RUNNER_CHILD_TEST(app_defined_01_global_install_untrusted)
{
- const Privilege privilege("http://tizen.org/applicationDefinedPrivilege/app_defined_01",
- Privilege::UNTRUSTED);
- const std::string providerAppId = "app_def_01_provider_appid";
- const std::string consumerAppId = "app_def_01_client_appid";
+ const Privilege privilege(
+ "http://tizen.org/untrusted/devstudio/statistic",
+ Privilege::UNTRUSTED);
+ const std::string providerAppId = "app_def_01_provider";
+ const std::string clientAppId = "app_def_01_client";
const std::string ownerId = "5001";
const std::string session = "S0M3S3SSI0N";
AppInstallHelper provider(providerAppId);
- AppInstallHelper consumer(consumerAppId);
+ AppInstallHelper client(clientAppId);
- std::string consumerLabel = consumer.generateAppLabel();
+ std::string clientLabel = client.generateAppLabel();
provider.addAppDefinedPrivilege(privilege);
- consumer.addPrivilege(privilege);
+ client.addPrivilege(privilege);
ScopedInstaller req1(provider);
- ScopedInstaller req2(consumer);
+ ScopedInstaller req2(client);
CynaraTestClient::Client cynara;
- cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
// uninstall provider
req1.uninstallApp();
- cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
}
RUNNER_CHILD_TEST(app_defined_02_global_install_licensed)
{
- const Privilege privilege("http://tizen.org/licensedPrivilege/app_defined_02",
- "/opt/data/app_defined_02/res/license");
- const std::string providerAppId = "app_def_02_provider_appid";
- const std::string consumerAppId = "app_def_02_client_appid";
+ const Privilege providerPrivilegeLicense(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+ const Privilege clientPrivilegeLicense(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
+ const std::string providerAppId = "app_def_provider_01";
+ const std::string clientAppId = "app_def_client_01";
const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper provider(providerAppId);
- AppInstallHelper consumer(consumerAppId);
+ AppInstallHelper client(clientAppId);
- std::string consumerLabel = consumer.generateAppLabel();
+ std::string clientLabel = client.generateAppLabel();
- provider.addAppDefinedPrivilege(privilege);
- consumer.addPrivilege(privilege);
+ provider.addAppDefinedPrivilege(providerPrivilegeLicense);
+ client.addPrivilege(clientPrivilegeLicense);
ScopedInstaller req1(provider);
- ScopedInstaller req2(consumer);
+ ScopedInstaller req2(client);
CynaraTestClient::Client cynara;
- cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_ALLOWED);
// uninstall provider
req1.uninstallApp();
- cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
}
RUNNER_CHILD_TEST(app_defined_03_database_update)
{
- // Because of a bug in implementation during installation of
- // providerB privileges of providerA were deleted from cynara
- // database. This test should check if bug was fixed.
- Privilege privilegeA("http://tizen.org/licensedPrivilege/app_defined_03a",
- "/opt/data/app_defined_03a/res/license");
- Privilege privilegeB("http://tizen.org/licensedPrivilege/app_defined_03b",
- "/opt/data/app_defined_03b/res/license");
- const std::string providerAppIdA = "app_def_03a_provider_appid";
- const std::string providerAppIdB = "app_def_03b_provider_appid";
- const std::string consumerAppId = "app_def_03_client_appid";
+ const Privilege providerPrivilegeLicenseA(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+ const Privilege clientPrivilegeLicenseA(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
+ const Privilege providerPrivilegeLicenseB(
+ "http://tizen.org/licensed/xyzsoftware/camera",
+ "/opt/usr/globalapps/app_def_provider_02_pkg_id/cert/xyzsoftware.pem");
+ const Privilege clientPrivilegeLicenseB(
+ "http://tizen.org/licensed/xyzsoftware/camera",
+ "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
+
+ const std::string providerAppIdA = "app_def_provider_01";
+ const std::string providerAppIdB = "app_def_provider_02";
+ const std::string clientAppId = "app_def_client_01";
const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper providerA(providerAppIdA);
AppInstallHelper providerB(providerAppIdB);
- AppInstallHelper consumer(consumerAppId);
-
- std::string consumerLabel = consumer.generateAppLabel();
+ AppInstallHelper client(clientAppId);
+ client.setHybrid();
+ std::string clientLabel = client.generateAppLabel();
- providerA.addAppDefinedPrivilege(privilegeA);
- providerB.addAppDefinedPrivilege(privilegeB);
- consumer.addPrivilege(privilegeA);
- consumer.addPrivilege(privilegeB);
+ providerA.addAppDefinedPrivilege(providerPrivilegeLicenseA);
+ providerB.addAppDefinedPrivilege(providerPrivilegeLicenseB);
+ client.addPrivilege(clientPrivilegeLicenseA);
+ client.addPrivilege(clientPrivilegeLicenseB);
ScopedInstaller req1(providerA);
ScopedInstaller req2(providerB);
- ScopedInstaller req3(consumer);
+ ScopedInstaller req3(client);
CynaraTestClient::Client cynara;
- cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
// uninstall providerA
req1.uninstallApp();
- cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
// uninstall providerB
req2.uninstallApp();
- cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
}
RUNNER_CHILD_TEST(app_defined_04_app_update)
{
- const Privilege privilegeA("http://tizen.org/licensedPrivilege/app_defined_04a",
- "/opt/data/app_defined_04a/res/license");
- const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_04b",
- Privilege::UNTRUSTED);
- const Privilege privilegeC("http://tizen.org/licensedPrivilege/app_defined_04c",
- "/opt/data/app_defined_04c/res/license");
- const std::string providerAppId = "app_def_04_provider_appid";
- const std::string consumerAppId = "app_def_04_client_appid";
+ const Privilege providerPrivilegeLicenseA(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+ const Privilege clientPrivilegeLicenseA(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
+ const Privilege privilegeB(
+ "http://tizen.org/untrusted/devstudio/statistic",
+ Privilege::UNTRUSTED);
+ const Privilege providerPrivilegeLicenseC(
+ "http://tizen.org/licensed/xyzsoftware/camera",
+ "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/xyzsoftware.der");
+ const Privilege clientPrivilegeLicenseC(
+ "http://tizen.org/licensed/xyzsoftware/camera",
+ "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
+
+ const std::string providerAppId = "app_def_provider_01";
+ const std::string clientAppId = "app_def_client_01";
const std::string ownerId = "5001";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper providerV1(providerAppId);
AppInstallHelper providerV2(providerAppId);
- AppInstallHelper consumer(consumerAppId);
+ AppInstallHelper client(clientAppId);
- std::string consumerLabel = consumer.generateAppLabel();
+ std::string clientLabel = client.generateAppLabel();
- providerV1.addAppDefinedPrivilege(privilegeA);
+ providerV1.addAppDefinedPrivilege(providerPrivilegeLicenseA);
providerV1.addAppDefinedPrivilege(privilegeB);
- consumer.addPrivilege(privilegeA);
- consumer.addPrivilege(privilegeB);
- consumer.addPrivilege(privilegeC);
+ client.addPrivilege(clientPrivilegeLicenseA);
+ client.addPrivilege(privilegeB);
+ client.addPrivilege(clientPrivilegeLicenseC);
ScopedInstaller req1(providerV1);
- ScopedInstaller req2(consumer);
+ ScopedInstaller req2(client);
CynaraTestClient::Client cynara;
- cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseC, CYNARA_API_ACCESS_DENIED);
// update provider version, remove privilegeA, add privilegeC
providerV2.addAppDefinedPrivilege(privilegeB);
- providerV2.addAppDefinedPrivilege(privilegeC);
+ providerV2.addAppDefinedPrivilege(providerPrivilegeLicenseC);
ScopedInstaller req3(providerV2);
- cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseC, CYNARA_API_ACCESS_ALLOWED);
}
RUNNER_CHILD_TEST(app_defined_05_global_local_install)
{
- const Privilege privilegeA("http://tizen.org/licensedPrivilege/app_defined_05a",
- Privilege::UNTRUSTED);
- const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_05b",
- "/opt/data/app_defined_05b/res/license");
- const Privilege privilegeC("http://tizen.org/applicationDefinedPrivilege/app_defined_05c",
- Privilege::UNTRUSTED);
- const std::string providerAppId = "app_def_05_provider_appid";
- const std::string consumerAppId = "app_def_05_client_appid";
+ const Privilege privilegeA(
+ "http://tizen.org/untrusted/devstudio/statistic",
+ Privilege::UNTRUSTED);
+ const Privilege providerLocalPrivilegeLicenseB(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/home/security_test_user/apps_rw/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+ const Privilege clientGlobalPrivilegeLicenseB(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
+ const Privilege clientLocalPrivilegeLicenseB(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/home/security_test_user/apps_rw/app_def_client_01_pkg_id/cert/softwaremind.pem");
+ const Privilege privilegeC(
+ "http://tizen.org/untrusted/gamestudio/football",
+ Privilege::UNTRUSTED);
+
+ const std::string providerAppId = "app_def_provider_01";
+ const std::string clientAppId = "app_def_client_01";
const std::string ownerId = "5001";
const std::string bobId = "5002";
const std::string session = "S0M33S3SSI0N";
AppInstallHelper providerGlobal(providerAppId);
AppInstallHelper providerLocal(providerAppId, 5002);
- AppInstallHelper consumerGlobal(consumerAppId);
- AppInstallHelper consumerLocal(consumerAppId, 5002);
+ AppInstallHelper clientGlobal(clientAppId);
+ AppInstallHelper clientLocal(clientAppId, 5002);
- std::string consumerGlobalLabel = consumerGlobal.generateAppLabel();
- std::string consumerLocalLabel = consumerLocal.generateAppLabel();
+ std::string clientGlobalLabel = clientGlobal.generateAppLabel();
+ std::string clientLocalLabel = clientLocal.generateAppLabel();
providerGlobal.addAppDefinedPrivilege(privilegeA);
providerGlobal.addAppDefinedPrivilege(privilegeC);
providerLocal.addAppDefinedPrivilege(privilegeA);
- providerLocal.addAppDefinedPrivilege(privilegeB);
+ providerLocal.addAppDefinedPrivilege(providerLocalPrivilegeLicenseB);
- consumerGlobal.addPrivilege(privilegeA);
- consumerGlobal.addPrivilege(privilegeB);
- consumerGlobal.addPrivilege(privilegeC);
-
- consumerLocal.addPrivilege(privilegeB);
- consumerLocal.addPrivilege(privilegeC);
+ clientGlobal.addPrivilege(privilegeA);
+ clientGlobal.addPrivilege(clientGlobalPrivilegeLicenseB);
+ clientGlobal.addPrivilege(privilegeC);
+ clientLocal.addPrivilege(clientLocalPrivilegeLicenseB);
+ clientLocal.addPrivilege(privilegeC);
CynaraTestClient::Client cynara;
// local provider only and global consumer only
ScopedInstaller req1(providerLocal);
- ScopedInstaller req2(consumerGlobal);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerGlobalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerGlobalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerGlobalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+ ScopedInstaller req2(clientGlobal);
+ cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, bobId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
// local provider only and global/local consumer
- ScopedInstaller req3(consumerLocal);
- cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+ ScopedInstaller req3(clientLocal);
+ cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
// global/local provider and global/local consumer
ScopedInstaller req4(providerGlobal);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
- //cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
+ //cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
// global provider only and global/local consumer
req1.uninstallApp();
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
// global provider only and global consumer only
req3.uninstallApp();
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
- cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+ cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
}
RUNNER_CHILD_TEST(app_defined_06_get_provider)
int result;
char *pkgId = nullptr;
char *appId = nullptr;
- const Privilege privilegeA("http://tizen.org/applicationDefinedPrivilege/app_defined_06a",
- Privilege::UNTRUSTED);
- const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_06b",
- Privilege::UNTRUSTED);
- const std::string providerId = "app_def_06_provider";
+ const Privilege privilegeA(
+ "http://tizen.org/untrusted/devstudio/statistic",
+ Privilege::UNTRUSTED);
+ const Privilege privilegeB(
+ "http://tizen.org/untrusted/gamestudio/running",
+ Privilege::UNTRUSTED);
+ const std::string providerAppId = "app_def_06_provider";
uid_t uid = 5001;
- AppInstallHelper providerGlobal(providerId);
- AppInstallHelper providerLocal(providerId, uid);
+ AppInstallHelper providerGlobal(providerAppId);
+ AppInstallHelper providerLocal(providerAppId, uid);
providerGlobal.addAppDefinedPrivilege(privilegeB);
providerLocal.addAppDefinedPrivilege(privilegeA);
ScopedInstaller req1(providerGlobal);
{
int result;
char *license = nullptr;
- const Privilege privilegeA("http://tizen.org/applicationDefinedPrivilege/app_defined_07a",
- "/opt/data/app_defined_07a/res/license");
- const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_07b",
- "/opt/data/app_defined_07b/res/license");
- const Privilege privilegeC("http://tizen.org/applicationDefinedPrivilege/app_defined_07c",
- "/opt/data/app_defined_07c/res/license");
- const Privilege privilegeCuntrusted(privilegeC.getName(), Privilege::UNTRUSTED);
- const std::string providerId = "app_def_07_provider";
- uid_t uid = 5001;
+ const Privilege providerLocalPrivilegeLicenseA(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/home/security_test_user/apps_rw/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+ const Privilege providerGlobalPrivilegeLicenseB(
+ "http://tizen.org/licensed/xyzsoftware/camera",
+ "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/xyzsoftware.der");
+ const Privilege privilegeBuntrusted(
+ providerGlobalPrivilegeLicenseB.getName(), Privilege::UNTRUSTED);
+
+ const std::string providerAppId = "app_def_provider_01";
+ uid_t uid = 5002;
- AppInstallHelper providerGlobal(providerId);
- AppInstallHelper providerLocal(providerId, uid);
- providerGlobal.addAppDefinedPrivilege(privilegeB);
- providerGlobal.addAppDefinedPrivilege(privilegeC);
- providerLocal.addAppDefinedPrivilege(privilegeA);
- providerLocal.addAppDefinedPrivilege(privilegeCuntrusted);
+ AppInstallHelper providerGlobal(providerAppId);
+ AppInstallHelper providerLocal(providerAppId, uid);
+ providerGlobal.addAppDefinedPrivilege(providerGlobalPrivilegeLicenseB);
+ providerLocal.addAppDefinedPrivilege(providerLocalPrivilegeLicenseA);
+ providerLocal.addAppDefinedPrivilege(privilegeBuntrusted);
ScopedInstaller req1(providerGlobal);
ScopedInstaller req2(providerLocal);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_app_defined_privilege_license(privilegeA, uid, nullptr);
+ result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid, nullptr);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
result = security_manager_get_app_defined_privilege_license("noExistingPrivilege", uid, &license);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_app_defined_privilege_license(privilegeC, uid, &license);
+ result = security_manager_get_app_defined_privilege_license(privilegeBuntrusted, uid, &license);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_app_defined_privilege_license(privilegeA, uid+1, &license);
+ result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid+1, &license);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_app_defined_privilege_license(privilegeB, uid, &license);
- RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider license failed");
- RUNNER_ASSERT(license && privilegeB.getLicense() == license);
- free(license);
- license = nullptr;
-
- result = security_manager_get_app_defined_privilege_license(privilegeA, uid, &license);
+ result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid, &license);
RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider license failed");
- RUNNER_ASSERT(license && privilegeA.getLicense() == license);
+ RUNNER_ASSERT(license && providerLocalPrivilegeLicenseA.getLicense() == license);
free(license);
license = nullptr;
req2.uninstallApp();
- result = security_manager_get_app_defined_privilege_license(privilegeC, uid, &license);
+ result = security_manager_get_app_defined_privilege_license(providerGlobalPrivilegeLicenseB, uid, &license);
RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider license failed");
- RUNNER_ASSERT(license && privilegeC.getLicense() == license);
+ RUNNER_ASSERT(license && providerGlobalPrivilegeLicenseB.getLicense() == license);
free(license);
license = nullptr;
}
{
int result;
char *license = nullptr;
-
- const Privilege privilegeA("http://tizen.org/applicationDefinedPrivilege/app_defined_08a",
- "/opt/data/app_defined_08a/res/license");
- const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_08b",
- "/opt/data/app_defined_08b/res/license");
- const Privilege privilegeC("http://tizen.org/applicationDefinedPrivilege/app_defined_08c",
- "/opt/data/app_defined_08c/res/license");
- const Privilege privilegeCunset(privilegeC.getName(), Privilege::UNTRUSTED);
-
- const std::string clientId = "app_def_08_client";
- uid_t uid = 5001;
-
- AppInstallHelper clientGlobal(clientId);
- AppInstallHelper clientLocal(clientId, uid);
- clientGlobal.addPrivilege(privilegeB);
- clientGlobal.addPrivilege(privilegeC);
- clientLocal.addPrivilege(privilegeA);
- clientLocal.addPrivilege(privilegeCunset);
+ const Privilege clientLocalPrivilegeLicenseA(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/home/security_test_user/apps_rw/app_def_client_01_pkg_id/cert/softwaremind.pem");
+ const Privilege clientGlobalPrivilegeLicenseB(
+ "http://tizen.org/licensed/xyzsoftware/camera",
+ "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
+ const Privilege privilegeBuntrusted(
+ clientGlobalPrivilegeLicenseB.getName(), Privilege::UNTRUSTED);
+
+ const std::string clientAppId = "app_def_client_01";
+ uid_t uid = 5002;
+
+ AppInstallHelper clientGlobal(clientAppId);
+ AppInstallHelper clientLocal(clientAppId, uid);
+ clientGlobal.addPrivilege(clientGlobalPrivilegeLicenseB);
+ clientLocal.addPrivilege(clientLocalPrivilegeLicenseA);
+ clientLocal.addPrivilege(privilegeBuntrusted);
ScopedInstaller req1(clientGlobal);
ScopedInstaller req2(clientLocal);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_client_privilege_license(privilegeA, nullptr,
+ result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA, nullptr,
uid, &license);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_client_privilege_license(privilegeA,
+ result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
clientLocal.getAppId().c_str(),
uid, nullptr);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_client_privilege_license(privilegeA, "noExistingApp",
+ result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA, "noExistingApp",
uid, &license);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_client_privilege_license(privilegeC,
+ result = security_manager_get_client_privilege_license(privilegeBuntrusted,
clientLocal.getAppId().c_str(),
uid, &license);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_client_privilege_license(privilegeA,
+ result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
clientLocal.getAppId().c_str(),
uid+1, &license);
RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
RUNNER_ASSERT(license == nullptr);
- result = security_manager_get_client_privilege_license(privilegeA,
+ result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
clientLocal.getAppId().c_str(),
uid, &license);
RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege license failed");
- RUNNER_ASSERT(license && privilegeA.getLicense() == license);
+ RUNNER_ASSERT(license && clientLocalPrivilegeLicenseA.getLicense() == license);
free(license);
license = nullptr;
req2.uninstallApp();
- result = security_manager_get_client_privilege_license(privilegeB,
+ result = security_manager_get_client_privilege_license(clientGlobalPrivilegeLicenseB,
clientGlobal.getAppId().c_str(),
uid, &license);
RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege license failed");
- RUNNER_ASSERT(license && privilegeB.getLicense() == license);
+ RUNNER_ASSERT(license && clientGlobalPrivilegeLicenseB.getLicense() == license);
free(license);
license = nullptr;
}
RUNNER_CHILD_TEST(app_defined_09_check_system_privileges)
{
- const std::string providerId = "app_def_09_provider";
+ const std::string providerAppId = "app_def_09_provider";
const Privilege privilege("http://tizen.org/privilege/internet", Privilege::UNTRUSTED);
InstallRequest requestInst;
- requestInst.setAppId(providerId);
- requestInst.setPkgId(providerId);
+ requestInst.setAppId(providerAppId);
+ requestInst.setPkgId(providerAppId);
requestInst.addAppDefinedPrivilege(privilege);
Api::install(requestInst, SECURITY_MANAGER_ERROR_INPUT_PARAM);
Api::uninstall(requestInst);
+}
+
+RUNNER_CHILD_TEST(app_defined_10_invalid_license)
+{
+ const Privilege providerPrivilegeLicense(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+ const Privilege clientPrivilegeLicense(
+ "http://tizen.org/licensed/abcsoftware/calendar",
+ "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
+ const std::string providerAppId = "app_def_provider_01";
+ const std::string clientAppId = "app_def_client_01";
+ const std::string ownerId = "5001";
+ const std::string session = "S0M33S3SSI0N";
+
+ AppInstallHelper provider(providerAppId);
+ AppInstallHelper client(clientAppId);
+ client.setHybrid();
+ std::string clientLabel = client.generateAppLabel();
+
+ provider.addAppDefinedPrivilege(providerPrivilegeLicense);
+ client.addPrivilege(clientPrivilegeLicense);
+
+ ScopedInstaller req1(provider);
+ ScopedInstaller req2(client);
+
+ CynaraTestClient::Client cynara;
+ cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
}
\ No newline at end of file
projects / platform / core / test / security-tests.git / blobdiff