/*
- * Copyright (c) 2016 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2016 - 2020 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <cynara-admin.h>
-#include <app_install_helper.h>
#include <cynara_test_admin.h>
#include <dpl/test/test_runner.h>
#include <label_generator.h>
#include <tzplatform.h>
#include <uds.h>
#include <scoped_process_label.h>
+#include <scoped_app_launcher.h>
+#include <app_install_helper_ext.h>
+#include <privilege_names.h>
using namespace SecurityManagerTest;
-
-namespace {
-std::vector<std::string> merge(const std::vector<std::string> &one, const std::vector<std::string> &two) {
- std::vector<std::string> sum;
- sum.reserve(one.size() + two.size());
- sum.insert(sum.end(), one.begin(), one.end());
- sum.insert(sum.end(), two.begin(), two.end());
- return sum;
-}
-}
+using namespace PrivilegeNames;
RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
RUNNER_TEST(security_manager_01a_app_double_install_double_uninstall)
{
- AppInstallHelper app("sm_test_01a_app");
+ AppInstallHelperExt app("sm_test_01a_app");
{
ScopedInstaller appInstall(app);
- check_app_after_install(app.getAppId(), app.getPkgId());
+ app.checkAfterInstall();
{
ScopedInstaller appInstall2(app);
- check_app_after_install(app.getAppId(), app.getPkgId());
+ app.checkAfterInstall();
}
- check_app_after_uninstall(app.getAppId(), app.getPkgId());
+ app.checkAfterUninstall();
}
}
RUNNER_TEST(security_manager_01b_app_double_install_wrong_pkg_id)
{
- AppInstallHelper app("sm_test_01b");
+ AppInstallHelperExt app("sm_test_01b");
{
ScopedInstaller appInstall(app);
Api::install(requestInst2, SECURITY_MANAGER_ERROR_INPUT_PARAM);
- check_app_after_install(app.getAppId(), app.getPkgId());
+ app.checkAfterInstall();
}
- check_app_after_uninstall(app.getAppId(), app.getPkgId());
+ app.checkAfterUninstall();
}
RUNNER_TEST(security_manager_01c_app_uninstall_wrong_pkg_id)
{
- AppInstallHelper app("sm_test_01c");
+ AppInstallHelperExt app("sm_test_01c");
ScopedInstaller appInstall(app);
- check_app_after_install(app.getAppId(), app.getPkgId());
+ app.checkAfterInstall();
InstallRequest requestUninst;
requestUninst.setAppId(app.getAppId());
RUNNER_TEST(security_manager_02_app_install_uninstall_full)
{
- privileges_t defaultPrivs = {
- "http://tizen.org/privilege/internal/device/audio",
- "http://tizen.org/privilege/internal/device/display",
- "http://tizen.org/privilege/internal/device/video"
- };
- privileges_t allowedPrivs = {
- "http://tizen.org/privilege/camera",
- "http://tizen.org/privilege/mediastorage"
- };
- privileges_t someDeniedPrivs = {
- "http://tizen.org/privilege/internet",
- "http://tizen.org/privilege/externalstorage"
+ const PolicyConfiguration::PrivVector defaultPrivs = {
+ PRIV_INTERNAL_AUDIO,
+ PRIV_INTERNAL_DISPLAY,
+ PRIV_INTERNAL_VIDEO,
};
+ const PolicyConfiguration::PrivVector allowedPrivs = {PRIV_CAMERA, PRIV_MEDIASTORAGE};
+ const PolicyConfiguration::PrivVector someDeniedPrivs = {PRIV_INTERNET, PRIV_EXTERNALSTORAGE};
- privileges_t defaultAllowedPrivs = defaultPrivs;
+ PolicyConfiguration::PrivVector defaultAllowedPrivs = defaultPrivs;
defaultAllowedPrivs.insert(defaultAllowedPrivs.end(), allowedPrivs.begin(), allowedPrivs.end());
- AppInstallHelper app("sm_test_02");
+ AppInstallHelperExt app("sm_test_02");
app.createPrivateDir();
app.createPrivateRODir();
app.createPublicDir();
{
ScopedInstaller appInstall(app);
- check_app_after_install(app.getAppId(), app.getPkgId(),
- defaultAllowedPrivs, someDeniedPrivs);
+ app.checkAfterInstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
+ app.checkPrivilegeGroups(defaultAllowedPrivs);
check_path(app.getPrivateDir(), generatePathRWLabel(app.getPkgId()));
check_path(app.getPrivateRODir(), generatePathROLabel(app.getPkgId()), false);
check_path(app.getSharedRODir(), getSharedROPathLabel());
}
- check_app_after_uninstall(app.getAppId(), app.getPkgId(), app.getPrivilegesNames());
+ app.checkAfterUninstall();
}
RUNNER_CHILD_TEST_SMACK(security_manager_03_set_label_from_appid)
RUNNER_CHILD_TEST(security_manager_04a_app_install_uninstall_by_app_user_for_self)
{
- const std::vector<std::string> allowedPrivs = {
- "http://tizen.org/privilege/bluetooth",
- "http://tizen.org/privilege/power"
- };
- const std::vector<std::string> someDeniedPrivs = {
- "http://tizen.org/privilege/display",
- "http://tizen.org/privilege/nfc"
- };
+ const PolicyConfiguration::PrivVector allowedPrivs = {PRIV_BLUETOOTH, PRIV_POWER};
+ const PolicyConfiguration::PrivVector someDeniedPrivs = {PRIV_DISPLAY, PRIV_NFC};
TemporaryTestUser testUser("sm_test_04a_user_name", GUM_USERTYPE_NORMAL);
testUser.create();
- AppInstallHelper app("sm_test_04a", testUser.getUid());
+ AppInstallHelperExt app("sm_test_04a", testUser.getUid());
app.addPrivileges(allowedPrivs);
RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(testUser.getUid(), testUser.getGid()) == 0,
"drop_root_privileges failed");
{
ScopedInstaller appInstall(app, false);
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(),
- allowedPrivs, someDeniedPrivs);
+ app.checkAfterInstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
}
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(),
- {}, merge(allowedPrivs, someDeniedPrivs));
+ app.checkAfterUninstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
}
RUNNER_CHILD_TEST(security_manager_04b_app_install_by_root_for_app_user) {
- const std::vector<std::string> allowedPrivs = {
- "http://tizen.org/privilege/internet",
- "http://tizen.org/privilege/led"
- };
- const std::vector<std::string> someDeniedPrivs = {
- "http://tizen.org/privilege/location",
- "http://tizen.org/privilege/notification"
- };
+ const PolicyConfiguration::PrivVector allowedPrivs = {PRIV_INTERNET, PRIV_LED};
+ const PolicyConfiguration::PrivVector someDeniedPrivs = {PRIV_LOCATION, PRIV_NOTIFICATION};
TemporaryTestUser testUser("sm_test_04b_user_name", GUM_USERTYPE_NORMAL);
testUser.create();
- AppInstallHelper app("sm_test_04b", testUser.getUid());
+ AppInstallHelperExt app("sm_test_04b", testUser.getUid());
app.addPrivileges(allowedPrivs);
{
ScopedInstaller appInstall(app);
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(),
- allowedPrivs, someDeniedPrivs);
+ app.checkAfterInstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(testUser.getUid(), testUser.getGid()) == 0,
"drop_root_privileges failed");
}
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(),
- {}, merge(allowedPrivs, someDeniedPrivs));
+ app.checkAfterUninstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
}
RUNNER_CHILD_TEST(security_manager_05_drop_process_capabilities)
// TODO - check if app is uninstalled properly
}
-RUNNER_TEST(security_manager_07a_user_add_app_install)
+RUNNER_CHILD_TEST(security_manager_07a_user_add_app_install)
{
- const std::vector<std::string> allowedPrivs = {
- "http://tizen.org/privilege/internet",
- "http://tizen.org/privilege/led"
- };
- const std::vector<std::string> someDeniedPrivs = {
- "http://tizen.org/privilege/location",
- "http://tizen.org/privilege/notification"
- };
+ const PolicyConfiguration::PrivVector allowedPrivs = {PRIV_INTERNET, PRIV_LED};
+ const PolicyConfiguration::PrivVector someDeniedPrivs = {PRIV_LOCATION, PRIV_NOTIFICATION};
TemporaryTestUser testUser("sm_test_07a_user_name", GUM_USERTYPE_NORMAL);
testUser.create();
- AppInstallHelper app("sm_test_07a", testUser.getUid());
+ AppInstallHelperExt app("sm_test_07a", testUser.getUid());
app.addPrivileges(allowedPrivs);
InstallRequest req;
req.addPrivilege(priv);
}
Api::install(req);
-
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(),
- allowedPrivs, someDeniedPrivs);
+ app.checkAfterInstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
testUser.remove();
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(),
- {}, merge(allowedPrivs, someDeniedPrivs));
-
- // TODO - check if app is uninstalled
+ app.checkAfterUninstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
}
RUNNER_TEST(security_manager_07b_user_add_offline)
TemporaryTestUser testUser("sm_test_07b_user_name", GUM_USERTYPE_NORMAL, true);
testUser.create();
- AppInstallHelper app("sm_test_07b", testUser.getUid());
+ AppInstallHelperExt app("sm_test_07b", testUser.getUid());
ScopedInstaller appInstall(app);
serviceManager.startService();
- check_app_after_install(app.getAppId(), app.getPkgId());
+ app.checkAfterInstall();
testUser.remove();
- check_app_after_uninstall(app.getAppId(), app.getPkgId());
+ app.checkAfterUninstall();
}
RUNNER_TEST(security_manager_08_user_double_add_double_remove)
{
- std::vector<std::string> somePrivs = {
- "http://tizen.org/privilege/internet", "http://tizen.org/privilege/led",
- "http://tizen.org/privilege/location", "http://tizen.org/privilege/notification"
- };
+ const PolicyConfiguration::PrivVector somePrivs = {PRIV_LED, PRIV_NOTIFICATION};
+
// gumd
TemporaryTestUser testUser("sm_test_08_user_name", GUM_USERTYPE_NORMAL);
testUser.create();
addUserRequest.setUserType(SM_USER_TYPE_NORMAL);
Api::addUser(addUserRequest);
- AppInstallHelper app("sm_test_08", testUser.getUid());
+ AppInstallHelperExt app("sm_test_08", testUser.getUid());
ScopedInstaller appInstall(app);
- check_app_after_install(app.getAppId(), app.getPkgId());
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(), {}, somePrivs);
+ app.checkAfterInstall();
+ app.checkDeniedPrivileges(somePrivs);
// gumd
testUser.remove();
- check_app_after_uninstall(app.getAppId(), app.getPkgId());
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(), {}, somePrivs);
+ app.checkAfterUninstall();
// security-manager
UserRequest deleteUserRequest;
}
};
- std::array<TemporaryTestUser, 2> users{
- TemporaryTestUser{"sm_test_09_user_name_0", GUM_USERTYPE_NORMAL, false},
- TemporaryTestUser{"sm_test_09_user_name_1", GUM_USERTYPE_NORMAL, false}
+ TemporaryTestUser users[] = {
+ {"sm_test_09_user_name_0", GUM_USERTYPE_NORMAL, false},
+ {"sm_test_09_user_name_1", GUM_USERTYPE_NORMAL, false}
};
- for(auto& gu : users)
+ for (auto& gu : users)
gu.create();
const char *const pkgId[] = {"sm_test_09_pkg_id_0", "sm_test_09_pkg_id_1"};
RUNNER_TEST(security_manager_09a_install_many_apps_in_single_request)
{
- const std::string pkgId = "sm_test_09a_pkg_id_0";
- const std::vector<std::string> appIds = {"sm_test_09a_app_id_0", "sm_test_09a_app_id_1", "sm_test_09a_app_id_2"};
+ constexpr char pkgIdPrefix[] = "sm_test_09a";
+ const AppInstallHelperExt apps[] = {{"sm_test_09a_0", pkgIdPrefix},
+ {"sm_test_09a_1", pkgIdPrefix},
+ {"sm_test_09a_2", pkgIdPrefix}};
+ static_assert(sizeof(apps) > 0);
+
+ std::vector<std::string> appIds;
+ for (auto &app : apps)
+ appIds.push_back(app.getAppId());
{
- ScopedInstaller appsInstall(appIds, pkgId);
+ ScopedInstaller appsInstall(appIds, apps[0].getPkgId());
// Installing many applications in single request
- for (const auto &appId : appIds) {
- check_app_after_install(appId, pkgId);
+ for (auto &app : apps) {
+ app.checkAfterInstall();
}
}
- for (const auto &appId : appIds) {
- check_app_after_uninstall(appId, pkgId);
+ for (auto &app : apps) {
+ app.checkAfterUninstall();
}
}
RUNNER_TEST(security_manager_09b_install_many_apps_in_single_request_duplicated_ids)
{
- const std::string pkgId = "sm_test_09b_pkg_id_0";
- const std::string appId = "sm_test_09b_app_id_0";
-
+ AppInstallHelperExt app("sm_test_09b");
{
- ScopedInstaller appsInstall({appId, appId}, pkgId);
- check_app_after_install(appId, pkgId);
+ ScopedInstaller appsInstall({app.getAppId(), app.getAppId()}, app.getPkgId());
+ app.checkAfterInstall();
}
- check_app_after_uninstall(appId, pkgId);
+ app.checkAfterUninstall();
}
RUNNER_TEST(security_manager_09c_update_many_apps_in_single_request_hybrid_package)
{
- const std::vector<std::string> appIds = {"sm_test_09c_app_id_0", "sm_test_09c_app_id_1", "sm_test_09c_app_id_2"};
- const std::string pkgId = "sm_test_09c_pkg_id_0";
+ constexpr char pkgIdPrefix[] = "sm_test_09c";
+ AppInstallHelperExt apps[] = {{"sm_test_09c_0", pkgIdPrefix},
+ {"sm_test_09c_1", pkgIdPrefix},
+ {"sm_test_09c_2", pkgIdPrefix}};
+ static_assert(sizeof(apps) > 0);
+
+ std::vector<std::string> appIds;
+ for (const auto &app : apps)
+ appIds.push_back(app.getAppId());
{
- ScopedInstaller appsInstall(appIds, pkgId);
+ ScopedInstaller appsInstall(appIds, apps[0].getPkgId());
// Package is not hybrid, every app has same policy.
- for (const auto &appId : appIds) {
- check_app_after_install(appId, pkgId);
+ for (const auto &app : apps) {
+ app.checkAfterInstall();
}
// Updating package -- changing set of apps in package and setting hybrid mode
InstallRequest updateRequest;
- updateRequest.setPkgId(pkgId);
+ updateRequest.setPkgId(apps[0].getPkgId());
updateRequest.setAppId(appIds[0]);
updateRequest.nextApp();
updateRequest.setAppId(appIds[1]);
updateRequest.setHybrid();
Api::update(updateRequest);
+
// Package became hybrid, so every app has its own Smack label
- check_app_after_install(appIds[0], pkgId, true);
- check_app_after_install(appIds[1], pkgId, true);
+ for (auto &app : apps) {
+ app.setHybrid();
+ }
+ apps[0].checkAfterInstall();
+ apps[1].checkAfterInstall();
+
// Package became hybrid properly,
// so app not included in updated version of package was uninstalled.
- check_app_after_uninstall(appIds[2], pkgId);
+ apps[2].checkAfterUninstall(false);
}
- for (const auto &appId : appIds) {
- check_app_after_uninstall(appId, pkgId, true, true);
+ for (const auto &app : apps) {
+ app.checkAfterUninstall();
}
}
RUNNER_TEST(security_manager_09d_uninstall_app_from_hybrid_package)
{
- const std::vector<std::string> appIds = {"sm_test_09d_app_id_0", "sm_test_09d_app_id_1", "sm_test_09d_app_id_2"};
- const std::string pkgId = "sm_test_09d_pkg_id_0";
+ constexpr char pkgIdPrefix[] = "sm_test_09d";
+ AppInstallHelperExt apps[] = {{"sm_test_09d_0", pkgIdPrefix},
+ {"sm_test_09d_1", pkgIdPrefix},
+ {"sm_test_09d_2", pkgIdPrefix}};
+ static_assert(sizeof(apps) > 0);
+
+ std::vector<std::string> appIds;
+ for (const auto &app : apps)
+ appIds.push_back(app.getAppId());
+
{
- ScopedInstaller appsInstall(appIds, pkgId);
+ ScopedInstaller appsInstall(appIds, apps[0].getPkgId());
InstallRequest updateRequest;
- updateRequest.setPkgId(pkgId);
+ updateRequest.setPkgId(apps[0].getPkgId());
for (unsigned int i = 0; i < appIds.size(); i++) {
if (i > 0) {
updateRequest.nextApp();
Api::update(updateRequest);
InstallRequest uninstRequest;
- uninstRequest.setPkgId(pkgId);
+ uninstRequest.setPkgId(apps[0].getPkgId());
uninstRequest.setAppId(appIds[0]);
Api::uninstall(uninstRequest);
- check_app_after_uninstall(appIds[0], pkgId, true);
+ for (auto &app : apps) {
+ app.setHybrid();
+ }
+ apps[0].checkAfterUninstall(false);
+ }
+ for (const auto &app : apps) {
+ app.checkAfterUninstall();
}
}
RUNNER_CHILD_TEST(security_manager_10_app_has_privilege)
{
- const std::vector<std::string> allowedPrivs = {
- "http://tizen.org/privilege/wifidirect",
- "http://tizen.org/privilege/telephony"
- };
- const std::vector<std::string> someDeniedPrivs = {
- "http://tizen.org/privilege/vpnservice",
- "http://tizen.org/privilege/notification"
- };
- AppInstallHelper app("sm_test_10");
+ const PolicyConfiguration::PrivVector allowedPrivs = {PRIV_WIFIDIRECT, PRIV_TELEPHONY};
+ const PolicyConfiguration::PrivVector someDeniedPrivs = {PRIV_VPNSERVICE, PRIV_NOTIFICATION};
+
+ AppInstallHelperExt app("sm_test_10");
app.addPrivileges(allowedPrivs);
ScopedInstaller appInstall(app);
- sm_app_has_privileges(app, allowedPrivs, 1);
+ app.checkAfterInstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
// FIXME - all other existing privileges should be checked
- sm_app_has_privileges(app, someDeniedPrivs, 0);
}
RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER_POLICY)
RUNNER_CHILD_TEST(security_manager_21_security_manager_admin_deny_user_priv)
{
- const privileges_t adminRequiredPrivs = {
- "http://tizen.org/privilege/notexist",
- "http://tizen.org/privilege/internal/usermanagement"
- };
- const privileges_t manifestPrivs = {
- "http://tizen.org/privilege/internet",
- "http://tizen.org/privilege/datasharing"
+ const PolicyConfiguration::PrivVector adminRequiredPrivs = {
+ PRIV_NOTEXIST,
+ PRIV_INTERNAL_USERMANAGEMENT
};
- const privileges_t allowedPrivsAfterChange = {"http://tizen.org/privilege/datasharing"};
- const privileges_t deniedPrivsAfterChange = {"http://tizen.org/privilege/internet"};
+ const PolicyConfiguration::PrivVector manifestPrivs = {PRIV_INTERNET, PRIV_DATASHARING};
+ const PolicyConfiguration::PrivVector allowedPrivsAfterChange = {PRIV_DATASHARING};
+ const PolicyConfiguration::PrivVector deniedPrivsAfterChange = {PRIV_INTERNET};
+
TemporaryTestUser adminUser("sm_test_21_admin_user_name", GUM_USERTYPE_ADMIN, false);
TemporaryTestUser normalUser("sm_test_21_normal_user_name", GUM_USERTYPE_NORMAL, false);
adminUser.create();
normalUser.create();
- std::string childUidStr = normalUser.getUidString();
AppInstallHelper adminApp("sm_test_21_admin", adminUser.getUid());
adminApp.addPrivileges(adminRequiredPrivs);
ScopedInstaller adminAppInstall(adminApp);
- AppInstallHelper normalApp("sm_test_21_normal", normalUser.getUid());
+ AppInstallHelperExt normalApp("sm_test_21_normal", normalUser.getUid());
normalApp.addPrivileges(manifestPrivs);
ScopedInstaller normalAppInstall(normalApp);
-
- check_app_permissions(normalApp.getAppId(), normalApp.getPkgId(), childUidStr,
- manifestPrivs, {});
+ normalApp.checkAfterInstall();
pid_t pid = fork();
RUNNER_ASSERT_MSG(pid >= 0, "fork failed");
if (pid != 0) { //parent process
waitPid(pid);
- check_app_permissions(normalApp.getAppId(), normalApp.getPkgId(), childUidStr,
- allowedPrivsAfterChange, deniedPrivsAfterChange);
+ normalApp.checkPrivileges(allowedPrivsAfterChange, deniedPrivsAfterChange);
} else {
Api::setProcessLabel(adminApp.getAppId());
RUNNER_ASSERT_ERRNO_MSG(drop_root_privileges(adminUser.getUid(),adminUser.getGid()) == 0,
RUNNER_TEST(security_manager_25a_global_user_set_install_type_global)
{
- AppInstallHelper app("sm_test_25a");
+ AppInstallHelperExt app("sm_test_25a");
app.setInstallType(SM_APP_INSTALL_GLOBAL);
{
ScopedInstaller appInstall(app);
- check_app_after_install(app.getAppId(), app.getPkgId());
+ app.checkAfterInstall();
}
// Check records in the security-manager database
- check_app_after_uninstall(app.getAppId(), app.getPkgId());
+ app.checkAfterUninstall();
}
RUNNER_TEST(security_manager_25b_global_user_set_install_type_local)
RUNNER_TEST(security_manager_25c_global_user_set_install_type_preloaded)
{
- AppInstallHelper app("sm_test_25c");
+ AppInstallHelperExt app("sm_test_25c");
app.setInstallType(SM_APP_INSTALL_PRELOADED);
{
ScopedInstaller appInstall(app);
- check_app_after_install(app.getAppId(), app.getPkgId());
+ app.checkAfterInstall();
}
- check_app_after_uninstall(app.getAppId(), app.getPkgId());
+ app.checkAfterUninstall();
}
RUNNER_TEST(security_manager_25d_local_user_set_install_type_invalid)
RUNNER_CHILD_TEST(security_manager_25g_local_user_set_install_type_local)
{
- std::vector<std::string> allowedPrivs = {
- "http://tizen.org/privilege/volume.set",
- "http://tizen.org/privilege/systemmonitor",
- "http://tizen.org/privilege/internet"
+ const PolicyConfiguration::PrivVector allowedPrivs = {
+ PRIV_VOLUME_SET,
+ PRIV_SYSTEMMONITOR,
+ PRIV_INTERNET
};
- std::vector<std::string> someDeniedPrivs = {
- "http://tizen.org/privilege/push",
- "http://tizen.org/privilege/power",
- "http://tizen.org/privilege/notification"
+ const PolicyConfiguration::PrivVector someDeniedPrivs = {
+ PRIV_PUSH,
+ PRIV_POWER,
+ PRIV_NOTIFICATION,
};
TemporaryTestUser testUser("sm_test_25g_user_name", GUM_USERTYPE_NORMAL);
testUser.create();
- AppInstallHelper app("sm_test_25g", testUser.getUid());
+ AppInstallHelperExt app("sm_test_25g", testUser.getUid());
app.createPrivateDir();
app.setInstallType(SM_APP_INSTALL_LOCAL);
app.addPrivileges(allowedPrivs);
"drop_root_privileges failed");
{
ScopedInstaller appInstall(app);
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(),
- allowedPrivs, someDeniedPrivs);
-
+ app.checkAfterInstall();
+ app.checkDeniedPrivileges(someDeniedPrivs);
}
- check_app_permissions(app.getAppId(), app.getPkgId(), testUser.getUidString(),
- {}, merge(allowedPrivs, someDeniedPrivs));
- // TODO - check if app is properly uninstalled
+ app.checkAfterUninstall();
}
RUNNER_CHILD_TEST(security_manager_25h_local_path_global_install)
TemporaryTestUser testUser("sm_test_26_user_name", GUM_USERTYPE_NORMAL);
testUser.create();
- const std::vector<std::string> allowedPrivs = {
- "http://tizen.org/privilege/wifidirect",
- "http://tizen.org/privilege/telephony"
- };
+ const PolicyConfiguration::PrivVector allowedPrivs = {PRIV_WIFIDIRECT, PRIV_TELEPHONY};
- AppInstallHelper app1("sm_test_26_1", "sm_test_26", testUser.getUid());
+ AppInstallHelperExt app1("sm_test_26_1", "sm_test_26", testUser.getUid());
app1.addPrivileges(allowedPrivs);
app1.setHybrid();
- AppInstallHelper app2("sm_test_26_2", "sm_test_26", testUser.getUid());
+ AppInstallHelperExt app2("sm_test_26_2", "sm_test_26", testUser.getUid());
app2.addPrivileges(allowedPrivs);
app2.setHybrid();
{
ScopedInstaller appInstall1(app1);
ScopedInstaller appInstall2(app2);
- check_app_permissions(app1.getAppId(), app1.getPkgId(), testUser.getUidString(),
- allowedPrivs, {}, app1.getIsHybrid());
- check_app_permissions(app2.getAppId(), app2.getPkgId(), testUser.getUidString(),
- allowedPrivs, {}, app2.getIsHybrid());
+ app1.checkAfterInstall();
+ app2.checkAfterInstall();
}
- check_app_permissions(app1.getAppId(), app1.getPkgId(), testUser.getUidString(),
- {}, allowedPrivs, app1.getIsHybrid());
- check_app_permissions(app2.getAppId(), app2.getPkgId(), testUser.getUidString(),
- {}, allowedPrivs, app2.getIsHybrid());
+ app1.checkAfterUninstall(false);
+ app2.checkAfterUninstall();
}
projects / platform / core / test / security-tests.git / blobdiff