Test for getting policies levels descriptions

Without plugins in Cynara - so only Allow and Deny

Change-Id: Iaf78ce6de77ba9c1e73d0a56ee6eac1385ee2f9c
Signed-off-by: Michal Eljasiewicz <m.eljasiewic@samsung.com>

diff --git a/tests/security-manager-tests/security_manager_tests.cpp b/tests/security-manager-tests/security_manager_tests.cpp
index 2da8689..8c98d9a 100644 (file)
--- a/tests/security-manager-tests/security_manager_tests.cpp
+++ b/tests/security-manager-tests/security_manager_tests.cpp
@@ -1772,6 +1772,81 @@ RUNNER_MULTIPROCESS_TEST(security_manager_15_privacy_manager_send_policy_update_
     }
 }
 
+RUNNER_MULTIPROCESS_TEST(security_manager_16_policy_levels_get)
+{
+    const std::string username("sm_test_16_user_cynara_policy");
+    CynaraTestAdmin::Admin admin;
+    int pipefd[2];
+    pid_t pid;
+    int result = 0;
+
+    struct message {
+        uid_t uid;
+        gid_t gid;
+    } msg;
+
+    RUNNER_ASSERT_MSG((pipe(pipefd) != -1),"pipe failed");
+
+    TemporaryTestUser user(username, GUM_USERTYPE_NORMAL, false);
+    user.create();
+
+    pid = fork();
+    RUNNER_ASSERT_MSG(pid >= 0, "fork failed");
+    if (pid != 0)//parent process
+    {
+        FdUniquePtr pipeptr(pipefd+1);
+        close(pipefd[0]);
+
+        //send info to child
+        msg.uid = user.getUid();
+        msg.gid = user.getGid();
+
+        ssize_t written = TEMP_FAILURE_RETRY(write(pipefd[1], &msg, sizeof(struct message)));
+        RUNNER_ASSERT_MSG((written == sizeof(struct message)),"write failed");
+
+        //wait for child
+        RUNNER_ASSERT_MSG(wait(&result) == pid, "wait failed");
+    }
+    if(pid == 0)
+    {
+        int ret;
+        char** levels;
+        std::string allow_policy, deny_policy;
+        size_t count;
+        FdUniquePtr pipeptr(pipefd);
+        close(pipefd[1]);
+
+        ssize_t fetched = TEMP_FAILURE_RETRY(read(pipefd[0], &msg, sizeof(struct message)));
+        RUNNER_ASSERT_MSG(fetched == sizeof(struct message), "read failed");
+
+        //become admin privacy manager manager
+        result = drop_root_privileges(msg.uid, msg.gid);
+        RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
+
+        // without plugins there should only be 2 policies - Allow and Deny
+        ret = security_manager_policy_levels_get(&levels, &count);
+
+        RUNNER_ASSERT_MSG((lib_retcode)ret == SECURITY_MANAGER_SUCCESS,
+                "Invlid return code: " << ret);
+
+        RUNNER_ASSERT_MSG(count == 2, "Invalid number of policy levels. Should be 2, instead there is: " << static_cast<int>(count));
+
+        deny_policy = std::string(levels[0]);
+        allow_policy = std::string(levels[count-1]);
+
+        // first should always be Deny
+        RUNNER_ASSERT_MSG(deny_policy.compare("Deny") == 0,
+                "Invalid first policy level. Should be Deny, instead there is: " << levels[0]);
+
+        // last should always be Allow
+        RUNNER_ASSERT_MSG(allow_policy.compare("Allow") == 0,
+                "Invalid last policy level. Should be Allow, instead there is: " << levels[count-1]);
+
+        security_manager_policy_levels_free(levels, count);
+        exit(0);
+    }
+}
+
 int main(int argc, char *argv[])
 {
     return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);