SM: Change process label generation

author Zofia Abramowska <z.abramowska@samsung.com>

Thu, 8 Sep 2016 17:57:46 +0000 (19:57 +0200)

committer Zofia Abramowska <z.abramowska@samsung.com>

Tue, 4 Oct 2016 13:31:08 +0000 (15:31 +0200)
author Zofia Abramowska <z.abramowska@samsung.com>
Thu, 8 Sep 2016 17:57:46 +0000 (19:57 +0200)
committer Zofia Abramowska <z.abramowska@samsung.com>
Tue, 4 Oct 2016 13:31:08 +0000 (15:31 +0200)
diff --git a/src/security-manager-tests/common/sm_commons.cpp b/src/security-manager-tests/common/sm_commons.cpp

index dd027f5..0598cc7 100644 (file)
--- a/src/security-manager-tests/common/sm_commons.cpp
+++ b/src/security-manager-tests/common/sm_commons.cpp
@@ -70,9 +70,11 @@ const std::string uidToStr(const uid_t uid)
  
  std::string generateProcessLabel(const std::string &appId, const std::string &pkgId, bool isHybrid)
  {
-    (void) pkgId;
-    (void) isHybrid;
-    return "User::App::" + appId;
+    std::string label = "User::Pkg::" + pkgId;
+    if (isHybrid) {
+        label += "::App::" + appId;
+    }
+    return label;
  }
  
  std::string generatePathRWLabel(const std::string &pkgId)
diff --git a/src/security-manager-tests/common/sm_request.cpp b/src/security-manager-tests/common/sm_request.cpp

index c20dbb6..9f9f382 100644 (file)
--- a/src/security-manager-tests/common/sm_request.cpp
+++ b/src/security-manager-tests/common/sm_request.cpp
@@ -140,6 +140,15 @@ void InstallRequest::setInstallType(const enum app_install_type &type, lib_retco
                            << " Expected result: " << expectedResult);
  }
  
+void InstallRequest::setHybrid(lib_retcode expectedResult)
+{
+    int result = security_manager_app_inst_req_set_hybrid(m_req);
+    RUNNER_ASSERT_MSG((lib_retcode)result == expectedResult,
+                       "setting security_manager_app_inst_req_set_hybrid returned wrong value."
+                       << " Result: " << result << ";"
+                       << " Expected result: " << expectedResult);
+}
+
  std::ostream& operator<<(std::ostream &os, const InstallRequest &request)
  {
      if (!request.m_appId.empty())
diff --git a/src/security-manager-tests/common/sm_request.h b/src/security-manager-tests/common/sm_request.h

index a6af195..a11ba1d 100644 (file)
--- a/src/security-manager-tests/common/sm_request.h
+++ b/src/security-manager-tests/common/sm_request.h
@@ -64,7 +64,7 @@ public:
      void setUid(const uid_t uid, lib_retcode expectedresult = SECURITY_MANAGER_SUCCESS);
      void setAuthorId(std::string authorId, lib_retcode expectedResult= SECURITY_MANAGER_SUCCESS);
      void setInstallType(const enum app_install_type &type, lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
-
+    void setHybrid(lib_retcode expectedResult = SECURITY_MANAGER_SUCCESS);
      std::string getAppTizenVersion() const { return m_tizenVer; }
      app_inst_req *get() { return m_req; }
      const app_inst_req *get() const { return m_req; }
diff --git a/src/security-manager-tests/test_cases_privacy_manager.cpp b/src/security-manager-tests/test_cases_privacy_manager.cpp

index a09d294..0c1d494 100644 (file)
--- a/src/security-manager-tests/test_cases_privacy_manager.cpp
+++ b/src/security-manager-tests/test_cases_privacy_manager.cpp
@@ -24,6 +24,7 @@
  #include <utility>
  #include <vector>
  
+#include <app_install_helper.h>
  #include <cynara_test_admin.h>
  #include <dpl/test/test_runner.h>
  #include <memory.h>
@@ -732,7 +733,7 @@ RUNNER_CHILD_TEST(security_manager_14_privacy_manager_fetch_and_update_policy_fo
  
  RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_admin)
  {
-    const char *const update_app_id = "security_manager_15_update_app_id";
+    AppInstallHelper app("security_manager_15_update");
      const char *const update_privilege = "http://tizen.org/privilege/led";
      const char *const check_start_bucket = "ADMIN";
      const std::string username("sm_test_15_username");
@@ -754,6 +755,12 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_adm
      TemporaryTestUser user(username, GUM_USERTYPE_ADMIN, false);
      user.create();
  
+    app.createInstallDir();
+    InstallRequest inst;
+    inst.setAppId(app.getAppId());
+    inst.setPkgId(app.getPkgId());
+    Api::install(inst);
+
      pid = fork();
      RUNNER_ASSERT_MSG(pid >= 0, "fork failed");
      if (pid != 0)//parent process
@@ -772,7 +779,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_adm
  
          waitPid(pid);
  
-        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_app_id, "").c_str(),
+        admin.adminCheck(check_start_bucket, false, app.generateAppLabel().c_str(),
                  std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
      }
      if(pid == 0)
@@ -788,8 +795,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_adm
          result = drop_root_privileges(msg.uid, msg.gid);
          RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
  
-        // FIXME - Application has to be installed for it to have policy set in SM
-        PolicyEntry entry(update_app_id, std::to_string(static_cast<int>(msg.uid)), update_privilege);
+        PolicyEntry entry(app.getAppId(), std::to_string(static_cast<int>(msg.uid)), update_privilege);
          entry.setMaxLevel("Allow");
  
          addPolicyRequest.addEntry(entry);
@@ -801,6 +807,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_adm
  RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_admin_wildcard)
  {
      const char *const update_other_app_id = "security_manager_15_update_other_app_id";
+    const char *const update_other_pkg_id = "security_manager_15_update_other_pkg_id";
      const char *const update_privilege = "http://tizen.org/privilege/led";
      const char *const check_start_bucket = "ADMIN";
      const std::string username("sm_test_15_username");
@@ -840,7 +847,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_adm
  
          waitPid(pid);
  
-        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_other_app_id, "").c_str(),
+        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_other_app_id, update_other_pkg_id).c_str(),
                  std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
      }
      if(pid == 0)
@@ -868,7 +875,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_adm
  
  RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_self)
  {
-    const char *const update_app_id = "security_manager_15_update_app_id";
+    AppInstallHelper app("security_manager_15_update");
      const char *const update_privilege = "http://tizen.org/privilege/led";
      const char *const check_start_bucket = "";
      const std::string username("sm_test_15_username");
@@ -890,6 +897,12 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_sel
      TemporaryTestUser user(username, GUM_USERTYPE_NORMAL, false);
      user.create();
  
+    app.createInstallDir();
+    InstallRequest inst;
+    inst.setAppId(app.getAppId());
+    inst.setPkgId(app.getPkgId());
+    Api::install(inst);
+
      pid = fork();
      RUNNER_ASSERT_MSG(pid >= 0, "fork failed");
      if (pid != 0)//parent process
@@ -908,7 +921,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_sel
  
          waitPid(pid);
  
-        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_app_id, "").c_str(),
+        admin.adminCheck(check_start_bucket, false, app.generateAppLabel().c_str(),
                  std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
      }
      if(pid == 0)
@@ -924,8 +937,7 @@ RUNNER_CHILD_TEST(security_manager_15_privacy_manager_send_policy_update_for_sel
          result = drop_root_privileges(msg.uid, msg.gid);
          RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
  
-        // FIXME - Application has to be installed for it to have policy set in SM
-        PolicyEntry entry(update_app_id, std::to_string(static_cast<int>(msg.uid)), update_privilege);
+        PolicyEntry entry(app.getAppId(), std::to_string(static_cast<int>(msg.uid)), update_privilege);
          entry.setLevel("Allow");
  
          addPolicyRequest.addEntry(entry);
@@ -1010,7 +1022,7 @@ RUNNER_CHILD_TEST(security_manager_16_policy_levels_get)
  
  RUNNER_CHILD_TEST(security_manager_17_privacy_manager_delete_policy_for_self)
  {
-    const char *const update_app_id = "security_manager_17_update_app_id";
+    AppInstallHelper app("security_manager_17_update");
      const char *const update_privilege = "http://tizen.org/privilege/led";
      const char *const check_start_bucket = "";
      const std::string username("sm_test_17_username");
@@ -1034,6 +1046,12 @@ RUNNER_CHILD_TEST(security_manager_17_privacy_manager_delete_policy_for_self)
      TemporaryTestUser user(username, GUM_USERTYPE_NORMAL, false);
      user.create();
  
+    app.createInstallDir();
+    InstallRequest inst;
+    inst.setAppId(app.getAppId());
+    inst.setPkgId(app.getPkgId());
+    Api::install(inst);
+
      pid[0] = fork();
      RUNNER_ASSERT_MSG(pid[0] >= 0, "fork failed");
      if (pid[0] != 0)//parent process
@@ -1052,7 +1070,7 @@ RUNNER_CHILD_TEST(security_manager_17_privacy_manager_delete_policy_for_self)
  
          waitPid(pid[0]);
  
-        admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_app_id, "").c_str(),
+        admin.adminCheck(check_start_bucket, false, app.generateAppLabel().c_str(),
                  std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_ALLOW, nullptr);
  
          pid[1] = fork();
@@ -1070,7 +1088,7 @@ RUNNER_CHILD_TEST(security_manager_17_privacy_manager_delete_policy_for_self)
  
              waitPid(pid[1]);
  
-            admin.adminCheck(check_start_bucket, false, generateProcessLabel(update_app_id, "").c_str(),
+            admin.adminCheck(check_start_bucket, false, app.generateAppLabel().c_str(),
                      std::to_string(static_cast<int>(msg.uid)).c_str(), update_privilege, CYNARA_ADMIN_DENY, nullptr);
          }
          if(pid[1] == 0)
@@ -1086,8 +1104,7 @@ RUNNER_CHILD_TEST(security_manager_17_privacy_manager_delete_policy_for_self)
  
              // delete this entry
              PolicyRequest deletePolicyRequest;
-            // FIXME - Application has to be installed for it to have policy set in SM
-            PolicyEntry deleteEntry(update_app_id, std::to_string(static_cast<int>(msg.uid)), update_privilege);
+            PolicyEntry deleteEntry(app.getAppId(), std::to_string(static_cast<int>(msg.uid)), update_privilege);
              deleteEntry.setLevel(SECURITY_MANAGER_DELETE);
  
              deletePolicyRequest.addEntry(deleteEntry);
@@ -1108,8 +1125,7 @@ RUNNER_CHILD_TEST(security_manager_17_privacy_manager_delete_policy_for_self)
          result = drop_root_privileges(msg.uid, msg.gid);
          RUNNER_ASSERT_MSG(result == 0, "drop_root_privileges failed");
  
-        // FIXME - Application has to be installed for it to have policy set in SM
-        PolicyEntry entry(update_app_id, std::to_string(static_cast<int>(msg.uid)), update_privilege);
+        PolicyEntry entry(app.getAppId(), std::to_string(static_cast<int>(msg.uid)), update_privilege);
          entry.setLevel("Allow");
  
          addPolicyRequest.addEntry(entry);
diff --git a/src/security-manager-tests/test_cases_trusted_sharing.cpp b/src/security-manager-tests/test_cases_trusted_sharing.cpp

index d493b74..6993816 100644 (file)
--- a/src/security-manager-tests/test_cases_trusted_sharing.cpp
+++ b/src/security-manager-tests/test_cases_trusted_sharing.cpp
@@ -249,7 +249,7 @@ RUNNER_TEST(security_manager_46_pkgId_deinstalation_test)
       * User PKGLabel rwxatl
       */
  
-    std::vector<AppInstallHelper> helper {{"a46"}, {"b46"}};
+    std::vector<AppInstallHelper> helper {{"a46", "a46"}, {"b46", "a46"}};
      auto &trusted1 = helper[0];
      auto &trusted2 = helper[1];
  
@@ -270,7 +270,7 @@ RUNNER_TEST(security_manager_46_pkgId_deinstalation_test)
  
      InstallRequest trustingApp2;
      trustingApp2.setAppId(trusted2.getAppId());
-    trustingApp2.setPkgId(trusted1.getPkgId()); // both apps will be part of same pkgId
+    trustingApp2.setPkgId(trusted2.getPkgId());
      trustingApp2.setAuthorId(authorId1);
      Api::install(trustingApp2);
author	Zofia Abramowska <z.abramowska@samsung.com>
	Thu, 8 Sep 2016 17:57:46 +0000 (19:57 +0200)
committer	Zofia Abramowska <z.abramowska@samsung.com>
	Tue, 4 Oct 2016 13:31:08 +0000 (15:31 +0200)
src/security-manager-tests/common/sm_commons.cpp		patch \| blob \| history
src/security-manager-tests/common/sm_request.cpp		patch \| blob \| history
src/security-manager-tests/common/sm_request.h		patch \| blob \| history
src/security-manager-tests/test_cases_privacy_manager.cpp		patch \| blob \| history
src/security-manager-tests/test_cases_trusted_sharing.cpp		patch \| blob \| history