 +0000 (17:40 +0100)]
Fix security-server server tests

Some of test expect to receive access denied when trying to
access security server sockets. Now these sockets are labeled
"_" so access always is granted.
Setting ignore on those test cases, which expect access denial.

Change-Id: Ibd8ec5c8b3b85ac829650f9c080983be7154b8a0

10 years agoRefactor libprivilege-control stress tests. 65/18465/2
Marcin Lis [Mon, 24 Mar 2014 10:44:07 +0000 (11:44 +0100)]
Refactor libprivilege-control stress tests.

[Issue#]       N/A
[Feature]      Adapt tests to tizen.org
[Cause]        Tests failing under no-smack environment due to improper design.
[Solution]     Make stress tests work well when SMACK is not present by adding
               different conditions. In addition use types defined in common
               headers instead of repeating nested declarations of vectors.

[Verification] Build, install, run tests.

               The following test cases should pass:
                        <<   WITH SMACK   >>
                - privilege_control22_app_installation_1x100_smack
                - privilege_control23_app_installation2_10x10_smack
                        <<  WITHOUT SMACK >>
                - privilege_control22_app_installation_1x100_nosmack
                - privilege_control23_app_installation2_10x10_nosmack

Change-Id: I8a9cfeeb4ce81c7543e3ef33b704441f25dd9c2d
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoRemove anti-virus tests from libprivilege group. 61/18461/5
Marcin Lis [Mon, 24 Mar 2014 14:30:15 +0000 (15:30 +0100)]
Remove anti-virus tests from libprivilege group.

[Issue#]       N/A
[Feature]      Adapt tests to tizen.org
[Cause]        Tests failing because AV (anti-virus) functionality is deprecated
[Solution]     Remove tests connected to anti-viruses.
               Leave av test marked as ignored and deprecated. It will be
               removed when libprivilege API is cleaned up.

[Verification] Build, install, run tests.

               The following test cases should not be present on the list:
                - privilege_control24a_av_privilege_group_rw
                - privilege_control24b_av_privilege_settings_rw
                - privilege_control24c_av_privilege_public_ro

Change-Id: I2a468990065aae3aa83a81c9336b6d7e6595c9aa
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoFix libprivilege-control tests connected with perm_app_setup_path 01/18401/2
Marcin Lis [Mon, 24 Mar 2014 09:43:54 +0000 (10:43 +0100)]
Fix libprivilege-control tests connected with perm_app_setup_path

[Issue#]       N/A
[Feature]      Adapt tests to tizen.org and new three domain policy.
[Cause]        Tests failing due to lack of privileges in libprivilege database.
[Solution]     Add required permissions to database.

[Verification] Build, install, run tests.

               The following test cases should pass:
                        <<   WITH SMACK   >>
                - privilege_control17_appsettings_privilege
                - privilege_control22_app_installation_1x100
                - privilege_control23_app_installation2_10x10
                        <<  WITHOUT SMACK >>
                - privilege_control17_appsettings_privilege_nosmack

Change-Id: Iefb388d4dfca1b1681c55ee8db87eb35a9109f73
Signed-off-by: Marcin Lis <m.lis@samsung.com>
10 years agoFix tc18_security_server_get_smacklabel_cookie_nosmack 60/18360/1
Marek Smolinski [Thu, 20 Mar 2014 14:23:22 +0000 (15:23 +0100)]
Fix tc18_security_server_get_smacklabel_cookie_nosmack

Wrong logical expresion checking empty string in ASSERTION

Change-Id: I2b2ddd59fbf028430392a9dcdc90e7c539f06024
Signed-off-by: Marek Smolinski <m.smolinski@samsung.com>
10 years agoFix rules file compared with created by smack_accesses_save. 63/18163/1
Marcin Niesluchowski [Mon, 17 Mar 2014 16:11:52 +0000 (17:11 +0100)]
Fix rules file compared with created by smack_accesses_save.

After merge of smack upstream to tizen saved rules file format
has changed.

Change-Id: I785b60a56dfe3a236fe15adb0e15f1ff7c4d2cdb

10 years agoAdapt to tizenorg sandbox/mniesluchow/samsung_devel
Marcin Niesluchowski [Mon, 10 Mar 2014 17:30:39 +0000 (18:30 +0100)]
Adapt to tizenorg

Seurity-server tests:
* Remove tests for app-permissions service.
* Remove tests for open-for service.
* Remove tests for cookie service apis:
** security_server_get_uid_by_cookie
** security_server_get_gid_by_cookie
Libprivilege-control tests:
* Remove tests for perm_add_additional_rules api.
* Remove tests for perm_app_setup_permissions api or change this to
  perm_app_enable_permissions api in those tests.
* Remove tests for perm_get_permissions api.
* Remove tests for perm_app_get_paths api.
* Remove tests for perm_app_remove_path api.
* Remove tests for get_smack_label_from_process api.
* Remove tests for smack_pid_have_access api.
* Remove tests regarding nonexistent app_type_t values or change those values
  to proper ones.
* Change nonexistent app_path_type_t values to proper ones.
* Remove nonexistant functionalities checks.

Change-Id: I3d4bc05c273801d34b8b3b11ab3474a28148440f

10 years agoPrevent running perm_add_additional_rules_smack_access_*
Lukasz Wojciechowski [Mon, 24 Feb 2014 15:23:29 +0000 (16:23 +0100)]
Prevent running perm_add_additional_rules_smack_access_*
tests in nosmack mode

[Issue#]        N/A
[Feature]       These tests fail in nosmack mode
[Cause]         Tests need smack to run properly
[Solution]      N/A
[Verification]  Run libprivilege-control tests on target.
                Verify with both smack and nosmack variants.
                4 tests should be run only at smack mode:
                perm_add_additional_rules_smack_access_*

Change-Id: I3fc96531d90a71ca5b0feeea181f722e99bd84e7

10 years agoFix removing unnecessary define.
Marcin Niesluchowski [Thu, 6 Mar 2014 15:40:36 +0000 (16:40 +0100)]
Fix removing unnecessary define.

[Issue#]        N/A
[Bug/Feature]   Using unnecessary define dependent on wrt-commons.
[Cause]         N/A
[Solution]      Using true instead of TRUE macro.
[Verification]  Build with wrt-commons devel. Run.
                privilege_control11_app_enable_permissions_nosmack should pass.
                Do the same for wrt-commons master branch.

Change-Id: I3e01a51b01a07c81d606506aa1295c4a052561e7

10 years agoAdd test for security_server_is_pwd_valid.
Bartlomiej Grzelewski [Tue, 18 Feb 2014 12:51:49 +0000 (13:51 +0100)]
Add test for security_server_is_pwd_valid.

[Issue#]    N/A
[Cause]     Korea claims that this function returns 0 after date was
            moved back.
[Bug]       Not found.
[Solution]  N/A

[Verification] Build, run tests.

Change-Id: I317a21692a360fa3dafa6b9d067899aebd68db43

10 years agoAdd additional tests for password service.
Bartlomiej Grzelewski [Mon, 27 Jan 2014 15:26:38 +0000 (16:26 +0100)]
Add additional tests for password service.

[Issue#]      N/A
[Bug/Problem] Security-server set up wrong value as validSec when
              password validity time was set as "never expired".
[Cause]       N/A
[Solution]    N/A

[Verification] Build, run tests.

Change-Id: I2fa830899786ee72f4d24ac3f1a9cd771527552e

10 years agoFix set privilege tests for OSP and EFL
Zofia Abramowska [Thu, 13 Feb 2014 12:57:44 +0000 (13:57 +0100)]
Fix set privilege tests for OSP and EFL

[Issue#] PSDAC-125
[Bug] Imporper tests for perm_app_set_privilege
[Cause] App type for OSP should be "tpk" inseatd of NULL.
No test for EFL type of application.
[Solution] Changed app type for OSP and added perm_app_set_privilege
tests for EFL.
[Verification] Build. Run libprivilege tests. One test more should be
run and no more tests should fail.

Change-Id: I366368e4ba3ef5e9389ed15abd0fd056b937015b

10 years agoFixing privilege_control05_perm_get_permissions.
Marcin Niesluchowski [Mon, 24 Feb 2014 12:44:57 +0000 (13:44 +0100)]
Fixing privilege_control05_perm_get_permissions.

[Issue#]        N/A
[Bug/Feature]   Temporary array passed as an argument.
[Cause]         Build fails.
[Solution]      Changing it to local variable.
[Verification]  Build tests, run, privilege_control05_perm_get_permissions should pass.

Change-Id: I77a112698b7b016a71f68599b27a15f49fec363d