2 * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include <sys/types.h>
23 #include <cynara_test_client.h>
24 #include <dpl/test/test_runner.h>
26 #include <sm_commons.h>
27 #include <sm_request.h>
28 #include <tests_common.h>
29 #include <tzplatform.h>
30 #include <app_install_helper.h>
31 #include <scoped_installer.h>
33 RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_APP_DEFINED_PRIVILEGE)
35 using namespace SecurityManagerTest;
37 RUNNER_CHILD_TEST(app_defined_01_global_install_untrusted)
39 const Privilege privilege(
40 "http://tizen.org/untrusted/devstudio/statistic",
41 Privilege::UNTRUSTED);
42 const std::string providerAppId = "app_def_01_provider";
43 const std::string clientAppId = "app_def_01_client";
44 const std::string ownerId = "5001";
45 const std::string session = "S0M3S3SSI0N";
47 AppInstallHelper provider(providerAppId);
48 AppInstallHelper client(clientAppId);
50 std::string clientLabel = client.generateAppLabel();
52 provider.addAppDefinedPrivilege(privilege);
53 client.addPrivilege(privilege);
55 ScopedInstaller req1(provider);
56 ScopedInstaller req2(client);
58 CynaraTestClient::Client cynara;
59 cynara.check(clientLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
64 cynara.check(clientLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
67 RUNNER_CHILD_TEST(app_defined_02_global_install_licensed)
69 const Privilege providerPrivilegeLicense(
70 "http://tizen.org/licensed/abcsoftware/calendar",
71 "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
72 const Privilege clientPrivilegeLicense(
73 "http://tizen.org/licensed/abcsoftware/calendar",
74 "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
75 const std::string providerAppId = "app_def_provider_01";
76 const std::string clientAppId = "app_def_client_01";
77 const std::string ownerId = "5001";
78 const std::string session = "S0M33S3SSI0N";
80 AppInstallHelper provider(providerAppId);
81 AppInstallHelper client(clientAppId);
83 std::string clientLabel = client.generateAppLabel();
85 provider.addAppDefinedPrivilege(providerPrivilegeLicense);
86 client.addPrivilege(clientPrivilegeLicense);
88 ScopedInstaller req1(provider);
89 ScopedInstaller req2(client);
91 CynaraTestClient::Client cynara;
92 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_ALLOWED);
97 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
100 RUNNER_CHILD_TEST(app_defined_03_database_update)
102 const Privilege providerPrivilegeLicenseA(
103 "http://tizen.org/licensed/abcsoftware/calendar",
104 "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
105 const Privilege clientPrivilegeLicenseA(
106 "http://tizen.org/licensed/abcsoftware/calendar",
107 "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
108 const Privilege providerPrivilegeLicenseB(
109 "http://tizen.org/licensed/xyzsoftware/camera",
110 "/opt/usr/globalapps/app_def_provider_02_pkg_id/cert/xyzsoftware.pem");
111 const Privilege clientPrivilegeLicenseB(
112 "http://tizen.org/licensed/xyzsoftware/camera",
113 "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
115 const std::string providerAppIdA = "app_def_provider_01";
116 const std::string providerAppIdB = "app_def_provider_02";
117 const std::string clientAppId = "app_def_client_01";
118 const std::string ownerId = "5001";
119 const std::string session = "S0M33S3SSI0N";
121 AppInstallHelper providerA(providerAppIdA);
122 AppInstallHelper providerB(providerAppIdB);
123 AppInstallHelper client(clientAppId);
125 std::string clientLabel = client.generateAppLabel();
127 providerA.addAppDefinedPrivilege(providerPrivilegeLicenseA);
128 providerB.addAppDefinedPrivilege(providerPrivilegeLicenseB);
129 client.addPrivilege(clientPrivilegeLicenseA);
130 client.addPrivilege(clientPrivilegeLicenseB);
132 ScopedInstaller req1(providerA);
133 ScopedInstaller req2(providerB);
134 ScopedInstaller req3(client);
136 CynaraTestClient::Client cynara;
137 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_ALLOWED);
138 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
140 // uninstall providerA
143 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
144 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
146 // uninstall providerB
149 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
150 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
153 RUNNER_CHILD_TEST(app_defined_04_app_update)
155 const Privilege providerPrivilegeLicenseA(
156 "http://tizen.org/licensed/abcsoftware/calendar",
157 "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
158 const Privilege clientPrivilegeLicenseA(
159 "http://tizen.org/licensed/abcsoftware/calendar",
160 "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
161 const Privilege privilegeB(
162 "http://tizen.org/untrusted/devstudio/statistic",
163 Privilege::UNTRUSTED);
164 const Privilege providerPrivilegeLicenseC(
165 "http://tizen.org/licensed/xyzsoftware/camera",
166 "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/xyzsoftware.der");
167 const Privilege clientPrivilegeLicenseC(
168 "http://tizen.org/licensed/xyzsoftware/camera",
169 "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
171 const std::string providerAppId = "app_def_provider_01";
172 const std::string clientAppId = "app_def_client_01";
173 const std::string ownerId = "5001";
174 const std::string session = "S0M33S3SSI0N";
176 AppInstallHelper providerV1(providerAppId);
177 AppInstallHelper providerV2(providerAppId);
178 AppInstallHelper client(clientAppId);
180 std::string clientLabel = client.generateAppLabel();
182 providerV1.addAppDefinedPrivilege(providerPrivilegeLicenseA);
183 providerV1.addAppDefinedPrivilege(privilegeB);
184 client.addPrivilege(clientPrivilegeLicenseA);
185 client.addPrivilege(privilegeB);
186 client.addPrivilege(clientPrivilegeLicenseC);
188 ScopedInstaller req1(providerV1);
189 ScopedInstaller req2(client);
191 CynaraTestClient::Client cynara;
192 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_ALLOWED);
193 cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
194 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseC, CYNARA_API_ACCESS_DENIED);
196 // update provider version, remove privilegeA, add privilegeC
197 providerV2.addAppDefinedPrivilege(privilegeB);
198 providerV2.addAppDefinedPrivilege(providerPrivilegeLicenseC);
200 ScopedInstaller req3(providerV2);
202 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
203 cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
204 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseC, CYNARA_API_ACCESS_ALLOWED);
207 RUNNER_CHILD_TEST(app_defined_05_global_local_install)
209 const Privilege privilegeA(
210 "http://tizen.org/untrusted/devstudio/statistic",
211 Privilege::UNTRUSTED);
212 const Privilege providerLocalPrivilegeLicenseB(
213 "http://tizen.org/licensed/abcsoftware/calendar",
214 "/opt/usr/home/security_test_user/apps_rw/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
215 const Privilege clientGlobalPrivilegeLicenseB(
216 "http://tizen.org/licensed/abcsoftware/calendar",
217 "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
218 const Privilege clientLocalPrivilegeLicenseB(
219 "http://tizen.org/licensed/abcsoftware/calendar",
220 "/opt/usr/home/security_test_user/apps_rw/app_def_client_01_pkg_id/cert/softwaremind.pem");
221 const Privilege privilegeC(
222 "http://tizen.org/untrusted/gamestudio/football",
223 Privilege::UNTRUSTED);
225 const std::string providerAppId = "app_def_provider_01";
226 const std::string clientAppId = "app_def_client_01";
227 const std::string ownerId = "5001";
228 const std::string bobId = "5002";
229 const std::string session = "S0M33S3SSI0N";
231 AppInstallHelper providerGlobal(providerAppId);
232 AppInstallHelper providerLocal(providerAppId, 5002);
233 AppInstallHelper clientGlobal(clientAppId);
234 AppInstallHelper clientLocal(clientAppId, 5002);
236 std::string clientGlobalLabel = clientGlobal.generateAppLabel();
237 std::string clientLocalLabel = clientLocal.generateAppLabel();
239 providerGlobal.addAppDefinedPrivilege(privilegeA);
240 providerGlobal.addAppDefinedPrivilege(privilegeC);
241 providerLocal.addAppDefinedPrivilege(privilegeA);
242 providerLocal.addAppDefinedPrivilege(providerLocalPrivilegeLicenseB);
244 clientGlobal.addPrivilege(privilegeA);
245 clientGlobal.addPrivilege(clientGlobalPrivilegeLicenseB);
246 clientGlobal.addPrivilege(privilegeC);
247 clientLocal.addPrivilege(clientLocalPrivilegeLicenseB);
248 clientLocal.addPrivilege(privilegeC);
250 CynaraTestClient::Client cynara;
252 // local provider only and global consumer only
253 ScopedInstaller req1(providerLocal);
254 ScopedInstaller req2(clientGlobal);
255 cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
256 cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
257 cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
258 cynara.check(clientGlobalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
259 cynara.check(clientGlobalLabel, session, bobId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
260 cynara.check(clientGlobalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
262 // local provider only and global/local consumer
263 ScopedInstaller req3(clientLocal);
264 cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
265 cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
266 cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
268 // global/local provider and global/local consumer
269 ScopedInstaller req4(providerGlobal);
270 cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
271 cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
272 cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
273 cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
274 cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
275 //cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
277 // global provider only and global/local consumer
279 cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
280 cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
281 cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
282 cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
283 cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
284 cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
286 // global provider only and global consumer only
288 cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
289 cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
290 cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
293 RUNNER_CHILD_TEST(app_defined_06_get_provider)
296 char *pkgId = nullptr;
297 char *appId = nullptr;
298 const Privilege privilegeA(
299 "http://tizen.org/untrusted/devstudio/statistic",
300 Privilege::UNTRUSTED);
301 const Privilege privilegeB(
302 "http://tizen.org/untrusted/gamestudio/running",
303 Privilege::UNTRUSTED);
304 const std::string providerAppId = "app_def_06_provider";
307 AppInstallHelper providerGlobal(providerAppId);
308 AppInstallHelper providerLocal(providerAppId, uid);
309 providerGlobal.addAppDefinedPrivilege(privilegeB);
310 providerLocal.addAppDefinedPrivilege(privilegeA);
311 ScopedInstaller req1(providerGlobal);
312 ScopedInstaller req2(providerLocal);
314 result = security_manager_get_app_defined_privilege_provider("noExistingPrivilege",
315 uid, &pkgId, &appId);
316 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
317 RUNNER_ASSERT(appId == nullptr);
318 RUNNER_ASSERT(pkgId == nullptr);
320 result = security_manager_get_app_defined_privilege_provider(privilegeA,
321 uid+1, &pkgId, &appId);
322 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
323 RUNNER_ASSERT(appId == nullptr);
324 RUNNER_ASSERT(pkgId == nullptr);
326 result = security_manager_get_app_defined_privilege_provider(privilegeA,
327 uid, nullptr, nullptr);
328 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
330 result = security_manager_get_app_defined_privilege_provider(privilegeA,
331 uid, &pkgId, nullptr);
332 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider failed");
333 RUNNER_ASSERT(pkgId && std::string(pkgId) == providerLocal.getPkgId());
337 result = security_manager_get_app_defined_privilege_provider(privilegeA,
338 uid, nullptr, &appId);
339 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider failed");
340 RUNNER_ASSERT(appId && std::string(appId) == providerLocal.getAppId());
344 result = security_manager_get_app_defined_privilege_provider(privilegeA,
345 uid, &pkgId, &appId);
346 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider failed");
347 RUNNER_ASSERT(appId && std::string(appId) == providerLocal.getAppId());
348 RUNNER_ASSERT(pkgId && std::string(pkgId) == providerLocal.getPkgId());
354 result = security_manager_get_app_defined_privilege_provider(privilegeB,
355 uid, &pkgId, &appId);
356 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider failed");
357 RUNNER_ASSERT(appId && std::string(appId) == providerGlobal.getAppId());
358 RUNNER_ASSERT(pkgId && std::string(pkgId) == providerGlobal.getPkgId());
365 RUNNER_CHILD_TEST(app_defined_07_get_provider_license)
368 char *license = nullptr;
369 const Privilege providerLocalPrivilegeLicenseA(
370 "http://tizen.org/licensed/abcsoftware/calendar",
371 "/opt/usr/home/security_test_user/apps_rw/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
372 const Privilege providerGlobalPrivilegeLicenseB(
373 "http://tizen.org/licensed/xyzsoftware/camera",
374 "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/xyzsoftware.der");
375 const Privilege privilegeBuntrusted(
376 providerGlobalPrivilegeLicenseB.getName(), Privilege::UNTRUSTED);
378 const std::string providerAppId = "app_def_provider_01";
381 AppInstallHelper providerGlobal(providerAppId);
382 AppInstallHelper providerLocal(providerAppId, uid);
383 providerGlobal.addAppDefinedPrivilege(providerGlobalPrivilegeLicenseB);
384 providerLocal.addAppDefinedPrivilege(providerLocalPrivilegeLicenseA);
385 providerLocal.addAppDefinedPrivilege(privilegeBuntrusted);
387 ScopedInstaller req1(providerGlobal);
388 ScopedInstaller req2(providerLocal);
390 result = security_manager_get_app_defined_privilege_license(nullptr, uid, &license);
391 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
392 RUNNER_ASSERT(license == nullptr);
394 result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid, nullptr);
395 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
397 result = security_manager_get_app_defined_privilege_license("noExistingPrivilege", uid, &license);
398 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
399 RUNNER_ASSERT(license == nullptr);
401 result = security_manager_get_app_defined_privilege_license(privilegeBuntrusted, uid, &license);
402 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
403 RUNNER_ASSERT(license == nullptr);
405 result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid+1, &license);
406 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
407 RUNNER_ASSERT(license == nullptr);
409 result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid, &license);
410 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider license failed");
411 RUNNER_ASSERT(license && providerLocalPrivilegeLicenseA.getLicense() == license);
416 result = security_manager_get_app_defined_privilege_license(providerGlobalPrivilegeLicenseB, uid, &license);
417 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider license failed");
418 RUNNER_ASSERT(license && providerGlobalPrivilegeLicenseB.getLicense() == license);
423 RUNNER_CHILD_TEST(app_defined_08_add_get_client_license)
426 char *license = nullptr;
427 const Privilege clientLocalPrivilegeLicenseA(
428 "http://tizen.org/licensed/abcsoftware/calendar",
429 "/opt/usr/home/security_test_user/apps_rw/app_def_client_01_pkg_id/cert/softwaremind.pem");
430 const Privilege clientGlobalPrivilegeLicenseB(
431 "http://tizen.org/licensed/xyzsoftware/camera",
432 "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
433 const Privilege privilegeBuntrusted(
434 clientGlobalPrivilegeLicenseB.getName(), Privilege::UNTRUSTED);
436 const std::string clientAppId = "app_def_client_01";
439 AppInstallHelper clientGlobal(clientAppId);
440 AppInstallHelper clientLocal(clientAppId, uid);
441 clientGlobal.addPrivilege(clientGlobalPrivilegeLicenseB);
442 clientLocal.addPrivilege(clientLocalPrivilegeLicenseA);
443 clientLocal.addPrivilege(privilegeBuntrusted);
444 ScopedInstaller req1(clientGlobal);
445 ScopedInstaller req2(clientLocal);
447 result = security_manager_get_client_privilege_license(nullptr,
448 clientLocal.getAppId().c_str(),
450 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
451 RUNNER_ASSERT(license == nullptr);
453 result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA, nullptr,
455 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
456 RUNNER_ASSERT(license == nullptr);
458 result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
459 clientLocal.getAppId().c_str(),
461 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
463 result = security_manager_get_client_privilege_license("noExistingPrivilege",
464 clientLocal.getAppId().c_str(),
466 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
467 RUNNER_ASSERT(license == nullptr);
469 result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA, "noExistingApp",
471 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
472 RUNNER_ASSERT(license == nullptr);
474 result = security_manager_get_client_privilege_license(privilegeBuntrusted,
475 clientLocal.getAppId().c_str(),
477 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
478 RUNNER_ASSERT(license == nullptr);
480 result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
481 clientLocal.getAppId().c_str(),
483 RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
484 RUNNER_ASSERT(license == nullptr);
486 result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
487 clientLocal.getAppId().c_str(),
489 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege license failed");
490 RUNNER_ASSERT(license && clientLocalPrivilegeLicenseA.getLicense() == license);
495 result = security_manager_get_client_privilege_license(clientGlobalPrivilegeLicenseB,
496 clientGlobal.getAppId().c_str(),
498 RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege license failed");
499 RUNNER_ASSERT(license && clientGlobalPrivilegeLicenseB.getLicense() == license);
504 RUNNER_CHILD_TEST(app_defined_09_check_system_privileges)
506 const std::string providerAppId = "app_def_09_provider";
507 const Privilege privilege("http://tizen.org/privilege/internet", Privilege::UNTRUSTED);
509 InstallRequest requestInst;
510 requestInst.setAppId(providerAppId);
511 requestInst.setPkgId(providerAppId);
512 requestInst.addAppDefinedPrivilege(privilege);
513 Api::install(requestInst, SECURITY_MANAGER_ERROR_INPUT_PARAM);
514 Api::uninstall(requestInst);
517 RUNNER_CHILD_TEST(app_defined_10_invalid_license)
519 const Privilege providerPrivilegeLicense(
520 "http://tizen.org/licensed/abcsoftware/calendar",
521 "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
522 const Privilege clientPrivilegeLicense(
523 "http://tizen.org/licensed/abcsoftware/calendar",
524 "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
525 const std::string providerAppId = "app_def_provider_01";
526 const std::string clientAppId = "app_def_client_01";
527 const std::string ownerId = "5001";
528 const std::string session = "S0M33S3SSI0N";
530 AppInstallHelper provider(providerAppId);
531 AppInstallHelper client(clientAppId);
533 std::string clientLabel = client.generateAppLabel();
535 provider.addAppDefinedPrivilege(providerPrivilegeLicense);
536 client.addPrivilege(clientPrivilegeLicense);
538 ScopedInstaller req1(provider);
539 ScopedInstaller req2(client);
541 CynaraTestClient::Client cynara;
542 cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);