BuildRequires: pkgconfig(sqlite3)
BuildRequires: pkgconfig(libwebappenc)
BuildRequires: cynara-devel
+BuildRequires: libcynara-creds-dbus-devel
+BuildRequires: libcynara-creds-gdbus-devel
BuildRequires: pkgconfig(libtzplatform-config)
BuildRequires: boost-devel
BuildRequires: pkgconfig(vconf)
%post
id -u security_test_user 1>/dev/null 2>&1 || \
- useradd -r -g users -s /sbin/nologin -c "for tests only" security_test_user
+ gum-utils -o -a --username=security_test_user --usertype=normal
+
+# Reload dbus daemon to apply newly installed configuration
+systemctl reload dbus
echo "security-tests postinst done ..."
%{_prefix}/share/yaca-test
%postun
-id -u security_test_user 1>/dev/null 2>&1 && userdel security_test_user
+id -u security_test_user 1>/dev/null 2>&1 && gum-utils -o -d --uid=`id -u security_test_user`
return std::string(alias);
}
-// changes process label
-void change_label(const char* label)
-{
- int ret = smack_set_label_for_self(label);
- RUNNER_ASSERT_MSG(0 == ret, "Error in smack_set_label_for_self("<<label<<"). Error: " << ret);
-}
-
ScopedLabel::ScopedLabel(const char* label) : m_original_label(getLabel())
{
change_label(label);
std::string aliasWithLabel(const char *label, const char *alias);
-// changes process label
-void change_label(const char* label);
-
// changes process label upon construction and restores it upon destruction
class ScopedLabel
{
sqlite3
libgum
glib-2.0
+ cynara-creds-socket
+ cynara-creds-dbus
+ cynara-creds-gdbus
REQUIRED
)
${PROJECT_SOURCE_DIR}/src/common/synchronization_pipe.cpp
${PROJECT_SOURCE_DIR}/src/common/timeout.cpp
${PROJECT_SOURCE_DIR}/src/common/temp_test_user.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/cynara_helpers_creds.cpp
)
#system and local includes
namespace SecurityServer {
-AccessProvider::AccessProvider(const std::string &mySubject)
- : m_mySubject(mySubject)
+AccessProvider::AccessProvider(const std::string &myLabel)
+ : m_myLabel(myLabel)
{}
void AccessProvider::allowSS() {
- m_smackAccess.add(m_mySubject, "System::Run", "x");
+ m_smackAccess.add(m_myLabel, "System::Run", "x");
+}
+
+void AccessProvider::addSubjectRule(const std::string &subject, const std::string &rule) {
+ m_smackAccess.add(subject, m_myLabel, rule);
}
void AccessProvider::addObjectRule(const std::string &object, const std::string &rule) {
- m_smackAccess.add(m_mySubject, object, rule);
+ m_smackAccess.add(m_myLabel, object, rule);
}
void AccessProvider::apply() {
}
void AccessProvider::applyAndSwithToUser(int uid, int gid) {
- RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_mySubject.c_str()),
- "Error in smack_revoke_subject(" << m_mySubject << ")");
+ RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_myLabel.c_str()),
+ "Error in smack_revoke_subject(" << m_myLabel << ")");
apply();
- RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(m_mySubject.c_str()),
+ RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(m_myLabel.c_str()),
"Error in smack_set_label_for_self.");
RUNNER_ASSERT_MSG(0 == setgid(gid),
"Error in setgid.");
class AccessProvider {
public:
- AccessProvider(const std::string &mySubject);
+ AccessProvider(const std::string &myLabel);
AccessProvider(const AccessProvider &second) = delete;
AccessProvider& operator=(const AccessProvider &second) = delete;
+ void addSubjectRule(const std::string &subject, const std::string &rule);
void addObjectRule(const std::string &object, const std::string &rule);
void allowSS();
void apply();
virtual ~AccessProvider(){}
private:
- std::string m_mySubject;
+ std::string m_myLabel;;
SmackAccess m_smackAccess;
};
--- /dev/null
+/*
+ * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file cynara_helper_credentials.cpp
+ * @author Aleksander Zdyb <a.zdyb@samsung.com>
+ * @version 1.0
+ * @brief Helpers for cynara-helpers
+ */
+
+#include <dpl/test/test_runner.h>
+
+#include <cynara-creds-dbus.h>
+#include <cynara-creds-socket.h>
+#include <cynara-creds-gdbus.h>
+
+#include "cynara_helpers_creds.h"
+
+namespace CynaraHelperCredentials {
+
+char *socketGetClient(int sock, cynara_client_creds method, int expectedResult) {
+ char *buff = nullptr;
+ auto ret = cynara_creds_socket_get_client(sock, method, &buff);
+ RUNNER_ASSERT_MSG(ret == expectedResult,
+ "cynara_creds_socket_get_client failed, ret = " << ret
+ << "; expected = " << expectedResult);
+ return buff;
+}
+
+char *socketGetUser(int sock, cynara_user_creds method, int expectedResult) {
+ char *buff = nullptr;
+ auto ret = cynara_creds_socket_get_user(sock, method, &buff);
+ RUNNER_ASSERT_MSG(ret == expectedResult,
+ "cynara_creds_socket_get_user failed, ret = " << ret
+ << "; expected = " << expectedResult);
+ return buff;
+}
+
+pid_t socketGetPid(int sock, int expectedResult) {
+ pid_t pid = -1;
+ auto ret = cynara_creds_socket_get_pid(sock, &pid);
+ RUNNER_ASSERT_MSG(ret == expectedResult,
+ "cynara_creds_socket_get_pid failed, ret = " << ret << "; expected = "
+ << expectedResult);
+ return pid;
+}
+
+char *dbusGetClient(DBusConnectionPtr connection, const char *uniqueName,
+ cynara_client_creds method, int expectedResult) {
+ char *buff = nullptr;
+ auto ret = cynara_creds_dbus_get_client(connection.get(), uniqueName, method, &buff);
+ RUNNER_ASSERT_MSG(ret == expectedResult,
+ "cynara_creds_dbus_get_client failed, ret = " << ret
+ << "; expected = " << expectedResult);
+ return buff;
+}
+
+char *dbusGetUser(DBusConnectionPtr connection, const char *uniqueName, cynara_user_creds method,
+ int expectedResult) {
+ char *buff = nullptr;
+ auto ret = cynara_creds_dbus_get_user(connection.get(), uniqueName, method, &buff);
+ RUNNER_ASSERT_MSG(ret == expectedResult,
+ "cynara_creds_dbus_get_user failed, ret = " << ret
+ << "; expected = " << expectedResult);
+ return buff;
+}
+
+pid_t dbusGetPid(DBusConnectionPtr connection, const char *uniqueName, int expectedResult) {
+ pid_t pid = -1;
+ auto ret = cynara_creds_dbus_get_pid(connection.get(), uniqueName, &pid);
+ RUNNER_ASSERT_MSG(ret == expectedResult, "cynara_creds_dbus_get_pid failed, ret = " << ret
+ << "; expected = " << expectedResult);
+ return pid;
+}
+
+char *gdbusGetClient(GDBusConnectionPtr connection, const char *uniqueName,
+ cynara_client_creds method, int expectedResult) {
+ char *buff = nullptr;
+ auto ret = cynara_creds_gdbus_get_client(connection.get(), uniqueName, method, &buff);
+ RUNNER_ASSERT_MSG(ret == expectedResult,
+ "cynara_creds_gdbus_get_client failed, ret = " << ret
+ << "; expected = " << expectedResult);
+ return buff;
+}
+
+char *gdbusGetUser(GDBusConnectionPtr connection, const char *uniqueName, cynara_user_creds method,
+ int expectedResult) {
+ char *buff = nullptr;
+ auto ret = cynara_creds_gdbus_get_user(connection.get(), uniqueName, method, &buff);
+ RUNNER_ASSERT_MSG(ret == expectedResult,
+ "cynara_creds_gdbus_get_user failed, ret = " << ret
+ << "; expected = " << expectedResult);
+ return buff;
+}
+
+pid_t gdbusGetPid(GDBusConnectionPtr connection, const char *uniqueName) {
+ pid_t pid = -1;
+ auto ret = cynara_creds_gdbus_get_pid(connection.get(), uniqueName, &pid);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
+ "cynara_creds_gdbus_get_pid failed, ret = " << ret);
+ return pid;
+}
+
+} //namespace CynaraHelperCredentials
/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* limitations under the License.
*/
/**
- * @file cynara_test_helpers.h
+ * @file cynara_helper_credentials.h
* @author Aleksander Zdyb <a.zdyb@samsung.com>
* @version 1.0
* @brief Helpers for cynara-helpers
#ifndef CYNARA_TEST_HELPERS_H_
#define CYNARA_TEST_HELPERS_H_
+#include <string>
#include <sys/types.h>
#include <cynara-creds-commons.h>
#include <cynara-error.h>
+#include <cynara_helpers_dbus.h>
namespace CynaraHelperCredentials {
pid_t socketGetPid(int sock, int expectedResult = CYNARA_API_SUCCESS);
-} // namespace CynaraHelperCredentials
+DBusConnectionPtr createDBusConnection(const std::string &name);
+
+char *dbusGetClient(DBusConnectionPtr connection, const char *uniqueName,
+ cynara_client_creds method, int expectedResult = CYNARA_API_SUCCESS);
+
+
+char *dbusGetUser(DBusConnectionPtr connection, const char *uniqueName, cynara_user_creds method,
+ int expectedResult = CYNARA_API_SUCCESS);
+
+pid_t dbusGetPid(DBusConnectionPtr connection, const char *uniqueName,
+ int expectedResult = CYNARA_API_SUCCESS);
+char *gdbusGetClient(GDBusConnectionPtr connection, const char *uniqueName,
+ cynara_client_creds method, int expectedResult = CYNARA_API_SUCCESS);
+
+
+char *gdbusGetUser(GDBusConnectionPtr connection, const char *uniqueName, cynara_user_creds method,
+ int expectedResult = CYNARA_API_SUCCESS);
+
+pid_t gdbusGetPid(GDBusConnectionPtr connection, const char *uniqueName);
+
+} // namespace CynaraHelperCredentials
#endif // CYNARA_TEST_HELPERS_H_
--- /dev/null
+/*
+ * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file cynara_helpers_dbus.h
+ * @author Aleksander Zdyb <a.zdyb@samsung.com>
+ * @version 1.0
+ */
+#ifndef CYNARA_TEST_HELPERS_DBUS_H_
+#define CYNARA_TEST_HELPERS_DBUS_H_
+
+#include <dbus/dbus.h>
+#include <functional>
+#include <gio/gio.h>
+#include <memory>
+
+typedef std::function<void(DBusConnection *)> DBusConnectionCloseAndUnref;
+typedef std::function<void(GDBusConnection *)> GDBusConnectionCloseAndUnref;
+typedef std::unique_ptr<DBusConnection, DBusConnectionCloseAndUnref> DBusConnectionPtr;
+typedef std::unique_ptr<GDBusConnection, GDBusConnectionCloseAndUnref> GDBusConnectionPtr;
+
+
+#endif // CYNARA_TEST_HELPERS_DBUS_H_
+/*
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
#ifndef MEMORY_H
#define MEMORY_H
#include <sys/smack.h>
#include <dirent.h>
#include <glob.h>
+#include <glib.h>
#define DEFINE_SMARTPTR(func, type, name) \
struct deleter_##func { \
// Defining specializations of unique_ptr
DEFINE_SMARTPTR(free, char, CStringPtr);
+DEFINE_SMARTPTR(g_free, gchar, GStringPtr);
DEFINE_SMARTPTR(closePtr, int, FdUniquePtr);
DEFINE_SMARTPTR(smack_accesses_free, smack_accesses, SmackAccessesPtr);
DEFINE_SMARTPTR(closedir, DIR, DirPtr);
<busconfig>
<!-- Only root can own this service -->
<policy user="root">
- <allow own="tests.dbus.client"/>
- <allow own="test.method.caller"/>
- <allow own="test.method.server"/>
+ <allow own="tests.dbus.client"/>
+ <allow own="test.method.caller"/>
+ <allow own="test.method.server"/>
+ </policy>
+ <policy user="security_test_user">
+ <allow own="tests.dbus.cynara"/>
</policy>
</busconfig>
RUNNER_ASSERT_ERRNO_MSG(0 == rmdir(path.c_str()), "rmdir for <" << path << "> failed");
}
+
+// changes process label
+void change_label(const char* label)
+{
+ int ret = smack_set_label_for_self(label);
+ RUNNER_ASSERT_MSG(0 == ret, "Error in smack_set_label_for_self("<<label<<"). Error: " << ret);
+}
+
void creatSafe(const std::string &path, mode_t mode);
void symlinkSafe(const std::string &targetPath, const std::string &linkPath);
void removeDir(const std::string &path);
-
+void change_label(const char* label);
#define RUNNER_TEST_SMACK(Proc, ...) \
void Proc(std::tuple<__VA_ARGS__> &optionalArgsTuple); \
} \
void Proc##Multi(std::tuple<__VA_ARGS__> &optionalArgsTuple DPL_UNUSED)
-#endif
\ No newline at end of file
+#endif
cynara-agent
cynara-client
cynara-client-async
+ cynara-creds-dbus
+ cynara-creds-gdbus
+ cynara-creds-self
cynara-creds-socket
cynara-plugin
dbus-1
+ glib-2.0
)
#files to compile
${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_cynara_mask.cpp
${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_env.cpp
${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_file_operations.cpp
- ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_helpers.cpp
${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/plugins.cpp
${PROJECT_SOURCE_DIR}/src/cynara-tests/cynara-test.cpp
${PROJECT_SOURCE_DIR}/src/cynara-tests/test_cases.cpp
#linker directories
TARGET_LINK_LIBRARIES(${CYNARA_TARGET_TEST}
${CYNARA_TARGET_DEP_LIBRARIES}
- dpl-test-framework
tests-common
+ dpl-test-framework
+ gobject-2.0
+ gio-2.0
)
#place for output file
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
CheckData::CheckData(const std::string &major, const std::string &minor) :
m_client("client" + suffix(major, minor)),
m_session("session" + suffix(major, minor)),
- m_user("user" + suffix(major, minor)),
+ m_user("user" + suffix(major, std::string())),
m_privilege("privilege" + suffix(major, minor))
{
}
assertStatus(DISCONNECTED);
}
-Client::~Client() noexcept(false)
+Client::~Client()
{
- bool oops = std::uncaught_exception();
try {
RUNNER_DEFER_SCOPE(cynara_async_finish(m_cynara););
assertStatus(DISCONNECTED);
} catch (...) {
- if (!oops)
- throw;
RUNNER_ERROR_MSG("Error: more exceptions thrown while releasing CynaraTestAsync::Client.");
}
}
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
};
Client(const StatusFunction &userFunction = StatusFunction());
- ~Client() noexcept(false);
+ ~Client();
void assertStatus(enum SocketStatus expectedStatus);
void checkCache(const CheckData &checkData, int expectedResult);
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
namespace CynaraTestClientAsync {
-RequestMonitor::~RequestMonitor() noexcept(false)
+RequestMonitor::~RequestMonitor()
{
- bool oops = std::uncaught_exception();
try {
for (auto ent : m_requests)
{
- RUNNER_ERROR_MSG("There was no callback for request with:"
- << "id = " << ent.first << ","
- << "expectedResponse = " << ent.second.m_expectedResponse << ","
+ RUNNER_ERROR_MSG("There was no callback for request with: "
+ << "id = " << ent.first << ", "
+ << "expectedResponse = " << ent.second.m_expectedResponse << ", "
<< "expectedCause = " << ent.second.m_expectedCause << ".");
}
- RUNNER_ASSERT_MSG(m_requests.empty(),
- m_requests.size() << "requests does not receive callback.");
+ if (!m_requests.empty())
+ RUNNER_ERROR_MSG(m_requests.size() << " requests did not receive callback.");
} catch (...) {
- if (!oops)
- throw;
RUNNER_ERROR_MSG("Error: more exceptions thrown while releasing"
" CynaraTestAsync::RequestMonitor.");
}
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
class RequestMonitor
{
public:
- ~RequestMonitor() noexcept(false);
+ ~RequestMonitor();
void registerRequest(cynara_check_id id, const RequestEntity &request);
m_serviceManager.stopService();
}
-CynaraMask::~CynaraMask() noexcept(false)
+CynaraMask::~CynaraMask()
{
- bool oops = std::uncaught_exception();
try {
m_serviceManager.unmaskService();
m_serviceManager.startService();
} catch (...) {
- if (!oops)
- throw;
RUNNER_ERROR_MSG("Error: more exceptions thrown while releasing CynaraMask.");
}
}
{
public:
CynaraMask();
- ~CynaraMask() noexcept(false);
+ ~CynaraMask();
private:
ServiceManager m_serviceManager;
+++ /dev/null
-/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * @file cynara_test_helpers.cpp
- * @author Aleksander Zdyb <a.zdyb@samsung.com>
- * @version 1.0
- * @brief Helpers for cynara-helpers
- */
-
-#include <dpl/test/test_runner.h>
-
-#include <cynara-creds-socket.h>
-
-#include "cynara_test_helpers.h"
-
-namespace CynaraHelperCredentials {
-
-char *socketGetClient(int sock, cynara_client_creds method, int expectedResult) {
- char *buff;
- auto ret = cynara_creds_socket_get_client(sock, method, &buff);
- RUNNER_ASSERT_MSG(ret == expectedResult,
- "cynara_creds_socket_get_client failed, ret = " << ret
- << "; expected = " << expectedResult);
- return buff;
-}
-
-char *socketGetUser(int sock, cynara_user_creds method, int expectedResult) {
- char *buff;
- auto ret = cynara_creds_socket_get_user(sock, method, &buff);
- RUNNER_ASSERT_MSG(ret == expectedResult,
- "cynara_creds_socket_get_user failed, ret = " << ret
- << "; expected = " << expectedResult);
- return buff;
-}
-
-pid_t socketGetPid(int sock, int expectedResult) {
- pid_t pid;
- auto ret = cynara_creds_socket_get_pid(sock, &pid);
- RUNNER_ASSERT_MSG(ret == expectedResult,
- "cynara_creds_socket_get_pid failed, ret = " << ret << "; expected = "
- << expectedResult);
- return pid;
-}
-
-} //namespace CynaraHelperCredentials
-buckets;$1$$6ZlVs5lw2nZgVmiw0BdY21
-_;$1$$qRPK7m23GJusamGpoGLby/
+buckets;4f15a73541bf5a52e25ef4c2b990d224
+_;d41d8cd98f00b204e9800998ecf8427e
-buckets;$1$$UYHKvrIkGoSTO5hIgvCLg0
-_;$1$$qRPK7m23GJusamGpoGLby/
+buckets;c79674219909ebad81c33b580c70e31b
+_;d41d8cd98f00b204e9800998ecf8427e
-buckets;$1$$6ZlVs5lw2nZgVmiw0BdY21
-_;$1$$nssatAXP6yl4N8gjldhxf0
+buckets;4f15a73541bf5a52e25ef4c2b990d224
+_;4e1fa590dd3adf658786e376962bd124
loadServicePlugins(paths);
}
-void setAgentPolicy(int expectedResult = CYNARA_API_SUCCESS)
+void setAgentPolicy(const std::string &user, int expectedResult = CYNARA_API_SUCCESS)
{
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *wildcard = CYNARA_ADMIN_WILDCARD;
auto policyType = testAgentPolicies[0].type;
CynaraPoliciesContainer cp;
- cp.add(bucket, wildcard, wildcard, wildcard, policyType, extra);
+ cp.add(bucket, wildcard, user.c_str(), wildcard, policyType, extra);
Admin admin;
admin.setPolicies(cp, expectedResult);
void tcag01_set_agent_type_policy_without_plugin_func()
{
loadServicePlugins(DirectoryPaths());
- setAgentPolicy(CYNARA_API_INVALID_PARAM);
+ // user in setAgentPolicy can be empty here, it does not matter in this test
+ setAgentPolicy(std::string(), CYNARA_API_INVALID_PARAM);
}
void tcag02_set_agent_type_policy_with_plugin_loaded_func()
{
loadAgentPlugin();
- setAgentPolicy();
+ // user in setAgentPolicy can be empty here, it does not matter in this test
+ setAgentPolicy(std::string());
}
void tcag03_check_with_no_agent_func()
{
std::string testNo("03");
+ CheckData data(testNo);
cynara_check_id id;
RequestEntity callbackData = {RequestFunction(),
CYNARA_API_ACCESS_DENIED,
CYNARA_CALL_CAUSE_ANSWER};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Client client;
- client.createRequest({testNo}, id, callbackData);
+ client.createRequest(data, id, callbackData);
client.assertStatus(READWRITE);
//send requests
void tcag06_check_with_unregistered_agent_func()
{
std::string testNo("06");
+ CheckData data(testNo);
cynara_check_id id;
RequestEntity callbackData = {RequestFunction(),
CYNARA_API_ACCESS_DENIED,
CYNARA_CALL_CAUSE_ANSWER};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Agent agent;
Client client;
- client.createRequest({testNo}, id, callbackData);
+ client.createRequest(data, id, callbackData);
client.assertStatus(READWRITE);
//send requests
CYNARA_CALL_CAUSE_ANSWER};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Agent agent;
AgentRequest agentRequest;
CYNARA_CALL_CAUSE_FINISH};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Agent agent;
AgentRequest agentRequest;
CYNARA_CALL_CAUSE_ANSWER};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Agent agent;
AgentRequest agentRequest;
CYNARA_CALL_CAUSE_CANCEL};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Agent agent;
AgentRequest agentRequest;
CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
agentRequest.assertAction(data.m_client, data.m_user, data.m_privilege);
client.cancel(id);
- Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ auto testTimeLimit2 = std::chrono::seconds(8);
+ Timeout::callAndWait(testTimeLimit2, Timeout::ExpectMode::FINISHED,
restartCynaraServiceAndSockets, getAgentRequest,
std::ref(agent), std::ref(agentRequest), std::ref(client),
CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
CYNARA_CALL_CAUSE_CANCEL};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Agent agent;
AgentRequest agentRequest;
CYNARA_CALL_CAUSE_CANCEL};
loadAgentPlugin();
- setAgentPolicy();
+ // both data1 and data2 have the same user, so it does not matter which one will be used
+ setAgentPolicy(data1.m_user);
Agent agent;
AgentRequest agentRequest1, agentRequest2, agentRequest3;
{
const int numberOfRequests = 4;
std::string testNo("13");
+ CheckData policyData(testNo);
cynara_check_id ids[numberOfRequests];
RequestEntity callbackData = {RequestFunction(),
CYNARA_API_ACCESS_DENIED,
CYNARA_CALL_CAUSE_ANSWER};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(policyData.m_user);
Agent agent;
AgentRequest agentRequests[numberOfRequests];
CYNARA_CALL_CAUSE_FINISH};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Agent agent;
AgentRequest agentRequest;
auto testTimeLimit = std::chrono::seconds(5);
CYNARA_CALL_CAUSE_ANSWER};
loadAgentPlugin();
- setAgentPolicy();
+ setAgentPolicy(data.m_user);
Client client;
client.createRequest(data, id, callbackData);
client.assertStatus(READWRITE);
/*
- * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* @file test_cases_helpers.cpp
* @author Aleksander Zdyb <a.zdyb@samsung.com>
* @version 1.0
- * @brief Tests for cynara-helper-credentials-socket
+ * @brief Tests for cynara-helper-credentials-socket and cynara-helper-credentials-dbus
*/
#include <cstdlib>
#include <sys/types.h>
#include <sys/un.h>
#include <unistd.h>
+#include <utility>
+#include <dbus/dbus.h>
+#include <glib-object.h>
+#include <gio/gio.h>
+
+#include <tests_common.h>
#include <access_provider.h>
#include <dpl/test/test_runner.h>
#include <memory.h>
#include <tests_common.h>
#include <uds.h>
#include <passwd_access.h>
+#include <cynara_helpers_creds.h>
+#include <cynara_helpers_dbus.h>
-#include <cynara_test_helpers.h>
+#include <cynara-creds-gdbus.h>
+#include <cynara-creds-self.h>
class ProcessCredentials {
public:
return pid;
}
+cynara_client_creds getClientDefaultMethod() {
+ cynara_client_creds def;
+ int ret = cynara_creds_get_default_client_method(&def);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
+ "cynara_creds_get_default_client_method failed with " << ret);
+ return def;
+}
+
+cynara_user_creds getUserDefaultMethod() {
+ cynara_user_creds def;
+ int ret = cynara_creds_get_default_user_method(&def);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
+ "cynara_creds_get_default_user_method failed with " << ret);
+ return def;
+}
+
+
void udsServer(SynchronizationPipe &pipe, const struct sockaddr_un &sockaddr,
const struct ProcessCredentials &peerCredentials) {
SecurityServer::AccessProvider ap(peerCredentials.label());
RUNNER_TEST_GROUP_INIT(cynara_creds_socket)
-RUNNER_CHILD_TEST_SMACK(tccs01_socket_credentials_client_smack)
-{
- socketTestTemplate([] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
- CStringPtr label(CynaraHelperCredentials::socketGetClient(sock, CLIENT_METHOD_SMACK));
+void testSocketClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
+ socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
+ CStringPtr label(CynaraHelperCredentials::socketGetClient(sock, method));
RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
"Labels don't match ret = " << label.get()
<< "; expected = " << peerCredentials.label());
}, "tccs01");
}
-RUNNER_CHILD_TEST_SMACK(tccs02_socket_credentials_client_pid)
-{
- socketTestTemplate([] (int sock, pid_t pid, const ProcessCredentials &) {
- CStringPtr clientPidStr(CynaraHelperCredentials::socketGetClient(sock, CLIENT_METHOD_PID));
+void testSocketClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
+ socketTestTemplate([method] (int sock, pid_t pid, const ProcessCredentials &) {
+ CStringPtr clientPidStr(CynaraHelperCredentials::socketGetClient(sock, method));
pid_t clientPid = std::stoi(clientPidStr.get());
RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
<< "; expected = " << pid);
}, "tccs02");
}
-RUNNER_CHILD_TEST_SMACK(tccs03_socket_credentials_user_uid)
+RUNNER_MULTIPROCESS_TEST_SMACK(tccs01_socket_credentials_client_smack)
+{
+ testSocketClientSmack();
+}
+
+RUNNER_MULTIPROCESS_TEST(tccs02_socket_credentials_client_pid)
+{
+ testSocketClientPid();
+}
+
+RUNNER_MULTIPROCESS_TEST_SMACK(tccs03_socket_credentials_client_default)
{
- socketTestTemplate([] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
- CStringPtr uidStr(CynaraHelperCredentials::socketGetUser(sock, USER_METHOD_UID));
+ auto method = getClientDefaultMethod();
+ switch(method) {
+ case CLIENT_METHOD_SMACK:
+ testSocketClientSmack(CLIENT_METHOD_DEFAULT);
+ break;
+ case CLIENT_METHOD_PID:
+ testSocketClientPid(CLIENT_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
+ << method);
+ }
+}
+
+void testSocketUserUid(cynara_user_creds method = USER_METHOD_UID) {
+ socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
+ CStringPtr uidStr(CynaraHelperCredentials::socketGetUser(sock, method));
uid_t uid = std::stoul(uidStr.get());
RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
<< "; expected = "<< peerCredentials.uid());
- }, "tccs03");
+ }, "tccs04");
}
-RUNNER_CHILD_TEST_SMACK(tccs04_socket_credentials_user_gid)
-{
- socketTestTemplate([] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
- CStringPtr gidStr(CynaraHelperCredentials::socketGetUser(sock, USER_METHOD_GID));
+void testSocketUserGid(cynara_user_creds method = USER_METHOD_GID) {
+ socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
+ CStringPtr gidStr(CynaraHelperCredentials::socketGetUser(sock, method));
gid_t gid = std::stoul(gidStr.get());
RUNNER_ASSERT_MSG(peerCredentials.gid() == gid, "GIDs don't match ret = " << gid
<< "; expected = "<< peerCredentials.gid());
- }, "tccs04");
+ }, "tccs05");
+}
+
+RUNNER_MULTIPROCESS_TEST(tccs04_socket_credentials_user_uid)
+{
+ testSocketUserUid();
+}
+
+RUNNER_MULTIPROCESS_TEST(tccs05_socket_credentials_user_gid)
+{
+ testSocketUserGid();
}
-RUNNER_CHILD_TEST_SMACK(tccs05_cynara_creds_socket_pid)
+RUNNER_MULTIPROCESS_TEST(tccs06_socket_credentials_user_default)
{
- const auto sockaddr = UDSHelpers::makeAbstractAddress("helper_tccs05.socket");
+ auto method = getUserDefaultMethod();
+ switch(method) {
+ case USER_METHOD_UID:
+ testSocketUserUid(USER_METHOD_DEFAULT);
+ break;
+ case USER_METHOD_GID:
+ testSocketUserGid(USER_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
+ << method);
+ }
+}
+
+RUNNER_MULTIPROCESS_TEST(tccs07_socket_credentials_pid)
+{
+ socketTestTemplate([] (int sock, pid_t expectedPid, const ProcessCredentials &) {
+ pid_t peerPid(CynaraHelperCredentials::socketGetPid(sock));
+ RUNNER_ASSERT_MSG(peerPid == expectedPid, "Pids don't match ret = " << peerPid
+ << "; expected = "<< expectedPid);
+ }, "tccs05");
+}
+
+// TODO: Create utility namespace for DBus, maybe?
+DBusConnectionPtr createDBusConnection(const std::string &name) {
+ DBusError err;
+
+ dbus_error_init(&err);
+ DBusConnection *conn = dbus_bus_get_private(DBUS_BUS_SYSTEM, &err);
+ RUNNER_ASSERT_MSG(dbus_error_is_set(&err) != 1, "Error in dbus_bus_get: " << err.message);
+ dbus_connection_set_exit_on_disconnect(conn, FALSE);
+
+ DBusConnectionPtr ret(conn, [] (DBusConnection *conn) {
+ dbus_connection_close(conn);
+ dbus_connection_unref(conn);
+ });
+
+ if (name.empty() == false) {
+ dbus_bus_request_name(conn, name.c_str(), DBUS_NAME_FLAG_REPLACE_EXISTING , &err);
+ RUNNER_ASSERT_MSG(dbus_error_is_set(&err) != TRUE,
+ "Error in dbus_bus_request_name: " << err.message);
+ }
+
+ return ret;
+}
+
+void dbusServer(SynchronizationPipe &pipe, const std::string &requestedName,
+ const ProcessCredentials &peerCredentials) {
+ // for DBus connection, System must have access to our peer creds as well.
+ SecurityServer::AccessProvider systemAp("System");
+ systemAp.addObjectRule(peerCredentials.label(), "rwx");
+ systemAp.apply();
+
+ SecurityServer::AccessProvider ap(peerCredentials.label());
+ ap.addObjectRule("System", "w");
+ ap.addObjectRule("System::Run", "x");
+ ap.addObjectRule("System::Shared", "rwx"); // for GDB
+ ap.addSubjectRule("System::Privileged", "rwx"); // for piping
+ ap.addObjectRule("System::Privileged", "rwx"); // for GDB and piping
+ ap.addObjectRule("User", "r"); // for /usr/lib/debug access
+ ap.applyAndSwithToUser(peerCredentials.uid(), peerCredentials.gid());
+ pipe.claimChildEp();
+
+ auto conn = createDBusConnection(requestedName);
+ pipe.post();
+ pipe.wait();
+}
+
+typedef std::function<void(DBusConnectionPtr conn, pid_t pid,
+ const std::string &requestedName,
+ const ProcessCredentials &peerCredentials)> DBusAssertionFn;
+
+void dbusTestTemplate(DBusAssertionFn assertion, const std::string &/*scope*/) {
+ std::string requestedName = "tests.dbus.cynara";
const ProcessCredentials peerCredentials;
SynchronizationPipe pipe;
- pid_t expectedPid = runInChild(std::bind(udsServer, std::ref(pipe), std::cref(sockaddr),
- std::cref(peerCredentials)));
+ pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName),
+ std::cref(peerCredentials)));
pipe.claimParentEp();
pipe.wait();
- int sock = UDSHelpers::createClient(&sockaddr);
- SockUniquePtr sockPtr(&sock);
- pid_t helperPid = CynaraHelperCredentials::socketGetPid(sock);
- RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
- << "; expected = " << expectedPid);
+ auto conn = createDBusConnection("");
+ assertion(std::move(conn), pid, requestedName, peerCredentials);
+ pipe.post();
+}
+
+RUNNER_TEST_GROUP_INIT(cynara_creds_dbus)
+
+void testDbusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
+ dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t pid, const std::string &requestedName,
+ const ProcessCredentials &) {
+ CStringPtr clientPidStr(CynaraHelperCredentials::dbusGetClient(std::move(conn),
+ requestedName.c_str(), method, CYNARA_API_SUCCESS));
+ pid_t clientPid = std::stoi(clientPidStr.get());
+ RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
+ << "; expected = " << pid);
+ }, "tccd01");
+}
+
+void testDbusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
+ dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
+ const ProcessCredentials &peerCredentials) {
+ CStringPtr label(CynaraHelperCredentials::dbusGetClient(std::move(conn),
+ requestedName.c_str(), method, CYNARA_API_SUCCESS));
+ RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
+ "Labels don't match ret = " << label.get()
+ << "; expected = " << peerCredentials.label());
+ }, "tccd02");
+}
+
+RUNNER_MULTIPROCESS_TEST(tccd01_dbus_credentials_client_pid)
+{
+ testDbusClientPid();
+}
+
+RUNNER_MULTIPROCESS_TEST_SMACK(tccd02_dbus_credentials_client_smack)
+{
+ testDbusClientSmack();
+}
+
+RUNNER_MULTIPROCESS_TEST_SMACK(tccd03_dbus_credentials_client_default)
+{
+ auto method = getClientDefaultMethod();
+ switch(method) {
+ case CLIENT_METHOD_SMACK:
+ testDbusClientSmack(CLIENT_METHOD_DEFAULT);
+ break;
+ case CLIENT_METHOD_PID:
+ testDbusClientPid(CLIENT_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
+ << method);
+ }
+}
+
+void testDbusUserUid(cynara_user_creds method = USER_METHOD_UID) {
+ dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
+ const ProcessCredentials &peerCredentials) {
+ CStringPtr uidStr(CynaraHelperCredentials::dbusGetUser(std::move(conn),
+ requestedName.c_str(), method, CYNARA_API_SUCCESS));
+ uid_t uid = std::stoul(uidStr.get());
+ RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
+ << "; expected = "<< peerCredentials.uid());
+ }, "tccd04");
+}
+
+void testDbusUserGid(cynara_user_creds method = USER_METHOD_GID) {
+ // Acquiring gid from dbus connection is not yet implemented for cynara helpers
+ dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
+ const ProcessCredentials &) {
+ CStringPtr gidStr(CynaraHelperCredentials::dbusGetUser(std::move(conn),
+ requestedName.c_str(), method, CYNARA_API_METHOD_NOT_SUPPORTED));
+ }, "tccd04");
+}
+
+RUNNER_MULTIPROCESS_TEST(tccd04_dbus_credentials_user_uid)
+{
+ testDbusUserUid();
+}
+
+RUNNER_MULTIPROCESS_TEST(tccd05_dbus_credentials_user_gid)
+{
+ testDbusUserGid();
+}
+
+RUNNER_MULTIPROCESS_TEST(tccd06_dbus_credentials_user_default) {
+ auto method = getUserDefaultMethod();
+ switch(method) {
+ case USER_METHOD_UID:
+ testDbusUserUid(USER_METHOD_DEFAULT);
+ break;
+ case USER_METHOD_GID:
+ testDbusUserGid(USER_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
+ << method);
+ }
+}
+
+RUNNER_TEST_SMACK(tccd06_dbus_credentials_pid) {
+ dbusTestTemplate([] (DBusConnectionPtr conn, pid_t expectedPid,
+ const std::string &requestedName, const ProcessCredentials &) {
+ auto helperPid = CynaraHelperCredentials::dbusGetPid(std::move(conn),
+ requestedName.c_str(), CYNARA_API_SUCCESS);
+ RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
+ << "; expected = " << expectedPid);
+ }, "tccd06");
+}
+
+GDBusConnectionPtr createGDBusConnection() {
+ GDBusConnection *conn = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, NULL);
+
+ return GDBusConnectionPtr(conn, [] (GDBusConnection *conn) {
+ g_object_unref(G_OBJECT(conn));
+ });
+}
+
+
+typedef std::function<void(GDBusConnectionPtr conn, pid_t pid,
+ const std::string &requestedName,
+ const ProcessCredentials &peerCredentials)> GDBusAssertionFn;
+
+void gdbusTestTemplate(GDBusAssertionFn assertion, const std::string &/*scope*/) {
+ std::string requestedName = "tests.dbus.cynara";
+ const ProcessCredentials peerCredentials;
+
+ SynchronizationPipe pipe;
+ pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName),
+ std::cref(peerCredentials)));
+
+ pipe.claimParentEp();
+ pipe.wait();
+
+ auto conn = createGDBusConnection();
+ assertion(std::move(conn), pid, requestedName, peerCredentials);
+ pipe.post();
+}
+
+
+RUNNER_TEST_GROUP_INIT(cynara_creds_gdbus)
+
+void testGdbusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
+ gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t pid,
+ const std::string &requestedName,
+ const ProcessCredentials &) {
+ GStringPtr clientPidStr(CynaraHelperCredentials::gdbusGetClient(std::move(conn),
+ requestedName.c_str(), method));
+ pid_t clientPid = std::stoi(clientPidStr.get());
+ RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
+ << "; expected = " << pid);
+ }, "tccgd01");
+}
+
+void testGdbusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
+ gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
+ const std::string &requestedName,
+ const ProcessCredentials &peerCredentials) {
+ GStringPtr label(CynaraHelperCredentials::gdbusGetClient(std::move(conn),
+ requestedName.c_str(), method));
+ RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
+ "Labels don't match ret = " << label.get()
+ << "; expected = " << peerCredentials.label());
+ }, "tccgd02");
+}
+
+RUNNER_MULTIPROCESS_TEST(tccgd01_gdbus_credentials_client_pid)
+{
+ testGdbusClientPid();
+}
+
+RUNNER_MULTIPROCESS_TEST_SMACK(tccgd02_gdbus_credentials_client_smack)
+{
+ testGdbusClientSmack();
+}
+
+RUNNER_MULTIPROCESS_TEST_SMACK(tccgd03_gdbus_credentials_client_default)
+{
+ auto method = getClientDefaultMethod();
+ switch(method) {
+ case CLIENT_METHOD_SMACK:
+ testGdbusClientSmack(CLIENT_METHOD_DEFAULT);
+ break;
+ case CLIENT_METHOD_PID:
+ testGdbusClientPid(CLIENT_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
+ << method);
+ }
+}
+
+void testGdbusUserUid(cynara_user_creds method = USER_METHOD_UID) {
+ gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
+ const std::string &requestedName,
+ const ProcessCredentials &peerCredentials) {
+ GStringPtr uidStr(CynaraHelperCredentials::gdbusGetUser(std::move(conn),
+ requestedName.c_str(), method));
+ uid_t uid = std::stoul(uidStr.get());
+ RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
+ << "; expected = "<< peerCredentials.uid());
+ }, "tccgd04");
+}
+
+void testGdbusUserGid(cynara_user_creds method = USER_METHOD_GID) {
+ // Getting gid for gdbus connection is not yet implemented in cynara helpers
+ gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
+ const std::string &requestedName,
+ const ProcessCredentials &) {
+ GStringPtr gidStr(CynaraHelperCredentials::gdbusGetUser(std::move(conn),
+ requestedName.c_str(), method, CYNARA_API_METHOD_NOT_SUPPORTED));
+ }, "tccgd04");
+}
+
+RUNNER_MULTIPROCESS_TEST(tccgd04_gdbus_credentials_user_uid)
+{
+ testGdbusUserUid();
+}
+
+RUNNER_MULTIPROCESS_TEST(tccgd05_gdbus_credentials_user_gid)
+{
+ testGdbusUserGid();
+}
+
+RUNNER_MULTIPROCESS_TEST(tccgd06_gdbus_credentials_user_default) {
+ auto method = getUserDefaultMethod();
+ switch(method) {
+ case USER_METHOD_UID:
+ testGdbusUserUid(USER_METHOD_DEFAULT);
+ break;
+ case USER_METHOD_GID:
+ testGdbusUserGid(USER_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
+ << method);
+ }
+}
+
+RUNNER_MULTIPROCESS_TEST(tccgd06_gdbus_credentials_pid) {
+ gdbusTestTemplate([] (GDBusConnectionPtr conn, pid_t expectedPid,
+ const std::string &requestedName, const ProcessCredentials &) {
+ auto helperPid = CynaraHelperCredentials::gdbusGetPid(std::move(conn),
+ requestedName.c_str());
+ RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
+ << "; expected = " << expectedPid);
+ }, "tccgd06");
+}
+
+RUNNER_TEST_GROUP_INIT(cynara_creds_self)
+
+void testCredsClientSelf(cynara_client_creds method, const std::string &expected) {
+ char *client;
+ int ret = cynara_creds_self_get_client(method, &client);
+ CStringPtr clientPtr(client);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS, "cynara_creds_self_get_client failed with " << ret);
+ RUNNER_ASSERT_MSG(expected == client, "expected client doesn't match, expected: " << expected
+ << ", got : " << client);
+}
+
+void testCredsUserSelf(cynara_user_creds method, const std::string &expected) {
+ char *user;
+ int ret = cynara_creds_self_get_user(method, &user);
+ CStringPtr clientPtr(user);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS, "cynara_creds_self_get_user failed with " << ret);
+ RUNNER_ASSERT_MSG(expected == user, "expected user doesn't match, expected: " << expected
+ << ", got : " << user);
+}
+
+void testSelfClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
+ std::string label = "test-label";
+ change_label(label.c_str());
+ testCredsClientSelf(method, label);
+}
+
+void testSelfClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
+ pid_t pid = getpid();
+ testCredsClientSelf(method, std::to_string(pid));
+}
+
+void testSelfUserUid(cynara_user_creds method = USER_METHOD_UID) {
+ uid_t uid = getuid();
+ testCredsUserSelf(method, std::to_string(uid));
+}
+
+void testSelfUserGid(cynara_user_creds method = USER_METHOD_GID) {
+ gid_t gid = getgid();
+ testCredsUserSelf(method, std::to_string(gid));
+}
+
+RUNNER_CHILD_TEST_SMACK(tccsl01_self_credentials_client_smack) {
+ testSelfClientSmack();
+}
+
+RUNNER_CHILD_TEST_SMACK(tccsl02_self_credentials_client_pid) {
+ testSelfClientPid();
+}
+
+RUNNER_CHILD_TEST_SMACK(tccsl03_self_credentials_user_uid) {
+ testSelfUserUid();
+}
+
+RUNNER_CHILD_TEST_SMACK(tccsl04_self_credentials_user_gid) {
+ testSelfUserGid();
+}
+
+RUNNER_CHILD_TEST_SMACK(tccsl05_self_credentials_client_default) {
+ auto method = getClientDefaultMethod();
+ switch(method) {
+ case CLIENT_METHOD_SMACK:
+ testSelfClientSmack(CLIENT_METHOD_DEFAULT);
+ break;
+ case CLIENT_METHOD_PID:
+ testSelfClientPid(CLIENT_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value " << method);
+ }
+}
+
+RUNNER_CHILD_TEST_SMACK(tccsl06_self_credentials_user_default) {
+ auto method = getUserDefaultMethod();
+ switch(method) {
+ case USER_METHOD_UID:
+ testSelfUserUid(USER_METHOD_DEFAULT);
+ break;
+ case USER_METHOD_GID:
+ testSelfUserGid(USER_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value " << method);
+ }
}
__FILE__, \
__LINE__, \
assertMsg.str()); \
- if (!std::uncaught_exception()) \
- throw e; \
- DPL::Test::TestRunnerSingleton::Instance().addFailReason(e.GetMessage()); \
+ throw e; \
} \
} while (0)
__FILE__, \
__LINE__, \
assertMsg.str()); \
- if (!std::uncaught_exception()) \
- throw e; \
- DPL::Test::TestRunnerSingleton::Instance().addFailReason(e.GetMessage()); \
+ throw e; \
} \
} while (0)
if (m_deferDeepness > 0)
return;
- bool oops = std::uncaught_exception();
- size_t additionalExceptions = oops ? 0 : 1;
- for (size_t i = additionalExceptions; i < m_deferredExceptionsMessages.size(); ++i)
+ for (size_t i = 0; i < m_deferredExceptionsMessages.size(); ++i) {
addFailReason(m_deferredExceptionsMessages[i]);
+ }
- if (!oops && !m_deferredExceptionsMessages.empty())
+ if (!m_deferredExceptionsMessages.empty())
{
m_deferredExceptionsMessages.clear();
switch (m_firstDeferredExceptionType) {
projects / platform / core / test / security-tests.git / commitdiff