|
sl@0
|
1 |
// Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
|
|
sl@0
|
2 |
// All rights reserved.
|
|
sl@0
|
3 |
// This component and the accompanying materials are made available
|
|
sl@0
|
4 |
// under the terms of "Eclipse Public License v1.0"
|
|
sl@0
|
5 |
// which accompanies this distribution, and is available
|
|
sl@0
|
6 |
// at the URL "http://www.eclipse.org/legal/epl-v10.html".
|
|
sl@0
|
7 |
//
|
|
sl@0
|
8 |
// Initial Contributors:
|
|
sl@0
|
9 |
// Nokia Corporation - initial contribution.
|
|
sl@0
|
10 |
//
|
|
sl@0
|
11 |
// Contributors:
|
|
sl@0
|
12 |
//
|
|
sl@0
|
13 |
// Description:
|
|
sl@0
|
14 |
// DBMS security policy - testing new APIs.
|
|
sl@0
|
15 |
// This test app has "PowerMgmt" (TABLE A: READ) capability, which allows it to
|
|
sl@0
|
16 |
// read data from table A.
|
|
sl@0
|
17 |
// The UID policy file is 11335579.spd.
|
|
sl@0
|
18 |
// The test uses C:TESTDB.DB secure shared database, which has tables A, B and C, each of them
|
|
sl@0
|
19 |
// with at least one record.
|
|
sl@0
|
20 |
// Please, ensure that t_dbenvcreate test is executed before t_dbplatsec<N>/t_dbplatsecperf tests!
|
|
sl@0
|
21 |
// Please, ensure that t_dbenvdestroy test is executed after t_dbplatsec<N>/t_dbplatsecperf tests!
|
|
sl@0
|
22 |
//
|
|
sl@0
|
23 |
//
|
|
sl@0
|
24 |
|
|
sl@0
|
25 |
#include <e32test.h>
|
|
sl@0
|
26 |
#include <d32dbms.h>
|
|
sl@0
|
27 |
#include "t_dbplatsecutl.h"
|
|
sl@0
|
28 |
|
|
sl@0
|
29 |
const TUid KSecureDbUid = {0x11335579};
|
|
sl@0
|
30 |
_LIT(KSecure, "SECURE");
|
|
sl@0
|
31 |
_LIT(KDbName, "C:TestDB.DB");
|
|
sl@0
|
32 |
_LIT(KTblNameA, "A");
|
|
sl@0
|
33 |
_LIT(KTblNameB, "B");
|
|
sl@0
|
34 |
_LIT(KTblNameC, "C");
|
|
sl@0
|
35 |
|
|
sl@0
|
36 |
static RTest TheTest(_L("t_dbplatsec3: DBMS platform security testing - 3"));
|
|
sl@0
|
37 |
static RDbs TheDbs;
|
|
sl@0
|
38 |
static RDbNamedDatabase TheDb;
|
|
sl@0
|
39 |
static RDbTable TheTbl;
|
|
sl@0
|
40 |
static RDbView TheView;
|
|
sl@0
|
41 |
|
|
sl@0
|
42 |
TDBSCUtils TheDbscUtils(TheTest, NULL);
|
|
sl@0
|
43 |
|
|
sl@0
|
44 |
/**
|
|
sl@0
|
45 |
@SYMTestCaseID SYSLIB-DBMS-CT-0015
|
|
sl@0
|
46 |
@SYMTestCaseDesc OPen table test.
|
|
sl@0
|
47 |
This test app has "PowerMgmt" (TABLE A: READ) capability, which allows it to
|
|
sl@0
|
48 |
read data from table A. B and C tables can be read too, because they do
|
|
sl@0
|
49 |
not have read security policy. The attempts to open A, B and C tables in
|
|
sl@0
|
50 |
insert/update mode must fail.
|
|
sl@0
|
51 |
@SYMTestPriority High
|
|
sl@0
|
52 |
@SYMTestActions Open table test.
|
|
sl@0
|
53 |
@SYMTestExpectedResults The test must not fail.
|
|
sl@0
|
54 |
@SYMREQ REQ2429
|
|
sl@0
|
55 |
DBMS shall provide an API to apply security policies to database tables.
|
|
sl@0
|
56 |
*/
|
|
sl@0
|
57 |
static void TblOpenL()
|
|
sl@0
|
58 |
{
|
|
sl@0
|
59 |
TheTest.Printf(_L("An attempt to open table A\n"));
|
|
sl@0
|
60 |
//The test must fail, because the test app cannot satisfy table A, policy W.
|
|
sl@0
|
61 |
TInt err = TheTbl.Open(TheDb, KTblNameA);
|
|
sl@0
|
62 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
63 |
//The test must pass, because the test app can satisfy table A, policy R.
|
|
sl@0
|
64 |
err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EReadOnly);
|
|
sl@0
|
65 |
TEST2(err, KErrNone);
|
|
sl@0
|
66 |
TheTbl.Close();
|
|
sl@0
|
67 |
|
|
sl@0
|
68 |
TheTest.Printf(_L("An attempt to open table B\n"));
|
|
sl@0
|
69 |
//The test must fail, because the test app cannot satisfy table B, policy W.
|
|
sl@0
|
70 |
err = TheTbl.Open(TheDb, KTblNameB);
|
|
sl@0
|
71 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
72 |
//The test must pass, because table B has no R policy.
|
|
sl@0
|
73 |
err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly);
|
|
sl@0
|
74 |
TEST2(err, KErrNone);
|
|
sl@0
|
75 |
TheTbl.Close();
|
|
sl@0
|
76 |
|
|
sl@0
|
77 |
TheTest.Printf(_L("An attempt to open table C\n"));
|
|
sl@0
|
78 |
//The test must fail, because the test app cannot satisfy table C, policy W.
|
|
sl@0
|
79 |
err = TheTbl.Open(TheDb, KTblNameC);
|
|
sl@0
|
80 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
81 |
//The test must pass, because table C has no R policy.
|
|
sl@0
|
82 |
err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly);
|
|
sl@0
|
83 |
TEST2(err, KErrNone);
|
|
sl@0
|
84 |
TheTbl.Close();
|
|
sl@0
|
85 |
}
|
|
sl@0
|
86 |
|
|
sl@0
|
87 |
/**
|
|
sl@0
|
88 |
@SYMTestCaseID SYSLIB-DBMS-CT-0016
|
|
sl@0
|
89 |
@SYMTestCaseDesc R/W operations at a table level.
|
|
sl@0
|
90 |
This test app has "PowerMgmt" (TABLE A: READ) capability, which allows it to
|
|
sl@0
|
91 |
read data from table A. B and C tables can be read too, because they do
|
|
sl@0
|
92 |
not have read security policy.
|
|
sl@0
|
93 |
@SYMTestPriority High
|
|
sl@0
|
94 |
@SYMTestActions R/W table operations.
|
|
sl@0
|
95 |
@SYMTestExpectedResults The test must not fail.
|
|
sl@0
|
96 |
@SYMREQ REQ2429
|
|
sl@0
|
97 |
DBMS shall provide an API to apply security policies to database tables.
|
|
sl@0
|
98 |
*/
|
|
sl@0
|
99 |
static void TblRWL()
|
|
sl@0
|
100 |
{
|
|
sl@0
|
101 |
TheTest.Printf(_L("Table A - Write\n"));
|
|
sl@0
|
102 |
TInt err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EReadOnly);
|
|
sl@0
|
103 |
TEST2(err, KErrNone);
|
|
sl@0
|
104 |
//The test must fail, because the test app cannot satisfy table A, policy W.
|
|
sl@0
|
105 |
TRAP(err, TheTbl.InsertL());
|
|
sl@0
|
106 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
107 |
err = TheDb.Execute(_L("UPDATE A SET DATA1 = 400 WHERE ID < 10"));
|
|
sl@0
|
108 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
109 |
|
|
sl@0
|
110 |
TheTest.Printf(_L("Table A - Read\n"));
|
|
sl@0
|
111 |
//The test must pass, because the test app can satisfy table A, policy R.
|
|
sl@0
|
112 |
TBool res = EFalse;
|
|
sl@0
|
113 |
TRAP(err, res = TheTbl.FirstL());
|
|
sl@0
|
114 |
TEST2(err, KErrNone);
|
|
sl@0
|
115 |
TEST(res);
|
|
sl@0
|
116 |
TInt cnt = TheTbl.CountL();
|
|
sl@0
|
117 |
TEST(cnt > 0);
|
|
sl@0
|
118 |
err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM A")));
|
|
sl@0
|
119 |
TEST2(err, KErrNone);
|
|
sl@0
|
120 |
cnt = TheView.CountL();
|
|
sl@0
|
121 |
TEST(cnt > 0);
|
|
sl@0
|
122 |
TheView.Close();
|
|
sl@0
|
123 |
|
|
sl@0
|
124 |
TheTbl.Close();
|
|
sl@0
|
125 |
|
|
sl@0
|
126 |
TheTest.Printf(_L("Table B - Write\n"));
|
|
sl@0
|
127 |
err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly);
|
|
sl@0
|
128 |
TEST2(err, KErrNone);
|
|
sl@0
|
129 |
//The test must fail, because the test app cannot satisfy table B, policy W.
|
|
sl@0
|
130 |
TRAP(err, TheTbl.InsertL());
|
|
sl@0
|
131 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
132 |
err = TheDb.Execute(_L("INSERT INTO B (DATA2) VALUES (45)"));
|
|
sl@0
|
133 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
134 |
|
|
sl@0
|
135 |
TheTest.Printf(_L("Table B - Read\n"));
|
|
sl@0
|
136 |
//The test must pass, because table B has no R policy.
|
|
sl@0
|
137 |
TRAP(err, res = TheTbl.FirstL());
|
|
sl@0
|
138 |
TEST2(err, KErrNone);
|
|
sl@0
|
139 |
TEST(res);
|
|
sl@0
|
140 |
cnt = TheTbl.CountL();
|
|
sl@0
|
141 |
TEST(cnt > 0);
|
|
sl@0
|
142 |
err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM B")));
|
|
sl@0
|
143 |
TEST2(err, KErrNone);
|
|
sl@0
|
144 |
cnt = TheView.CountL();
|
|
sl@0
|
145 |
TEST(cnt > 0);
|
|
sl@0
|
146 |
TheView.Close();
|
|
sl@0
|
147 |
|
|
sl@0
|
148 |
TheTbl.Close();
|
|
sl@0
|
149 |
|
|
sl@0
|
150 |
TheTest.Printf(_L("Table C - Write\n"));
|
|
sl@0
|
151 |
err = TheTbl.Open(TheDb, KTblNameC);
|
|
sl@0
|
152 |
//The test must fail, because the test app cannot satisfy table C, policy W.
|
|
sl@0
|
153 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
154 |
err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly);
|
|
sl@0
|
155 |
TEST2(err, KErrNone);
|
|
sl@0
|
156 |
TRAP(err, TheTbl.InsertL());
|
|
sl@0
|
157 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
158 |
err = TheDb.Execute(_L("UPDATE C SET DATA1 = 400 WHERE ID < 10"));
|
|
sl@0
|
159 |
TEST2(err, KErrPermissionDenied);
|
|
sl@0
|
160 |
|
|
sl@0
|
161 |
TheTest.Printf(_L("Table C - Read\n"));
|
|
sl@0
|
162 |
//The test must pass, because table C has no R policy.
|
|
sl@0
|
163 |
TRAP(err, res = TheTbl.FirstL());
|
|
sl@0
|
164 |
TEST2(err, KErrNone);
|
|
sl@0
|
165 |
TEST(res);
|
|
sl@0
|
166 |
cnt = TheTbl.CountL();
|
|
sl@0
|
167 |
TEST(cnt > 0);
|
|
sl@0
|
168 |
err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM C")));
|
|
sl@0
|
169 |
TEST2(err, KErrNone);
|
|
sl@0
|
170 |
cnt = TheView.CountL();
|
|
sl@0
|
171 |
TEST(cnt > 0);
|
|
sl@0
|
172 |
TheView.Close();
|
|
sl@0
|
173 |
|
|
sl@0
|
174 |
TheTbl.Close();
|
|
sl@0
|
175 |
}
|
|
sl@0
|
176 |
|
|
sl@0
|
177 |
static void DoRunL()
|
|
sl@0
|
178 |
{
|
|
sl@0
|
179 |
TheTest.Start(_L("An app with \"TABLE A:READ\" capabilities set"));
|
|
sl@0
|
180 |
|
|
sl@0
|
181 |
TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0015 Open table tests "));
|
|
sl@0
|
182 |
::TblOpenL();
|
|
sl@0
|
183 |
|
|
sl@0
|
184 |
TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0016 Table R/W tests "));
|
|
sl@0
|
185 |
::TblRWL();
|
|
sl@0
|
186 |
}
|
|
sl@0
|
187 |
|
|
sl@0
|
188 |
TInt E32Main()
|
|
sl@0
|
189 |
{
|
|
sl@0
|
190 |
__UHEAP_MARK;
|
|
sl@0
|
191 |
CTrapCleanup* tc = CTrapCleanup::New();
|
|
sl@0
|
192 |
TEST(tc != NULL);
|
|
sl@0
|
193 |
|
|
sl@0
|
194 |
TInt err = TheDbs.Connect();
|
|
sl@0
|
195 |
TEST2(err, KErrNone);
|
|
sl@0
|
196 |
|
|
sl@0
|
197 |
TBuf<32> format;
|
|
sl@0
|
198 |
TheTest.Printf(_L("Open database\n"));
|
|
sl@0
|
199 |
format.Copy(KSecure);
|
|
sl@0
|
200 |
format.Append(KSecureDbUid.Name());
|
|
sl@0
|
201 |
err = TheDb.Open(TheDbs, KDbName, format);
|
|
sl@0
|
202 |
TEST2(err, KErrNone);
|
|
sl@0
|
203 |
|
|
sl@0
|
204 |
TRAP(err, ::DoRunL());
|
|
sl@0
|
205 |
TEST2(err, KErrNone);
|
|
sl@0
|
206 |
|
|
sl@0
|
207 |
TheView.Close();
|
|
sl@0
|
208 |
TheTbl.Close();
|
|
sl@0
|
209 |
TheDb.Close();
|
|
sl@0
|
210 |
TheDbs.Close();
|
|
sl@0
|
211 |
|
|
sl@0
|
212 |
TheTest.End();
|
|
sl@0
|
213 |
TheTest.Close();
|
|
sl@0
|
214 |
|
|
sl@0
|
215 |
delete tc;
|
|
sl@0
|
216 |
|
|
sl@0
|
217 |
__UHEAP_MARKEND;
|
|
sl@0
|
218 |
User::Heap().Check();
|
|
sl@0
|
219 |
return KErrNone;
|
|
sl@0
|
220 |
}
|