Add parameters to security-manager tests functions.

This commit pre-reorganizes tests. It prepares security-manager tests
to implement database records checks in next step.

Change-Id: I4687a71f12117c8b5c02e90cb71851ec95aacf16
Signed-off-by: Marcin Lis <m.lis@samsung.com>

diff --git a/tests/security-manager-tests/security_manager_tests.cpp b/tests/security-manager-tests/security_manager_tests.cpp
index 6a83e3a..1c677ba 100644 (file)
--- a/tests/security-manager-tests/security_manager_tests.cpp
+++ b/tests/security-manager-tests/security_manager_tests.cpp
@@ -13,6 +13,7 @@
 #include <tests_common.h>
 
 #include <security-manager.h>
+#include <sm_db.h>
 
 DEFINE_SMARTPTR(security_manager_app_inst_req_free, app_inst_req, AppInstReqUniquePtr);
 
@@ -22,8 +23,16 @@ static const char *const SM_PKG_ID1 = "sm_test_pkg_id_double";
 static const char *const SM_APP_ID2 = "sm_test_app_id_full";
 static const char *const SM_PKG_ID2 = "sm_test_pkg_id_full";
 
-static const char *const SM_ALLOWED_PERMISSION1 = "security_manager_test_rules2_r";
-static const char *const SM_ALLOWED_PERMISSION2 = "security_manager_test_rules2_no_r";
+static const privileges_t SM_ALLOWED_PRIVILEGES = {
+    "security_manager_test_rules2_r",
+    "security_manager_test_rules2_no_r"
+};
+
+static const privileges_t SM_DENIED_PRIVILEGES  = {
+    "security_manager_test_rules1",
+    "security_manager_test_rules2"
+};
+
 static const char *const XATTR_NAME_TIZENEXEC =  XATTR_SECURITY_PREFIX "TIZEN_EXEC_LABEL";
 
 static const rules_t SM_ALLOWED_RULES = {
@@ -61,9 +70,6 @@ static const rules_t SM_DENIED_RULES = {
     { "test_sm_subject_7", USER_APP_ID, "rwx" }
 };
 
-static const char *const SM_DENIED_PERMISSION1 = "security_manager_test_rules1";
-static const char *const SM_DENIED_PERMISSION2 = "security_manager_test_rules2";
-
 static const char *const SM_PRIVATE_PATH = "/etc/smack/test_DIR/app_dir";
 static const char *const SM_PUBLIC_PATH = "/etc/smack/test_DIR/app_dir_public";
 static const char *const SM_PUBLIC_RO_PATH = "/etc/smack/test_DIR/app_dir_public_ro";
@@ -175,9 +181,6 @@ static int nftw_check_sm_labels_app_floor_dir(const char *fpath, const struct st
     return nftw_check_sm_labels_app_dir(fpath, sb, "_", false, false);
 }
 
-
-RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
-
 static app_inst_req* do_app_inst_req_new()
 {
     int result;
@@ -190,44 +193,6 @@ static app_inst_req* do_app_inst_req_new()
     return req;
 }
 
-RUNNER_TEST(security_manager_01_app_double_install_double_uninstall)
-{
-    int result;
-    AppInstReqUniquePtr request;
-
-    request.reset(do_app_inst_req_new());
-
-    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
-    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "setting app id failed. Result: " << result);
-
-    result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID1);
-    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "setting pkg id failed. Result: " << result);
-
-    result = security_manager_app_install(request.get());
-    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "installing app failed. Result: " << result);
-
-    result = security_manager_app_install(request.get());
-    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "installing already installed app failed. Result: " << result);
-
-    request.reset(do_app_inst_req_new());
-
-    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
-    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "setting app id failed. Result: " << result);
-
-    result = security_manager_app_uninstall(request.get());
-    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "uninstalling app failed. Result: " << result);
-
-    result = security_manager_app_uninstall(request.get());
-    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
-            "uninstalling already uninstalled app failed. Result: " << result);
-}
-
 static void prepare_app_path()
 {
     int result;
@@ -245,6 +210,12 @@ static void prepare_app_path()
     RUNNER_ASSERT_MSG_BT(result == 0, "Unable to set Smack labels in " << SM_DENIED_PATH);
 }
 
+static void prepare_app_env()
+{
+    prepare_app_path();
+}
+
+/* TODO: add parameters to this function */
 static void check_app_path_after_install()
 {
     int result;
@@ -262,30 +233,77 @@ static void check_app_path_after_install()
     RUNNER_ASSERT_MSG_BT(result == 0, "Unable to check Smack labels for " << SM_DENIED_PATH);
 }
 
-static void check_app_permission_after_install()
+static void check_app_permissions(const char *const app_id, const char *const pkg_id,
+                                  const privileges_t &allowed_privs, const privileges_t &denied_privs,
+                                  const rules_t &allowed_rules, const rules_t &denied_rules)
 {
     bool result;
 
-    result = check_all_accesses(smack_check(), SM_ALLOWED_RULES);
+    result = check_all_accesses(smack_check(), allowed_rules);
     RUNNER_ASSERT_MSG_BT(result, "Permissions not added.");
-    result = check_no_accesses(smack_check(), SM_DENIED_RULES);
+    result = check_no_accesses(smack_check(), denied_rules);
     RUNNER_ASSERT_MSG_BT(result, "Permissions added.");
 
-    check_perm_app_has_permission(USER_APP_ID, SM_ALLOWED_PERMISSION1, true);
-    check_perm_app_has_permission(USER_APP_ID, SM_ALLOWED_PERMISSION2, true);
-    check_perm_app_has_permission(USER_APP_ID, SM_DENIED_PERMISSION1, false);
-    check_perm_app_has_permission(USER_APP_ID, SM_DENIED_PERMISSION2, false);
+    /* TODO: USER_APP_ID is hardcoded in the following checks, because libprivilege always generate
+     *       label "User" for all installed apps. Adjust it when libprivilege is upgraded. */
+    (void)app_id; // unused parameter
+    (void)pkg_id; // unused parameter
+
+    for (auto it = allowed_privs.begin(); it != allowed_privs.end(); ++it)
+        check_perm_app_has_permission(USER_APP_ID, (*it).c_str(), true);
+
+    for (auto it = denied_privs.begin(); it != denied_privs.end(); ++it)
+        check_perm_app_has_permission(USER_APP_ID, (*it).c_str(), false);
 }
 
-static void prepare_app_env()
+static void check_app_after_install(const char *const app_id, const char *const pkg_id,
+                                    const privileges_t &allowed_privs, const privileges_t &denied_privs,
+                                    const rules_t &allowed_rules, const rules_t &denied_rules)
 {
-    prepare_app_path();
+    check_app_permissions(app_id, pkg_id,
+                          allowed_privs, denied_privs,
+                          allowed_rules, denied_rules);
 }
 
-static void check_app_env_after_install()
+RUNNER_TEST_GROUP_INIT(SECURITY_MANAGER)
+
+
+RUNNER_TEST(security_manager_01_app_double_install_double_uninstall)
 {
-    check_app_path_after_install();
-    check_app_permission_after_install();
+    int result;
+    AppInstReqUniquePtr request;
+
+    request.reset(do_app_inst_req_new());
+
+    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting app id failed. Result: " << result);
+
+    result = security_manager_app_inst_req_set_pkg_id(request.get(), SM_PKG_ID1);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting pkg id failed. Result: " << result);
+
+    result = security_manager_app_install(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "installing app failed. Result: " << result);
+
+    result = security_manager_app_install(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "installing already installed app failed. Result: " << result);
+
+    request.reset(do_app_inst_req_new());
+
+    result = security_manager_app_inst_req_set_app_id(request.get(), SM_APP_ID1);
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "setting app id failed. Result: " << result);
+
+    result = security_manager_app_uninstall(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "uninstalling app failed. Result: " << result);
+
+    result = security_manager_app_uninstall(request.get());
+    RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
+            "uninstalling already uninstalled app failed. Result: " << result);
 }
 
 RUNNER_TEST(security_manager_02_app_install_uninstall_full)
@@ -305,10 +323,10 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full)
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting pkg id failed. Result: " << result);
 
-    result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PERMISSION1);
+    result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PRIVILEGES[0].c_str());
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting allowed permission failed. Result: " << result);
-    result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PERMISSION2);
+    result = security_manager_app_inst_req_add_privilege(request.get(), SM_ALLOWED_PRIVILEGES[1].c_str());
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "setting allowed permission failed. Result: " << result);
 
@@ -331,7 +349,12 @@ RUNNER_TEST(security_manager_02_app_install_uninstall_full)
     RUNNER_ASSERT_MSG_BT((lib_retcode)result == SECURITY_MANAGER_SUCCESS,
             "installing app failed. Result: " << result);
 
-    check_app_env_after_install();
+    check_app_after_install(SM_APP_ID2, SM_PKG_ID2,
+                            SM_ALLOWED_PRIVILEGES, SM_DENIED_PRIVILEGES,
+                            SM_ALLOWED_RULES, SM_DENIED_RULES);
+
+    /* TODO: add parameters to this function */
+    check_app_path_after_install();
 
     request.reset(do_app_inst_req_new());