projects / platform / core / test / security-tests.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Unify privilege representation
[platform/core/test/security-tests.git] / src / security-manager-tests / common / app_install_helper_ext.cpp
diff --git a/src/security-manager-tests/common/app_install_helper_ext.cpp b/src/security-manager-tests/common/app_install_helper_ext.cpp
index fc59380..2f4e0ee 100644 (file)
--- a/src/security-manager-tests/common/app_install_helper_ext.cpp
+++ b/src/security-manager-tests/common/app_install_helper_ext.cpp
@@ -30,6 +30,7 @@
 #include <sm_api.h>
 #include <label_generator.h>
 #include <cynara_test_client.h>
+#include <policy_configuration.h>
 
 namespace {
 constexpr char SMACK_RULES_PATH[] = "/sys/fs/smackfs/load2";
@@ -88,8 +89,8 @@ void checkExactSmackAccesses(const std::string &subject, const std::string &obje
 namespace SecurityManagerTest
 {
 
-void AppInstallHelperExt::checkPrivileges(const PolicyConfiguration::PrivVector &allowedPrivs,
-                                          const PolicyConfiguration::PrivVector &deniedPrivs) const
+void AppInstallHelperExt::checkPrivileges(const PrivilegeVector &allowedPrivs,
+                                          const PrivilegeVector &deniedPrivs) const
 {
     /* Privileges should be granted to all users if root installs app */
     auto user = (m_uidGid == 0 ? ANY_USER_REPRESENTATION : std::to_string(m_uidGid));
@@ -100,7 +101,7 @@ void AppInstallHelperExt::checkPrivileges(const PolicyConfiguration::PrivVector
     int result;
 
     for (auto &priv : allowedPrivs) {
-        ctc.check(smackLabel.c_str(), "", user, priv.c_str(), CYNARA_API_ACCESS_ALLOWED);
+        ctc.check(smackLabel.c_str(), "", user, priv.getName().c_str(), CYNARA_API_ACCESS_ALLOWED);
 
         Api::appHasPrivilege(m_appName, priv, m_uidGid, result);
         RUNNER_ASSERT_MSG(result == 1,
@@ -108,7 +109,7 @@ void AppInstallHelperExt::checkPrivileges(const PolicyConfiguration::PrivVector
     }
 
     for (auto &priv : deniedPrivs) {
-        ctc.check(smackLabel.c_str(), "", user, priv.c_str(), CYNARA_API_ACCESS_DENIED);
+        ctc.check(smackLabel.c_str(), "", user, priv.getName().c_str(), CYNARA_API_ACCESS_DENIED);
 
         Api::appHasPrivilege(m_appName, priv, m_uidGid, result);
         RUNNER_ASSERT_MSG(result == 0,
@@ -116,12 +117,12 @@ void AppInstallHelperExt::checkPrivileges(const PolicyConfiguration::PrivVector
     }
 }
 
-void AppInstallHelperExt::checkDeniedPrivileges(const PolicyConfiguration::PrivVector &deniedPrivs) const
+void AppInstallHelperExt::checkDeniedPrivileges(const PrivilegeVector &deniedPrivs) const
 {
     checkPrivileges({}, deniedPrivs);
 }
 
-void AppInstallHelperExt::checkPrivilegeGroups(const PolicyConfiguration::PrivVector &allowedPrivs) const
+void AppInstallHelperExt::checkPrivilegeGroups(const PrivilegeVector &allowedPrivs) const
 {
     static PolicyConfiguration policy;
     const auto allowed_groups = policy.privToGroup(allowedPrivs);
@@ -149,7 +150,7 @@ void AppInstallHelperExt::checkAfterInstall() const
 
     checkSmackAccesses(staticRules[m_isHybrid]);
 
-    checkPrivileges(getPrivilegesNames(), {});
+    checkPrivileges(m_privileges, {});
 }
 
 void AppInstallHelperExt::checkAfterUninstall(bool removePkg) const
@@ -162,7 +163,7 @@ void AppInstallHelperExt::checkAfterUninstall(bool removePkg) const
     // there should be no hybrid rules regardless of the app type
     checkHybridAppSmackRulesAterUninstall();
 
-    checkDeniedPrivileges(getPrivilegesNames());
+    checkDeniedPrivileges(m_privileges);
 }
 
 void AppInstallHelperExt::checkSmackAccesses(std::vector<AccessRequest> rules, bool hasAccess) const
Domain: Security / Uncategorized;