From 1f4ae3969f80f4fb96ca81f27d7e1f29f3226562 Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Mon, 18 Nov 2013 10:53:46 +0100 Subject: [PATCH] Sqlite3 support for tests. Libprivilege tests: check database records instead of existance of files. [Issue#] SSDWSSP-644 [Feature] Tests need database records access [Cause] Tests should verify libprivilege actions by checking database records [Solution] Sqlite3 access API, tests use database instead of files [Verification] Build security-tests, run two following libprivilege-control tests on target: privilege_control04_add_permissions_nosmack, privilege_control11_app_enable_permissions_nosmack. Change-Id: I0c229f67a6791e9f8f850494eedebc925cf63ad3 --- packaging/security-tests.spec | 2 + tests/libprivilege-control-tests/CMakeLists.txt | 6 + tests/libprivilege-control-tests/common/db.cpp | 151 ++++++++++++++++ tests/libprivilege-control-tests/common/db.h | 122 +++++++++++++ .../common/db_sqlite.cpp | 104 +++++++++++ .../libprivilege-control-tests/common/db_sqlite.h | 196 +++++++++++++++++++++ .../common/duplicates.cpp | 114 ++++++++++++ .../libprivilege-control-tests/common/duplicates.h | 68 +++++++ .../common/libprivilege-control_test_common.h | 5 +- .../libprivilege-control_test_common.cpp | 11 +- tests/libprivilege-control-tests/test_cases.cpp | 25 +-- .../test_cases_nosmack.cpp | 20 ++- 12 files changed, 787 insertions(+), 37 deletions(-) create mode 100644 tests/libprivilege-control-tests/common/db.cpp create mode 100644 tests/libprivilege-control-tests/common/db.h create mode 100644 tests/libprivilege-control-tests/common/db_sqlite.cpp create mode 100644 tests/libprivilege-control-tests/common/db_sqlite.h create mode 100644 tests/libprivilege-control-tests/common/duplicates.cpp create mode 100644 tests/libprivilege-control-tests/common/duplicates.h diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec index 8fd9b37..e86f39c 100644 --- a/packaging/security-tests.spec +++ b/packaging/security-tests.spec @@ -16,6 +16,8 @@ BuildRequires: pkgconfig(dpl-test-efl) BuildRequires: pkgconfig(dlog) BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(dbus-glib-1) +BuildRequires: pkgconfig(libiri) +BuildRequires: pkgconfig(sqlite3) Requires: smack Requires: libprivilege-control diff --git a/tests/libprivilege-control-tests/CMakeLists.txt b/tests/libprivilege-control-tests/CMakeLists.txt index 1822c14..bc6959d 100644 --- a/tests/libprivilege-control-tests/CMakeLists.txt +++ b/tests/libprivilege-control-tests/CMakeLists.txt @@ -15,6 +15,7 @@ # @file CMakeLists.txt # @author Jan Olszak (j.olszak@samsung.com) # @author Rafal Krypa (r.krypa@samsung.com) +# @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) # @version 0.1 # @brief # @@ -26,11 +27,16 @@ PKG_CHECK_MODULES(LPC_TARGET_DEP libsmack libprivilege-control dpl-test-efl + sqlite3 REQUIRED + libiri ) #files to compile SET(LPC_TARGET_TEST_SOURCES + ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/db_sqlite.cpp + ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/db.cpp + ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/duplicates.cpp ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/libprivilege-control-test.cpp ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_cases.cpp ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_cases_nosmack.cpp diff --git a/tests/libprivilege-control-tests/common/db.cpp b/tests/libprivilege-control-tests/common/db.cpp new file mode 100644 index 0000000..1ca54fb --- /dev/null +++ b/tests/libprivilege-control-tests/common/db.cpp @@ -0,0 +1,151 @@ +/* + * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +*/ + +/* + * @file libprivilege-control_test_db.cpp + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) + * @version 1.0 + * @brief libprivilege-control tests database record check functions + */ + +#include +#include +#include +#include +#include "db.h" +#include "db_sqlite.h" +#include "duplicates.h" + +const std::string DBASE_PATH = "/opt/dbspace/.rules-db.db3"; +const std::string ALL_APPS ="ALL_APPS"; + +const int PERMISSION_VOLATILE = 1; +const int PERMISSION_PERSISTENT = 0; + +const int PERMISSION_ENABLED = 1; +const int PERMISSION_DISABLED = 0; + +using std::ostringstream; +using std::string; + +TestLibPrivilegeControlDatabase::TestLibPrivilegeControlDatabase() : m_base(DBASE_PATH) +{ +} + +void TestLibPrivilegeControlDatabase::test_db_after__perm_app_install(const Tracker& tracker, + const char* name) +{ + if(!m_base.is_open()) + m_base.open(tracker); + + app_label(tracker, name); + app_permission(tracker, name, ALL_APPS, ALL_APPS, + PERMISSION_PERSISTENT, PERMISSION_ENABLED); +} + +void TestLibPrivilegeControlDatabase::test_db_after__perm_app_uninstall(const Tracker& tracker, + const char* name) +{ + if(!m_base.is_open()) + m_base.open(tracker); + + app_not_label(tracker, name); +} + +void TestLibPrivilegeControlDatabase::test_db_after__perm_app_enable_permissions( + const Tracker& tracker, const char* name, app_type_t app_type, const char** perm_list, + bool persistent) +{ + if(!m_base.is_open()) + m_base.open(tracker); + + string permission_type_name = app_type_name(app_type); + string permission_group_type_name = app_type_group_name(app_type); + const int is_volatile = persistent ? PERMISSION_PERSISTENT : PERMISSION_VOLATILE; + string permission_name; + int ret; + + app_permission(tracker, name, permission_type_name, permission_type_name, is_volatile, + PERMISSION_ENABLED); + + int i; + for(i = 0; perm_list[i] != NULL; ++i) { + // Ignore empty lines + if(strspn(perm_list[i], " \t\n") == strlen(perm_list[i])) + continue; + + ret = base_name_from_perm(perm_list[i], permission_name); + RUNNER_ASSERT_MSG(ret == PC_OPERATION_SUCCESS, + "DB: Error testing \"" << __FUNCTION__ << + "\": permission : <" << perm_list[i] << + "> cannot be converted to basename (iri parse error)"); + app_permission(tracker, name, permission_name, permission_group_type_name, + is_volatile, PERMISSION_ENABLED); + } +} + +void TestLibPrivilegeControlDatabase::app_label(const Tracker& tracker, const std::string& app_name) +{ + Sqlite3DBaseSelectResult result; + ostringstream sql; + sql << "SELECT app_id FROM app " + "NATURAL JOIN label " + "WHERE name == '" << app_name << "' ;"; + m_base.execute(tracker, sql.str(), result); + + RUNNER_ASSERT_MSG(result.rows.size() == 1 && result.rows[0].size() == 1, + "DB: Error testing \"" << tracker.str() << "\": querry : <" << sql.str() << + "> returned [" << result.rows.size() << "] rows"); +} + +void TestLibPrivilegeControlDatabase::app_not_label(const Tracker& tracker, + const std::string& app_name) +{ + Sqlite3DBaseSelectResult result; + ostringstream sql; + sql << "SELECT label_id FROM label " + "WHERE name == '" << app_name << "' ;"; + m_base.execute(tracker, sql.str(), result); + + RUNNER_ASSERT_MSG(result.rows.size() == 0, + "DB: Error testing \"" << tracker.str() << "\": querry : <" << sql.str() << + "> returned [" << result.rows.size() << "] rows"); +} + +void TestLibPrivilegeControlDatabase::app_permission(const Tracker& tracker, + const std::string& app_name, const std::string& permission_name, + const std::string& permission_type_name, int is_volatile, int is_enabled) +{ + Sqlite3DBaseSelectResult result; + ostringstream sql; + sql << "SELECT * FROM app_permission " + "INNER JOIN app USING(app_id) " + "INNER JOIN permission USING(permission_id) " + "INNER JOIN permission_type USING(permission_type_id)" + "INNER JOIN label USING(label_id)" + "WHERE " + "label.name == '" << app_name << "' " + "AND app_permission.is_enabled == " << is_enabled << " " + "AND app_permission.is_volatile == " << is_volatile << " " + "AND permission.name == '" << permission_name << "' " + "AND permission_type.type_name == '" << permission_type_name << "' " + ";"; + m_base.execute(tracker, sql.str(), result); + + RUNNER_ASSERT_MSG(result.rows.size() == 1, + "DB: Error testing \"" << tracker.str() << "\": querry : <" << sql.str() << + "> returned [" << result.rows.size() << "] rows"); +} diff --git a/tests/libprivilege-control-tests/common/db.h b/tests/libprivilege-control-tests/common/db.h new file mode 100644 index 0000000..c3e8162 --- /dev/null +++ b/tests/libprivilege-control-tests/common/db.h @@ -0,0 +1,122 @@ +/* + * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +*/ + +/* + * @file libprivilege-control_test_db.h + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) + * @version 1.0 + * @brief libprivilege-control tests database record check functions + */ + +#ifndef LIBPRIVILEGE_CONTROL_TEST_DB_H_ +#define LIBPRIVILEGE_CONTROL_TEST_DB_H_ + +#include +#include +#include "db_sqlite.h" + +/** + * @class TestLibPrivilegeControlDatabase + * @brief Class containing methods for testing libprivlege database. + */ +class TestLibPrivilegeControlDatabase +{ +public: +/** + * @brief A constructor + */ + TestLibPrivilegeControlDatabase(); + +/** + * @brief A destructor + */ + ~TestLibPrivilegeControlDatabase() = default; + +/** + * @brief Method for testing database after "perm_app_install" was run. + * + * It checks existence of proper: label, app records and permission for ALL_APPS for installed app. + * + * @param tracker make assertion comments if error more useful + * @param name name of installed app + */ + void test_db_after__perm_app_install(const Tracker& tracker, const char* name); + +/** + * @brief Method for testing database after "perm_app_install" was run. + * + * It checks existence of proper: label, app records and permission for ALL_APPS for installed app. + * + * @param tracker make assertion comments if error more useful + * @param name name of installed app + */ + void test_db_after__perm_app_uninstall(const Tracker& tracker, const char* name); + +/** + * @brief Method for testing database after "perm_app_enable_permissions" was run. + * + * It checks existence of proper permissions from perm_list and main permission for whole app_type. + * + * @param tracker make assertion comments if error more useful + * @param name name of application + * @param app_type type of application (EFL, WRT, etc. ) + * @param perm_list list of permission to enable + * @param persistent persistence or volatileness of permissions + */ + void test_db_after__perm_app_enable_permissions(const Tracker& tracker, const char* name, + app_type_t app_type, const char** perm_list, bool persistent); + +private: +/** + * @var base + * @brief Sqlite3DBase object giving simple access to database + * + * Connection to database is open first time it is needed + * and closed in destructor of TestLibPrivilegeControlDatabase. + */ + Sqlite3DBase m_base; + +/** + * @brief Check existence of label related records for given app. + * + * @param tracker make assertion comments if error more useful + * @param app_name name of application + */ + void app_label(const Tracker& tracker, const std::string& app_name); + +/** + * @brief Check absence of label record for given app. + * + * @param tracker make assertion comments if error more useful + * @param app_name name of application + */ + void app_not_label(const Tracker& tracker, const std::string& app_name); + +/** + * @brief It checks existence of single permission. + * @param tracker make assertion comments if error more useful + * @param app_name name of application + * @param permission_name name of permission + * @param permission_type_name name of permission type + * @param is_volatile persistence or volatileness of permissions + * @param is_enabled permission enable flag + */ + void app_permission(const Tracker& tracker, const std::string& app_name, + const std::string& permission_name, const std::string& permission_type_name, + int is_volatile, int is_enabled); +}; + +#endif /* LIBPRIVILEGE_CONTROL_TEST_DB_H_ */ diff --git a/tests/libprivilege-control-tests/common/db_sqlite.cpp b/tests/libprivilege-control-tests/common/db_sqlite.cpp new file mode 100644 index 0000000..800488b --- /dev/null +++ b/tests/libprivilege-control-tests/common/db_sqlite.cpp @@ -0,0 +1,104 @@ +/* + * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +*/ + +/* + * @file libprivilege-control_test_db_sqlite.cpp + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) + * @version 1.0 + * @brief libprivilege-control tests API for sqlite3 database access + */ + +#include +#include "db_sqlite.h" + +Sqlite3DBase::Sqlite3DBase(const std::string& db_path, int flags) + : m_db_handle(NULL), m_db_path(db_path), m_flags(flags) +{ +} + +Sqlite3DBase::~Sqlite3DBase() +{ + sqlite3_close(m_db_handle); +} + +#define VFS_NOT_USED NULL + +void Sqlite3DBase::open(const Tracker& tracker) +{ + if(m_db_handle) //database already opened + return; + + int ret = sqlite3_open_v2(m_db_path.c_str(), &m_db_handle, m_flags, VFS_NOT_USED); + RUNNER_ASSERT_MSG(m_db_handle, + "DB: Error testing \"" << tracker.str() << + "\" Sqlite3DBase: Error opening the database: Unable to allocate memory."); + RUNNER_ASSERT_MSG(ret == SQLITE_OK, + "DB: Error testing \"" << tracker.str() << + "\" Sqlite3DBase: Error opening the database: " << + sqlite3_errmsg(m_db_handle)); +} + +void Sqlite3DBase::close(const Tracker& tracker) +{ + int ret = sqlite3_close(m_db_handle); + RUNNER_ASSERT_MSG(ret == SQLITE_OK, + "DB: Error testing \"" << tracker.str() << + "\" Sqlite3DBase: Error closing the database: " << + sqlite3_errmsg(m_db_handle)); + + m_db_handle = NULL; +} + +bool Sqlite3DBase::is_open(void) const +{ + return !!m_db_handle; +} + +void Sqlite3DBase::execute(const Tracker& tracker, const std::string& sql_querry, + Sqlite3DBaseSelectResult& result) +{ + char* tmp = NULL; + std::string errmsg; + + int ret = sqlite3_exec(m_db_handle, sql_querry.c_str(), callback, &result, &tmp); + if(tmp) { + errmsg.assign(tmp); + } + sqlite3_free(tmp); + + RUNNER_ASSERT_MSG(ret == SQLITE_OK || ret == SQLITE_ABORT, + "DB: Error testing \"" << tracker.str() << + "\" Sqlite3DBase: Error executing statement <" << sql_querry << "> : " << + errmsg); +} + +int Sqlite3DBase::callback(void* p_result, int cols, char** data, char** header) +{ + int i; + Sqlite3DBaseSelectResult* result = static_cast(p_result); + + // if this is first record get column names + if(result->rows.empty()) { + for(i = 0; i < cols; ++i) { + result->header.push_back(header[i] ? header[i] : ""); + } + } + result->rows.push_back(Sqlite3Row()); + for(i = 0; i < cols; ++i) { + result->rows.back().push_back(data[i] ? data[i] : ""); + } + return SQLITE_OK; +} diff --git a/tests/libprivilege-control-tests/common/db_sqlite.h b/tests/libprivilege-control-tests/common/db_sqlite.h new file mode 100644 index 0000000..0058c33 --- /dev/null +++ b/tests/libprivilege-control-tests/common/db_sqlite.h @@ -0,0 +1,196 @@ +/* + * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +*/ + +/* + * @file libprivilege-control_test_db_sqlite.h + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) + * @version 1.0 + * @brief libprivilege-control tests API for sqlite3 database access + */ + +#ifndef LIBPRIVILEGE_CONTROL_TEST_DB_SQLITE_H_ +#define LIBPRIVILEGE_CONTROL_TEST_DB_SQLITE_H_ + +#include +#include +#include +#include + +/** + * @def DB_SQLITE_READWRITE_FLAG + * @brief Sqlite3 flag set for opening database in RW mode + */ +#define DB_SQLITE_READWRITE_FLAG SQLITE_OPEN_NOMUTEX | SQLITE_OPEN_PRIVATECACHE \ + | SQLITE_OPEN_READWRITE + +/** + * @def DB_SQLITE_READONLY_FLAG + * @brief Sqlite3 flag set for opening database in RO mode + */ +#define DB_SQLITE_READONLY_FLAG SQLITE_OPEN_NOMUTEX | SQLITE_OPEN_PRIVATECACHE \ + | SQLITE_OPEN_READONLY + +/** + * @typedef Sqlite3HeaderName + * @brief Holds single column name of sqlite select querry response. + */ +typedef std::string Sqlite3HeaderName; + +/** + * @typedef Sqlite3HeaderNameVector + * @brief Holds column names vector of sqlite select querry response. + */ +typedef std::vector Sqlite3HeaderNameVector; + +/** + * @typedef Sqlite3RowCell + * @brief Holds single cell of row of sqlite select querry response. + */ +typedef std::string Sqlite3RowCell; + +/** + * @typedef Sqlite3Row + * @brief Holds single row of sqlite select querry response. + */ +typedef std::vector Sqlite3Row; + +/** + * @typedef Sqlite3RowVector + * @brief Holds multiple rows of sqlite select querry response. + */ +typedef std::vector Sqlite3RowVector; + +/** + * @class Sqlite3DBaseSelectResult + * @brief Sqlite3 select querry response. + * + * Fields are public as there is no complicated logic to operate on them + */ +struct Sqlite3DBaseSelectResult +{ +/** + * @var header + * @brief Sqlite select querry column names + */ + Sqlite3HeaderNameVector header; + +/** + * @var rows + * @brief Sqlite select querry rows vector + */ + Sqlite3RowVector rows; +}; + + +/** + * @class Sqlite3DBase + * @brief Simple interface for executing select statements on sqlite3 database + * + * Fields are public as there is no complicated logic to operate on them + */ +class Sqlite3DBase +{ +public: +/** + * @brief A constructor + * + * @param db_path path to database file + * @param flags sqlite3 flags defining database opening mode + * (default value DB_SQLITE_READONLY_FLAG) + */ + Sqlite3DBase(const std::string& db_path, int flags = DB_SQLITE_READONLY_FLAG); + +/** + * @brief A destructor + */ + ~Sqlite3DBase(); + +/** + * @brief Open database. + * + * If database is already opened do nothing. + * + * @param tracker make assertion comments if error more useful + * + * @throw DPL::Test::TestRunner::TestFailed when opening database fails + */ + void open(const Tracker& tracker); + +/** + * @brief Close database. + * + * @param tracker make assertion comments if error more useful + * + * @throw DPL::Test::TestRunner::TestFailed when closing database fails + */ + void close(const Tracker& tracker); + +/** + * @brief Get database connection status. + * + * @return true if database is open + * false if database is closed + */ + bool is_open(void) const; + +/** + * @brief Execute SQL querry on database + * + * @param tracker make assertion comments if error more useful + * @param sql_querry SQL querry + * @param result returned result + * + * @throw DPL::Test::TestRunner::TestFailed when execution of querry fails + */ + void execute(const Tracker& tracker, const std::string& sql_querry, + Sqlite3DBaseSelectResult& result); + +private: +/** + * @var db_handle + * @brief Handle to sqlite3 database + * + * NULL when database not opened. + */ + sqlite3* m_db_handle; + +/** + * @var db_path + * @brief Path to database file + */ + std::string m_db_path; + +/** + * @var flags + * @brief Sqlite3 flags defining database opening mode + */ + int m_flags; + +/** + * @brief Callback used to aquire results from SQL query + * + * It is run by sqlite for every row in query result. + * + * @param p_result pointer to private data (Sqlite3DBaseSelectResult) + * @param cols number of columns in SQL result + * @param data array of strings containing single row + * @param header array of strings containing column names + * @return SQLITE_OK as we always know what to do with data + */ + static int callback(void* p_result, int cols, char** data, char** header); +}; + +#endif /* LIBPRIVILEGE_CONTROL_TEST_DB_SQLITE_H_ */ diff --git a/tests/libprivilege-control-tests/common/duplicates.cpp b/tests/libprivilege-control-tests/common/duplicates.cpp new file mode 100644 index 0000000..4a38307 --- /dev/null +++ b/tests/libprivilege-control-tests/common/duplicates.cpp @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +*/ + +/* + * @file libprivilege-control_test_duplicates.cpp + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) + * @version 1.0 + * @brief libprivilege-control private functions duplicates + */ + +#include +#include +#include +#include +#include "duplicates.h" + +std::string app_type_name(app_type_t app_type) +{ + switch(app_type) + { + case PERM_APP_TYPE_WGT: + return "WRT"; + case PERM_APP_TYPE_OSP: + return "OSP"; + case PERM_APP_TYPE_WGT_PARTNER: + return "WRT_partner"; + case PERM_APP_TYPE_WGT_PLATFORM: + return "WRT_platform"; + case PERM_APP_TYPE_OSP_PARTNER: + return "OSP_partner"; + case PERM_APP_TYPE_OSP_PLATFORM: + return "OSP_platform"; + case PERM_APP_TYPE_EFL: + return "EFL"; + default: + return ""; + } +} + +std::string app_type_group_name(app_type_t app_type) +{ + switch (app_type) + { + case PERM_APP_TYPE_WGT: + case PERM_APP_TYPE_WGT_PARTNER: + case PERM_APP_TYPE_WGT_PLATFORM: + return "WRT"; + case PERM_APP_TYPE_OSP: + case PERM_APP_TYPE_OSP_PARTNER: + case PERM_APP_TYPE_OSP_PLATFORM: + return "OSP"; + case PERM_APP_TYPE_EFL: + return "EFL"; + default: + return ""; + } +} + +/* + * This function changes permission URI to basename for file name. + * For e.g. from http://tizen.org/privilege/contact.read will be + * created basename : org.tizen.privilege.contact.read + */ +int base_name_from_perm(const char *perm, std::string& name) +{ + iri_t *iris = iri_parse(perm); + if(iris == NULL || iris->host == NULL) + { + iri_destroy(iris); + return PC_ERR_INVALID_PARAM; + } + + std::string host_dot; + std::string host; + std::string path; + std::string::size_type pos; + + if(iris->path == NULL) + { + path = iris->host; + } + else + { + path = iris->path; + host = iris->host; + pos = host.rfind('.'); + if(pos != std::string::npos) + { + host_dot = host.substr(pos + 1) + "."; + host = host.substr(0, pos); + } + } + + iri_destroy(iris); + + std::replace(path.begin(), path.end(), '/', '.'); + + name = host_dot + host + path; + + return PC_OPERATION_SUCCESS; +} diff --git a/tests/libprivilege-control-tests/common/duplicates.h b/tests/libprivilege-control-tests/common/duplicates.h new file mode 100644 index 0000000..3b74656 --- /dev/null +++ b/tests/libprivilege-control-tests/common/duplicates.h @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. +*/ + +/* + * @file libprivilege-control_test_duplicates.h + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) + * @version 1.0 + * @brief libprivilege-control private functions duplicates + */ + +#ifndef LIBPRIVILEGE_CONTROL_TEST_DUPLICATES_H_ +#define LIBPRIVILEGE_CONTROL_TEST_DUPLICATES_H_ + +#include +#include + +/** + * @brief Get the permission family type name. + * + * @ingroup RDB internal functions test duplicate + * + * @param app_type type of the application + * @return PC_OPERATION_SUCCESS on success, + * error code otherwise + */ +std::string app_type_name(app_type_t app_type); + +/** + * @brief Get the permission type name + * + * @ingroup RDB internal functions test duplicate + * + * @param app_type type of the application + * @return PC_OPERATION_SUCCESS on success, + * error code otherwise + */ +std::string app_type_group_name(app_type_t app_type); + +/** + * @brief URI to basename conversion + * + * This function changes permission URI to basename for file name. + * For e.g. from http://tizen.org/privilege/contact.read will be + * created basename : org.tizen.privilege.contact.read + * + * @ingroup RDB internal functions test duplicate + * + * @param perm permission URI + * @param name created basename + * @return PC_OPERATION_SUCCESS on success, + * error code otherwise + */ +int base_name_from_perm(const char *perm, std::string& name); + +#endif /* LIBPRIVILEGE_CONTROL_TEST_DUPLICATES_H_ */ diff --git a/tests/libprivilege-control-tests/common/libprivilege-control_test_common.h b/tests/libprivilege-control-tests/common/libprivilege-control_test_common.h index 301ac92..58bf240 100644 --- a/tests/libprivilege-control-tests/common/libprivilege-control_test_common.h +++ b/tests/libprivilege-control-tests/common/libprivilege-control_test_common.h @@ -17,6 +17,7 @@ /* * @file test_cases.cpp * @author Zofia Abramowska (z.abramowska@samsung.com) + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) * @version 1.0 * @brief libprivilege-control tests commons */ @@ -36,8 +37,6 @@ #define SOCK_PATH "/tmp/test-smack-socket" -#define SMACK_RULES_DIR "/opt/etc/smack-app/accesses.d/" - #define TEST_APP_DIR "/etc/smack/test_privilege_control_DIR/app_dir" #define TEST_NON_APP_DIR "/etc/smack/test_privilege_control_DIR/non_app_dir" @@ -341,8 +340,6 @@ int test_have_all_accesses(const rules_t &rules); int test_have_any_accesses(const rules_t &rules); int test_have_nosmack_accesses(const rules_t &rules); -void cleaning_smack_app_files (void); - void read_gids(std::set &set, const char *file_path); void check_groups(const char *dac_file); diff --git a/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp b/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp index 5d6a529..3215141 100644 --- a/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp +++ b/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp @@ -16,6 +16,7 @@ /** * @file libprivilege-control-test.cpp * @author Jan Olszak (j.olszak@samsung.com) + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) * @version 1.0 * @brief Main file for libprivilege-control unit tests. */ @@ -43,16 +44,6 @@ const char* PRIV_APPSETTING[] {"org.tizen.privilege.appsetting", NULL}; const char* PRIVS_AV[] = { "org.tizen.privilege.antivirus", NULL }; -void cleaning_smack_app_files (void) -{ - unlink(SMACK_RULES_DIR APP_TEST_APP_1); - unlink(SMACK_RULES_DIR APP_TEST_APP_2); - unlink(SMACK_RULES_DIR APP_TEST_APP_3); - unlink(SMACK_RULES_DIR APP_TEST_AV_1); - unlink(SMACK_RULES_DIR APP_TEST_AV_2); - unlink(SMACK_RULES_DIR APP_TEST_AV_3); -} - /** * Check if every rule is true. * @return 1 if ALL rules in SMACK, 0 if ANY rule isn't, -1 on failure diff --git a/tests/libprivilege-control-tests/test_cases.cpp b/tests/libprivilege-control-tests/test_cases.cpp index 0989e31..5c341c5 100644 --- a/tests/libprivilege-control-tests/test_cases.cpp +++ b/tests/libprivilege-control-tests/test_cases.cpp @@ -18,6 +18,7 @@ * @file test_cases.cpp * @author Jan Olszak (j.olszak@samsung.com) * @author Rafal Krypa (r.krypa@samsung.com) + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) * @version 1.0 * @brief libprivilege-control test runner */ @@ -46,6 +47,8 @@ #include #include #include +#include +#include "common/db.h" #include @@ -676,7 +679,6 @@ RUNNER_TEST(privilege_control01_app_install) RUNNER_TEST(privilege_control07_app_uninstall) { int result; - int fd = -1; DB_BEGIN @@ -685,10 +687,8 @@ RUNNER_TEST(privilege_control07_app_uninstall) DB_END - // checking if file really exists - fd = open(SMACK_RULES_DIR APP_ID, O_RDONLY); - RUNNER_ASSERT_MSG(fd == -1, "SMACK file NOT deleted after perm_app_uninstall"); - close(fd); + TestLibPrivilegeControlDatabase db_test; + db_test.test_db_after__perm_app_uninstall(TRACE_FROM_HERE, APP_ID); } /* @@ -705,8 +705,6 @@ RUNNER_TEST_SMACK(privilege_control10_app_register_av) smack_revoke_subject(APP_TEST_AV_1); smack_revoke_subject(APP_TEST_AV_2); - cleaning_smack_app_files(); - DB_BEGIN // Adding two apps before antivir @@ -754,8 +752,6 @@ RUNNER_TEST_SMACK(privilege_control10_app_register_av) // cleaning smack_revoke_subject(APP_TEST_AV_1); smack_revoke_subject(APP_TEST_AV_2); - - cleaning_smack_app_files(); } #pragma GCC diagnostic warning "-Wdeprecated-declarations" @@ -1494,7 +1490,6 @@ RUNNER_TEST(privilege_control21_early_rules) RUNNER_IGNORED_MSG("early rules are not implemented"); int result; - int fd = -1; int pass_1 = 0; int pass_2 = 0; char *single_line_format = NULL; @@ -1506,8 +1501,6 @@ RUNNER_TEST(privilege_control21_early_rules) char rule_add[SMACK_ACC_LEN + 1] = {0}; char rule_remove[SMACK_ACC_LEN + 1] = {0}; - unlink(SMACK_RULES_DIR APP_ID); - DB_BEGIN perm_app_uninstall(APP_ID); @@ -1519,11 +1512,9 @@ RUNNER_TEST(privilege_control21_early_rules) DB_END - // checking if file really exists - fd = open(SMACK_RULES_DIR APP_ID, O_RDONLY); - close(fd); - RUNNER_ASSERT_MSG(fd >= 0, "File open failed: " << SMACK_RULES_DIR << APP_ID << " : " << fd << ". Errno: " << strerror(errno)); - fd = -1; + TestLibPrivilegeControlDatabase db_test; + db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, APP_ID); + db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, APP_TEST_APP_1); DB_BEGIN diff --git a/tests/libprivilege-control-tests/test_cases_nosmack.cpp b/tests/libprivilege-control-tests/test_cases_nosmack.cpp index a16149b..56bb577 100644 --- a/tests/libprivilege-control-tests/test_cases_nosmack.cpp +++ b/tests/libprivilege-control-tests/test_cases_nosmack.cpp @@ -18,6 +18,7 @@ * @file test_cases.cpp * @author Jan Olszak (j.olszak@samsung.com) * @author Rafal Krypa (r.krypa@samsung.com) + * @author Lukasz Wojciechowski (l.wojciechow@partner.samsung.com) * @version 1.0 * @brief libprivilege-control test runner */ @@ -40,6 +41,8 @@ #include #include #include +#include +#include "common/db.h" #define APP_USER_NAME "app" #define APP_HOME_DIR "/opt/home/app" @@ -172,6 +175,11 @@ RUNNER_TEST_NOSMACK(privilege_control04_add_permissions_nosmack) // Check if permission is assigned to app in db check_app_has_permission(APP_ID, APP_TYPE_EFL, PRIVS_EFL, true); + + TestLibPrivilegeControlDatabase db_test; + db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, APP_ID); + db_test.test_db_after__perm_app_enable_permissions(TRACE_FROM_HERE, APP_ID, APP_TYPE_EFL, + PRIVS_EFL, TRUE); } void set_app_privilege_nosmack(int line_no, @@ -393,8 +401,6 @@ RUNNER_TEST_NOSMACK(privilege_control10_app_register_av_nosmack) smack_revoke_subject(APP_TEST_AV_1); smack_revoke_subject(APP_TEST_AV_2); - cleaning_smack_app_files(); - DB_BEGIN // Adding two apps before antivir @@ -447,9 +453,6 @@ RUNNER_TEST_NOSMACK(privilege_control10_app_register_av_nosmack) // cleaning smack_revoke_subject(APP_TEST_AV_1); smack_revoke_subject(APP_TEST_AV_2); - - cleaning_smack_app_files(); - } #pragma GCC diagnostic warning "-Wdeprecated-declarations" @@ -489,7 +492,10 @@ RUNNER_TEST_NOSMACK(privilege_control11_app_enable_permissions_nosmack) result = test_have_nosmack_accesses(rules2); RUNNER_ASSERT_MSG(result == -1, "Permissions shouldn't be added. Result: " << result); - // TODO check entry in database + TestLibPrivilegeControlDatabase db_test; + db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, WGT_APP_ID); + db_test.test_db_after__perm_app_enable_permissions(TRACE_FROM_HERE, WGT_APP_ID, APP_TYPE_WGT, + PRIVS2, TRUE); DB_BEGIN @@ -499,6 +505,8 @@ RUNNER_TEST_NOSMACK(privilege_control11_app_enable_permissions_nosmack) "Error revoking app permissions. Result: " << result); DB_END + + db_test.test_db_after__perm_app_install(TRACE_FROM_HERE, WGT_APP_ID); } RUNNER_CHILD_TEST_NOSMACK(privilege_control11_app_enable_permissions_efl_nosmack) -- 2.7.4