}
}
+RUNNER_CHILD_TEST(security_manager_17_privacy_manager_fetch_whole_policy_for_self_filtered)
+{
+ const std::string username("sm_test_17_user_name");
+
+ struct message {
+ uid_t uid;
+ gid_t gid;
+ unsigned int privileges_count;
+ } msg;
+
+ int pipefd[2];
+ pid_t pid;
+ int result = 0;
+
+ RUNNER_ASSERT_MSG((pipe(pipefd) != -1),"pipe failed");
+
+ pid = fork();
+ RUNNER_ASSERT_MSG(pid >= 0, "fork failed");
+ if (pid != 0)//parent process
+ {
+ FdUniquePtr pipeptr(pipefd+1);
+ close(pipefd[0]);
+
+ TemporaryTestUser user(username, static_cast<GumUserType>(GUM_USERTYPE_NORMAL), false);
+ user.create();
+
+ unsigned int privileges_count = 0;
+
+ register_current_process_as_privilege_manager(user.getUid(), false);
+ //the above call, registers 1 new privilege for the given user, hence the incrementation of below variable
+ ++privileges_count;
+
+ for(unsigned int i = 0; i < MANY_APPS.size(); ++i) {
+ InstallRequest requestInst;
+ requestInst.setAppId(MANY_APPS[i].c_str());
+ requestInst.setPkgId(MANY_APPS_PKGS.at(MANY_APPS[i]).c_str());
+ requestInst.setUid(user.getUid());
+
+ for (auto &priv : MANY_APPS_PRIVILEGES.at(i)) {
+ requestInst.addPrivilege(priv.c_str());
+ };
+
+ Api::install(requestInst);
+ privileges_count += MANY_APPS_PRIVILEGES.at(i).size();
+ };
+
+ //send info to child
+ msg.uid = user.getUid();
+ msg.gid = user.getGid();
+ msg.privileges_count = privileges_count;
+
+ ssize_t written = TEMP_FAILURE_RETRY(write(pipefd[1], &msg, sizeof(struct message)));
+ RUNNER_ASSERT_MSG((written == sizeof(struct message)),"write failed");
+
+ //wait for child
+ RUNNER_ASSERT_MSG(wait(&result) == pid, "wait failed");
+ }
+ if(pid == 0)
+ {
+ FdUniquePtr pipeptr(pipefd);
+ close(pipefd[1]);
+
+ ssize_t fetched = TEMP_FAILURE_RETRY(read(pipefd[0], &msg, sizeof(struct message)));
+ RUNNER_ASSERT_MSG(fetched == sizeof(struct message), "read failed");
+
+ //become admin privacy manager manager
+ Api::setProcessLabel(PRIVILEGE_MANAGER_APP.c_str());
+ result = drop_root_privileges(msg.uid, msg.gid);
+ RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
+
+ // filter by privilege
+ std::vector<PolicyEntry> policyEntries;
+ PolicyEntry filter(SECURITY_MANAGER_ANY, SECURITY_MANAGER_ANY, "http://tizen.org/privilege/internet");
+ Api::getPolicy(filter, policyEntries);
+
+ RUNNER_ASSERT_MSG(policyEntries.size() != 0, "Policy is empty");
+ RUNNER_ASSERT_MSG(policyEntries.size() == 2, "Number of policies doesn't match - should be: 2 and is " << policyEntries.size());
+
+ // filter by other privilege
+ policyEntries.clear();
+ PolicyEntry filter2(SECURITY_MANAGER_ANY, SECURITY_MANAGER_ANY, "http://tizen.org/privilege/email");
+ Api::getPolicy(filter2, policyEntries);
+
+ RUNNER_ASSERT_MSG(policyEntries.size() != 0, "Policy is empty");
+ RUNNER_ASSERT_MSG(policyEntries.size() == 3, "Number of policies doesn't match - should be: 3 and is " << policyEntries.size());
+
+ // filter by appId
+ policyEntries.clear();
+ PolicyEntry filter3(MANY_APPS[4].c_str(), SECURITY_MANAGER_ANY, SECURITY_MANAGER_ANY);
+ Api::getPolicy(filter3, policyEntries);
+
+ RUNNER_ASSERT_MSG(policyEntries.size() != 0, "Policy is empty");
+ RUNNER_ASSERT_MSG(policyEntries.size() == 4, "Number of policies doesn't match - should be: 4 and is " << policyEntries.size());
+ }
+}
+
int main(int argc, char *argv[])
{
return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / commitdiff