From f4c9733ca6fe7884d8c96bb2b92f1c474c9ad225 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Mon, 2 Jan 2017 10:37:42 +0100 Subject: [PATCH 01/16] Remove setting of CMAKE_C_FLAGS in the main CMakeLists.txt This is a C++-only project that never included any C code. Setting CFLAGS in CMake is a pure clutter. Change-Id: I580decb504f670476342d45d35fb31a43e30a508 Signed-off-by: Rafal Krypa --- CMakeLists.txt | 4 ---- 1 file changed, 4 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 98cb047..77a6a35 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -58,13 +58,9 @@ ADD_DEFINITIONS("-DPRIVILEGE_GROUP_LIST_FILE=\"${PRIVILEGE_GROUP_LIST_FILE}\"") ############################# compiler flags ################################## -SET(CMAKE_C_FLAGS_PROFILING "-g -O0 -pg -Wp,-U_FORTIFY_SOURCE") SET(CMAKE_CXX_FLAGS_PROFILING "-g -std=c++0x -O0 -pg -Wp,-U_FORTIFY_SOURCE") -SET(CMAKE_C_FLAGS_DEBUG "-g -O0 -ggdb -Wp,-U_FORTIFY_SOURCE") SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++0x -O0 -ggdb -Wp,-U_FORTIFY_SOURCE") -SET(CMAKE_C_FLAGS_RELEASE "-g -O2") SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++0x -O2") -SET(CMAKE_C_FLAGS_CCOV "-g -O2 --coverage") SET(CMAKE_CXX_FLAGS_CCOV "-g -std=c++0x -O2 --coverage") # If supported for the target machine, emit position-independent code,suitable -- 2.7.4 From 2b8cb0b46542095c0a4a78cccfc6fe492366001b Mon Sep 17 00:00:00 2001 From: Radoslaw Bartosiak Date: Mon, 19 Dec 2016 17:32:48 +0100 Subject: [PATCH 02/16] [Unit tests] for PrivilegeDb class - related to private path sharing 1) Split tests from test_privilege_db.cpp into smaller files. 2) Add functions for test parameters creation (reduce the number of local parameters in the tests. 3) Add test for src/common/include/privilege_db.h functions: GetPathSharingCount, GetOwnerTargetSharingCount, GetTargetPathSharingCount, ApplyPrivateSharing, DropPrivateSharing, GetAllPrivateSharing, GetPrivateSharingForOwner, GetPrivateSharingForTarget, SquashSharing, ClearPrivateSharing. Change-Id: I930d34589ddb27420e2700d6dac4bdd244b83cfb Signed-off-by: Radoslaw Bartosiak --- packaging/security-manager.spec | 12 + test/CMakeLists.txt | 12 +- test/privilege_db_fixture.cpp | 229 ++++++ test/privilege_db_fixture.h | 64 ++ test/test_privilege_db.cpp | 1217 ---------------------------- test/test_privilege_db_add_app.cpp | 218 +++++ test/test_privilege_db_app_pkg_getters.cpp | 398 +++++++++ test/test_privilege_db_app_remove.cpp | 95 +++ test/test_privilege_db_privilege.cpp | 114 +++ test/test_privilege_db_sharing.cpp | 445 ++++++++++ test/test_privilege_db_transactions.cpp | 117 +++ 11 files changed, 1702 insertions(+), 1219 deletions(-) create mode 100644 test/privilege_db_fixture.cpp create mode 100644 test/privilege_db_fixture.h delete mode 100644 test/test_privilege_db.cpp create mode 100644 test/test_privilege_db_add_app.cpp create mode 100644 test/test_privilege_db_app_pkg_getters.cpp create mode 100644 test/test_privilege_db_app_remove.cpp create mode 100644 test/test_privilege_db_privilege.cpp create mode 100644 test/test_privilege_db_sharing.cpp create mode 100644 test/test_privilege_db_transactions.cpp diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 92ce98e..a03f207 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -32,6 +32,8 @@ BuildRequires: pkgconfig(security-privilege-manager) BuildRequires: boost-devel %{?systemd_requires} +%global db_test_dir %{?TZ_SYS_RO_SHARE:%TZ_SYS_RO_SHARE/sm-db-test}%{!?TZ_SYS_RO_SHARE:%_datadir/sm-db-test} + %description Tizen security manager and utilities @@ -98,6 +100,7 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir}" -DSYSTEMD_INSTALL_DIR=%{_unitdir} \ -DDATA_ROOT_DIR=%{_datadir} \ -DDB_LOGS=OFF \ + -DDB_TEST_DIR=%{db_test_dir} \ -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:RELEASE} \ -DCMAKE_VERBOSE_MAKEFILE=ON make %{?jobs:-j%jobs} @@ -127,6 +130,9 @@ install -m 0755 -d %{buildroot}%{TZ_SYS_VAR}/security-manager install -m 0444 /dev/null %{buildroot}%{TZ_SYS_VAR}/security-manager/apps-labels install -m 0444 /dev/null %{buildroot}%{TZ_SYS_VAR}/security-manager/policy-version +mkdir -p %{buildroot}/%{db_test_dir} +sqlite3 %{buildroot}/%{db_test_dir}/.security-manager-test.db < db/db.sql + %clean rm -rf %{buildroot} @@ -184,6 +190,10 @@ fi %{_datadir}/security-manager/policy/update.sh %{_bindir}/security-manager-policy-reload +%post -n security-manager-tests +chsmack -a System %{db_test_dir}/.security-manager-test.db +chsmack -a System %{db_test_dir}/.security-manager-test.db-journal + %files -n security-manager %manifest security-manager.manifest %defattr(-,root,root,-) @@ -244,4 +254,6 @@ fi %files -n security-manager-tests %manifest %{name}.manifest %attr(755,root,root) %{_bindir}/security-manager-unit-tests +%attr(0600,root,root) %{db_test_dir}/.security-manager-test.db +%attr(0600,root,root) %{db_test_dir}/.security-manager-test.db-journal diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 0012fb1..57e2308 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,6 +27,8 @@ IF(DPL_WITH_DLOG) ENDIF(DPL_WITH_DLOG) ADD_DEFINITIONS( "-DBOOST_TEST_DYN_LINK" ) +ADD_DEFINITIONS("-DDB_TEST_DIR=\"${DB_TEST_DIR}\"") + ################################################################################ @@ -41,7 +43,13 @@ SET(SM_TESTS_SOURCES ${SM_TEST_SRC}/colour_log_formatter.cpp ${SM_TEST_SRC}/security-manager-tests.cpp ${SM_TEST_SRC}/test_file-lock.cpp - ${SM_TEST_SRC}/test_privilege_db.cpp + ${SM_TEST_SRC}/privilege_db_fixture.cpp + ${SM_TEST_SRC}/test_privilege_db_transactions.cpp + ${SM_TEST_SRC}/test_privilege_db_app_pkg_getters.cpp + ${SM_TEST_SRC}/test_privilege_db_add_app.cpp + ${SM_TEST_SRC}/test_privilege_db_app_remove.cpp + ${SM_TEST_SRC}/test_privilege_db_privilege.cpp + ${SM_TEST_SRC}/test_privilege_db_sharing.cpp ${SM_TEST_SRC}/test_smack-labels.cpp ${SM_TEST_SRC}/test_smack-rules.cpp ${DPL_PATH}/core/src/assert.cpp diff --git a/test/privilege_db_fixture.cpp b/test/privilege_db_fixture.cpp new file mode 100644 index 0000000..b52a818 --- /dev/null +++ b/test/privilege_db_fixture.cpp @@ -0,0 +1,229 @@ +/* + * Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file privilege_db_fixture.cpp + * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) + * @version 1.0 + */ + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "privilege_db.h" +#include "privilege_db_fixture.h" + +using namespace SecurityManager; + +static const uid_t FirstUidForTests = 9900; + +static void putFile(const std::string &source, const std::string &destination) +{ + if (std::ifstream(destination)) + BOOST_WARN_MESSAGE(remove(destination.c_str()) == 0, + "Could not delete file" << destination); + std::ifstream src(source.c_str(), std::ios::binary); + std::ofstream dst(destination.c_str(), std::ios::binary); + dst << src.rdbuf(); + src.close(); + dst.close(); +} + +static std::string genName(const std::string &prefix, int i) +{ + std::string caseName(boost::unit_test::framework::current_test_case().p_name); + return prefix + std::to_string(i) + "_" + caseName; +} + + +PrivilegeDBFixture::PrivilegeDBFixture() +{ + putFile(std::string(PRIVILEGE_DB_TEMPLATE), std::string(TEST_PRIVILEGE_DB_PATH)); + putFile(std::string(PRIVILEGE_DB_JOURNAL_TEMPLATE), std::string(TEST_PRIVILEGE_DB_JOURNAL_PATH)); + + testPrivDb = new PrivilegeDb(TEST_PRIVILEGE_DB_PATH); +}; + +PrivilegeDBFixture::~PrivilegeDBFixture() +{ + if (std::ifstream(TEST_PRIVILEGE_DB_PATH)) + BOOST_WARN_MESSAGE(remove(TEST_PRIVILEGE_DB_PATH) == 0, + "Could not delete test database file: " << TEST_PRIVILEGE_DB_PATH); + if (std::ifstream(TEST_PRIVILEGE_DB_JOURNAL_PATH)) + BOOST_WARN_MESSAGE(remove(TEST_PRIVILEGE_DB_JOURNAL_PATH) == 0, + "Could not delete test database file: " << TEST_PRIVILEGE_DB_JOURNAL_PATH); + + delete testPrivDb; +} + +PrivilegeDb* PrivilegeDBFixture::getPrivDb() { + return testPrivDb; +} + +void PrivilegeDBFixture::addAppSuccess(const std::string &appName, + const std::string &pkgName, const uid_t uid, const std::string &tizenVer, + const std::string &authorName, bool isHybrid) +{ + int authorId; + + BOOST_REQUIRE_NO_THROW(testPrivDb->AddApplication(appName, pkgName, uid, tizenVer, + authorName, isHybrid)); + + BOOST_REQUIRE_MESSAGE(testPrivDb->AppNameExists(appName), + "AppNameExists wrongly not reported " << appName << " as existing application name"); + BOOST_REQUIRE_MESSAGE(testPrivDb->PkgNameExists(pkgName), + "PkgNameExists wrongly not reported " << pkgName << " as existing package name"); + + if (authorName.length() > 0) { + BOOST_REQUIRE_NO_THROW(testPrivDb->GetAuthorIdByName(authorName, authorId)); + BOOST_REQUIRE_MESSAGE(testPrivDb->AuthorIdExists(authorId), + "AuthorIdExists wrongly not reported " << uid << " as existing author id"); + } +} + +void PrivilegeDBFixture::addAppFail(const std::string &appName, + const std::string &pkgName, const uid_t uid, const std::string &tizenVer, + const std::string &authorName, bool isHybrid) +{ + bool appNameExists; + bool pkgNameExists; + bool authorNameExists; + int authorId; + + if (authorName.length() > 0) { + BOOST_REQUIRE_NO_THROW(testPrivDb->GetAuthorIdByName(authorName, authorId)); + BOOST_REQUIRE_NO_THROW(authorNameExists = testPrivDb->AuthorIdExists(authorId)); + } + + BOOST_REQUIRE_NO_THROW(appNameExists = testPrivDb->AppNameExists(appName)); + BOOST_REQUIRE_NO_THROW(pkgNameExists = testPrivDb->PkgNameExists(pkgName)); + + BOOST_REQUIRE_THROW(testPrivDb->AddApplication(appName, pkgName, uid, tizenVer, + authorName, isHybrid), PrivilegeDb::Exception::ConstraintError); + + BOOST_REQUIRE_MESSAGE(appNameExists == testPrivDb->AppNameExists(appName), + "AppNameExists wrongly changed value after unsuccessful installation."); + BOOST_REQUIRE_MESSAGE(pkgNameExists == testPrivDb->PkgNameExists(pkgName), + "PkgNameExists wrongly changed value after unsuccessful installation."); + + if (authorName.length() > 0) { + BOOST_REQUIRE_NO_THROW(testPrivDb->GetAuthorIdByName(authorName, authorId)); + BOOST_REQUIRE_MESSAGE(authorNameExists == testPrivDb->AuthorIdExists(authorId), + "AuthorIdExists wrongly changed value after unsuccessful installation."); + } +} + +void PrivilegeDBFixture::removeApp(const std::string &appName, + const uid_t uid, bool expAppNameIsNoMore, bool expPkgNameIsNoMore, bool expAuthorNameIsNoMore) +{ + bool appNameIsNoMore = false; + bool pkgNameIsNoMore = false; + bool authorNameIsNoMore = false; + + BOOST_REQUIRE_NO_THROW(testPrivDb->RemoveApplication(appName, uid, + appNameIsNoMore, pkgNameIsNoMore, authorNameIsNoMore)); + + BOOST_REQUIRE_MESSAGE(expAppNameIsNoMore == appNameIsNoMore, + "Wrong value of appNameIsNoMore is: " << appNameIsNoMore << " should be: " + << expAppNameIsNoMore); + BOOST_REQUIRE_MESSAGE(expPkgNameIsNoMore == pkgNameIsNoMore, + "Wrong value of appNameIsNoMore is: " << pkgNameIsNoMore << " should be: " + << expPkgNameIsNoMore); + BOOST_REQUIRE_MESSAGE(expAuthorNameIsNoMore == authorNameIsNoMore, + "Wrong value of appNameIsNoMore is: " << authorNameIsNoMore << " should be: " + << expAuthorNameIsNoMore); +} + +void PrivilegeDBFixture::removeAppSuccess(const std::string &appName, + const uid_t uid) +{ + bool appNameIsNoMore = false; + bool pkgNameIsNoMore = false; + bool authorNameIsNoMore = false; + BOOST_REQUIRE_NO_THROW(testPrivDb->RemoveApplication(appName, uid, + appNameIsNoMore, pkgNameIsNoMore, authorNameIsNoMore)); +} + +void PrivilegeDBFixture::checkPrivateSharing(const std::string &ownerAppName, + const std::string &targetAppName, const std::string &path, int expectedPathCount, + int expectedOwnerTargetCount, int expectedTargetPathCount) +{ + int pathCount; + BOOST_REQUIRE_NO_THROW(testPrivDb->GetPathSharingCount(path, pathCount)); + BOOST_CHECK_MESSAGE(pathCount == expectedPathCount, + "GetPathSharingCount for path: " << path << " returned: " << pathCount + << " expected: " << expectedPathCount); + + int ownerTargetCount; + BOOST_REQUIRE_NO_THROW(testPrivDb->GetOwnerTargetSharingCount(ownerAppName, + targetAppName, ownerTargetCount)); + BOOST_CHECK_MESSAGE(ownerTargetCount == expectedOwnerTargetCount, + "GetOwnerTargetSharingCount for path: " << path << ", owner: " << ownerAppName + << " target:" << targetAppName << " returned: " << ownerTargetCount + << " expected: " << expectedOwnerTargetCount); + + int targetPathCount; + BOOST_REQUIRE_NO_THROW(testPrivDb->GetTargetPathSharingCount(targetAppName, + path, targetPathCount)); + BOOST_CHECK_MESSAGE(targetPathCount == expectedTargetPathCount, + "GetTargetPathSharingCount for path: " << path << " target:" << targetAppName + << " returned: " << targetPathCount << " expected: " << expectedTargetPathCount); +}; + +const bool PrivilegeDBFixture::Hybrid = true; + +const bool PrivilegeDBFixture::NotHybrid = false; + +std::string PrivilegeDBFixture::app(int i) +{ + return genName("appN", i); +}; + +std::string PrivilegeDBFixture::pkg(int i) +{ + return genName("pkgN", i); +}; + +std::string PrivilegeDBFixture::tizenVer(int i) +{ + return genName("tizenVerN", i); +}; + +std::string PrivilegeDBFixture::author(int i) +{ + return genName("authorN", i); +}; + +std::string PrivilegeDBFixture::path(int i) +{ + return genName("pathN", i); +}; + +std::string PrivilegeDBFixture::lab(int i) +{ + return genName("labelN", i); +}; + +uid_t PrivilegeDBFixture::uid(uid_t i) +{ + return FirstUidForTests + i; +} diff --git a/test/privilege_db_fixture.h b/test/privilege_db_fixture.h new file mode 100644 index 0000000..1064d08 --- /dev/null +++ b/test/privilege_db_fixture.h @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file privilege_db_fixture.h + * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) + * @version 1.0 + */ +#include +#include + +#include "privilege_db.h" + +#define PRIVILEGE_DB_TEMPLATE DB_TEST_DIR"/.security-manager-test.db" +#define PRIVILEGE_DB_JOURNAL_TEMPLATE DB_TEST_DIR"/.security-manager-test.db-journal" + +#define TEST_PRIVILEGE_DB_PATH "/tmp/.security-manager-test.db" +#define TEST_PRIVILEGE_DB_JOURNAL_PATH "/tmp/.security-manager-test.db-journal" + +using namespace SecurityManager; + +struct PrivilegeDBFixture { +public: + PrivilegeDBFixture(); + ~PrivilegeDBFixture(); + + PrivilegeDb* getPrivDb(); + + void addAppSuccess(const std::string &appName, const std::string &pkgName, + const uid_t uid, const std::string &tizenVer, const std::string &authorName, bool isHybrid); + void addAppFail(const std::string &appName, const std::string &pkgName, + const uid_t uid, const std::string &tizenVer, const std::string &authorName, bool isHybrid); + void removeApp(const std::string &appName, const uid_t uid, bool expAppNameIsNoMore, + bool expPkgNameIsNoMore, bool expAuthorNameIsNoMore); + void removeAppSuccess(const std::string &appName, const uid_t uid); + void checkPrivateSharing(const std::string &ownerAppName, + const std::string &targetAppName, const std::string &path, int expectedPathCount, + int expectedOwnerTargetCount, int expectedTargetPathCount); + + static const bool Hybrid; + static const bool NotHybrid; + static std::string app(int i); + static std::string pkg(int i); + static std::string tizenVer(int i); + static std::string author(int i); + static std::string path(int i); + static std::string lab(int i); + static uid_t uid(uid_t i); + +protected: + PrivilegeDb *testPrivDb; +}; diff --git a/test/test_privilege_db.cpp b/test/test_privilege_db.cpp deleted file mode 100644 index 166481b..0000000 --- a/test/test_privilege_db.cpp +++ /dev/null @@ -1,1217 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ -/* - * @file test_privilege_db.cpp - * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) - * @version 1.0 - */ - -#include -#include -#include -#include -#include - -#include -#include - -#include "privilege_db.h" - -#define TEST_PRIVILEGE_DB_PATH "/tmp/.security-manager.db" -#define CREATE_PRIVILEGE_DB_CMD "sqlite3 " TEST_PRIVILEGE_DB_PATH \ - " < /usr/share/security-manager/db/db.sql" -#define DELETE_PRIVILEGE_DB_CMD "rm -rf " TEST_PRIVILEGE_DB_PATH - -using namespace SecurityManager; - -/* Fixtures for the suite and test cases */ - -struct PrivilegeDBFixture -{ - PrivilegeDBFixture() - { - int ret = system(DELETE_PRIVILEGE_DB_CMD); - BOOST_REQUIRE_MESSAGE(ret >=0, "Function system failed at database delete"); - ret = system(CREATE_PRIVILEGE_DB_CMD); - BOOST_REQUIRE_MESSAGE(ret >=0, "Could not create test database"); - testPrivilegeDb = new PrivilegeDb(TEST_PRIVILEGE_DB_PATH); - - } - ~PrivilegeDBFixture() - { - int ret = system(DELETE_PRIVILEGE_DB_CMD); - BOOST_WARN_MESSAGE(ret >=0, "Could not delete test database"); - delete testPrivilegeDb; - } - - PrivilegeDb *testPrivilegeDb; - static const bool hybrid = true; - static const bool notHybrid = false; - - void addApplicationRequireSuccess(const std::string &appName, const std::string &pkgName, - const uid_t uid, const std::string &tizenVer, const std::string &authorName, bool isHybrid); - void addApplicationRequireFailure(const std::string &appName, const std::string &pkgName, - const uid_t uid, const std::string &tizenVer, const std::string &authorName, bool isHybrid); - void removeApplication(const std::string &appName, const uid_t uid, bool expAppNameIsNoMore, - bool expPkgNameIsNoMore, bool expAuthorNameIsNoMore); - void removeApplicationRequireSuccess(const std::string &appName, const uid_t uid); -}; - -void PrivilegeDBFixture::addApplicationRequireSuccess(const std::string &appName, - const std::string &pkgName, const uid_t uid, const std::string &tizenVer, - const std::string &authorName, bool isHybrid) -{ - int authorId; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->AddApplication(appName, pkgName, uid, tizenVer, - authorName, isHybrid)); - BOOST_REQUIRE_MESSAGE(testPrivilegeDb->AppNameExists(appName), - "AppNameExists wrongly not reported " << appName << " as existing application name"); - BOOST_REQUIRE_MESSAGE(testPrivilegeDb->PkgNameExists(pkgName), - "PkgNameExists wrongly not reported " << pkgName << " as existing package name"); - if (authorName.length() > 0) { - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAuthorIdByName(authorName, authorId)); - BOOST_REQUIRE_MESSAGE(testPrivilegeDb->AuthorIdExists(authorId), - "AuthorIdExists wrongly not reported " << uid << " as existing author id"); - } -} - -void PrivilegeDBFixture::addApplicationRequireFailure(const std::string &appName, - const std::string &pkgName, const uid_t uid, const std::string &tizenVer, - const std::string &authorName, bool isHybrid) -{ - bool appNameExists; - bool pkgNameExists; - bool authorNameExists; - int authorId; - if (authorName.length() > 0) { - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAuthorIdByName(authorName, authorId)); - BOOST_REQUIRE_NO_THROW(authorNameExists = testPrivilegeDb->AuthorIdExists(authorId)); - } - BOOST_REQUIRE_NO_THROW(appNameExists = testPrivilegeDb->AppNameExists(appName)); - BOOST_REQUIRE_NO_THROW(pkgNameExists = testPrivilegeDb->PkgNameExists(pkgName)); - BOOST_REQUIRE_THROW(testPrivilegeDb->AddApplication(appName, pkgName, uid, tizenVer, - authorName, isHybrid), PrivilegeDb::Exception::ConstraintError); - BOOST_REQUIRE_MESSAGE(appNameExists == testPrivilegeDb->AppNameExists(appName), - "AppNameExists wrongly changed value after unsuccessful installation."); - BOOST_REQUIRE_MESSAGE(pkgNameExists == testPrivilegeDb->PkgNameExists(pkgName), - "PkgNameExists wrongly changed value after unsuccessful installation."); - if (authorName.length() > 0) { - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAuthorIdByName(authorName, authorId)); - BOOST_REQUIRE_MESSAGE(authorNameExists == testPrivilegeDb->AuthorIdExists(authorId), - "AuthorIdExists wrongly changed value after unsuccessful installation."); - } -} - -void PrivilegeDBFixture::removeApplication(const std::string &appName, - const uid_t uid, bool expAppNameIsNoMore, bool expPkgNameIsNoMore, bool expAuthorNameIsNoMore) -{ - bool appNameIsNoMore; - bool pkgNameIsNoMore; - bool authorNameIsNoMore; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->RemoveApplication(appName, uid, - appNameIsNoMore, pkgNameIsNoMore, authorNameIsNoMore)); - BOOST_REQUIRE_MESSAGE(expAppNameIsNoMore == appNameIsNoMore, - "Wrong value of appNameIsNoMore is: " << appNameIsNoMore << " should be: " - << expAppNameIsNoMore); - BOOST_REQUIRE_MESSAGE(expPkgNameIsNoMore == pkgNameIsNoMore, - "Wrong value of appNameIsNoMore is: " << pkgNameIsNoMore << " should be: " - << expPkgNameIsNoMore); - BOOST_REQUIRE_MESSAGE(expAuthorNameIsNoMore == authorNameIsNoMore, - "Wrong value of appNameIsNoMore is: " << authorNameIsNoMore << " should be: " - << expAuthorNameIsNoMore); -} - -void PrivilegeDBFixture::removeApplicationRequireSuccess(const std::string &appName, - const uid_t uid) -{ - bool appNameIsNoMore; - bool pkgNameIsNoMore; - bool authorNameIsNoMore; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->RemoveApplication(appName, uid, - appNameIsNoMore, pkgNameIsNoMore, authorNameIsNoMore)); -} - -class Empty {}; //to overwrite the suite fixture - -BOOST_FIXTURE_TEST_SUITE(PRIVILEGE_DB_TEST, PrivilegeDBFixture) - -// Constructor - -BOOST_FIXTURE_TEST_CASE(T100_privilegedb_constructor, Empty) -{ - PrivilegeDb *testPrivilegeDb = nullptr; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb = new PrivilegeDb()); - delete testPrivilegeDb; - testPrivilegeDb = nullptr; - BOOST_REQUIRE_THROW(testPrivilegeDb = new PrivilegeDb("/this/not/exists"), - PrivilegeDb::Exception::IOError); - delete testPrivilegeDb; -} - -// Transactions - -BOOST_AUTO_TEST_CASE(T200_transaction_rollback_commit) -{ - const std::string appN1("appN1T200"); - const std::string pkgN1("pkgN1T200"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T200"); - const std::string authorN1("authorN1T200"); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->BeginTransaction()); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->RollbackTransaction()); - BOOST_REQUIRE_MESSAGE(!testPrivilegeDb->AppNameExists(appN1), - "AppNameExists wrongly reported " << appN1 << " as existing, despite a rollback"); - BOOST_REQUIRE_THROW(testPrivilegeDb->CommitTransaction(), - PrivilegeDb::Exception::InternalError); -} - -BOOST_AUTO_TEST_CASE(T210_transaction_double_rollback) -{ - const std::string appN1("appN1T210"); - const std::string pkgN1("pkgN1T210"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T210"); - const std::string authorN1("authorN1T210"); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->BeginTransaction()); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->RollbackTransaction()); - BOOST_REQUIRE_THROW(testPrivilegeDb->RollbackTransaction(), - PrivilegeDb::Exception::InternalError); -} - -BOOST_AUTO_TEST_CASE(T220_commit_without_begin) -{ - BOOST_REQUIRE_THROW(testPrivilegeDb->CommitTransaction(), - PrivilegeDb::Exception::InternalError); -} - -BOOST_AUTO_TEST_CASE(T230_rollback_without_begin) -{ - BOOST_REQUIRE_THROW(testPrivilegeDb->RollbackTransaction(), - PrivilegeDb::Exception::InternalError); -} - -BOOST_AUTO_TEST_CASE(T240_transaction) -{ - const std::string appN1("appN1T240"); - const std::string pkgN1("pkgN1T240"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T240"); - const std::string authorN1("authorN1T240"); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->BeginTransaction()); - addApplicationRequireSuccess(appN1,pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->CommitTransaction()); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->BeginTransaction()); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->RollbackTransaction()); - BOOST_REQUIRE_MESSAGE(testPrivilegeDb->AppNameExists(appN1), - "AppNameExists wrongly not reported " << appN1 << " as existing application name"); -} - -BOOST_AUTO_TEST_CASE(T250_transaction_double_begin) -{ - const std::string appN1("appN1T250"); - const std::string pkgN1("pkgN1T250"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T250"); - const std::string authorN1("authorN1T250"); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->BeginTransaction()); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_THROW(testPrivilegeDb->BeginTransaction(), - PrivilegeDb::Exception::InternalError); -} - -BOOST_AUTO_TEST_CASE(T260_transaction_double_commit) -{ - const std::string appN1("appN1T260"); - const std::string pkgN1("pkgN1T260"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T260"); - const std::string authorN1("authorN1T260"); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->BeginTransaction()); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->CommitTransaction()); - BOOST_REQUIRE_THROW(testPrivilegeDb->CommitTransaction(), - PrivilegeDb::Exception::InternalError); -} - -// *Exists, GetApp* - -BOOST_AUTO_TEST_CASE(T300_app_name_exists_finds_nothing) -{ - const std::string notAnExistingAppName("notAnExistingAppNameT300"); - BOOST_REQUIRE_MESSAGE(!testPrivilegeDb->AppNameExists(notAnExistingAppName), - "AppNameExists wrongly reported " << notAnExistingAppName << - " as existing application name"); -} - -BOOST_AUTO_TEST_CASE(T310_pkg_name_exists_finds_nothing) -{ - const std::string notAnExistingPkgName("notAnExistingPkgNameT310"); - BOOST_REQUIRE_MESSAGE(!testPrivilegeDb->PkgNameExists(notAnExistingPkgName), - "PkgNameExists wrongly reported " << notAnExistingPkgName << - " as existing package name"); -} - -BOOST_AUTO_TEST_CASE(T320_author_id_exists_finds_nothing) -{ - //database is clean, author ids are assigned sequentially from bottom - const int notExistingAuthorId= 200; - BOOST_REQUIRE_MESSAGE(!testPrivilegeDb->AuthorIdExists(notExistingAuthorId), - "AuthorIdExists wrongly reported " << notExistingAuthorId << - " as existing author id"); -} - -BOOST_AUTO_TEST_CASE(T330_app_name_pkg_author_exists) -{ - int authorId; - const std::string appN1("appN1T330"); - const std::string appN2("appN2T330"); - const std::string appN3("appN3T330"); - const std::string appN4("appN4T330"); - const std::string pkgN1("pkgN1T330"); - const std::string pkgN2("pkgN2T330"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T330"); - const std::string authorN1("authorN1T330"); - const std::string authorN2("authorN2T330"); - - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN2, uid1, tizenVer1, authorN2, notHybrid); - addApplicationRequireSuccess(appN3, pkgN2, uid1, tizenVer1, authorN2, notHybrid); - addApplicationRequireSuccess(appN4, pkgN2, uid1, tizenVer1, authorN2, notHybrid); - addApplicationRequireSuccess(appN4, pkgN2, uid2, tizenVer1, authorN2, notHybrid); - BOOST_REQUIRE_MESSAGE(testPrivilegeDb->AppNameExists(appN1), - "AppNameExists wrongly not reported " << appN1 << " as existing application name"); - BOOST_REQUIRE_MESSAGE(testPrivilegeDb->PkgNameExists(pkgN1), - "PkgNameExists wrongly not reported " << pkgN1 << " as existing package name"); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAuthorIdByName(authorN1, authorId)); - BOOST_REQUIRE_MESSAGE(testPrivilegeDb->AuthorIdExists(authorId), - "AuthorIdExists wrongly not found " << authorN1 << " as existing author"); -} - -BOOST_AUTO_TEST_CASE(T340_get_app_pkg_name) -{ - std::string package1, package2, package3, package4; - const std::string appN1("appN1T340"); - const std::string appN2("appN2T340"); - const std::string appN3("appN3T340"); - const std::string appN4("appN4T340"); - const std::string pkgN1("pkgN1T340"); - const std::string pkgN2("pkgN2T340"); - const std::string pkgN3("pkgN3T340"); - const std::string pkgN4("pkgN4T340"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const uid_t uid3(99903); - const uid_t uid4(99904); - const std::string tizenVer1("tizenVer1T340"); - const std::string tizenVer2("tizenVer2T340"); - const std::string tizenVer3("tizenVer3T340"); - const std::string authorN1("authorN1T340"); - const std::string authorN2("authorN2T340"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN2, uid2, tizenVer2, authorN2, hybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid3, tizenVer3, authorN2, notHybrid); - addApplicationRequireSuccess(appN4, pkgN3, uid4, tizenVer3, authorN2, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppPkgName(appN1, package1)); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppPkgName(appN2, package2)); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppPkgName(appN3, package3)); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppPkgName(appN4, package4)); - BOOST_REQUIRE_MESSAGE(package1 == pkgN1, "Expected package name for app: " << appN1 - << " to be: " << pkgN1 << " got: " << package1); - BOOST_REQUIRE_MESSAGE(package2 == pkgN2, "Expected package name for app: " << appN2 - << " to be: " << pkgN2 << " got: " << package2); - BOOST_REQUIRE_MESSAGE(package3 == pkgN3, "Expected package name for app: " << appN3 - << " to be: " << pkgN3 << " got: " << package3); - BOOST_REQUIRE_MESSAGE(package4 == pkgN3, "Expected package name for app: " << appN4 - << " to be: " << pkgN3 << " got: " << package4); -} - -BOOST_AUTO_TEST_CASE(T350_get_app_version) -{ - std::string version1, version2, version3, version4; - const std::string appN1("appN1T350"); - const std::string appN2("appN2T350"); - const std::string appN3("appN3T350"); - const std::string appN4("appN4T350"); - const std::string pkgN1("pkgN1T350"); - const std::string pkgN2("pkgN2T350"); - const std::string pkgN3("pkgN3T350"); - const std::string pkgN4("pkgN4T350"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const uid_t uid3(99903); - const uid_t uid4(99904); - const std::string tizenVer1("tizenVer1T350"); - const std::string tizenVer2("tizenVer2T350"); - const std::string tizenVer3("tizenVer3T350"); - const std::string authorN1("authorN1T350"); - const std::string authorN2("authorN2T350"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN2, uid2, tizenVer2, authorN2, hybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid3, tizenVer3, authorN2, notHybrid); - addApplicationRequireSuccess(appN4, pkgN3, uid4, tizenVer3, authorN2, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppVersion(appN1, version1)); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppVersion(appN2, version2)); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppVersion(appN3, version3)); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppVersion(appN4, version4)); - BOOST_REQUIRE_MESSAGE(version1 == tizenVer1, "Expected Tizen version for app: " - << appN1 << " to be: " << tizenVer1 << " got: " << version1); - BOOST_REQUIRE_MESSAGE(version2 == tizenVer2, "Expected Tizen version for app: " - << appN2 << " to be: " << tizenVer2 << " got: " << version2); - BOOST_REQUIRE_MESSAGE(version3 == tizenVer3, "Expected Tizen version for app: " - << appN3 << " to be: " << tizenVer3 << " got: " << version3); - BOOST_REQUIRE_MESSAGE(version4 == tizenVer3, "Expected Tizen version for app: " - << appN4 << " to be: " << tizenVer3 << " got: " << version4); -} - -BOOST_AUTO_TEST_CASE(T360_get_app_package_finds_nothing) -{ - std::string package; - const std::string appN1("appN1T360"); - const std::string appN2("appN2T360"); - const std::string pkgN1("pkgN1T360"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T360"); - const std::string authorN1("authorN1T360"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppPkgName(appN2, package)); - BOOST_REQUIRE_MESSAGE(package.empty(), "Expected empty string as package of nonexisting app " - << "got: " << package); -} - -BOOST_AUTO_TEST_CASE(T370_get_app_version_finds_nothing) -{ - std::string version; - const std::string appN1("appN1T370"); - const std::string appN2("appN2T370"); - const std::string pkgN1("pkgN1T370"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T370"); - const std::string authorN1("authorN1T370"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAppVersion(appN2, version)); - BOOST_REQUIRE_MESSAGE(version.empty(), - "Expected empty string as version of nonexisting app got: " << version); -} - -// AddApplication - -BOOST_AUTO_TEST_CASE(T400_add_application_simple) -{ - const std::string appN1("appN1T400"); - const std::string pkgN1("pkgN1T400"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T400"); - const std::string authorN1("authorN1T400"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T410_add_application_empty_name) -{ - const std::string pkgN1("pkgN1T410"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T410"); - const std::string authorN1("authorN1T410"); - addApplicationRequireSuccess("", pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T420_add_application_long_name) -{ - const std::string appN1("IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongString" - "IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongStringappN1T420"); - const std::string pkgN1("pkgN1T420"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T420"); - const std::string authorN1("authorN1T420"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T430_add_application_name_with_spaces) -{ - const std::string appN1("appN1 with spaces T430"); - const std::string pkgN1("pkgN1T430"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T430"); - const std::string authorN1("authorN1T430"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T440_add_application_empty_pkg_name) -{ - const std::string appN1("appN1T440"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T440"); - const std::string authorN1("authorN1T440"); - addApplicationRequireSuccess(appN1, "", uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T450_add_application_long_pkg_name) -{ - const std::string appN1("appN1T450"); - const std::string pkgN1("IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongString" - "IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongStringpkgN1T450"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T450"); - const std::string authorN1("authorN1T450"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T460_add_application_name_with_spaces_pkg) -{ - const std::string appN1("appN1T460"); - const std::string pkgN1("pkgN1 with spaces T460"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T460"); - const std::string authorN1("authorN1T460"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T470_add_application_empty_tizenVer) -{ - const std::string appN1("appN1T470"); - const std::string pkgN1("pkgN1T470"); - const uid_t uid1(99901); - const std::string authorN1("authorN1T470"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, "", authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T480_add_application_long_tizenVer) -{ - const std::string appN1("appN1T480"); - const std::string pkgN1("pkgN1T480"); - const uid_t uid1(99901); - const std::string tizenVer1("IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongString" - "IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongStringtizenN1T480"); - const std::string authorN1("authorN1T480"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T490_add_application_tizenVer_with_spaces) -{ - const std::string appN1("appN1T490"); - const std::string pkgN1("pkgN1T490"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer with spaces T490"); - const std::string authorN1("authorN1T490"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} -BOOST_AUTO_TEST_CASE(T500_add_application_twice_to_same_package) -{ - const std::string appN1("appN1T500"); - const std::string pkgN1("pkgN1T500"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T500"); - const std::string authorN1("authorN1T500"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T510_add_application_to_different_packages) -{ - const std::string appN1("appN1T510"); - const std::string pkgN1("pkgN1T510"); - const std::string pkgN2("pkgN2T510"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T510"); - const std::string authorN1("authorN1T510"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireFailure(appN1, pkgN2, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T520_add_application_two_tizen_versions_to_same_package) -{ - const std::string appN1("appN1T520"); - const std::string pkgN1("pkgN1T520"); - const std::string pkgN2("pkgN2T520"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T520"); - const std::string tizenVer2("tizenVer2T520"); - const std::string authorN1("authorN1T520"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireFailure(appN1, pkgN1, uid1, tizenVer2, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T530_add_application_two_tizen_versions_to_two_packages) -{ - const std::string appN1("appN1T530"); - const std::string pkgN1("pkgN1T530"); - const std::string pkgN2("pkgN2T530"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T170"); - const std::string tizenVer2("tizenVer2T170"); - const std::string authorN1("authorN1T170"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireFailure(appN1, pkgN2, uid1, tizenVer2, authorN1, notHybrid); -} - -BOOST_AUTO_TEST_CASE(T540_add_application_different_hybrid_to_package) -{ - const std::string appN1("appN1T540"); - const std::string pkgN1("pkgN1T540"); - const std::string pkgN2("pkgN2T540"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T540"); - const std::string authorN1("authorN1T540"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireFailure(appN1, pkgN1, uid2, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T550_add_application_same_name) -{ - const std::string appN1("appN1T550"); - const std::string pkgN1("pkgN1T550"); - const std::string pkgN2("pkgN2T550"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T550"); - const std::string tizenVer2("tizenVer2T550"); - const std::string authorN1("authorN1T550"); - const std::string authorN2("authorN2T550"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireFailure(appN1, pkgN2, uid2, tizenVer2, authorN2, notHybrid); -} - -BOOST_AUTO_TEST_CASE(T560_add_five_applications_to_same_package) -{ - const std::string appN1("appN1T560"); - const std::string appN2("appN2T560"); - const std::string appN3("appN3T560"); - const std::string appN4("appN4T560"); - const std::string appN5("appN5T560"); - const std::string pkgN1("pkgN1T560"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T560"); - const std::string authorN1("authorN1T560"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireSuccess(appN2, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireSuccess(appN3, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireSuccess(appN4, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireSuccess(appN5, pkgN1, uid1, tizenVer1, authorN1, hybrid); -} - -BOOST_AUTO_TEST_CASE(T570_add_applications_with_different_author_to_package) -{ - const std::string appN1("appN1T570"); - const std::string appN2("appN2T570"); - const std::string pkgN1("pkgN1T570"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T570"); - const std::string authorN1("authorN1T570"); - const std::string authorN2("authorN2T570"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireFailure(appN2, pkgN1, uid1, tizenVer1, authorN2, notHybrid); - BOOST_REQUIRE_MESSAGE(!testPrivilegeDb->AppNameExists(appN2), - "AppNameExists wrongly reported " << appN2 << " as existing application name"); -} - -BOOST_AUTO_TEST_CASE(T580_add_applications_with_different_authors_to_packages) -{ - const std::string appN1("appN1T580"); - const std::string appN2("appN2T580"); - const std::string appN3("appN3T580"); - const std::string appN4("appN4T580"); - const std::string pkgN1("pkgN1T580"); - const std::string pkgN2("pkgN2T580"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T580"); - const std::string authorN1("authorN1T580"); - const std::string authorN2("authorN2T580"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN3, pkgN2, uid1, tizenVer1, authorN2, notHybrid); - addApplicationRequireSuccess(appN4, pkgN2, uid1, tizenVer1, authorN2, notHybrid); -} - -BOOST_AUTO_TEST_CASE(T590_add_applications_with_empty_noempty_author) -{ - const std::string appN1("appN1T590"); - const std::string appN2("appN2T590"); - const std::string appN3("appN3T590"); - const std::string pkgN1("pkgN1T590"); - const std::string pkgN2("pkgN2T590"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T590"); - const std::string authorN1("authorN1T590"); - int authorIdPkg; - int authorId; - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, "", notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetPkgAuthorId(pkgN1, authorIdPkg)); - BOOST_REQUIRE_MESSAGE(authorIdPkg == -1, "Wrong author id returned: " << authorIdPkg - << " expected: -1"); - addApplicationRequireSuccess(appN2, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetPkgAuthorId(pkgN1, authorIdPkg)); - BOOST_REQUIRE_MESSAGE(authorIdPkg != -1, "Wrong author id returned: -1"); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAuthorIdByName(authorN1, authorId)); - BOOST_REQUIRE_MESSAGE(authorId == authorIdPkg, "Author id returned by GetAuthorIdByName: " - << authorId << " does not match author id returned by GetPkgAuthorId: " << authorIdPkg); - addApplicationRequireSuccess(appN3, pkgN1, uid1, tizenVer1, "", notHybrid); - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetPkgAuthorId(pkgN2, authorIdPkg)); - BOOST_REQUIRE_MESSAGE(authorIdPkg == -1, "Wrong author id returned: " << authorIdPkg - << " expected: -1"); -} - -BOOST_AUTO_TEST_CASE(T600_add_applications_with_different_isHybrid_false_true) -{ - const std::string appN1("appN1T600"); - const std::string appN2("appN2T600"); - const std::string pkgN1("pkgN1T600"); - const std::string pkgN2("pkgN2T600"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T600"); - const std::string authorN1("authorN1T600"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireFailure(appN2, pkgN1, uid1, tizenVer1, authorN1, hybrid); - BOOST_REQUIRE_MESSAGE(!testPrivilegeDb->AppNameExists(appN2), - "AppNameExists wrongly reported " << appN2 << " as existing application name"); -} - -BOOST_AUTO_TEST_CASE(T610_add_applications_with_different_isHybrid_true_false) -{ - const std::string appN1("appN1T610"); - const std::string appN2("appN2T610"); - const std::string pkgN1("pkgN1T610"); - const std::string pkgN2("pkgN2T610"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T610"); - const std::string authorN1("authorN1T610"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); - addApplicationRequireFailure(appN2, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - BOOST_REQUIRE_MESSAGE(!testPrivilegeDb->AppNameExists(appN2), - "AppNameExists wrongly reported " << appN2 << " as existing application name"); -} - -BOOST_AUTO_TEST_CASE(T620_add_applications_with_different_isHybrid_to_two_packages) -{ - const std::string appN1("appN1T620"); - const std::string appN2("appN2T620"); - const std::string appN3("appN3T620"); - const std::string appN4("appN4T620"); - const std::string pkgN1("pkgN1T620"); - const std::string pkgN2("pkgN2T620"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T620"); - const std::string authorN1("authorN1T620"); - const std::string authorN2("authorN2T620"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN3, pkgN2, uid1, tizenVer1, authorN2, hybrid); - addApplicationRequireSuccess(appN4, pkgN2, uid1, tizenVer1, authorN2, hybrid); -} - -BOOST_AUTO_TEST_CASE(T630_add_applications_with_different_uid_to_package) -{ - const std::string appN1("appN1T630"); - const std::string pkgN1("pkgN1T630"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T630"); - const std::string authorN1("authorN1T630"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN1, pkgN1, uid2, tizenVer1, authorN1, notHybrid); -} - -BOOST_AUTO_TEST_CASE(T640_add_applications_with_different_uid_to_two_packages) -{ - const std::string appN1("appN1T640"); - const std::string pkgN1("pkgN1T640"); - const std::string pkgN2("pkgN2T640"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T640"); - const std::string authorN1("authorN1T640"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireFailure(appN1, pkgN2, uid2, tizenVer1, authorN1, notHybrid); -} - -// RemoveApplication - -BOOST_AUTO_TEST_CASE(T700_add_remove_add_application) -{ - const std::string appN1("appN1T700"); - const std::string pkgN1("pkgN1T700"); - const std::string pkgN2("pkgN2T700"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T700"); - const std::string authorN1("authorN1T700"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - removeApplication(appN1,uid1, true, true, true); - addApplicationRequireSuccess(appN1, pkgN2, uid1, tizenVer1, authorN1, notHybrid); -} - -BOOST_AUTO_TEST_CASE(T710_add_double_remove_add_application) -{ - const std::string appN1("appN1T710"); - const std::string pkgN1("pkgN1T710"); - const std::string pkgN2("pkgN2T710"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T710"); - const std::string authorN1("authorN1T710"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - removeApplication(appN1,uid1, true, true, true); - removeApplication(appN1,uid1, true, true, true); - addApplicationRequireSuccess(appN1, pkgN2, uid1, tizenVer1, authorN1, notHybrid); -} - -BOOST_AUTO_TEST_CASE(T720_add_remove_application_to_different_users) -{ - const std::string appN1("appN1T720"); - const std::string pkgN1("pkgN1T720"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T720"); - const std::string authorN1("authorN1T720"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN1, pkgN1, uid2, tizenVer1, authorN1, notHybrid); - removeApplication(appN1, uid1, false, false, false); - removeApplication(appN1, uid2, true, true, true); -} - -BOOST_AUTO_TEST_CASE(T730_app_name_pkg_author_exists_with_remove) -{ - const std::string appN1("appN1T730"); - const std::string appN2("appN2T730"); - const std::string appN3("appN3T730"); - const std::string appN4("appN4T730"); - const std::string appN5("appN5T730"); - const std::string pkgN1("pkgN1T730"); - const std::string pkgN2("pkgN2T730"); - const std::string pkgN3("pkgN3T730"); - const std::string pkgN4("pkgN4T730"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const uid_t uid3(99903); - const uid_t uid4(99904); - const std::string tizenVer1("tizenVer1T730"); - const std::string tizenVer2("tizenVer2T730"); - const std::string tizenVer3("tizenVer3T730"); - const std::string tizenVer4("tizenVer4T730"); - const std::string authorN1("authorN1T730"); - const std::string authorN2("authorN2T730"); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN2, uid2, tizenVer2, authorN2, hybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid3, tizenVer3, authorN2, notHybrid); - addApplicationRequireSuccess(appN4, pkgN3, uid4, tizenVer3, authorN2, notHybrid); - removeApplication(appN1, uid1, true, true, true); - removeApplication(appN3, uid3, true, false, false); - removeApplication(appN4, uid4, true, true, false); - removeApplication(appN4, uid4, true, true, false); - removeApplication(appN2, uid2, true, true, true); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN2, uid2, tizenVer2, authorN2, hybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid3, tizenVer3, authorN2, notHybrid); - addApplicationRequireSuccess(appN4, pkgN3, uid4, tizenVer3, authorN2, notHybrid); - addApplicationRequireSuccess(appN5, pkgN4, uid4, tizenVer1, authorN2, notHybrid); - removeApplication(appN1, uid2, false, false, false); - removeApplication(appN1, uid1, true, true, true); - removeApplication(appN2, uid2, true, true, false); - removeApplication(appN3, uid3, true, false, false); - removeApplication(appN4, uid4, true, true, false); - removeApplication(appN5, uid4, true, true, true); -} - -BOOST_AUTO_TEST_CASE(T740_remove_application_with_no_effect) -{ - const std::string appN1("appN1T740"); - const std::string appN2("appN2T740"); - const std::string pkgN1("pkgN1T740"); - const std::string pkgN2("pkgN2T740"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T740"); - const std::string authorN1("authorN1T740"); - removeApplicationRequireSuccess(appN1, uid1); - addApplicationRequireSuccess(appN2, pkgN2, uid2, tizenVer1, authorN1, notHybrid); - removeApplication(appN2, uid1, false, false, false); //uid1 != uid2 - BOOST_REQUIRE_MESSAGE(testPrivilegeDb->AppNameExists(appN2), - "AppNameExists wrongly not reported " << appN2 << " as existing application name"); -} - -// Get* - -BOOST_AUTO_TEST_CASE(T800_get_user_apps) -{ - const std::string appN1("appN1T800"); - const std::string appN2("appN2T800"); - const std::string appN3("appN3T800"); - const std::string appN4("appN4T800"); - const std::string appN5("appN5T800"); - const std::string pkgN1("pkgN1T800"); - const std::string pkgN2("pkgN2T800"); - const std::string pkgN3("pkgN3T800"); - const std::string pkgN4("pkgN4T800"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const uid_t uid3(99903); - const uid_t uid4(99904); - const std::string tizenVer1("tizenVer1T800"); - const std::string tizenVer2("tizenVer2T800"); - const std::string tizenVer3("tizenVer3T800"); - const std::string authorN1("authorN1T800"); - const std::string authorN2("authorN2T800"); - addApplicationRequireSuccess(appN1, pkgN1, uid2, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN2, uid3, tizenVer2, authorN2, hybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid3, tizenVer3, authorN2, notHybrid); - addApplicationRequireSuccess(appN4, pkgN3, uid3, tizenVer3, authorN2, notHybrid); - addApplicationRequireSuccess(appN5, pkgN4, uid4, tizenVer1, authorN2, notHybrid); - - auto checkGetUserApps = [&](const uid_t uid, std::vector expectedApps) - { - std::vector apps; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetUserApps(uid, apps)); - std::sort(apps.begin(), apps.end()); - std::sort(expectedApps.begin(), expectedApps.end()); - BOOST_CHECK_EQUAL_COLLECTIONS(apps.begin(), apps.end(), - expectedApps.begin(), expectedApps.end()); - }; - - checkGetUserApps(uid1, {}); - checkGetUserApps(uid2, {appN1}); - checkGetUserApps(uid3, {appN2, appN3, appN4}); - checkGetUserApps(uid4, {appN5}); - - removeApplicationRequireSuccess(appN2, uid3); - removeApplicationRequireSuccess(appN3, uid3); - addApplicationRequireSuccess(appN2, pkgN4, uid4, tizenVer1, authorN2, notHybrid); - addApplicationRequireSuccess(appN3, pkgN4, uid4, tizenVer1, authorN2, notHybrid); - - checkGetUserApps(uid3, {appN4}); - checkGetUserApps(uid4, {appN2, appN3, appN5}); -} - -BOOST_AUTO_TEST_CASE(T810_get_user_packages) -{ - const std::string appN1("appN1T810"); - const std::string appN2("appN2T810"); - const std::string appN3("appN3T810"); - const std::string appN4("appN4T810"); - const std::string appN5("appN5T810"); - const std::string pkgN1("pkgN1T810"); - const std::string pkgN2("pkgN2T810"); - const std::string pkgN3("pkgN3T810"); - const std::string pkgN4("pkgN4T810"); - const std::string pkgN5("pkgN5T810"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const uid_t uid3(99903); - const uid_t uid4(99904); - const std::string tizenVer1("tizenVer1T810"); - const std::string authorN1("authorN1T810"); - const std::string authorN2("authorN2T810"); - addApplicationRequireSuccess(appN1, pkgN1, uid2, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN2, uid3, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid3, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN4, pkgN4, uid3, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN5, pkgN5, uid4, tizenVer1, authorN1, notHybrid); - - auto checkGetUserPkgs = [&](const uid_t uid, std::vector expectedPkgs) - { - std::vector pkgs; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetUserPkgs(uid, pkgs)); - std::sort(pkgs.begin(), pkgs.end()); - std::sort(expectedPkgs.begin(), expectedPkgs.end()); - BOOST_CHECK_EQUAL_COLLECTIONS(pkgs.begin(), pkgs.end(), - expectedPkgs.begin(), expectedPkgs.end()); - }; - - checkGetUserPkgs(uid1, {}); - checkGetUserPkgs(uid2, {pkgN1}); - checkGetUserPkgs(uid3, {pkgN2, pkgN3, pkgN4}); - checkGetUserPkgs(uid4, {pkgN5}); - - removeApplicationRequireSuccess(appN2, uid3); - removeApplicationRequireSuccess(appN3, uid3); - addApplicationRequireSuccess(appN2, pkgN2, uid4, tizenVer1, authorN2, notHybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid4, tizenVer1, authorN2, notHybrid); - - checkGetUserPkgs(uid3, {pkgN4}); - checkGetUserPkgs(uid4, {pkgN2, pkgN3, pkgN5}); -} - -BOOST_AUTO_TEST_CASE(T820_get_pkg_apps) -{ - const std::string appN1("appN1T820"); - const std::string appN2("appN2T820"); - const std::string appN3("appN3T820"); - const std::string appN4("appN4T820"); - const std::string appN5("appN5T820"); - const std::string pkgN1("pkgN1T820"); - const std::string pkgN2("pkgN2T820"); - const std::string pkgN3("pkgN3T820"); - const std::string pkgN4("pkgN4T820"); - const uid_t uid1(99902); - const std::string tizenVer1("tizenVer1T820"); - const std::string authorN1("authorN1T820"); - const std::string authorN2("authorN2T820"); - addApplicationRequireSuccess(appN1, pkgN2, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN3, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN4, pkgN3, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN5, pkgN4, uid1, tizenVer1, authorN1, notHybrid); - - auto checkGetPkgApps = [&](const std::string &package, std::vector expectedApps) - { - std::vector apps; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetPkgApps(package, apps)); - std::sort(apps.begin(), apps.end()); - std::sort(expectedApps.begin(), expectedApps.end()); - BOOST_CHECK_EQUAL_COLLECTIONS(apps.begin(), apps.end(), - expectedApps.begin(), expectedApps.end()); - }; - - checkGetPkgApps(pkgN1, {}); - checkGetPkgApps(pkgN2, {appN1}); - checkGetPkgApps(pkgN3, {appN2, appN3, appN4}); - checkGetPkgApps(pkgN4, {appN5}); - - removeApplicationRequireSuccess(appN1, uid1); - removeApplicationRequireSuccess(appN2, uid1); - removeApplicationRequireSuccess(appN3, uid1); - addApplicationRequireSuccess(appN1, pkgN4, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN4, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN3, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - - checkGetPkgApps(pkgN1, {appN3}); - checkGetPkgApps(pkgN2, {}); - checkGetPkgApps(pkgN3, {appN4}); - checkGetPkgApps(pkgN4, {appN1, appN2, appN5}); -} - -BOOST_AUTO_TEST_CASE(T830_get_all_packages) -{ - const std::string appN1("appN1T830"); - const std::string appN2("appN2T830"); - const std::string appN3("appN3T830"); - const std::string appN4("appN4T830"); - const std::string appN5("appN5T830"); - const std::string pkgN1("pkgN1T830"); - const std::string pkgN2("pkgN2T830"); - const std::string pkgN3("pkgN3T830"); - const std::string pkgN4("pkgN4T830"); - const uid_t uid1(99901); - const std::string tizenVer1("tizenVer1T830"); - const std::string authorN1("authorN1T830"); - auto checkGetAllPackages = [&](std::vector expectedPackages) - { - std::vector packages; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAllPackages(packages)); - std::sort(packages.begin(), packages.end()); - std::sort(expectedPackages.begin(), expectedPackages.end()); - BOOST_CHECK_EQUAL_COLLECTIONS(packages.begin(), packages.end(), - expectedPackages.begin(), expectedPackages.end()); - }; - - checkGetAllPackages({}); - addApplicationRequireSuccess(appN1, pkgN2, uid1, tizenVer1, authorN1, notHybrid); - checkGetAllPackages({pkgN2}); - addApplicationRequireSuccess(appN2, pkgN3, uid1, tizenVer1, authorN1, notHybrid); - checkGetAllPackages({pkgN2, pkgN3}); - addApplicationRequireSuccess(appN3, pkgN3, uid1, tizenVer1, authorN1, notHybrid); - checkGetAllPackages({pkgN2, pkgN3}); - addApplicationRequireSuccess(appN4, pkgN3, uid1, tizenVer1, authorN1, notHybrid); - checkGetAllPackages({pkgN2, pkgN3}); - addApplicationRequireSuccess(appN5, pkgN4, uid1, tizenVer1, authorN1, notHybrid); - checkGetAllPackages({pkgN2, pkgN3, pkgN4}); - removeApplicationRequireSuccess(appN1, uid1); - checkGetAllPackages({pkgN3, pkgN4}); - removeApplicationRequireSuccess(appN2, uid1); - checkGetAllPackages({pkgN3, pkgN4}); - removeApplicationRequireSuccess(appN3, uid1); - removeApplicationRequireSuccess(appN4, uid1); - checkGetAllPackages({pkgN4}); - addApplicationRequireSuccess(appN1, pkgN4, uid1, tizenVer1, authorN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN4, uid1, tizenVer1, authorN1, notHybrid); - checkGetAllPackages({pkgN4}); - addApplicationRequireSuccess(appN3, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - checkGetAllPackages({pkgN1, pkgN4}); -} - -BOOST_AUTO_TEST_CASE(T840_get_pkg_author_id) -{ - const std::string appN1("appN1T840"); - const std::string appN2("appN2T840"); - const std::string appN3("appN3T840"); - const std::string pkgN1("pkgN1T840"); - const std::string pkgN2("pkgN2T840"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const uid_t uid3(99903); - const std::string tizenVer1("tizenVer1T840"); - const std::string authorN1("authorN1T840"); - const std::string authorN2("authorN2T840"); - const std::string authorN3("authorN3T840"); - auto checkGetPkgAuthorId = [&](const std::string &pkgName, int expectedAuthorId) - { - int authorId; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetPkgAuthorId(pkgName, authorId)); - BOOST_CHECK_MESSAGE(expectedAuthorId == authorId, "GetPkgAuthorId for package: " - << pkgName << " returned authorId: " << authorId << " expected: " << expectedAuthorId); - }; - - checkGetPkgAuthorId(pkgN1, -1); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); - checkGetPkgAuthorId(pkgN1, 1); - addApplicationRequireSuccess(appN2, pkgN2, uid2, tizenVer1, authorN2, hybrid); - checkGetPkgAuthorId(pkgN2, 2); - addApplicationRequireSuccess(appN3, pkgN2, uid2, tizenVer1, authorN2, hybrid); - checkGetPkgAuthorId(pkgN2, 2); - removeApplicationRequireSuccess(appN1, uid1); - checkGetPkgAuthorId(pkgN1, -1); - addApplicationRequireSuccess(appN1, pkgN1, uid3, tizenVer1, authorN3, hybrid); - checkGetPkgAuthorId(pkgN1, 3); -} - -BOOST_AUTO_TEST_CASE(T850_get_pkg_author_id_by_name) -{ - const std::string appN1("appN1T850"); - const std::string appN2("appN2T850"); - const std::string pkgN1("pkgN1T850"); - const std::string pkgN2("pkgN2T850"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T850"); - const std::string authorN1("authorN1T850"); - const std::string authorN2("authorN2T850"); - auto checkGetAuthorIdByName = [&](const std::string &authorName, int expectedAuthorId) - { - int authorId; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetAuthorIdByName(authorName, authorId)); - BOOST_CHECK_MESSAGE(expectedAuthorId == authorId, "GetAuthorIdByName for authorName: " - << authorName << " returned wrong authorId: " << authorId << " expected: " - << expectedAuthorId); - }; - - checkGetAuthorIdByName(authorN1, -1); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - checkGetAuthorIdByName(authorN1, 1); - addApplicationRequireSuccess(appN2, pkgN2, uid2, tizenVer1, authorN2, notHybrid); - checkGetAuthorIdByName(authorN2, 2); - removeApplicationRequireSuccess(appN1, uid1); - checkGetAuthorIdByName(authorN1, -1); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, hybrid); - checkGetAuthorIdByName(authorN1, 3); -} - -BOOST_AUTO_TEST_CASE(T860_is_package_hybrid) -{ - const std::string appN1("appN1T860"); - const std::string appN2("appN2T860"); - const std::string appN3("appN3T860"); - const std::string pkgN1("pkgN1T860"); - const std::string pkgN2("pkgN2T860"); - const std::string pkgN3("pkgN3T860"); - const uid_t uid1(99901); - const uid_t uid2(99902); - const std::string tizenVer1("tizenVer1T860"); - const std::string authorN1("authorN1T860"); - const std::string authorN2("authorN2T860"); - auto checkIsPackageHybrid = [&](const std::string &pkgName, bool expectedIsHybrid) - { - bool isHybrid; - BOOST_REQUIRE_NO_THROW(isHybrid = testPrivilegeDb->IsPackageHybrid(pkgName)); - BOOST_CHECK_MESSAGE(expectedIsHybrid == isHybrid, "IsPackageHybrid for pkgName: " - << pkgName << " returned wrong value: " << isHybrid << " expected: " - << expectedIsHybrid); - }; - - checkIsPackageHybrid(pkgN1, notHybrid); - addApplicationRequireSuccess(appN1, pkgN1, uid1, tizenVer1, authorN1, notHybrid); - checkIsPackageHybrid(pkgN1, notHybrid); - addApplicationRequireSuccess(appN2, pkgN2, uid2, tizenVer1, authorN2, notHybrid); - checkIsPackageHybrid(pkgN2, notHybrid); - addApplicationRequireSuccess(appN3, pkgN3, uid1, tizenVer1, authorN1, hybrid); - checkIsPackageHybrid(pkgN3, hybrid); -} - -// Privileges - -BOOST_AUTO_TEST_CASE(T900_get_groups_from_empty_db) -{ - std::vector groups; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetGroups(groups)); - BOOST_REQUIRE_MESSAGE(groups.size() == 0, "GetGroups found some groups in empty database"); -} - -BOOST_AUTO_TEST_CASE(T910_get_groups) -{ - int ret = system("sqlite3 " TEST_PRIVILEGE_DB_PATH " " - "\"BEGIN; " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege30', 'group3'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege10', 'group1'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege11', 'group1'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege20', 'group2'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege31', 'group3'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege32', 'group3'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege41', 'group4'); " - "COMMIT;\" "); - BOOST_REQUIRE_MESSAGE(ret == 0, "Could not create populate the database"); - std::vector groups; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetGroups(groups)); - std::sort(groups.begin(), groups.end()); - std::vector expectedGroups = {"group1", "group2", "group3", "group4"}; - BOOST_CHECK_EQUAL_COLLECTIONS(groups.begin(), groups.end(), - expectedGroups.begin(), expectedGroups.end()); -} - -BOOST_AUTO_TEST_CASE(T920_get_groups_related_privileges_from_empty_db) -{ - std::vector> privileges; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetGroupsRelatedPrivileges(privileges)); - BOOST_REQUIRE_MESSAGE(privileges.size() == 0, "GetGroupsRelatedPrivileges found some" - " privileges in empty database"); -} - -BOOST_AUTO_TEST_CASE(T930_get_groups_related_privileges) -{ - int ret = system("sqlite3 " TEST_PRIVILEGE_DB_PATH " " - "\"BEGIN; " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege30', 'group3'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege10', 'group1'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege11', 'group1'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege20', 'group2'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege31', 'group3'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege32', 'group3'); " - "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege41', 'group4'); " - "COMMIT;\" "); - BOOST_REQUIRE_MESSAGE(ret == 0, "Could not create populate the database"); - std::vector> privileges; - BOOST_REQUIRE_NO_THROW(testPrivilegeDb->GetGroupsRelatedPrivileges(privileges)); - std::sort(privileges.begin(), privileges.end(), [](std::pair &a, - std::pair &b) { - if (a.first < b.first) - return true; - if (b.first < a.first) - return false; - if (a.second < b.second) - return true; - return false; - }); - std::vector> expectedPrivileges = {{"group1", "privilege10"}, - {"group1", "privilege11"}, {"group2", "privilege20"}, {"group3", "privilege30"}, - {"group3", "privilege31"}, {"group3", "privilege32"}, {"group4", "privilege41"}}; - BOOST_REQUIRE_MESSAGE(privileges.size() == expectedPrivileges.size(), "GetGroupsRelatedPrivileges \ - returned wrong number of privileges expected: " << expectedPrivileges.size() << " got: " - << privileges.size()); - for (unsigned int i = 0; i < privileges.size(); i++) - BOOST_REQUIRE_MESSAGE(privileges[i] == expectedPrivileges[i], "Expected: (" - << expectedPrivileges[i].first << "," << expectedPrivileges[i].second << " got: " - << privileges[i].first << " , " << privileges[i].second << ")"); -} - -BOOST_AUTO_TEST_SUITE_END() diff --git a/test/test_privilege_db_add_app.cpp b/test/test_privilege_db_add_app.cpp new file mode 100644 index 0000000..2684bae --- /dev/null +++ b/test/test_privilege_db_add_app.cpp @@ -0,0 +1,218 @@ +/* + * Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file test_privilege_db_add_app.cpp + * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) + * @version 1.0 + */ + +#include + +#include +#include + +#include "privilege_db.h" +#include "privilege_db_fixture.h" + +BOOST_FIXTURE_TEST_SUITE(PRIVILEGE_DB_TEST_ADD_APP, PrivilegeDBFixture) + +// AddApplication + +BOOST_AUTO_TEST_CASE(T400_add_application_simple) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T410_add_application_empty_name) +{ + addAppSuccess("", pkg(1), uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T420_add_application_long_name) +{ + const std::string app("IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongString" + "IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongStringappNT420"); + + addAppSuccess(app, pkg(1), uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T430_add_application_name_with_spaces) +{ + const std::string app("appN1 with spaces T430"); + + addAppSuccess(app, pkg(1), uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T440_add_application_empty_pkg_name) +{ + addAppSuccess(app(1), "", uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T450_add_application_long_pkg_name) +{ + const std::string pkg("IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongString" + "IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongStringpkg(1)T450"); + + addAppSuccess(app(1), pkg, uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T460_add_application_name_with_spaces_pkg) +{ + const std::string pkg("pkgN with spaces T460"); + + addAppSuccess(app(1), pkg, uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T470_add_application_empty_tizenVer) +{ + addAppSuccess(app(1), pkg(1), uid(1), "", author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T480_add_application_long_tizenVer) +{ + const std::string tizenVer("IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongString" + "IAmAVeryLongStringIAmAVeryLongStringIAmAVeryLongStringtizenN1T480"); + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer, author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T490_add_application_tizenVer_with_spaces) +{ + const std::string tizenVer("tizenVer with spaces T490"); + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer, author(1), Hybrid); +} +BOOST_AUTO_TEST_CASE(T500_add_application_twice_to_same_package) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T510_add_application_to_different_packages) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppFail(app(1), pkg(2), uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T520_add_application_two_tizen_versions_to_same_package) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppFail(app(1), pkg(1), uid(1), tizenVer(2), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T530_add_application_two_tizen_versions_to_two_packages) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppFail(app(1), pkg(2), uid(1), tizenVer(2), author(1), NotHybrid); +} + +BOOST_AUTO_TEST_CASE(T540_add_application_different_Hybrid_to_package) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppFail(app(1), pkg(1), uid(2), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T550_add_application_same_name) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppFail(app(1), pkg(2), uid(2), tizenVer(2), author(2), NotHybrid); +} + +BOOST_AUTO_TEST_CASE(T560_add_five_applications_to_same_package) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppSuccess(app(2), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppSuccess(app(3), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppSuccess(app(4), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppSuccess(app(5), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T570_add_applications_with_different_author_to_package) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppFail(app(2), pkg(1), uid(1), tizenVer(1), author(2), NotHybrid); + BOOST_REQUIRE_MESSAGE(!getPrivDb()->AppNameExists(app(2)), + "AppNameExists wrongly reported " << app(2) << " as existing application name"); +} + +BOOST_AUTO_TEST_CASE(T580_add_applications_with_different_authors_to_packages) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(3), pkg(2), uid(1), tizenVer(1), author(2), NotHybrid); + addAppSuccess(app(4), pkg(2), uid(1), tizenVer(1), author(2), NotHybrid); +} + +BOOST_AUTO_TEST_CASE(T590_add_applications_with_empty_noempty_author) +{ + int authorIdPkg; + int authorId; + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), "", NotHybrid); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPkgAuthorId(pkg(1), authorIdPkg)); + BOOST_REQUIRE_MESSAGE(authorIdPkg == -1, "Wrong author id returned: " << authorIdPkg + << " expected: -1"); + + addAppSuccess(app(2), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPkgAuthorId(pkg(1), authorIdPkg)); + BOOST_REQUIRE_MESSAGE(authorIdPkg != -1, "Wrong author id returned: -1"); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAuthorIdByName(author(1), authorId)); + BOOST_REQUIRE_MESSAGE(authorId == authorIdPkg, "Author id returned by GetAuthorIdByName: " + << authorId << " does not match author id returned by GetPkgAuthorId: " << authorIdPkg); + + addAppSuccess(app(3), pkg(1), uid(1), tizenVer(1), "", NotHybrid); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPkgAuthorId(pkg(2), authorIdPkg)); + BOOST_REQUIRE_MESSAGE(authorIdPkg == -1, "Wrong author id returned: " << authorIdPkg + << " expected: -1"); +} + +BOOST_AUTO_TEST_CASE(T600_add_applications_with_different_isHybrid_false_true) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppFail(app(2), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + BOOST_REQUIRE_MESSAGE(!getPrivDb()->AppNameExists(app(2)), + "AppNameExists wrongly reported " << app(2) << " as existing application name"); +} + +BOOST_AUTO_TEST_CASE(T610_add_applications_with_different_isHybrid_true_false) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + addAppFail(app(2), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + BOOST_REQUIRE_MESSAGE(!getPrivDb()->AppNameExists(app(2)), + "AppNameExists wrongly reported " << app(2) << " as existing application name"); +} + +BOOST_AUTO_TEST_CASE(T620_add_applications_with_different_isHybrid_to_two_packages) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(3), pkg(2), uid(1), tizenVer(1), author(2), Hybrid); + addAppSuccess(app(4), pkg(2), uid(1), tizenVer(1), author(2), Hybrid); +} + +BOOST_AUTO_TEST_CASE(T630_add_applications_with_different_uid_to_package) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(1), pkg(1), uid(2), tizenVer(1), author(1), NotHybrid); +} + +BOOST_AUTO_TEST_CASE(T640_add_applications_with_different_uid_to_two_packages) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppFail(app(1), pkg(2), uid(2), tizenVer(1), author(1), NotHybrid); +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/test/test_privilege_db_app_pkg_getters.cpp b/test/test_privilege_db_app_pkg_getters.cpp new file mode 100644 index 0000000..cc94010 --- /dev/null +++ b/test/test_privilege_db_app_pkg_getters.cpp @@ -0,0 +1,398 @@ +/* + * Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file test_privilege_db_app_pkg_getters.cpp + * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) + * @version 1.0 + */ + +#include +#include + +#include +#include + +#include "privilege_db.h" +#include "privilege_db_fixture.h" + +//Fixture for getters + +struct PrivilegeDBGettersFixture : PrivilegeDBFixture +{ + void checkGetAllPackages(std::vector expectedPackages); + void checkGetAuthorIdByName(const std::string &authorName, int expectedAuthorId); + void checkGetPkgApps(const std::string &package, std::vector expectedApps); + void checkGetPkgAuthorId(const std::string &pkgName, int expectedAuthorId); + void checkGetUserApps(const uid_t uid, std::vector expectedApps); + void checkGetUserPkgs(const uid_t uid, std::vector expectedPkgs); + void checkIsPackageHybrid(const std::string &pkgName, bool expectedIsHybrid); +}; + +void PrivilegeDBGettersFixture::checkGetAllPackages(std::vector expectedPackages) +{ + std::vector packages; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAllPackages(packages)); + std::sort(packages.begin(), packages.end()); + std::sort(expectedPackages.begin(), expectedPackages.end()); + BOOST_CHECK_EQUAL_COLLECTIONS(packages.begin(), packages.end(), + expectedPackages.begin(), expectedPackages.end()); +}; + +void PrivilegeDBGettersFixture::checkGetAuthorIdByName(const std::string &authorName, + int expectedAuthorId) +{ + int authorId; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAuthorIdByName(authorName, authorId)); + BOOST_CHECK_MESSAGE(expectedAuthorId == authorId, "GetAuthorIdByName for authorName: " + << authorName << " returned wrong authorId: " << authorId << " expected: " + << expectedAuthorId); +}; + +void PrivilegeDBGettersFixture::checkGetPkgApps(const std::string &package, + std::vector expectedApps) +{ + std::vector apps; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPkgApps(package, apps)); + std::sort(apps.begin(), apps.end()); + std::sort(expectedApps.begin(), expectedApps.end()); + BOOST_CHECK_EQUAL_COLLECTIONS(apps.begin(), apps.end(), + expectedApps.begin(), expectedApps.end()); +}; + +void PrivilegeDBGettersFixture::checkGetPkgAuthorId(const std::string &pkgName, + int expectedAuthorId) +{ + int authorId; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPkgAuthorId(pkgName, authorId)); + BOOST_CHECK_MESSAGE(expectedAuthorId == authorId, "GetPkgAuthorId for package: " + << pkgName << " returned authorId: " << authorId << " expected: " << expectedAuthorId); +}; + +void PrivilegeDBGettersFixture::checkGetUserApps(const uid_t uid, + std::vector expectedApps) +{ + std::vector apps; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetUserApps(uid, apps)); + std::sort(apps.begin(), apps.end()); + std::sort(expectedApps.begin(), expectedApps.end()); + BOOST_CHECK_EQUAL_COLLECTIONS(apps.begin(), apps.end(), + expectedApps.begin(), expectedApps.end()); +}; + +void PrivilegeDBGettersFixture::checkGetUserPkgs(const uid_t uid, + std::vector expectedPkgs) +{ + std::vector pkgs; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetUserPkgs(uid, pkgs)); + std::sort(pkgs.begin(), pkgs.end()); + std::sort(expectedPkgs.begin(), expectedPkgs.end()); + BOOST_CHECK_EQUAL_COLLECTIONS(pkgs.begin(), pkgs.end(), + expectedPkgs.begin(), expectedPkgs.end()); +}; + +void PrivilegeDBGettersFixture::checkIsPackageHybrid(const std::string &pkgName, + bool expectedIsHybrid) +{ + bool isHybrid; + BOOST_REQUIRE_NO_THROW(isHybrid = getPrivDb()->IsPackageHybrid(pkgName)); + BOOST_CHECK_MESSAGE(expectedIsHybrid == isHybrid, "IsPackageHybrid for pkgName: " + << pkgName << " returned wrong value: " << isHybrid << " expected: " + << expectedIsHybrid); +}; + + +BOOST_FIXTURE_TEST_SUITE(PRIVILEGE_DB_TEST_GETTERS, PrivilegeDBGettersFixture) + +// *Exists, GetApp* + +BOOST_AUTO_TEST_CASE(T300_app_name_exists_finds_nothing) +{ + const std::string notAnExistingAppName("notAnExistingAppNameT300"); + + BOOST_REQUIRE_MESSAGE(!getPrivDb()->AppNameExists(notAnExistingAppName), + "AppNameExists wrongly reported " << notAnExistingAppName << + " as existing application name"); +} + +BOOST_AUTO_TEST_CASE(T315_pkg_name_exists_finds_nothing) +{ + const std::string notAnExistingPkgName("notAnExistingPkgNameT310"); + + BOOST_REQUIRE_MESSAGE(!getPrivDb()->PkgNameExists(notAnExistingPkgName), + "PkgNameExists wrongly reported " << notAnExistingPkgName << + " as existing package name"); +} + +BOOST_AUTO_TEST_CASE(T320_author_id_exists_finds_nothing) +{ + //database is clean, author ids are assigned sequentially from bottom + const int notExistingAuthorId= 200; + + BOOST_REQUIRE_MESSAGE(!getPrivDb()->AuthorIdExists(notExistingAuthorId), + "AuthorIdExists wrongly reported " << notExistingAuthorId << + " as existing author id"); +} + +BOOST_AUTO_TEST_CASE(T325_app_name_pkg_author_exists) +{ + int authorId; + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(1), tizenVer(1), author(2), NotHybrid); + addAppSuccess(app(3), pkg(2), uid(1), tizenVer(1), author(2), NotHybrid); + addAppSuccess(app(4), pkg(2), uid(1), tizenVer(1), author(2), NotHybrid); + addAppSuccess(app(4), pkg(2), uid(2), tizenVer(1), author(2), NotHybrid); + + BOOST_REQUIRE_MESSAGE(getPrivDb()->AppNameExists(app(1)), + "AppNameExists wrongly not reported " << app(1) << " as existing application name"); + BOOST_REQUIRE_MESSAGE(getPrivDb()->PkgNameExists(pkg(1)), + "PkgNameExists wrongly not reported " << pkg(1) << " as existing package name"); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAuthorIdByName(author(1), authorId)); + BOOST_REQUIRE_MESSAGE(getPrivDb()->AuthorIdExists(authorId), + "AuthorIdExists wrongly not found " << author(1) << " as existing author"); +} + +BOOST_AUTO_TEST_CASE(T330_get_app_pkg_name) +{ + std::string package1, package2, package3, package4; + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(3), author(2), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(4), tizenVer(3), author(2), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppPkgName(app(1), package1)); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppPkgName(app(2), package2)); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppPkgName(app(3), package3)); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppPkgName(app(4), package4)); + + BOOST_REQUIRE_MESSAGE(package1 == pkg(1), "Expected package name for app: " << app(1) + << " to be: " << pkg(1) << " got: " << package1); + BOOST_REQUIRE_MESSAGE(package2 == pkg(2), "Expected package name for app: " << app(2) + << " to be: " << pkg(2) << " got: " << package2); + BOOST_REQUIRE_MESSAGE(package3 == pkg(3), "Expected package name for app: " << app(3) + << " to be: " << pkg(3) << " got: " << package3); + BOOST_REQUIRE_MESSAGE(package4 == pkg(3), "Expected package name for app: " << app(4) + << " to be: " << pkg(3) << " got: " << package4); +} + +BOOST_AUTO_TEST_CASE(T335_get_app_version) +{ + std::string version1, version2, version3, version4; + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(3), author(2), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(4), tizenVer(3), author(2), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppVersion(app(1), version1)); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppVersion(app(2), version2)); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppVersion(app(3), version3)); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppVersion(app(4), version4)); + + BOOST_REQUIRE_MESSAGE(version1 == tizenVer(1), "Expected Tizen version for app: " + << app(1) << " to be: " << tizenVer(1) << " got: " << version1); + BOOST_REQUIRE_MESSAGE(version2 == tizenVer(2), "Expected Tizen version for app: " + << app(2) << " to be: " << tizenVer(2) << " got: " << version2); + BOOST_REQUIRE_MESSAGE(version3 == tizenVer(3), "Expected Tizen version for app: " + << app(3) << " to be: " << tizenVer(3) << " got: " << version3); + BOOST_REQUIRE_MESSAGE(version4 == tizenVer(3), "Expected Tizen version for app: " + << app(4) << " to be: " << tizenVer(3) << " got: " << version4); +} + +BOOST_AUTO_TEST_CASE(T340_get_app_package_finds_nothing) +{ + std::string package; + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppPkgName(app(2), package)); + BOOST_REQUIRE_MESSAGE(package.empty(), "Expected empty string as package of nonexisting app " + << "got: " << package); +} + +BOOST_AUTO_TEST_CASE(T345_get_app_version_finds_nothing) +{ + std::string version; + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetAppVersion(app(2), version)); + BOOST_REQUIRE_MESSAGE(version.empty(), + "Expected empty string as version of nonexisting app got: " << version); +} + +// Get* + +BOOST_AUTO_TEST_CASE(T350_get_user_apps) +{ + addAppSuccess(app(1), pkg(1), uid(2), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(3), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(3), author(2), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(3), tizenVer(3), author(2), NotHybrid); + addAppSuccess(app(5), pkg(4), uid(4), tizenVer(1), author(2), NotHybrid); + + checkGetUserApps(uid(1), {}); + checkGetUserApps(uid(2), {app(1)}); + checkGetUserApps(uid(3), {app(2), app(3), app(4)}); + checkGetUserApps(uid(4), {app(5)}); + + removeAppSuccess(app(2), uid(3)); + removeAppSuccess(app(3), uid(3)); + addAppSuccess(app(2), pkg(4), uid(4), tizenVer(1), author(2), NotHybrid); + addAppSuccess(app(3), pkg(4), uid(4), tizenVer(1), author(2), NotHybrid); + + checkGetUserApps(uid(3), {app(4)}); + checkGetUserApps(uid(4), {app(2), app(3), app(5)}); +} + +BOOST_AUTO_TEST_CASE(T355_get_user_packages) +{ + addAppSuccess(app(1), pkg(1), uid(2), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(3), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(4), pkg(4), uid(3), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(5), pkg(5), uid(4), tizenVer(1), author(1), NotHybrid); + + checkGetUserPkgs(uid(1), {}); + checkGetUserPkgs(uid(2), {pkg(1)}); + checkGetUserPkgs(uid(3), {pkg(2), pkg(3), pkg(4)}); + checkGetUserPkgs(uid(4), {pkg(5)}); + + removeAppSuccess(app(2), uid(3)); + removeAppSuccess(app(3), uid(3)); + addAppSuccess(app(2), pkg(2), uid(4), tizenVer(1), author(2), NotHybrid); + addAppSuccess(app(3), pkg(3), uid(4), tizenVer(1), author(2), NotHybrid); + + checkGetUserPkgs(uid(3), {pkg(4)}); + checkGetUserPkgs(uid(4), {pkg(2), pkg(3), pkg(5)}); +} + +BOOST_AUTO_TEST_CASE(T360_get_pkg_apps) +{ + addAppSuccess(app(1), pkg(2), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(3), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(3), pkg(3), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(5), pkg(4), uid(1), tizenVer(1), author(1), NotHybrid); + + checkGetPkgApps(pkg(1), {}); + checkGetPkgApps(pkg(2), {app(1)}); + checkGetPkgApps(pkg(3), {app(2), app(3), app(4)}); + checkGetPkgApps(pkg(4), {app(5)}); + + removeAppSuccess(app(1), uid(1)); + removeAppSuccess(app(2), uid(1)); + removeAppSuccess(app(3), uid(1)); + addAppSuccess(app(1), pkg(4), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(4), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(3), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + checkGetPkgApps(pkg(1), {app(3)}); + checkGetPkgApps(pkg(2), {}); + checkGetPkgApps(pkg(3), {app(4)}); + checkGetPkgApps(pkg(4), {app(1), app(2), app(5)}); +} + +BOOST_AUTO_TEST_CASE(T365_get_all_packages) +{ + checkGetAllPackages({}); + + addAppSuccess(app(1), pkg(2), uid(1), tizenVer(1), author(1), NotHybrid); + checkGetAllPackages({pkg(2)}); + + addAppSuccess(app(2), pkg(3), uid(1), tizenVer(1), author(1), NotHybrid); + checkGetAllPackages({pkg(2), pkg(3)}); + + addAppSuccess(app(3), pkg(3), uid(1), tizenVer(1), author(1), NotHybrid); + checkGetAllPackages({pkg(2), pkg(3)}); + + addAppSuccess(app(4), pkg(3), uid(1), tizenVer(1), author(1), NotHybrid); + checkGetAllPackages({pkg(2), pkg(3)}); + + addAppSuccess(app(5), pkg(4), uid(1), tizenVer(1), author(1), NotHybrid); + checkGetAllPackages({pkg(2), pkg(3), pkg(4)}); + + removeAppSuccess(app(1), uid(1)); + checkGetAllPackages({pkg(3), pkg(4)}); + + removeAppSuccess(app(2), uid(1)); + checkGetAllPackages({pkg(3), pkg(4)}); + + removeAppSuccess(app(3), uid(1)); + removeAppSuccess(app(4), uid(1)); + checkGetAllPackages({pkg(4)}); + + addAppSuccess(app(1), pkg(4), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(4), uid(1), tizenVer(1), author(1), NotHybrid); + checkGetAllPackages({pkg(4)}); + + addAppSuccess(app(3), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + checkGetAllPackages({pkg(1), pkg(4)}); +} + +BOOST_AUTO_TEST_CASE(T370_get_pkg_author_id) +{ + checkGetPkgAuthorId(pkg(1), -1); + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + checkGetPkgAuthorId(pkg(1), 1); + + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(1), author(2), Hybrid); + checkGetPkgAuthorId(pkg(2), 2); + + addAppSuccess(app(3), pkg(2), uid(2), tizenVer(1), author(2), Hybrid); + checkGetPkgAuthorId(pkg(2), 2); + + removeAppSuccess(app(1), uid(1)); + checkGetPkgAuthorId(pkg(1), -1); + + addAppSuccess(app(1), pkg(1), uid(3), tizenVer(1), author(3), Hybrid); + checkGetPkgAuthorId(pkg(1), 3); +} + +BOOST_AUTO_TEST_CASE(T375_get_pkg_author_id_by_name) +{ + checkGetAuthorIdByName(author(1), -1); + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + checkGetAuthorIdByName(author(1), 1); + + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(1), author(2), NotHybrid); + checkGetAuthorIdByName(author(2), 2); + + removeAppSuccess(app(1), uid(1)); + checkGetAuthorIdByName(author(1), -1); + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), Hybrid); + checkGetAuthorIdByName(author(1), 3); +} + +BOOST_AUTO_TEST_CASE(T380_is_package_Hybrid) +{ + checkIsPackageHybrid(pkg(1), NotHybrid); + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + checkIsPackageHybrid(pkg(1), NotHybrid); + + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(1), author(2), NotHybrid); + checkIsPackageHybrid(pkg(2), NotHybrid); + + addAppSuccess(app(3), pkg(3), uid(1), tizenVer(1), author(1), Hybrid); + checkIsPackageHybrid(pkg(3), Hybrid); +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/test/test_privilege_db_app_remove.cpp b/test/test_privilege_db_app_remove.cpp new file mode 100644 index 0000000..0bde946 --- /dev/null +++ b/test/test_privilege_db_app_remove.cpp @@ -0,0 +1,95 @@ +/* + * Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file test_privilege_db_app_remove.cpp + * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) + * @version 1.0 + */ + +#include +#include +#include + +#include +#include + +#include "privilege_db.h" +#include "privilege_db_fixture.h" + +BOOST_FIXTURE_TEST_SUITE(PRIVILEGE_DB_TEST_APP_REMOVE, PrivilegeDBFixture) + +// RemoveApplication + +BOOST_AUTO_TEST_CASE(T700_add_remove_add_application) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + removeApp(app(1), uid(1), true, true, true); + addAppSuccess(app(1), pkg(2), uid(1), tizenVer(1), author(1), NotHybrid); +} + +BOOST_AUTO_TEST_CASE(T710_add_double_remove_add_application) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + removeApp(app(1), uid(1), true, true, true); + removeApp(app(1), uid(1), false, false, false); + addAppSuccess(app(1), pkg(2), uid(1), tizenVer(1), author(1), NotHybrid); +} + +BOOST_AUTO_TEST_CASE(T720_add_remove_application_to_different_users) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(1), pkg(1), uid(2), tizenVer(1), author(1), NotHybrid); + removeApp(app(1), uid(1), false, false, false); + removeApp(app(1), uid(2), true, true, true); +} + +BOOST_AUTO_TEST_CASE(T730_app_name_pkg_author_exists_with_remove) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(3), author(2), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(4), tizenVer(3), author(2), NotHybrid); + + removeApp(app(1), uid(1), true, true, true); + removeApp(app(3), uid(3), true, false, false); + removeApp(app(4), uid(4), true, true, false); + removeApp(app(4), uid(4), false, false, false); + removeApp(app(2), uid(2), true, true, true); + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(3), author(2), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(4), tizenVer(3), author(2), NotHybrid); + addAppSuccess(app(5), pkg(4), uid(4), tizenVer(1), author(2), NotHybrid); + + removeApp(app(1), uid(2), false, false, false); + removeApp(app(1), uid(1), true, true, true); + removeApp(app(2), uid(2), true, true, false); + removeApp(app(3), uid(3), true, false, false); + removeApp(app(4), uid(4), true, true, false); + removeApp(app(5), uid(4), true, true, true); +} + +BOOST_AUTO_TEST_CASE(T740_remove_application_with_no_effect) +{ + removeAppSuccess(app(1), uid(1)); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(1), author(1), NotHybrid); + removeApp(app(2), uid(1), false, false, false); //uid(1) != uid(2) + BOOST_REQUIRE_MESSAGE(getPrivDb()->AppNameExists(app(2)), + "AppNameExists wrongly not reported " << app(2) << " as existing application name"); +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/test/test_privilege_db_privilege.cpp b/test/test_privilege_db_privilege.cpp new file mode 100644 index 0000000..ed62804 --- /dev/null +++ b/test/test_privilege_db_privilege.cpp @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file test_privilege_db_privilege.cpp + * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) + * @version 1.0 + */ + +#include +#include +#include +#include + +#include +#include +#include + +#include "privilege_db.h" +#include "privilege_db_fixture.h" + +BOOST_FIXTURE_TEST_SUITE(PRIVILEGE_DB_TEST_PRIVILEGE, PrivilegeDBFixture) + +// Privileges + +BOOST_AUTO_TEST_CASE(T800_get_groups_from_empty_db) +{ + std::vector groups; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetGroups(groups)); + BOOST_REQUIRE_MESSAGE(groups.size() == 0, "GetGroups found some groups in empty database"); +} + +BOOST_AUTO_TEST_CASE(T810_get_groups) +{ + int ret = system("sqlite3 " TEST_PRIVILEGE_DB_PATH " " + "\"BEGIN; " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege30', 'group3'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege10', 'group1'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege11', 'group1'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege20', 'group2'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege31', 'group3'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege32', 'group3'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege41', 'group4'); " + "COMMIT;\" "); + BOOST_REQUIRE_MESSAGE(ret == 0, "Could not create populate the database"); + std::vector groups; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetGroups(groups)); + std::sort(groups.begin(), groups.end()); + std::vector expectedGroups = {"group1", "group2", "group3", "group4"}; + BOOST_CHECK_EQUAL_COLLECTIONS(groups.begin(), groups.end(), + expectedGroups.begin(), expectedGroups.end()); +} + +BOOST_AUTO_TEST_CASE(T820_get_groups_related_privileges_from_empty_db) +{ + std::vector> privileges; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetGroupsRelatedPrivileges(privileges)); + BOOST_REQUIRE_MESSAGE(privileges.size() == 0, "GetGroupsRelatedPrivileges found some" + " privileges in empty database"); +} + +BOOST_AUTO_TEST_CASE(T830_get_groups_related_privileges) +{ + int ret = system("sqlite3 " TEST_PRIVILEGE_DB_PATH " " + "\"BEGIN; " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege30', 'group3'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege10', 'group1'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege11', 'group1'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege20', 'group2'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege31', 'group3'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege32', 'group3'); " + "INSERT INTO privilege_group (privilege_name, group_name) VALUES ('privilege41', 'group4'); " + "COMMIT;\" "); + BOOST_REQUIRE_MESSAGE(ret == 0, "Could not create populate the database"); + std::vector> privileges; + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetGroupsRelatedPrivileges(privileges)); + std::sort(privileges.begin(), privileges.end(), [](std::pair &a, + std::pair &b) { + if (a.first < b.first) + return true; + if (b.first < a.first) + return false; + if (a.second < b.second) + return true; + return false; + }); + std::vector> expectedPrivileges = + {{"group1", "privilege10"}, {"group1", "privilege11"}, {"group2", "privilege20"}, + {"group3", "privilege30"}, {"group3", "privilege31"}, {"group3", "privilege32"}, + {"group4", "privilege41"}}; + BOOST_REQUIRE_MESSAGE(privileges.size() == expectedPrivileges.size(), + "GetGroupsRelatedPrivileges returned wrong number of privileges expected: " << + expectedPrivileges.size() << " got: " << privileges.size()); + for (unsigned int i = 0; i < privileges.size(); i++) + BOOST_REQUIRE_MESSAGE(privileges[i] == expectedPrivileges[i], "Expected: (" + << expectedPrivileges[i].first << "," << expectedPrivileges[i].second << " got: " + << privileges[i].first << " , " << privileges[i].second << ")"); +} + +BOOST_AUTO_TEST_SUITE_END() + + diff --git a/test/test_privilege_db_sharing.cpp b/test/test_privilege_db_sharing.cpp new file mode 100644 index 0000000..0a0a920 --- /dev/null +++ b/test/test_privilege_db_sharing.cpp @@ -0,0 +1,445 @@ +/* + * Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file test_privilege_db_sharing.cpp + * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) + * @version 1.0 + */ + +#include +#include +#include +#include +#include + +#include +#include +#include + +#include "privilege_db.h" +#include "privilege_db_fixture.h" + +namespace boost +{ +// tell boost howto print vector +template wrap_stringstream& +operator<<(wrap_stringstream &wrapped, const std::vector &elements) +{ + wrapped << '['; + bool first = true; + for (auto &element : elements) { + wrapped << (!first ? "," : "") << element; + first = false; + } + return wrapped << ']'; +} + +// tell boost howto print pair +template wrap_stringstream& +operator<<(wrap_stringstream &wrapped, const std::pair &item) +{ + return wrapped << '<' << item.first << ',' << item.second << '>'; +} + +} //namespace boost + +typedef std::map> PrivateSharingMap; + +//Fixture for sharing + +struct PrivilegeDBSharingFixture : PrivilegeDBFixture +{ + void checkAllPrivateSharing(PrivateSharingMap expectedAppPathMap); + void checkPrivateSharingForOwner(const std::string &ownerAppName, + PrivateSharingMap expectedOwnerSharing); + void checkPrivateSharingForTarget(const std::string &targetAppName, + PrivateSharingMap expectedTargetSharing); + void checkClearPrivateSharingForApp(const std::string &appName); +}; + +void PrivilegeDBSharingFixture::checkAllPrivateSharing(PrivateSharingMap expectedAppPathMap) +{ + PrivateSharingMap appPathMap; + + BOOST_REQUIRE_NO_THROW(testPrivDb->GetAllPrivateSharing(appPathMap)); + BOOST_REQUIRE_MESSAGE(appPathMap.size() == expectedAppPathMap.size(), "Result size; " + << appPathMap.size() << " does not match expected size: " << expectedAppPathMap.size()); + for (auto &v : appPathMap) + std::sort(v.second.begin(), v.second.end()); + for (auto &v : expectedAppPathMap) + std::sort(v.second.begin(), v.second.end()); + + BOOST_CHECK_EQUAL_COLLECTIONS(appPathMap.begin(), appPathMap.end(), + expectedAppPathMap.begin(), expectedAppPathMap.end()); +}; + +void PrivilegeDBSharingFixture::checkPrivateSharingForOwner(const std::string &ownerAppName, + PrivateSharingMap expectedOwnerSharing) +{ + PrivateSharingMap ownerSharing; + + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPrivateSharingForOwner(ownerAppName, + ownerSharing)); + BOOST_CHECK_MESSAGE(ownerSharing.size() == expectedOwnerSharing.size(), "Result size; " + << ownerSharing.size() << " does not match expected size: " + << expectedOwnerSharing.size()); + + for (auto &v : ownerSharing) + std::sort(v.second.begin(), v.second.end()); + for (auto &v : expectedOwnerSharing) + std::sort(v.second.begin(), v.second.end()); + + BOOST_CHECK_EQUAL_COLLECTIONS(ownerSharing.begin(), ownerSharing.end(), + expectedOwnerSharing.begin(), expectedOwnerSharing.end()); +}; + +void PrivilegeDBSharingFixture::checkPrivateSharingForTarget(const std::string &targetAppName, + PrivateSharingMap expectedTargetSharing) +{ + PrivateSharingMap targetSharing; + + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPrivateSharingForTarget(targetAppName, + targetSharing)); + BOOST_CHECK_MESSAGE(targetSharing.size() == expectedTargetSharing.size(), "Result size; " + << targetSharing.size() << " does not match expected size: " + << expectedTargetSharing.size()); + + for (auto &v : targetSharing) + std::sort(v.second.begin(), v.second.end()); + for (auto &v : expectedTargetSharing) + std::sort(v.second.begin(), v.second.end()); + + BOOST_CHECK_EQUAL_COLLECTIONS(targetSharing.begin(), targetSharing.end(), + expectedTargetSharing.begin(), expectedTargetSharing.end()); +}; + +void PrivilegeDBSharingFixture::checkClearPrivateSharingForApp(const std::string &appName) +{ + PrivateSharingMap ownerInfo; + PrivateSharingMap targetInfo; + + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPrivateSharingForOwner(appName, ownerInfo)); + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPrivateSharingForTarget(appName, targetInfo)); + + BOOST_CHECK_MESSAGE(ownerInfo.size() == 0, "Result size (GetPrivateSharingForOwner); " + << ownerInfo.size() << " does not match expected size: 0"); + BOOST_CHECK_MESSAGE(targetInfo.size() == 0, "Result size (GetPrivateSharingForTarget); " + << targetInfo.size() << " does not match expected size: 0"); +}; + +BOOST_FIXTURE_TEST_SUITE(PRIVILEGE_DB_TEST_SHARING, PrivilegeDBSharingFixture) + +// Path sharing + +BOOST_AUTO_TEST_CASE(T900_get_path_sharing_count_from_empty_db) +{ + int count; + + BOOST_REQUIRE_NO_THROW(getPrivDb()->GetPathSharingCount(path(1), count)); + BOOST_REQUIRE_MESSAGE(count == 0, "GetPathSharingCount found some sharing in empty database"); +} + +BOOST_AUTO_TEST_CASE(T910_apply_private_sharing) +{ + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + checkPrivateSharing(app(1), app(2), path(1), 0, 0, 0); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + checkPrivateSharing(app(1), app(2), path(1), 1, 1, 1); + + addAppSuccess(app(3), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(4), pkg(4), uid(2), tizenVer(2), author(2), Hybrid); + checkPrivateSharing(app(1), app(2), path(1), 1, 1, 1); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + checkPrivateSharing(app(1), app(2), path(1), 1, 1, 1); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(2), lab(2))); + checkPrivateSharing(app(1), app(2), path(2), 1, 2, 1); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(1), path(3), lab(3))); + checkPrivateSharing(app(2), app(1), path(3), 1, 1, 1); + checkPrivateSharing(app(1), app(2), path(3), 1, 2, 0); +} + +BOOST_AUTO_TEST_CASE(T920_apply_private_sharing_same_path_different_owners) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(3), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(2), path(1), lab(1)), + PrivilegeDb::Exception::ConstraintError); + checkPrivateSharing(app(1), app(2), path(1), 1, 1, 1); +} + +BOOST_AUTO_TEST_CASE(T930_apply_private_sharing_same_path_different_label) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(3), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(3), path(1), lab(2)), + PrivilegeDb::Exception::ConstraintError); + checkPrivateSharing(app(1), app(3), path(1), 1, 0, 0); +} + +BOOST_AUTO_TEST_CASE(T940_drop_private_sharing) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(2), author(2), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(3), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(3), path(2), lab(2))); + + checkPrivateSharing(app(1), app(2), path(1), 2, 2, 1); + checkPrivateSharing(app(1), app(2), path(2), 2, 2, 1); + checkPrivateSharing(app(1), app(3), path(1), 2, 2, 1); + checkPrivateSharing(app(1), app(3), path(2), 2, 2, 1); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(1), app(2), path(1))); + checkPrivateSharing(app(1), app(2), path(1), 1, 1, 0); + checkPrivateSharing(app(1), app(2), path(2), 2, 1, 1); + checkPrivateSharing(app(1), app(3), path(1), 1, 2, 1); + checkPrivateSharing(app(1), app(3), path(2), 2, 2, 1); + + //once more same drop + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(1), app(2), path(1))); + checkPrivateSharing(app(1), app(2), path(1), 1, 1, 0); + checkPrivateSharing(app(1), app(2), path(2), 2, 1, 1); + checkPrivateSharing(app(1), app(3), path(1), 1, 2, 1); + checkPrivateSharing(app(1), app(3), path(2), 2, 2, 1); + + //no more path(1) + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(1), app(3), path(1))); + checkPrivateSharing(app(1), app(2), path(1), 0, 1, 0); + checkPrivateSharing(app(1), app(2), path(2), 2, 1, 1); + checkPrivateSharing(app(1), app(3), path(1), 0, 1, 0); + checkPrivateSharing(app(1), app(3), path(2), 2, 1, 1); + + //only path(2) (app(1)->app(3)) exists + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(1), app(2), path(2))); + checkPrivateSharing(app(1), app(2), path(1), 0, 0, 0); + checkPrivateSharing(app(1), app(2), path(2), 1, 0, 0); + checkPrivateSharing(app(1), app(3), path(1), 0, 1, 0); + checkPrivateSharing(app(1), app(3), path(2), 1, 1, 1); +} + +BOOST_AUTO_TEST_CASE(T950_get_all_private_sharing) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(2), author(2), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(3), tizenVer(2), author(2), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(1), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(3), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(4), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(3), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(4), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(1), path(3), lab(3))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(2), path(4), lab(4))); + checkAllPrivateSharing({{app(1), {path(1)}}, {app(2), {path(2)}}, + {app(3), {path(3), path(4)}}}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(1), app(1), path(2))); + checkAllPrivateSharing({{app(1), {path(1)}}, {app(2), {path(2)}}, + {app(3), {path(3), path(4)}}}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(3), app(1), path(3))); + checkAllPrivateSharing({{app(1), {path(1)}}, {app(2), {path(2)}}, {app(3), {path(4)}}}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(3), app(2), path(4))); + checkAllPrivateSharing({{app(1), {path(1)}}, {app(2), {path(2)}}}); +} + +BOOST_AUTO_TEST_CASE(T960_private_sharing_for_owner) +{ + + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(2), author(2), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(3), tizenVer(2), author(2), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(1), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(3), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(4), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(2), path(4), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(3), path(3), lab(2))); + checkPrivateSharingForOwner(app(1), {{app(1), {path(1)}}, {app(2), {path(1)}}, + {app(3), {path(1)}}, {app(4), {path(1)}}}); + checkPrivateSharingForOwner(app(2), {{app(2), {path(2), path(4)}}, {app(3), {path(3)}}}); + checkPrivateSharingForOwner(app(3), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(1), app(1), path(1))); + checkPrivateSharingForOwner(app(1), {{app(2), {path(1)}}, {app(3), {path(1)}}, + {app(4), {path(1)}}}); + checkPrivateSharingForOwner(app(2), {{app(2), {path(2), path(4)}}, {app(3), {path(3)}}}); + checkPrivateSharingForOwner(app(3), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(2), app(2), path(2))); + checkPrivateSharingForOwner(app(1), {{app(2), {path(1)}}, {app(3), {path(1)}}, + {app(4), {path(1)}}}); + checkPrivateSharingForOwner(app(2), {{app(2), {path(4)}}, {app(3), {path(3)}}}); + checkPrivateSharingForOwner(app(3), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(2), app(2), path(4))); + checkPrivateSharingForOwner(app(1), {{app(2), {path(1)}}, {app(3), {path(1)}}, + {app(4), {path(1)}}}); + checkPrivateSharingForOwner(app(2), {{app(3), {path(3)}}}); + checkPrivateSharingForOwner(app(3), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(2), app(3), path(3))); + checkPrivateSharingForOwner(app(1), {{app(2), {path(1)}}, {app(3), {path(1)}}, {app(4), {path(1)}}}); + checkPrivateSharingForOwner(app(2), {}); + checkPrivateSharingForOwner(app(3), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(3), path(3), lab(2))); + checkPrivateSharingForOwner(app(1), {{app(2), {path(1)}}, {app(3), {path(1)}}, + {app(4), {path(1)}}}); + checkPrivateSharingForOwner(app(2), {{app(3), {path(3)}}}); + checkPrivateSharingForOwner(app(3), {}); +} + +BOOST_AUTO_TEST_CASE(T970_get_private_sharing_for_target) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(2), author(2), NotHybrid); + addAppSuccess(app(4), pkg(3), uid(3), tizenVer(2), author(2), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(1), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(1), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(1), path(3), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(1), path(31), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(1), path(32), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(4), app(1), path(4), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(3), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(3), path(3), lab(2))); + checkPrivateSharingForTarget(app(1), {{app(1), {path(1)}}, {app(2), {path(2)}}, + {app(3), {path(3), path(31), path(32)}}, {app(4), {path(4)}}}); + checkPrivateSharingForTarget(app(2), {{app(2), {path(2)}}}); + checkPrivateSharingForTarget(app(3), {{app(2), {path(2)}}, {app(3), {path(3)}}}); + checkPrivateSharingForTarget(app(4), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(1), app(1), path(1))); + checkPrivateSharingForTarget(app(1), {{app(2), {path(2)}}, + {app(3), {path(3), path(31), path(32)}}, {app(4), {path(4)}}}); + checkPrivateSharingForTarget(app(2), {{app(2), {path(2)}}}); + checkPrivateSharingForTarget(app(3), {{app(2), {path(2)}}, {app(3), {path(3)}}}); + checkPrivateSharingForTarget(app(4), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(2), app(1), path(2))); + checkPrivateSharingForTarget(app(1), {{app(3), {path(3), path(31), path(32)}}, {app(4), + {path(4)}}}); + checkPrivateSharingForTarget(app(2), {{app(2), {path(2)}}}); + checkPrivateSharingForTarget(app(3), {{app(2), {path(2)}}, {app(3), {path(3)}}}); + checkPrivateSharingForTarget(app(4), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(3), app(1), path(32))); + checkPrivateSharingForTarget(app(1), {{app(3), {path(3), path(31)}}, {app(4), {path(4)}}}); + checkPrivateSharingForTarget(app(2), {{app(2), {path(2)}}}); + checkPrivateSharingForTarget(app(3), {{app(2), {path(2)}}, {app(3), {path(3)}}}); + checkPrivateSharingForTarget(app(4), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(3), app(1), path(31))); + checkPrivateSharingForTarget(app(1), {{app(3), {path(3)}}, {app(4), {path(4)}}}); + checkPrivateSharingForTarget(app(2), {{app(2), {path(2)}}}); + checkPrivateSharingForTarget(app(3), {{app(2), {path(2)}}, {app(3), {path(3)}}}); + checkPrivateSharingForTarget(app(4), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(3), app(1), path(3))); + checkPrivateSharingForTarget(app(1), {{app(4), {path(4)}}}); + checkPrivateSharingForTarget(app(2), {{app(2), {path(2)}}}); + checkPrivateSharingForTarget(app(3), {{app(2), {path(2)}}, {app(3), {path(3)}}}); + checkPrivateSharingForTarget(app(4), {}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(4), app(1), path(4))); + checkPrivateSharingForTarget(app(1), {}); + checkPrivateSharingForTarget(app(2), {{app(2), {path(2)}}}); + checkPrivateSharingForTarget(app(3), {{app(2), {path(2)}}, {app(3), {path(3)}}}); + checkPrivateSharingForTarget(app(4), {}); +} + +BOOST_AUTO_TEST_CASE(T980_squash_private_sharing) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(1), author(1), Hybrid); + addAppSuccess(app(4), pkg(4), uid(4), tizenVer(2), author(2), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(1), app(2), path(1))); + checkPrivateSharingForTarget(app(2), {{app(1), {path(1)}}}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(4), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(4), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(4), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(4), path(2), lab(2))); + checkPrivateSharing(app(3), app(4), path(2), 2, 1, 1); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->SquashSharing(app(4), path(2))); + checkPrivateSharing(app(3), app(4), path(2), 2, 1, 1); + checkPrivateSharingForTarget(app(2), {{app(1), {path(1)}}, {app(3), {path(2)}}}); + checkPrivateSharingForTarget(app(4), {{app(3), {path(2)}}}); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(3), app(2), path(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->DropPrivateSharing(app(3), app(4), path(2))); + checkPrivateSharingForTarget(app(2), {{app(1), {path(1)}}, {app(3), {path(2)}}}); + checkPrivateSharingForTarget(app(4), {}); +} + +BOOST_AUTO_TEST_CASE(T990_clear_private_sharing) +{ + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + addAppSuccess(app(2), pkg(2), uid(2), tizenVer(2), author(2), Hybrid); + addAppSuccess(app(3), pkg(3), uid(3), tizenVer(1), author(1), Hybrid); + addAppSuccess(app(4), pkg(4), uid(4), tizenVer(2), author(2), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(1), app(2), path(1), lab(1))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(1), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(2), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(3), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(2), app(4), path(2), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(3), app(4), path(3), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ApplyPrivateSharing(app(4), app(1), path(4), lab(2))); + BOOST_REQUIRE_NO_THROW(getPrivDb()->ClearPrivateSharing()); + checkClearPrivateSharingForApp(app(1)); + checkClearPrivateSharingForApp(app(2)); + checkClearPrivateSharingForApp(app(3)); + checkClearPrivateSharingForApp(app(4)); +} + +BOOST_AUTO_TEST_SUITE_END() + diff --git a/test/test_privilege_db_transactions.cpp b/test/test_privilege_db_transactions.cpp new file mode 100644 index 0000000..7b65dbe --- /dev/null +++ b/test/test_privilege_db_transactions.cpp @@ -0,0 +1,117 @@ +/* + * Copyright (c) 2016 - 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file test_privilege_db_transactions.cpp + * @author Radoslaw Bartosiak (r.bartosiak@samsung.com) + * @version 1.0 + */ + +#include +#include +#include + +#include +#include +#include + +#include "privilege_db.h" +#include "privilege_db_fixture.h" + + +class Empty {}; //to overwrite the suite fixture + +BOOST_FIXTURE_TEST_SUITE(PRIVILEGE_DB_TEST_TRANSACTIONS, PrivilegeDBFixture) + +// Constructor + +BOOST_FIXTURE_TEST_CASE(T100_privilegedb_constructor, Empty) +{ + PrivilegeDb *testPrivDb = nullptr; + + BOOST_REQUIRE_NO_THROW(testPrivDb = new PrivilegeDb()); + delete testPrivDb; + testPrivDb = nullptr; + BOOST_REQUIRE_THROW(testPrivDb = new PrivilegeDb("/this/not/exists"), + PrivilegeDb::Exception::IOError); + delete testPrivDb; +} + +// Transactions + +BOOST_AUTO_TEST_CASE(T200_transaction_rollback_commit) +{ + BOOST_REQUIRE_NO_THROW(getPrivDb()->BeginTransaction()); + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->RollbackTransaction()); + BOOST_REQUIRE_MESSAGE(!getPrivDb()->AppNameExists(app(1)), + "AppNameExists wrongly reported " << app(1) << " as existing, despite a rollback"); + BOOST_REQUIRE_THROW(getPrivDb()->CommitTransaction(), + PrivilegeDb::Exception::InternalError); +} + +BOOST_AUTO_TEST_CASE(T210_transaction_double_rollback) +{ + BOOST_REQUIRE_NO_THROW(getPrivDb()->BeginTransaction()); + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->RollbackTransaction()); + BOOST_REQUIRE_THROW(getPrivDb()->RollbackTransaction(), + PrivilegeDb::Exception::InternalError); +} + +BOOST_AUTO_TEST_CASE(T220_commit_without_begin) +{ + BOOST_REQUIRE_THROW(getPrivDb()->CommitTransaction(), PrivilegeDb::Exception::InternalError); +} + +BOOST_AUTO_TEST_CASE(T230_rollback_without_begin) +{ + BOOST_REQUIRE_THROW(getPrivDb()->RollbackTransaction(), PrivilegeDb::Exception::InternalError); +} + +BOOST_AUTO_TEST_CASE(T240_transaction) +{ + BOOST_REQUIRE_NO_THROW(getPrivDb()->BeginTransaction()); + addAppSuccess(app(1),pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->CommitTransaction()); + BOOST_REQUIRE_NO_THROW(getPrivDb()->BeginTransaction()); + BOOST_REQUIRE_NO_THROW(getPrivDb()->RollbackTransaction()); + BOOST_REQUIRE_MESSAGE(getPrivDb()->AppNameExists(app(1)), + "AppNameExists wrongly not reported " << app(1) << " as existing application name"); +} + +BOOST_AUTO_TEST_CASE(T250_transaction_double_begin) +{ + BOOST_REQUIRE_NO_THROW(getPrivDb()->BeginTransaction()); + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_THROW(getPrivDb()->BeginTransaction(), + PrivilegeDb::Exception::InternalError); +} + +BOOST_AUTO_TEST_CASE(T260_transaction_double_commit) +{ + BOOST_REQUIRE_NO_THROW(getPrivDb()->BeginTransaction()); + addAppSuccess(app(1), pkg(1), uid(1), tizenVer(1), author(1), NotHybrid); + + BOOST_REQUIRE_NO_THROW(getPrivDb()->CommitTransaction()); + BOOST_REQUIRE_THROW(getPrivDb()->CommitTransaction(), + PrivilegeDb::Exception::InternalError); +} + +BOOST_AUTO_TEST_SUITE_END() -- 2.7.4 From 3f17b0abd7bdb31e78d52de41653fa82f6abbd61 Mon Sep 17 00:00:00 2001 From: Lukasz Pawelczyk Date: Sat, 21 Jan 2017 02:28:40 +0900 Subject: [PATCH 03/16] Make it possible to use out-of-the-source build dir Autogenerated files should be installed from the CMAKE_BINARY_DIR instead of the CMAKE_SOURCE_DIR. This makes it possible to use the build directory that's outside the source one. Change-Id: I516b47f75dabed03bbf8253ea8cacad6c1b5001f --- pc/CMakeLists.txt | 2 +- policy/CMakeLists.txt | 2 +- systemd/CMakeLists.txt | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pc/CMakeLists.txt b/pc/CMakeLists.txt index d54b4db..1db7eca 100644 --- a/pc/CMakeLists.txt +++ b/pc/CMakeLists.txt @@ -19,4 +19,4 @@ CONFIGURE_FILE(security-manager.pc.in security-manager.pc @ONLY) -INSTALL(FILES security-manager.pc DESTINATION ${LIB_INSTALL_DIR}/pkgconfig) +INSTALL(FILES ${CMAKE_CURRENT_BINARY_DIR}/security-manager.pc DESTINATION ${LIB_INSTALL_DIR}/pkgconfig) diff --git a/policy/CMakeLists.txt b/policy/CMakeLists.txt index c26ff61..809ebb8 100644 --- a/policy/CMakeLists.txt +++ b/policy/CMakeLists.txt @@ -11,7 +11,7 @@ INSTALL(FILES "author-rules-template.smack" DESTINATION ${POLICY_DIR}) INSTALL(FILES "privilege-group.list" DESTINATION ${POLICY_DIR}) INSTALL(PROGRAMS "update.sh" DESTINATION ${POLICY_DIR}) INSTALL(DIRECTORY "updates" USE_SOURCE_PERMISSIONS DESTINATION ${POLICY_DIR}) -INSTALL(PROGRAMS security-manager-policy-reload DESTINATION ${BIN_INSTALL_DIR}) +INSTALL(PROGRAMS ${CMAKE_CURRENT_BINARY_DIR}/security-manager-policy-reload DESTINATION ${BIN_INSTALL_DIR}) # FOTA updater INSTALL(FILES 241.security-manager.policy-update.sh DESTINATION ${FOTA_DIR}) diff --git a/systemd/CMakeLists.txt b/systemd/CMakeLists.txt index 8bba273..8d0a1aa 100644 --- a/systemd/CMakeLists.txt +++ b/systemd/CMakeLists.txt @@ -3,10 +3,10 @@ CONFIGURE_FILE(security-manager-cleanup.service.in security-manager-cleanup.serv CONFIGURE_FILE(security-manager-rules-loader.service.in security-manager-rules-loader.service @ONLY) INSTALL(FILES - security-manager.service + ${CMAKE_CURRENT_BINARY_DIR}/security-manager.service security-manager.socket - security-manager-cleanup.service - security-manager-rules-loader.service + ${CMAKE_CURRENT_BINARY_DIR}/security-manager-cleanup.service + ${CMAKE_CURRENT_BINARY_DIR}/security-manager-rules-loader.service DESTINATION ${SYSTEMD_INSTALL_DIR} ) -- 2.7.4 From b11c3746045d1902a6052f691fbd30079381afca Mon Sep 17 00:00:00 2001 From: Bartlomiej Grzelewski Date: Thu, 23 Feb 2017 11:47:50 +0100 Subject: [PATCH 04/16] Remove dependency between SM and DBUS Dependency between SM and DBUS was required to avoid deadlock. Problem was already solved in DBUS initilization code commit: https://review.tizen.org/gerrit/#/c/115757/ Change-Id: I34d98d1a75eb004bce0da0d664a64de61b9ab66a --- systemd/security-manager.service.in | 4 ---- 1 file changed, 4 deletions(-) diff --git a/systemd/security-manager.service.in b/systemd/security-manager.service.in index 62a7816..5205b36 100644 --- a/systemd/security-manager.service.in +++ b/systemd/security-manager.service.in @@ -1,6 +1,5 @@ [Unit] Description=Start the security manager -Before=dbus.service [Service] Type=notify @@ -8,6 +7,3 @@ ExecStart=@BIN_INSTALL_DIR@/security-manager Sockets=security-manager.socket Restart=always SmackProcessLabel=System::Privileged - -[Install] -WantedBy=dbus.service -- 2.7.4 From 942b8ffe8ddc07e4037abac2f69f3460ade8585d Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Mon, 13 Mar 2017 16:28:28 +0100 Subject: [PATCH 05/16] Allow version compatibility change during application upgrade Security-manager should permit app installation request for cases where the same app is already installed, but platform version for the app has changed. Change-Id: Ia8ffdc20c084b7ade18e3deeed6d17b081149a70 Signed-off-by: Rafal Krypa --- db/db.sql | 10 ++++------ db/updates/update-db-to-v10.sql | 5 +++++ 2 files changed, 9 insertions(+), 6 deletions(-) create mode 100644 db/updates/update-db-to-v10.sql diff --git a/db/db.sql b/db/db.sql index f22e451..9f264b3 100644 --- a/db/db.sql +++ b/db/db.sql @@ -4,7 +4,7 @@ PRAGMA auto_vacuum = NONE; BEGIN EXCLUSIVE TRANSACTION; -PRAGMA user_version = 9; +PRAGMA user_version = 10; CREATE TABLE IF NOT EXISTS pkg ( pkg_id INTEGER PRIMARY KEY, @@ -88,11 +88,6 @@ BEGIN WHERE app_name=NEW.app_name AND pkg_name!=NEW.pkg_name); - SELECT RAISE(ABORT, 'Application already installed with different version') - WHERE EXISTS (SELECT 1 FROM user_app_pkg_view - WHERE app_name=NEW.app_name - AND version!=NEW.version); - SELECT RAISE(ABORT, 'Another application from this package is already installed with different author') WHERE EXISTS (SELECT 1 FROM user_app_pkg_view WHERE pkg_name=NEW.pkg_name @@ -115,6 +110,9 @@ BEGIN UPDATE pkg SET author_id=(SELECT author_id FROM author WHERE name=NEW.author_name) WHERE name=NEW.pkg_name AND author_id IS NULL; + -- If pkg have already existed with different version do update it + UPDATE app SET version=NEW.version WHERE app_id=NEW.app_id; + INSERT OR IGNORE INTO app (pkg_id, name, version) VALUES ( (SELECT pkg_id FROM pkg WHERE name=NEW.pkg_name), NEW.app_name, diff --git a/db/updates/update-db-to-v10.sql b/db/updates/update-db-to-v10.sql new file mode 100644 index 0000000..c90e88e --- /dev/null +++ b/db/updates/update-db-to-v10.sql @@ -0,0 +1,5 @@ +BEGIN EXCLUSIVE TRANSACTION; + +PRAGMA user_version = 10; + +COMMIT TRANSACTION; -- 2.7.4 From 912b85a30604dd0742a00c7026dfbaaea54aee0e Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Thu, 2 Mar 2017 14:28:28 +0100 Subject: [PATCH 06/16] Add missing ')' in cmd line tool usage description Change-Id: Iadbe5225f3eefd2048e0c5b17cdb1d643fd9181c --- src/cmd/security-manager-cmd.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cmd/security-manager-cmd.cpp b/src/cmd/security-manager-cmd.cpp index 3366f7f..0ed8bb0 100644 --- a/src/cmd/security-manager-cmd.cpp +++ b/src/cmd/security-manager-cmd.cpp @@ -102,7 +102,7 @@ static po::options_description getInstallOptions() ("author-id,c", po::value(), "unique author's identifier (required for trusted_rw paths)") ("install-type", po::value(), - "type of installation (local, global, preloaded") + "type of installation (local, global, preloaded)") ; return opts; } -- 2.7.4 From 1caf0f27271c22a0c1d884d7388219a2a6d50f64 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Thu, 2 Mar 2017 08:24:07 +0100 Subject: [PATCH 07/16] Free requests after processing them in cmd line tool App installation and user management requests were not freed after their processing is finished in security-manager-cmd. Pointers wrapped in std::unique_ptr. Change-Id: I689833dea78ccedb5aaac9267d3c0a06895f0568 --- src/cmd/security-manager-cmd.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/cmd/security-manager-cmd.cpp b/src/cmd/security-manager-cmd.cpp index 0ed8bb0..c2c12c5 100644 --- a/src/cmd/security-manager-cmd.cpp +++ b/src/cmd/security-manager-cmd.cpp @@ -33,6 +33,7 @@ #include #include #include +#include #include namespace po = boost::program_options; @@ -357,6 +358,7 @@ int main(int argc, char *argv[]) LogDebug("Install command."); if (security_manager_app_inst_req_new(&req) != SECURITY_MANAGER_SUCCESS) return EXIT_FAILURE; + auto req_ptr = makeUnique(req, security_manager_app_inst_req_free); parseInstallOptions(argc, argv, *req, vm); return installApp(*req); } else if (vm.count("manage-users")) { @@ -365,6 +367,8 @@ int main(int argc, char *argv[]) LogDebug("Manage users command."); if (security_manager_user_req_new(&req) != SECURITY_MANAGER_SUCCESS) return EXIT_FAILURE; + auto req_ptr = makeUnique(req, security_manager_user_req_free); + parseUserOptions(argc, argv, *req, vm); return manageUserOperation(*req, operation); } else { -- 2.7.4 From 46182728efe31b9e301521f43e12531a34f18a55 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Fri, 13 Jan 2017 14:36:31 +0100 Subject: [PATCH 08/16] Clean up cynara classes members names Start member names with "m_" prefix and static member names with "s_". Change-Id: I39c0e08981e797a188edd841c2c32c89f694d20c --- src/common/cynara.cpp | 76 ++++++++++++++++++++++----------------------- src/common/include/cynara.h | 21 ++++++------- 2 files changed, 47 insertions(+), 50 deletions(-) diff --git a/src/common/cynara.cpp b/src/common/cynara.cpp index fd18f21..ad714f5 100644 --- a/src/common/cynara.cpp +++ b/src/common/cynara.cpp @@ -269,20 +269,20 @@ static bool checkCynaraError(int result, const std::string &msg) } } -CynaraAdmin::TypeToDescriptionMap CynaraAdmin::TypeToDescription; -CynaraAdmin::DescriptionToTypeMap CynaraAdmin::DescriptionToType; +CynaraAdmin::TypeToDescriptionMap CynaraAdmin::s_typeToDescription; +CynaraAdmin::DescriptionToTypeMap CynaraAdmin::s_descriptionToType; CynaraAdmin::CynaraAdmin() : m_policyDescriptionsInitialized(false) { checkCynaraError( - cynara_admin_initialize(&m_CynaraAdmin), + cynara_admin_initialize(&m_cynaraAdmin), "Cannot connect to Cynara administrative interface."); } CynaraAdmin::~CynaraAdmin() { - cynara_admin_finish(m_CynaraAdmin); + cynara_admin_finish(m_cynaraAdmin); } void CynaraAdmin::SetPolicies(const std::vector &policies) @@ -309,7 +309,7 @@ void CynaraAdmin::SetPolicies(const std::vector &policies) pp_policies[policies.size()] = nullptr; checkCynaraError( - cynara_admin_set_policies(m_CynaraAdmin, pp_policies.data()), + cynara_admin_set_policies(m_cynaraAdmin, pp_policies.data()), "Error while updating Cynara policy."); } @@ -546,7 +546,7 @@ void CynaraAdmin::ListPolicies( struct cynara_admin_policy ** pp_policies = nullptr; checkCynaraError( - cynara_admin_list_policies(m_CynaraAdmin, bucket.c_str(), label.c_str(), + cynara_admin_list_policies(m_cynaraAdmin, bucket.c_str(), label.c_str(), user.c_str(), privilege.c_str(), &pp_policies), "Error while getting list of policies for bucket: " + bucket); @@ -564,7 +564,7 @@ void CynaraAdmin::EmptyBucket(const std::string &bucketName, bool recursive, con const std::string &user, const std::string &privilege) { checkCynaraError( - cynara_admin_erase(m_CynaraAdmin, bucketName.c_str(), static_cast(recursive), + cynara_admin_erase(m_cynaraAdmin, bucketName.c_str(), static_cast(recursive), client.c_str(), user.c_str(), privilege.c_str()), "Error while emptying bucket: " + bucketName + ", filter (C, U, P): " + client + ", " + user + ", " + privilege); @@ -579,7 +579,7 @@ void CynaraAdmin::FetchCynaraPolicyDescriptions(bool forceRefresh) // fetch checkCynaraError( - cynara_admin_list_policies_descriptions(m_CynaraAdmin, &descriptions), + cynara_admin_list_policies_descriptions(m_cynaraAdmin, &descriptions), "Error while getting list of policies descriptions from Cynara."); if (descriptions[0] == nullptr) { @@ -590,15 +590,15 @@ void CynaraAdmin::FetchCynaraPolicyDescriptions(bool forceRefresh) // reset the state m_policyDescriptionsInitialized = false; - DescriptionToType.clear(); - TypeToDescription.clear(); + s_descriptionToType.clear(); + s_typeToDescription.clear(); // extract strings for (int i = 0; descriptions[i] != nullptr; i++) { std::string descriptionName(descriptions[i]->name); - DescriptionToType[descriptionName] = descriptions[i]->result; - TypeToDescription[descriptions[i]->result] = std::move(descriptionName); + s_descriptionToType[descriptionName] = descriptions[i]->result; + s_typeToDescription[descriptions[i]->result] = std::move(descriptionName); free(descriptions[i]->name); free(descriptions[i]); @@ -646,7 +646,7 @@ void CynaraAdmin::ListPoliciesDescriptions(std::vector &policiesDes { FetchCynaraPolicyDescriptions(false); - for (const auto &it : TypeToDescription) + for (const auto &it : s_typeToDescription) policiesDescriptions.push_back(it.second); } @@ -654,14 +654,14 @@ std::string CynaraAdmin::convertToPolicyDescription(const int policyType, bool f { FetchCynaraPolicyDescriptions(forceRefresh); - return TypeToDescription.at(policyType); + return s_typeToDescription.at(policyType); } int CynaraAdmin::convertToPolicyType(const std::string &policy, bool forceRefresh) { FetchCynaraPolicyDescriptions(forceRefresh); - return DescriptionToType.at(policy); + return s_descriptionToType.at(policy); } void CynaraAdmin::Check(const std::string &label, const std::string &user, const std::string &privilege, @@ -670,7 +670,7 @@ void CynaraAdmin::Check(const std::string &label, const std::string &user, const char *resultExtraCstr = nullptr; checkCynaraError( - cynara_admin_check(m_CynaraAdmin, bucket.c_str(), recursive, label.c_str(), + cynara_admin_check(m_cynaraAdmin, bucket.c_str(), recursive, label.c_str(), user.c_str(), privilege.c_str(), &result, &resultExtraCstr), "Error while asking cynara admin API for permission for app label: " + label + ", user: " + user + " privilege: " + privilege + " bucket: " + bucket); @@ -705,9 +705,9 @@ int CynaraAdmin::GetPrivilegeManagerMaxLevel(const std::string &label, const std return result; } -Cynara::Cynara() : eventFd(eventfd(0, 0)), cynaraFd(eventFd), cynaraFdEvents(0), terminate(false) +Cynara::Cynara() : m_eventFd(eventfd(0, 0)), m_cynaraFd(m_eventFd), m_cynaraFdEvents(0), m_terminate(false) { - if (eventFd == -1) { + if (m_eventFd == -1) { LogError("Error while creating eventfd: " << GetErrnoString(errno)); ThrowMsg(CynaraException::UnknownError, "Error while creating eventfd"); } @@ -720,27 +720,27 @@ Cynara::Cynara() : eventFd(eventfd(0, 0)), cynaraFd(eventFd), cynaraFdEvents(0), checkCynaraError(cynara_async_configuration_set_cache_size(p_conf, CACHE_SIZE), "Cannot set cynara async configuration cache size"); checkCynaraError( - cynara_async_initialize(&cynara, p_conf, &Cynara::statusCallback, this), + cynara_async_initialize(&m_cynara, p_conf, &Cynara::statusCallback, this), "Cannot connect to Cynara policy interface."); - thread = std::thread(&Cynara::run, this); + m_thread = std::thread(&Cynara::run, this); } Cynara::~Cynara() { LogDebug("Sending terminate event to Cynara thread"); - terminate = true; + m_terminate = true; threadNotifyPut(); - thread.join(); + m_thread.join(); // Critical section - std::lock_guard guard(mutex); - cynara_async_finish(cynara); + std::lock_guard guard(m_mutex); + cynara_async_finish(m_cynara); } void Cynara::threadNotifyPut() { - int ret = eventfd_write(eventFd, 1); + int ret = eventfd_write(m_eventFd, 1); if (ret == -1) LogError("Unexpected error while writing to eventfd: " << GetErrnoString(errno)); } @@ -748,7 +748,7 @@ void Cynara::threadNotifyPut() void Cynara::threadNotifyGet() { eventfd_t value; - int ret = eventfd_read(eventFd, &value); + int ret = eventfd_read(m_eventFd, &value); if (ret == -1) LogError("Unexpected error while reading from eventfd: " << GetErrnoString(errno)); } @@ -759,17 +759,15 @@ void Cynara::statusCallback(int oldFd, int newFd, cynara_async_status status) "Status = " << status << ", oldFd = " << oldFd << ", newFd = " << newFd); if (newFd == -1) { - cynaraFdEvents = 0; + m_cynaraFdEvents = 0; } else { - - cynaraFd = newFd; + m_cynaraFd = newFd; switch (status) { case CYNARA_STATUS_FOR_READ: - cynaraFdEvents = POLLIN; + m_cynaraFdEvents = POLLIN; break; - case CYNARA_STATUS_FOR_RW: - cynaraFdEvents = POLLIN | POLLOUT; + m_cynaraFdEvents = POLLIN | POLLOUT; break; } } @@ -825,7 +823,7 @@ void Cynara::run() LogInfo("Cynara thread started"); while (true) { std::atomic_thread_fence(std::memory_order_acquire); - struct pollfd pollFds[2] = {{eventFd, POLLIN, 0}, {cynaraFd, cynaraFdEvents, 0}}; + struct pollfd pollFds[2] = {{m_eventFd, POLLIN, 0}, {m_cynaraFd, m_cynaraFdEvents, 0}}; int ret = poll(pollFds, 2, -1); if (ret == -1) { @@ -837,7 +835,7 @@ void Cynara::run() // Check eventfd for termination signal if (pollFds[0].revents) { threadNotifyGet(); - if (terminate) { + if (m_terminate) { LogInfo("Cynara thread terminated"); return; } @@ -847,9 +845,9 @@ void Cynara::run() if (pollFds[1].revents) { try { // Critical section - std::lock_guard guard(mutex); + std::lock_guard guard(m_mutex); - checkCynaraError(cynara_async_process(cynara), + checkCynaraError(cynara_async_process(m_cynara), "Unexpected error returned by cynara_async_process"); } catch (const CynaraException::Base &e) { LogError("Error while processing Cynara events: " << e.DumpToString()); @@ -869,9 +867,9 @@ bool Cynara::check(const std::string &label, const std::string &privilege, // Critical section { - std::lock_guard guard(mutex); + std::lock_guard guard(m_mutex); - int ret = cynara_async_check_cache(cynara, + int ret = cynara_async_check_cache(m_cynara, label.c_str(), session.c_str(), user.c_str(), privilege.c_str()); if (ret != CYNARA_API_CACHE_MISS) @@ -881,7 +879,7 @@ bool Cynara::check(const std::string &label, const std::string &privilege, cynara_check_id check_id; checkCynaraError( - cynara_async_create_request(cynara, + cynara_async_create_request(m_cynara, label.c_str(), session.c_str(), user.c_str(), privilege.c_str(), &check_id, &Cynara::responseCallback, &promise), "Cannot check permission with Cynara."); diff --git a/src/common/include/cynara.h b/src/common/include/cynara.h index 5be7344..f2643fd 100644 --- a/src/common/include/cynara.h +++ b/src/common/include/cynara.h @@ -320,10 +320,10 @@ private: const std::string &bucket, int policyToSet, std::vector &policies); - struct cynara_admin *m_CynaraAdmin; + static TypeToDescriptionMap s_typeToDescription; + static DescriptionToTypeMap s_descriptionToType; - static TypeToDescriptionMap TypeToDescription; - static DescriptionToTypeMap DescriptionToType; + struct cynara_admin *m_cynaraAdmin; bool m_policyDescriptionsInitialized; }; @@ -361,15 +361,14 @@ private: void threadNotifyPut(); void threadNotifyGet(); - cynara_async *cynara; - struct pollfd pollFds[2]; - std::mutex mutex; - std::thread thread; + cynara_async *m_cynara; + std::mutex m_mutex; + std::thread m_thread; - const int eventFd; - std::atomic cynaraFd; - std::atomic cynaraFdEvents; - std::atomic terminate; + const int m_eventFd; + std::atomic m_cynaraFd; + std::atomic m_cynaraFdEvents; + std::atomic m_terminate; }; } // namespace SecurityManager -- 2.7.4 From 843c5318b4c6bc3e87cd12eac79d436e02ef0946 Mon Sep 17 00:00:00 2001 From: Zofia Abramowska Date: Fri, 13 Jan 2017 14:47:39 +0100 Subject: [PATCH 09/16] Unify method names in CynaraAdmin to pascal case Change-Id: I42dbad2e0e0f54140036e2c5e8e53b9acd425d4b --- src/common/cynara.cpp | 64 ++++++++++++++++++++++----------------------- src/common/include/cynara.h | 30 ++++++++++----------- src/common/service_impl.cpp | 36 ++++++++++++------------- 3 files changed, 65 insertions(+), 65 deletions(-) diff --git a/src/common/cynara.cpp b/src/common/cynara.cpp index ad714f5..06b7fb2 100644 --- a/src/common/cynara.cpp +++ b/src/common/cynara.cpp @@ -285,7 +285,7 @@ CynaraAdmin::~CynaraAdmin() cynara_admin_finish(m_cynaraAdmin); } -void CynaraAdmin::SetPolicies(const std::vector &policies) +void CynaraAdmin::setPolicies(const std::vector &policies) { if (policies.empty()) { LogDebug("no policies to set in Cynara."); @@ -313,7 +313,7 @@ void CynaraAdmin::SetPolicies(const std::vector &policies) "Error while updating Cynara policy."); } -void CynaraAdmin::UpdateAppPolicy( +void CynaraAdmin::updateAppPolicy( const std::string &label, bool global, uid_t uid, @@ -328,7 +328,7 @@ void CynaraAdmin::UpdateAppPolicy( cynaraUser = std::to_string(static_cast(uid)); // 1st, performing operation on MANIFESTS bucket - CalculatePolicies(label, cynaraUser, privileges, Buckets.at(Bucket::MANIFESTS), + calculatePolicies(label, cynaraUser, privileges, Buckets.at(Bucket::MANIFESTS), static_cast(CynaraAdminPolicy::Operation::Allow), policies); @@ -348,7 +348,7 @@ void CynaraAdmin::UpdateAppPolicy( std::vector users; if (cynaraUser == CYNARA_ADMIN_WILDCARD) { // perform bucket setting for all users in the system, app is installed for everyone - ListUsers(users); + listUsers(users); } else { // local single user installation, do it only for that particular user users.push_back(uid); @@ -364,22 +364,22 @@ void CynaraAdmin::UpdateAppPolicy( if (priv.hasAttribute(PrivilegeInfo::PrivilegeAttr::BLACKLIST)) blacklistPrivileges.push_back(p); } - CalculatePolicies(label, std::to_string(id), privacyPrivileges, + calculatePolicies(label, std::to_string(id), privacyPrivileges, Buckets.at(Bucket::PRIVACY_MANAGER), askUserPolicy, policies); - CalculatePolicies(label, std::to_string(id), blacklistPrivileges, + calculatePolicies(label, std::to_string(id), blacklistPrivileges, Buckets.at(Bucket::ADMIN), static_cast(CynaraAdminPolicy::Operation::Deny), policies); } - SetPolicies(policies); + setPolicies(policies); } -void CynaraAdmin::GetAppPolicy(const std::string &label, const std::string &user, +void CynaraAdmin::getAppPolicy(const std::string &label, const std::string &user, std::vector &privileges) { std::vector policies; - ListPolicies( + listPolicies( CynaraAdmin::Buckets.at(Bucket::MANIFESTS), label, user, CYNARA_ADMIN_ANY, policies); @@ -390,7 +390,7 @@ void CynaraAdmin::GetAppPolicy(const std::string &label, const std::string &user } } -void CynaraAdmin::UserInit(uid_t uid, security_manager_user_type userType) +void CynaraAdmin::userInit(uid_t uid, security_manager_user_type userType) { Bucket bucket; std::vector policies; @@ -425,7 +425,7 @@ void CynaraAdmin::UserInit(uid_t uid, security_manager_user_type userType) Buckets.at(Bucket::MAIN))); std::vector appPolicies; - ListPolicies(CynaraAdmin::Buckets.at(Bucket::MANIFESTS), + listPolicies(CynaraAdmin::Buckets.at(Bucket::MANIFESTS), CYNARA_ADMIN_ANY, CYNARA_ADMIN_WILDCARD, CYNARA_ADMIN_ANY, appPolicies); @@ -467,13 +467,13 @@ void CynaraAdmin::UserInit(uid_t uid, security_manager_user_type userType) } - SetPolicies(policies); + setPolicies(policies); } -void CynaraAdmin::ListUsers(std::vector &listOfUsers) +void CynaraAdmin::listUsers(std::vector &listOfUsers) { std::vector tmpListOfUsers; - ListPolicies( + listPolicies( CynaraAdmin::Buckets.at(Bucket::MAIN), CYNARA_ADMIN_WILDCARD, CYNARA_ADMIN_ANY, @@ -494,20 +494,20 @@ void CynaraAdmin::ListUsers(std::vector &listOfUsers) LogDebug("Found users: " << listOfUsers.size()); }; -void CynaraAdmin::UserRemove(uid_t uid) +void CynaraAdmin::userRemove(uid_t uid) { std::vector policies; std::string user = std::to_string(static_cast(uid)); - EmptyBucket(Buckets.at(Bucket::PRIVACY_MANAGER),true, + emptyBucket(Buckets.at(Bucket::PRIVACY_MANAGER),true, CYNARA_ADMIN_ANY, user, CYNARA_ADMIN_ANY); } -security_manager_user_type CynaraAdmin::GetUserType(uid_t uid) +security_manager_user_type CynaraAdmin::getUserType(uid_t uid) { std::string uidStr = std::to_string(uid); std::vector tmpListOfUsers; - ListPolicies( + listPolicies( CynaraAdmin::Buckets.at(Bucket::MAIN), CYNARA_ADMIN_WILDCARD, uidStr, @@ -536,7 +536,7 @@ security_manager_user_type CynaraAdmin::GetUserType(uid_t uid) return SM_USER_TYPE_NONE; }; -void CynaraAdmin::ListPolicies( +void CynaraAdmin::listPolicies( const std::string &bucket, const std::string &label, const std::string &user, @@ -560,7 +560,7 @@ void CynaraAdmin::ListPolicies( } -void CynaraAdmin::EmptyBucket(const std::string &bucketName, bool recursive, const std::string &client, +void CynaraAdmin::emptyBucket(const std::string &bucketName, bool recursive, const std::string &client, const std::string &user, const std::string &privilege) { checkCynaraError( @@ -570,7 +570,7 @@ void CynaraAdmin::EmptyBucket(const std::string &bucketName, bool recursive, con client + ", " + user + ", " + privilege); } -void CynaraAdmin::FetchCynaraPolicyDescriptions(bool forceRefresh) +void CynaraAdmin::fetchCynaraPolicyDescriptions(bool forceRefresh) { struct cynara_admin_policy_descr **descriptions = nullptr; @@ -610,7 +610,7 @@ void CynaraAdmin::FetchCynaraPolicyDescriptions(bool forceRefresh) } -void CynaraAdmin::CalculatePolicies(const std::string &label, const std::string &user, +void CynaraAdmin::calculatePolicies(const std::string &label, const std::string &user, const std::vector &privileges, const std::string &bucket, int policyToSet, std::vector &policies) @@ -618,7 +618,7 @@ void CynaraAdmin::CalculatePolicies(const std::string &label, const std::string std::vector oldPolicies; std::unordered_set privilegesSet(privileges.begin(), privileges.end()); - ListPolicies(bucket, label, user, CYNARA_ADMIN_ANY, oldPolicies); + listPolicies(bucket, label, user, CYNARA_ADMIN_ANY, oldPolicies); // Compare previous policies with set of new requested privileges for (auto &policy : oldPolicies) { if (privilegesSet.erase(policy.privilege)) { @@ -642,9 +642,9 @@ void CynaraAdmin::CalculatePolicies(const std::string &label, const std::string } } -void CynaraAdmin::ListPoliciesDescriptions(std::vector &policiesDescriptions) +void CynaraAdmin::listPoliciesDescriptions(std::vector &policiesDescriptions) { - FetchCynaraPolicyDescriptions(false); + fetchCynaraPolicyDescriptions(false); for (const auto &it : s_typeToDescription) policiesDescriptions.push_back(it.second); @@ -652,19 +652,19 @@ void CynaraAdmin::ListPoliciesDescriptions(std::vector &policiesDes std::string CynaraAdmin::convertToPolicyDescription(const int policyType, bool forceRefresh) { - FetchCynaraPolicyDescriptions(forceRefresh); + fetchCynaraPolicyDescriptions(forceRefresh); return s_typeToDescription.at(policyType); } int CynaraAdmin::convertToPolicyType(const std::string &policy, bool forceRefresh) { - FetchCynaraPolicyDescriptions(forceRefresh); + fetchCynaraPolicyDescriptions(forceRefresh); return s_descriptionToType.at(policy); } -void CynaraAdmin::Check(const std::string &label, const std::string &user, const std::string &privilege, +void CynaraAdmin::check(const std::string &label, const std::string &user, const std::string &privilege, const std::string &bucket, int &result, std::string &resultExtra, const bool recursive) { char *resultExtraCstr = nullptr; @@ -683,24 +683,24 @@ void CynaraAdmin::Check(const std::string &label, const std::string &user, const } } -int CynaraAdmin::GetPrivilegeManagerCurrLevel(const std::string &label, const std::string &user, +int CynaraAdmin::getPrivilegeManagerCurrLevel(const std::string &label, const std::string &user, const std::string &privilege) { int result; std::string resultExtra; - Check(label, user, privilege, Buckets.at(Bucket::PRIVACY_MANAGER), result, resultExtra, true); + check(label, user, privilege, Buckets.at(Bucket::PRIVACY_MANAGER), result, resultExtra, true); return result; } -int CynaraAdmin::GetPrivilegeManagerMaxLevel(const std::string &label, const std::string &user, +int CynaraAdmin::getPrivilegeManagerMaxLevel(const std::string &label, const std::string &user, const std::string &privilege) { int result; std::string resultExtra; - Check(label, user, privilege, Buckets.at(Bucket::MAIN), result, resultExtra, true); + check(label, user, privilege, Buckets.at(Bucket::MAIN), result, resultExtra, true); return result; } diff --git a/src/common/include/cynara.h b/src/common/include/cynara.h index f2643fd..ec2b4eb 100644 --- a/src/common/include/cynara.h +++ b/src/common/include/cynara.h @@ -120,7 +120,7 @@ public: * * @param policies vector of CynaraAdminPolicy objects to send to Cynara */ - void SetPolicies(const std::vector &policies); + void setPolicies(const std::vector &policies); /** * Update Cynara policies for the application and the user. @@ -133,7 +133,7 @@ public: * @param uid user identifier * @param privileges currently enabled privileges */ - void UpdateAppPolicy(const std::string &label, bool global, uid_t uid, + void updateAppPolicy(const std::string &label, bool global, uid_t uid, const std::vector &privileges); /** @@ -144,7 +144,7 @@ public: * @param[in] user user identifier * @param[out] privileges currently enabled privileges */ - void GetAppPolicy(const std::string &label, const std::string &user, + void getAppPolicy(const std::string &label, const std::string &user, std::vector &privileges); /** @@ -156,21 +156,21 @@ public: * @param uid new user uid * @param userType type as enumerated in security-manager.h */ - void UserInit(uid_t uid, security_manager_user_type userType); + void userInit(uid_t uid, security_manager_user_type userType); /** * List all users registered in Cynara * * @param listOfUsers empty vector for list of users */ - void ListUsers(std::vector &listOfUsers); + void listUsers(std::vector &listOfUsers); /** * Removes all entries for a user from cynara database * * @param uid removed user uid */ - void UserRemove(uid_t uid); + void userRemove(uid_t uid); /** * Returns user type of given uid @@ -180,7 +180,7 @@ public: * @return security_manager_user_type for given uid or SM_USER_TYPE_NONE if user not found * */ - security_manager_user_type GetUserType(uid_t uid); + security_manager_user_type getUserType(uid_t uid); /** * List Cynara policies that match selected criteria in given bucket. @@ -192,7 +192,7 @@ public: * @param policies empty vector for results of policies filtering. * */ - void ListPolicies(const std::string &bucketName, + void listPolicies(const std::string &bucketName, const std::string &label, const std::string &user, const std::string &privilege, @@ -206,7 +206,7 @@ public: * * @param policiesDescriptions empty vector for policies descriptions. */ - void ListPoliciesDescriptions(std::vector &policiesDescriptions); + void listPoliciesDescriptions(std::vector &policiesDescriptions); /** * Function translates internal Cynara policy type integer to string @@ -250,7 +250,7 @@ public: * @param recursive flag to indicate if check should be done recursively in * all buckets linked with bucket provided */ - void Check(const std::string &label, + void check(const std::string &label, const std::string &user, const std::string &privilege, const std::string &bucket, @@ -268,7 +268,7 @@ public: * @param privilege privilege identifier * @return current policy value */ - int GetPrivilegeManagerCurrLevel(const std::string &label, const std::string &user, + int getPrivilegeManagerCurrLevel(const std::string &label, const std::string &user, const std::string &privilege); /** @@ -282,7 +282,7 @@ public: * @param privilege privilege identifier * @return maximum policy value for PRIVACY_MANAGER bucket */ - int GetPrivilegeManagerMaxLevel(const std::string &label, const std::string &user, + int getPrivilegeManagerMaxLevel(const std::string &label, const std::string &user, const std::string &privilege); private: @@ -295,7 +295,7 @@ private: * @param user user name * @param privilege privilege name */ - void EmptyBucket(const std::string &bucketName, bool recursive, + void emptyBucket(const std::string &bucketName, bool recursive, const std::string &client, const std::string &user, const std::string &privilege); /** @@ -303,7 +303,7 @@ private: * * @param forceRefresh true if you want to reinitialize mappings */ - void FetchCynaraPolicyDescriptions(bool forceRefresh = false); + void fetchCynaraPolicyDescriptions(bool forceRefresh = false); /** * Calculate actual Cynara policy based on appilcation data & previous policy @@ -315,7 +315,7 @@ private: * @param policyToSet policy effect to be set * @param policies current policy (input/output parameter) */ - void CalculatePolicies(const std::string &label, const std::string &user, + void calculatePolicies(const std::string &label, const std::string &user, const std::vector &privileges, const std::string &bucket, int policyToSet, std::vector &policies); diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp index bc66995..2681700 100644 --- a/src/common/service_impl.cpp +++ b/src/common/service_impl.cpp @@ -525,7 +525,7 @@ int ServiceImpl::appInstall(const Credentials &creds, app_inst_req &&req) bool global = req.installationType == SM_APP_INSTALL_GLOBAL || req.installationType == SM_APP_INSTALL_PRELOADED; - m_cynaraAdmin.UpdateAppPolicy(appLabel, global, req.uid, req.privileges); + m_cynaraAdmin.updateAppPolicy(appLabel, global, req.uid, req.privileges); if (hasSharedRO) m_priviligeDb.SetSharedROPackage(req.pkgName); @@ -694,7 +694,7 @@ int ServiceImpl::appUninstall(const Credentials &creds, app_inst_req &&req) bool global = req.installationType == SM_APP_INSTALL_GLOBAL || req.installationType == SM_APP_INSTALL_PRELOADED; - m_cynaraAdmin.UpdateAppPolicy(processLabel, global, req.uid, std::vector()); + m_cynaraAdmin.updateAppPolicy(processLabel, global, req.uid, std::vector()); trans.commit(); LogDebug("Application uninstallation commited to database"); @@ -801,8 +801,8 @@ int ServiceImpl::getAppGroups(const Credentials &creds, const std::string &appNa std::vector privileges; std::string uidStr = std::to_string(creds.uid); - m_cynaraAdmin.GetAppPolicy(appProcessLabel, uidStr, privileges); - m_cynaraAdmin.GetAppPolicy(appProcessLabel, CYNARA_ADMIN_WILDCARD, privileges); + m_cynaraAdmin.getAppPolicy(appProcessLabel, uidStr, privileges); + m_cynaraAdmin.getAppPolicy(appProcessLabel, CYNARA_ADMIN_WILDCARD, privileges); vectorRemoveDuplicates(privileges); @@ -848,7 +848,7 @@ int ServiceImpl::userAdd(const Credentials &creds, uid_t uidAdded, int userType) return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; } try { - m_cynaraAdmin.UserInit(uidAdded, static_cast(userType)); + m_cynaraAdmin.userInit(uidAdded, static_cast(userType)); PermissibleSet::initializeUserPermissibleFile(uidAdded); } catch (CynaraException::InvalidParam &e) { return SECURITY_MANAGER_ERROR_INPUT_PARAM; @@ -913,7 +913,7 @@ int ServiceImpl::userDelete(const Credentials &creds, uid_t uidDeleted) } } - m_cynaraAdmin.UserRemove(uidDeleted); + m_cynaraAdmin.userRemove(uidDeleted); return ret; } @@ -938,7 +938,7 @@ int ServiceImpl::policyUpdate(const Credentials &creds, const std::vector listOfPrivileges; - m_cynaraAdmin.GetAppPolicy(appProcessLabel, userStr, listOfPrivileges); - m_cynaraAdmin.GetAppPolicy(appProcessLabel, CYNARA_ADMIN_WILDCARD, listOfPrivileges); + m_cynaraAdmin.getAppPolicy(appProcessLabel, userStr, listOfPrivileges); + m_cynaraAdmin.getAppPolicy(appProcessLabel, CYNARA_ADMIN_WILDCARD, listOfPrivileges); if (filter.privilege.compare(SECURITY_MANAGER_ANY)) { LogDebug("Limitting Cynara query to privilege: " << filter.privilege); @@ -1171,11 +1171,11 @@ int ServiceImpl::getPolicy(const Credentials &creds, const policy_entry &filter, pe.privilege = privilege; pe.currentLevel = m_cynaraAdmin.convertToPolicyDescription( - m_cynaraAdmin.GetPrivilegeManagerCurrLevel( + m_cynaraAdmin.getPrivilegeManagerCurrLevel( appProcessLabel, userStr, privilege)); pe.maxLevel = m_cynaraAdmin.convertToPolicyDescription( - m_cynaraAdmin.GetPrivilegeManagerMaxLevel( + m_cynaraAdmin.getPrivilegeManagerMaxLevel( appProcessLabel, userStr, privilege)); LogDebug( @@ -1213,7 +1213,7 @@ int ServiceImpl::policyGetDesc(std::vector &levels) int ret = SECURITY_MANAGER_SUCCESS; try { - m_cynaraAdmin.ListPoliciesDescriptions(levels); + m_cynaraAdmin.listPoliciesDescriptions(levels); } catch (const CynaraException::OutOfMemory &e) { LogError("Error - out of memory while querying Cynara for policy descriptions list: " << e.DumpToString()); return SECURITY_MANAGER_ERROR_MEMORY; @@ -1250,7 +1250,7 @@ int ServiceImpl::policyGroupsForUid(uid_t uid, std::vector &groups) int ret = SECURITY_MANAGER_SUCCESS; try { - auto userType = m_cynaraAdmin.GetUserType(uid); + auto userType = m_cynaraAdmin.getUserType(uid); if (userType == SM_USER_TYPE_NONE) { return SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT; @@ -1283,7 +1283,7 @@ int ServiceImpl::policyGroupsForUid(uid_t uid, std::vector &groups) m_priviligeDb.GetGroupsRelatedPrivileges(group2privVector); for (const auto &g2p : group2privVector) { - m_cynaraAdmin.Check(CYNARA_ADMIN_ANY, uidStr, g2p.second, + m_cynaraAdmin.check(CYNARA_ADMIN_ANY, uidStr, g2p.second, bucket, result, resultExtra, true); if (result == CYNARA_ADMIN_ALLOW) groups.push_back(g2p.first); -- 2.7.4 From d356e5bd5348d9ce762b42a74dffb99c10f13ed2 Mon Sep 17 00:00:00 2001 From: "jin-gyu.kim" Date: Thu, 19 Jan 2017 17:00:11 +0900 Subject: [PATCH 10/16] Remove the redundant SharedRO SMACK rules. - There was some redundant SharedRO SMACK rules. - This change will give SharedRO rules only when pkg has shared folders. Change-Id: Ic738c6bd49972de6a48d5ff18baa8360a92f22c0 --- policy/CMakeLists.txt | 1 + policy/app-rules-template.smack | 1 - policy/pkg-rules-template.smack | 3 --- policy/sharedro-rules-template.smack | 3 +++ src/common/smack-rules.cpp | 23 +++++++++++++++++------ 5 files changed, 21 insertions(+), 10 deletions(-) create mode 100644 policy/sharedro-rules-template.smack diff --git a/policy/CMakeLists.txt b/policy/CMakeLists.txt index 809ebb8..c0dbb48 100644 --- a/policy/CMakeLists.txt +++ b/policy/CMakeLists.txt @@ -8,6 +8,7 @@ INSTALL(FILES ${USERTYPE_POLICY_FILES} DESTINATION ${POLICY_DIR}) INSTALL(FILES "app-rules-template.smack" DESTINATION ${POLICY_DIR}) INSTALL(FILES "pkg-rules-template.smack" DESTINATION ${POLICY_DIR}) INSTALL(FILES "author-rules-template.smack" DESTINATION ${POLICY_DIR}) +INSTALL(FILES "sharedro-rules-template.smack" DESTINATION ${POLICY_DIR}) INSTALL(FILES "privilege-group.list" DESTINATION ${POLICY_DIR}) INSTALL(PROGRAMS "update.sh" DESTINATION ${POLICY_DIR}) INSTALL(DIRECTORY "updates" USE_SOURCE_PERMISSIONS DESTINATION ${POLICY_DIR}) diff --git a/policy/app-rules-template.smack b/policy/app-rules-template.smack index 1138583..af530d1 100644 --- a/policy/app-rules-template.smack +++ b/policy/app-rules-template.smack @@ -12,5 +12,4 @@ User ~PROCESS~ rwxat ~PROCESS~ User::App::Shared rwxat ~PROCESS~ ~PATH_RW~ rwxat ~PROCESS~ ~PATH_RO~ rxl -~PROCESS~ ~PATH_SHARED_RO~ rwxat ~PROCESS~ ~PATH_TRUSTED~ rwxat diff --git a/policy/pkg-rules-template.smack b/policy/pkg-rules-template.smack index 53cd419..bf2e868 100644 --- a/policy/pkg-rules-template.smack +++ b/policy/pkg-rules-template.smack @@ -1,9 +1,6 @@ System ~PATH_RW~ rwxat System ~PATH_RO~ rwxat -System ~PATH_SHARED_RO~ rwxat System::Privileged ~PATH_RW~ rwxat System::Privileged ~PATH_RO~ rwxat -System::Privileged ~PATH_SHARED_RO~ rwxat User ~PATH_RW~ rwxat User ~PATH_RO~ rwxat -User ~PATH_SHARED_RO~ rwxat diff --git a/policy/sharedro-rules-template.smack b/policy/sharedro-rules-template.smack new file mode 100644 index 0000000..62bdefb --- /dev/null +++ b/policy/sharedro-rules-template.smack @@ -0,0 +1,3 @@ +User ~PATH_SHARED_RO~ rwxat +System ~PATH_SHARED_RO~ rwxat +System::Privileged ~PATH_SHARED_RO~ rwxat diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp index 31474b1..d673ffa 100644 --- a/src/common/smack-rules.cpp +++ b/src/common/smack-rules.cpp @@ -55,6 +55,7 @@ const std::string SMACK_PATH_TRUSTED_LABEL_TEMPLATE = "~PATH_TRUSTED~"; const std::string APP_RULES_TEMPLATE_FILE_PATH = TizenPlatformConfig::makePath(TZ_SYS_RO_SHARE, "security-manager", "policy", "app-rules-template.smack"); const std::string PKG_RULES_TEMPLATE_FILE_PATH = TizenPlatformConfig::makePath(TZ_SYS_RO_SHARE, "security-manager", "policy", "pkg-rules-template.smack"); const std::string AUTHOR_RULES_TEMPLATE_FILE_PATH = TizenPlatformConfig::makePath(TZ_SYS_RO_SHARE, "security-manager", "policy", "author-rules-template.smack"); +const std::string SHAREDRO_RULES_TEMPLATE_FILE_PATH = TizenPlatformConfig::makePath(TZ_SYS_RO_SHARE, "security-manager", "policy", "sharedro-rules-template.smack"); const std::string SMACK_RULES_PATH_MERGED = LOCAL_STATE_DIR "/security-manager/rules-merged/rules.merged"; const std::string SMACK_RULES_PATH_MERGED_T = LOCAL_STATE_DIR "/security-manager/rules-merged/rules.merged.temp"; const std::string SMACK_RULES_PATH = LOCAL_STATE_DIR "/security-manager/rules"; @@ -265,18 +266,28 @@ void SmackRules::generateSharedRORules(PkgsLabels &pkgsLabels, std::vector Date: Fri, 30 Dec 2016 14:49:03 +0100 Subject: [PATCH 11/16] Add "VALGRIND" build type Separate build type specialized for debugging memory leaks. Example usage with GBS for Tizen: $ gbs build --define "build_type VALGRIND" Change-Id: I7e150609021508541427ff009fa28b97a6004daf --- CMakeLists.txt | 1 + packaging/security-manager.spec | 3 +++ systemd/CMakeLists.txt | 7 ++++++- systemd/security-manager-valgrind.service.in | 15 +++++++++++++++ 4 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 systemd/security-manager-valgrind.service.in diff --git a/CMakeLists.txt b/CMakeLists.txt index 77a6a35..d3d885a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -62,6 +62,7 @@ SET(CMAKE_CXX_FLAGS_PROFILING "-g -std=c++0x -O0 -pg -Wp,-U_FORTIFY_SOURCE") SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++0x -O0 -ggdb -Wp,-U_FORTIFY_SOURCE") SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++0x -O2") SET(CMAKE_CXX_FLAGS_CCOV "-g -std=c++0x -O2 --coverage") +SET(CMAKE_CXX_FLAGS_VALGRIND "-ggdb -std=c++0x -O0 -fno-inline -Wp,-U_FORTIFY_SOURCE") # If supported for the target machine, emit position-independent code,suitable # for dynamic linking and avoiding any limit on the size of the global offset diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index a03f207..8d24815 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -11,6 +11,9 @@ Source4: libnss-security-manager.manifest Source5: security-manager-tests.manifest Requires: security-manager-policy Requires: nether +%if "%{build_type}" == "VALGRIND" +Requires: valgrind +%endif Requires(post): sqlite3 Requires(post): smack BuildRequires: cmake diff --git a/systemd/CMakeLists.txt b/systemd/CMakeLists.txt index 8d0a1aa..3e20c9b 100644 --- a/systemd/CMakeLists.txt +++ b/systemd/CMakeLists.txt @@ -1,4 +1,9 @@ -CONFIGURE_FILE(security-manager.service.in security-manager.service @ONLY) +IF(CMAKE_BUILD_TYPE MATCHES "VALGRIND") + CONFIGURE_FILE(security-manager-valgrind.service.in security-manager.service @ONLY) +ELSE() + CONFIGURE_FILE(security-manager.service.in security-manager.service @ONLY) +ENDIF() + CONFIGURE_FILE(security-manager-cleanup.service.in security-manager-cleanup.service @ONLY) CONFIGURE_FILE(security-manager-rules-loader.service.in security-manager-rules-loader.service @ONLY) diff --git a/systemd/security-manager-valgrind.service.in b/systemd/security-manager-valgrind.service.in new file mode 100644 index 0000000..ad02fcf --- /dev/null +++ b/systemd/security-manager-valgrind.service.in @@ -0,0 +1,15 @@ +[Unit] +Description=Start the security manager +Before=dbus.service + +[Service] +Type=notify +Environment="GLIBCXX_FORCE_NEW=1" +ExecStart=@BIN_INSTALL_DIR@/valgrind -v --tool=memcheck --log-file=/tmp/security-manager.valgrind.%%p.log --num-callers=20 --leak-resolution=high --leak-check=full --show-reachable=yes --track-origins=yes @BIN_INSTALL_DIR@/security-manager +#ExecStart=@BIN_INSTALL_DIR@/valgrind -v --tool=massif --log-file=/tmp/security-manager.valgrind.%%p.log --massif-out-file=/tmp/security-manager.massif.%%p.log @BIN_INSTALL_DIR@/security-manager +Sockets=security-manager.socket +Restart=always +SmackProcessLabel=System::Privileged + +[Install] +WantedBy=dbus.service -- 2.7.4 From 2db7f3b5671cb75a0ff0d7ac1d4b14ad576ec847 Mon Sep 17 00:00:00 2001 From: "jin-gyu.kim" Date: Wed, 29 Mar 2017 14:08:46 +0900 Subject: [PATCH 12/16] Use %license macro to copy license file. Change-Id: I64ef2355af0f3a2469931681150419df35bea884 --- packaging/security-manager.spec | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 8d24815..759c210 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -110,10 +110,6 @@ make %{?jobs:-j%jobs} %install rm -rf %{buildroot} -mkdir -p %{buildroot}%{_datadir}/license -cp LICENSE %{buildroot}%{_datadir}/license/%{name} -cp LICENSE %{buildroot}%{_datadir}/license/libsecurity-manager-client -cp LICENSE %{buildroot}%{_datadir}/license/libnss-security-manager %make_install mkdir -p %{buildroot}/%{_unitdir}/sockets.target.wants @@ -199,6 +195,7 @@ chsmack -a System %{db_test_dir}/.security-manager-test.db-journal %files -n security-manager %manifest security-manager.manifest +%license LICENSE %defattr(-,root,root,-) %attr(755,root,root) %{_bindir}/security-manager-migration %attr(755,root,root) %{_bindir}/security-manager @@ -220,7 +217,6 @@ chsmack -a System %{db_test_dir}/.security-manager-test.db-journal %attr(-,root,root) %{_unitdir}/sysinit.target.wants/security-manager-cleanup.* %config(noreplace) %attr(0600,root,root) %{TZ_SYS_DB}/.security-manager.db %config(noreplace) %attr(0600,root,root) %{TZ_SYS_DB}/.security-manager.db-journal -%{_datadir}/license/%{name} %{_datadir}/security-manager/db %attr(755,root,root) %{_datadir}/%{name}/db/update.sh @@ -228,9 +224,9 @@ chsmack -a System %{db_test_dir}/.security-manager-test.db-journal %files -n libsecurity-manager-client %manifest libsecurity-manager-client.manifest +%license LICENSE %defattr(-,root,root,-) %{_libdir}/libsecurity-manager-client.so.* -%{_datadir}/license/libsecurity-manager-client %files -n libsecurity-manager-client-devel %manifest %{name}.manifest @@ -242,13 +238,14 @@ chsmack -a System %{db_test_dir}/.security-manager-test.db-journal %files -n libnss-security-manager %manifest libnss-security-manager.manifest +%license LICENSE %defattr(-,root,root,-) %%attr(-,root,root) %{_unitdir}/dbus.service.wants/security-manager.service %{_libdir}/libnss_securitymanager.so.* -%{_datadir}/license/libnss-security-manager %files -n security-manager-policy %manifest %{name}.manifest +%license LICENSE %config(noreplace) %{TZ_SYS_VAR}/security-manager/policy-version %{_datadir}/security-manager/policy %attr(755,root,root) %{_bindir}/security-manager-policy-reload -- 2.7.4 From fa3db8737006e5a689e8c63cfc4c24eaab0fc1a4 Mon Sep 17 00:00:00 2001 From: "jin-gyu.kim" Date: Thu, 30 Mar 2017 14:50:12 +0900 Subject: [PATCH 13/16] Release version 1.2.17 - Use %license macro to copy license file. - Add "VALGRIND" build type - Remove the redundant SharedRO SMACK rules. - Unify method names in CynaraAdmin to pascal case - Clean up cynara classes members names - Free requests after processing them in cmd line tool - Add missing ')' in cmd line tool usage description - Allow version compatibility change during application upgrade - Remove dependency between SM and DBUS - Make it possible to use out-of-the-source build dir - [Unit tests] for PrivilegeDb class - related to private path sharing - Remove setting of CMAKE_C_FLAGS in the main CMakeLists.txt - Fix inconsistent types error - Log appId in case of errors in security_manager_prepare_app - Remove setting of -DTIZEN_DEBUG_ENABLE compilation flag - Remove unnecessary transaction rollback - Remove empty lines from rules.merged file. - Don't ignore errors in supplementary group setup during app launch preparation - Fix thread synchronization in Cynara class Change-Id: I47de688cd71fbee6ceb4bf7620a08c89c01c7a1c --- packaging/security-manager.changes | 22 ++++++++++++++++++++++ packaging/security-manager.spec | 2 +- pc/security-manager.pc.in | 2 +- 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/packaging/security-manager.changes b/packaging/security-manager.changes index 3c5c3cd..1346458 100644 --- a/packaging/security-manager.changes +++ b/packaging/security-manager.changes @@ -1,3 +1,25 @@ +* Thu Mar 30 2017 Jin-gyu Kim +- Version 1.2.17 +- Use %license macro to copy license file. +- Add "VALGRIND" build type +- Remove the redundant SharedRO SMACK rules. +- Unify method names in CynaraAdmin to pascal case +- Clean up cynara classes members names +- Free requests after processing them in cmd line tool +- Add missing ')' in cmd line tool usage description +- Allow version compatibility change during application upgrade +- Remove dependency between SM and DBUS +- Make it possible to use out-of-the-source build dir +- [Unit tests] for PrivilegeDb class - related to private path sharing +- Remove setting of CMAKE_C_FLAGS in the main CMakeLists.txt +- Fix inconsistent types error +- Log appId in case of errors in security_manager_prepare_app +- Remove setting of -DTIZEN_DEBUG_ENABLE compilation flag +- Remove unnecessary transaction rollback +- Remove empty lines from rules.merged file. +- Don't ignore errors in supplementary group setup during app launch preparation +- Fix thread synchronization in Cynara class + * Mon Jan 23 2017 Jooseong Lee - Version 1.2.16 - Fix in generateAppPkgNameFromLabel implementation diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 759c210..03af5a7 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -1,6 +1,6 @@ Name: security-manager Summary: Security manager and utilities -Version: 1.2.16 +Version: 1.2.17 Release: 0 Group: Security/Service License: Apache-2.0 diff --git a/pc/security-manager.pc.in b/pc/security-manager.pc.in index 3b04ae3..5df1c2b 100644 --- a/pc/security-manager.pc.in +++ b/pc/security-manager.pc.in @@ -5,7 +5,7 @@ includedir=${prefix}/include Name: security-manager Description: Security Manager Package -Version: 1.2.16 +Version: 1.2.17 Requires: Libs: -L${libdir} -lsecurity-manager-client Cflags: -I${includedir}/security-manager -- 2.7.4 From eef8e3795e8635ea1f5955e5bc12d404bdfec5a5 Mon Sep 17 00:00:00 2001 From: Radoslaw Bartosiak Date: Wed, 8 Mar 2017 18:24:59 +0100 Subject: [PATCH 14/16] Change labelPaths logic for FOTA pkgBasePath is labeled only if there is at least one path argument for labelPaths that points to pkgBasePath. Change-Id: I81763a8a38aa89700e87daf708a5e85c37b6dd20 Signed-off-by: Radoslaw Bartosiak --- src/common/include/service_impl.h | 2 ++ src/common/service_impl.cpp | 12 +++++++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/common/include/service_impl.h b/src/common/include/service_impl.h index 46c9f24..bc75e50 100644 --- a/src/common/include/service_impl.h +++ b/src/common/include/service_impl.h @@ -256,6 +256,8 @@ private: static bool isSubDir(const std::string &parent, const std::string &subdir); + static bool containSubDir(const std::string &parent, const pkg_paths &paths); + static bool getUserPkgDir(const uid_t &uid, const std::string &pkgName, app_install_type installType, diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp index 2681700..bec0060 100644 --- a/src/common/service_impl.cpp +++ b/src/common/service_impl.cpp @@ -263,6 +263,16 @@ bool ServiceImpl::isSubDir(const std::string &parent, const std::string &subdir) return (*str2 == '/' || *str1 == *str2); } +bool ServiceImpl::containSubDir(const std::string &parent, const pkg_paths &paths) +{ + + for(auto path : paths) { + if (isSubDir(parent, path.first)) + return true; + } + return false; +} + std::string ServiceImpl::realPath(const std::string &path) { auto real_pathPtr = makeUnique(realpath(path.c_str(), nullptr), free); @@ -417,7 +427,7 @@ int ServiceImpl::labelPaths(const pkg_paths &paths, if (!pathsOK) return SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED; - if (!paths.empty()) + if (containSubDir(pkgBasePath, paths)) SmackLabels::setupPkgBasePath(pkgBasePath); // register paths -- 2.7.4 From da9a01bddc86d7ff022e03865846ddf1a104859e Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Fri, 31 Mar 2017 17:23:31 +0200 Subject: [PATCH 15/16] Replace usage of Ask User plugin with Privacy Deny Plugin Some legacy application does not support run-time popups correctly. We need to replace run-time popups (ask about) with toast popup. Toast popups are supported by Privacy Denied plugin. Change-Id: I7ae8eebc0c23863d2618ed66238da0e5f395e944 --- packaging/security-manager.spec | 2 ++ src/common/config.cpp | 5 ++++- src/common/cynara.cpp | 8 ++++---- src/common/include/config.h | 10 ++++++++-- 4 files changed, 18 insertions(+), 7 deletions(-) diff --git a/packaging/security-manager.spec b/packaging/security-manager.spec index 03af5a7..9e388ad 100644 --- a/packaging/security-manager.spec +++ b/packaging/security-manager.spec @@ -11,6 +11,7 @@ Source4: libnss-security-manager.manifest Source5: security-manager-tests.manifest Requires: security-manager-policy Requires: nether +Requires: privacy-denied-plugins %if "%{build_type}" == "VALGRIND" Requires: valgrind %endif @@ -75,6 +76,7 @@ Requires(post): security-manager = %{version}-%{release} Requires(post): cyad Requires(post): sqlite Requires(post): tizen-platform-config-tools +Requires(post): privacy-denied-plugins %description policy Set of security rules that constitute security policy in the system diff --git a/src/common/config.cpp b/src/common/config.cpp index 2f38867..2a5e77d 100644 --- a/src/common/config.cpp +++ b/src/common/config.cpp @@ -41,7 +41,10 @@ const std::string PRIVILEGE_SHM = "http://tizen.org/privilege/inter const std::string APPS_LABELS_FILE = "apps-labels"; const std::string SKEL_DIR = "/etc/skel"; -const std::string PRIVACY_POLICY_DESC = "Ask user"; +const std::string PRIVACY_POLICY_ALLOW = "Allow"; +const std::string PRIVACY_POLICY_DENY = "PRIVACY_DENY"; +const std::string PRIVACY_POLICY_ASK = "ASK_USER_LEGACY"; + #ifdef ASKUSER_ENABLED const bool IS_ASKUSER_ENABLED = true; #else diff --git a/src/common/cynara.cpp b/src/common/cynara.cpp index 06b7fb2..42742b5 100644 --- a/src/common/cynara.cpp +++ b/src/common/cynara.cpp @@ -336,11 +336,11 @@ void CynaraAdmin::updateAppPolicy( int askUserPolicy = static_cast(CynaraAdminPolicy::Operation::Allow); if (Config::IS_ASKUSER_ENABLED) { try { - askUserPolicy = convertToPolicyType(Config::PRIVACY_POLICY_DESC); + askUserPolicy = convertToPolicyType(Config::PRIVACY_POLICY_ASK); askUserEnabled = true; } catch (const std::out_of_range&) { // Cynara doesn't know "Ask user" - LogDebug("Unknown policy level: " << Config::PRIVACY_POLICY_DESC); + LogDebug("Unknown policy level: " << Config::PRIVACY_POLICY_ASK); } } @@ -433,11 +433,11 @@ void CynaraAdmin::userInit(uid_t uid, security_manager_user_type userType) bool askUserEnabled = false; if (Config::IS_ASKUSER_ENABLED) { try{ - askUserPolicy = convertToPolicyType(Config::PRIVACY_POLICY_DESC); + askUserPolicy = convertToPolicyType(Config::PRIVACY_POLICY_ASK); askUserEnabled = true; } catch (const std::out_of_range&) { // Cynara doesn't know "Ask user" - LogDebug("Unknown policy level: " << Config::PRIVACY_POLICY_DESC); + LogDebug("Unknown policy level: " << Config::PRIVACY_POLICY_ASK); } } diff --git a/src/common/include/config.h b/src/common/include/config.h index f8ac57a..58b1c73 100644 --- a/src/common/include/config.h +++ b/src/common/include/config.h @@ -47,8 +47,14 @@ extern const std::string APPS_LABELS_FILE; extern const std::string SKEL_DIR; -/* Ask-user policy description */ -extern const std::string PRIVACY_POLICY_DESC; +/* Allowed privacy policy description */ +extern const std::string PRIVACY_POLICY_ALLOW; + +/* Denied privacy policy description */ +extern const std::string PRIVACY_POLICY_DENY; + +/* Ask-user privacy policy description */ +extern const std::string PRIVACY_POLICY_ASK; /* true if privacy-related privileges should result in UI-popup question*/ extern const bool IS_ASKUSER_ENABLED; -- 2.7.4 From a260bb3bd0450c460c897790f7e02d41a143f7d5 Mon Sep 17 00:00:00 2001 From: Rafal Krypa Date: Thu, 23 Mar 2017 17:33:12 +0100 Subject: [PATCH 16/16] Add new API for handling privacy privileges during application launch New public function security_manager_prepare_app_privacy() to be called by launcher. It will check application policy, generate pop-up if necessary,\ wait for user answer, modify policy accordingly and trigger toast message if application launch has been prohibited. The caller (launcher) should abort application launching if this function returns an error. Change-Id: Ia4b901cc409ccd8d695da8b53a0223bdb54c0cde Signed-off-by: Rafal Krypa --- src/client/client-security-manager.cpp | 15 +++++++++++++++ src/include/app-runtime.h | 17 +++++++++++++++++ src/include/security-manager-types.h | 1 + 3 files changed, 33 insertions(+) diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp index e838530..3a62fef 100644 --- a/src/client/client-security-manager.cpp +++ b/src/client/client-security-manager.cpp @@ -1572,3 +1572,18 @@ int security_manager_shm_open(const char *name, int oflag, mode_t mode, const ch return -1; }); } + +SECURITY_MANAGER_API +int security_manager_prepare_app_privacy(const char *app_name) +{ + using namespace SecurityManager; + return try_catch([&]() -> int { + if (app_name == nullptr) { + LogError("app_name is NULL"); + return SECURITY_MANAGER_ERROR_INPUT_PARAM; + } + + // TODO: stub implementation + return SECURITY_MANAGER_ERROR_UNKNOWN; + }); +} diff --git a/src/include/app-runtime.h b/src/include/app-runtime.h index 6e1f03b..541b7c5 100644 --- a/src/include/app-runtime.h +++ b/src/include/app-runtime.h @@ -219,6 +219,23 @@ int security_manager_app_has_privilege(const char *app_id, const char *privilege */ int security_manager_shm_open(const char *name, int oflag, mode_t mode, const char *app_id); +/** + * This function takes care of determining policy for privacy related privileges + * prior to application launching. It check current application policy, determine + * whether pop-up should be displayed to the user, get user response, modify policy + * accordingly and return verdict whether the app should be launched or not. + * This function is intended to be called by the launcher prior to launching the + * application. + * + * \param[in] app_id Application identifier + * \return API return code or error code: it would be + * - SECURITY_MANAGER_SUCCESS on success, if policy allows application launching + * - SECURITY_MANAGER_ERROR_INPUT_PARAM when app_id is invalid, + * - SECURITY_MANAGER_ERROR_APP_LAUNCH_PROHIBITED when application launching has been prohibited, + * - SECURITY_MANAGER_ERROR_UNKNOWN on other errors. + */ +int security_manager_prepare_app_privacy(const char *app_id); + #ifdef __cplusplus } #endif diff --git a/src/include/security-manager-types.h b/src/include/security-manager-types.h index dfc3317..54bff1a 100644 --- a/src/include/security-manager-types.h +++ b/src/include/security-manager-types.h @@ -52,6 +52,7 @@ enum lib_retcode { SECURITY_MANAGER_ERROR_NOT_INITIALIZED, SECURITY_MANAGER_ERROR_FILE_CREATE_FAILED, SECURITY_MANAGER_ERROR_FILE_DELETE_FAILED, + SECURITY_MANAGER_ERROR_APP_LAUNCH_PROHIBITED, }; /*! \brief accesses types for application installation paths*/ -- 2.7.4