1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/persistentdata/persistentstorage/dbms/tdbms/t_dbplatsec1.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,328 @@
1.4 +// Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
1.5 +// All rights reserved.
1.6 +// This component and the accompanying materials are made available
1.7 +// under the terms of "Eclipse Public License v1.0"
1.8 +// which accompanies this distribution, and is available
1.9 +// at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.10 +//
1.11 +// Initial Contributors:
1.12 +// Nokia Corporation - initial contribution.
1.13 +//
1.14 +// Contributors:
1.15 +//
1.16 +// Description:
1.17 +// DBMS security policy - testing new APIs.
1.18 +// This test app has "NetworkServices" (SCHEMA) capability, which allows it to
1.19 +// modify the DBMS structure but not to write any data in the tables.
1.20 +// The UID policy file is 11335579.spd.
1.21 +// Please, ensure that t_dbenvcreate test is executed before t_dbplatsec<N>/t_dbplatsecperf tests!
1.22 +// Please, ensure that t_dbenvdestroy test is executed after t_dbplatsec<N>/t_dbplatsecperf tests!
1.23 +//
1.24 +//
1.25 +
1.26 +#include <e32test.h>
1.27 +#include <d32dbms.h>
1.28 +#include "t_dbplatsecutl.h"
1.29 +
1.30 +const TUid KSecureDbUid = {0x11335579};
1.31 +const TUid KProtSecureDbUid = {0x11335578};
1.32 +_LIT(KSecure, "SECURE");
1.33 +_LIT(KDbName, "C:TestDB2.dB");
1.34 +_LIT(KTblNameA, "A");
1.35 +_LIT(KTblNameB, "B");
1.36 +_LIT(KTblNameC, "C");
1.37 +
1.38 +static RTest TheTest(_L("t_dbplatsec1: DBMS platform security testing - 1"));
1.39 +static RDbs TheDbs;
1.40 +static RDbNamedDatabase TheDb;
1.41 +static RDbTable TheTbl;
1.42 +static RDbView TheView;
1.43 +
1.44 +static void CleanupTest()
1.45 + {
1.46 + TheView.Close();
1.47 + TheTbl.Close();
1.48 + TheDb.Close();
1.49 + TDBSCUtils::DeleteDatabase(TheDbs, KSecureDbUid, KDbName);
1.50 + TheDbs.Close();
1.51 + }
1.52 +
1.53 +TDBSCUtils TheDbscUtils(TheTest, &CleanupTest);
1.54 +
1.55 +static TColDef const KColumns[]=
1.56 + {
1.57 + {_S("ID"), EDbColInt32, TDbCol::ENotNull | TDbCol::EAutoIncrement},
1.58 + {_S("DATA1"), EDbColInt32, TDbCol::ENotNull},
1.59 + {_S("DATA2"), EDbColInt32, TDbCol::ENotNull},
1.60 + {0}
1.61 + };
1.62 +
1.63 +/**
1.64 +@SYMTestCaseID SYSLIB-DBMS-CT-0008
1.65 +@SYMTestCaseDesc Database tests. Some of the calls must fail because the caller has no enough rights
1.66 + for the requested operation.
1.67 +@SYMTestPriority High
1.68 +@SYMTestActions RDbNamedDatabase::Open()/RDbNamedDatabase::DatabaseNamesL()/RDbNamedDatabase::Create().
1.69 +@SYMTestExpectedResults The test must not fail.
1.70 +@SYMREQ REQ2429
1.71 + DBMS shall provide an API to apply security policies to database tables.
1.72 +*/
1.73 +static void DbTestL()
1.74 + {
1.75 + TBuf<32> format;
1.76 +
1.77 + TDBSCUtils::DeleteDatabase(TheDbs, KSecureDbUid, KDbName);
1.78 + TheTest.Printf(_L("Create database\n"));
1.79 + //The test must pass, because the test app has "SCHEMA" capability
1.80 + format.Copy(KSecure);
1.81 + format.Append(KSecureDbUid.Name());
1.82 + TInt err = TheDb.Create(TheDbs, KDbName, format);
1.83 + TEST2(err, KErrNone);
1.84 +
1.85 + //The test must pass, because "DatabaseNamesL" is a DBMS operation available for everyone.
1.86 + TheTest.Printf(_L("Database list\n"));
1.87 + CDbDatabaseNames* dbNames = TheDbs.DatabaseNamesL(EDriveC, KSecureDbUid);
1.88 + TEST(dbNames->Count() > 0);
1.89 + TBool casePreserved = EFalse;
1.90 + for(TInt i=0;i<dbNames->Count();++i)
1.91 + {
1.92 + const TDesC& dbName = (*dbNames)[i];
1.93 + RDebug::Print(_L("--Database: %S\n"), &dbName);
1.94 + TBuf<128> dbName2;
1.95 + dbName2.Append(TChar('A' + EDriveC));
1.96 + dbName2.Append(TChar(':'));
1.97 + dbName2.Append(dbName);
1.98 + if(dbName2 == KDbName())
1.99 + {
1.100 + casePreserved = ETrue;
1.101 + }
1.102 + }
1.103 + //if casePreserved is non-zero that means the DBMS server does not change the database names to
1.104 + //upper or lower case - that's what we want to check
1.105 + TEST(casePreserved);
1.106 + delete dbNames;
1.107 +
1.108 + TheDb.Close();
1.109 +
1.110 + TheTest.Printf(_L("An attempt to create database - existing, but protected UID\n"));
1.111 + //The test must fail, because the test app does not have capabilities to satisfy
1.112 + //KProtSecureDbUid "SCHEMA" policy.
1.113 + format.Copy(KSecure);
1.114 + format.Append(KProtSecureDbUid.Name());
1.115 + err = TheDb.Create(TheDbs, KDbName, format);
1.116 + TEST2(err, KErrPermissionDenied);
1.117 +
1.118 + //The test must pass, because the test app has "SCHEMA" capability (it must have capabilities,
1.119 + //satisfying at least one of the UID's R/W/S policies)
1.120 + TheTest.Printf(_L("Open database\n"));
1.121 + format.Copy(KSecure);
1.122 + format.Append(KSecureDbUid.Name());
1.123 + err = TheDb.Open(TheDbs, KDbName, format);
1.124 + TEST2(err, KErrNone);
1.125 + }
1.126 +
1.127 +/**
1.128 +@SYMTestCaseID SYSLIB-DBMS-CT-0009
1.129 +@SYMTestCaseDesc Opening table test. The caller has a set of capabilities which satisfy database's
1.130 + schema security policy only. The test checks that the capapbility checking
1.131 + on the DBMS server side works properly. Some of the initiated open table
1.132 + operations won't executed and the returned error will be KErrPermisssionDenied.
1.133 +@SYMTestPriority High
1.134 +@SYMTestActions Attempts to execute RDbTable::Open() on different tables from the test database.
1.135 +@SYMTestExpectedResults The test must not fail.
1.136 +@SYMREQ REQ2429
1.137 + DBMS shall provide an API to apply security policies to database tables.
1.138 +*/
1.139 +static void TblOpenL()
1.140 + {
1.141 + TheTest.Printf(_L("Create tables\n"));
1.142 + //The test must pass, because the test app has "SCHEMA" capability
1.143 + CDbColSet* colset = TDBSCUtils::CreateColSetLC(KColumns);
1.144 + TInt err = TheDb.CreateTable(KTblNameA, *colset);//R: PowerMgmt, W: WriteUserData
1.145 + TEST2(err, KErrNone);
1.146 + err = TheDb.CreateTable(KTblNameB, *colset);//R: None, W: WriteUserData WriteDeviceData
1.147 + TEST2(err, KErrNone);
1.148 + err = TheDb.CreateTable(KTblNameC, *colset);//R: None, W: WriteUserData
1.149 + TEST2(err, KErrNone);
1.150 + CleanupStack::PopAndDestroy(colset);
1.151 +
1.152 + TheTest.Printf(_L("An attempt to open table A\n"));
1.153 + //The test must fail, because the test app has no capabilities to satisfy
1.154 + //R/W policies of table A
1.155 + err = TheTbl.Open(TheDb, KTblNameA);
1.156 + TEST2(err, KErrPermissionDenied);
1.157 + err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EUpdatable);
1.158 + TEST2(err, KErrPermissionDenied);
1.159 + err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EReadOnly);
1.160 + TEST2(err, KErrPermissionDenied);
1.161 + err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EInsertOnly);
1.162 + TEST2(err, KErrPermissionDenied);
1.163 +
1.164 + TheTest.Printf(_L("An attempt to open table B\n"));
1.165 + //Open table B in insert/update mode - the test must fail, because the test app has no
1.166 + //capabilities to satisfy table B, policy W.
1.167 + //Open table B in read-only mode - the test must pass, because table B has no R policy.
1.168 + err = TheTbl.Open(TheDb, KTblNameB);
1.169 + TEST2(err, KErrPermissionDenied);
1.170 + err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EUpdatable);
1.171 + TEST2(err, KErrPermissionDenied);
1.172 + err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EInsertOnly);
1.173 + TEST2(err, KErrPermissionDenied);
1.174 + err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly);
1.175 + TEST2(err, KErrNone);
1.176 + TheTbl.Close();
1.177 +
1.178 + TheTest.Printf(_L("An attempt to open table C\n"));
1.179 + //Open table C in insert/update mode - the test must fail, because the test app has no
1.180 + //capabilities to satisfy table C, policy W.
1.181 + //Open table C in read-only mode - the test must pass, because table C has no R policy.
1.182 + err = TheTbl.Open(TheDb, KTblNameC);
1.183 + TEST2(err, KErrPermissionDenied);
1.184 + err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EUpdatable);
1.185 + TEST2(err, KErrPermissionDenied);
1.186 + err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EInsertOnly);
1.187 + TEST2(err, KErrPermissionDenied);
1.188 + err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly);
1.189 + TEST2(err, KErrNone);
1.190 + TheTbl.Close();
1.191 + }
1.192 +
1.193 +/**
1.194 +@SYMTestCaseID SYSLIB-DBMS-CT-0010
1.195 +@SYMTestCaseDesc Table R/w operations. The caller has a set of capabilities which satisfy database's
1.196 + schema security policy only. The test checks that the capapbility checking
1.197 + on the DBMS server side works properly. Some of the R/W table operations won't be
1.198 + executed and the returned error will be KErrPermisssionDenied.
1.199 +@SYMTestPriority High
1.200 +@SYMTestActions Attempts to execute RDbTable::Insert()/RDbTable::Update()/RDbTable::FirstL()
1.201 + on different tables from the test database.
1.202 +@SYMTestExpectedResults The test must not fail.
1.203 +@SYMREQ REQ2429
1.204 + DBMS shall provide an API to apply security policies to database tables.
1.205 +*/
1.206 +static void TblRWL()
1.207 + {
1.208 + TheTest.Printf(_L("An attempt to write in table B\n"));
1.209 + TInt err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly);
1.210 + TEST2(err, KErrNone);
1.211 + //"Write table B" test must fail, because the test app has no capabilities
1.212 + //to satisfy table B, policy W.
1.213 + TRAP(err, TheTbl.InsertL());
1.214 + TEST2(err, KErrPermissionDenied);
1.215 + TRAP(err, TheTbl.UpdateL());
1.216 + TEST2(err, KErrPermissionDenied);
1.217 +
1.218 + TheTest.Printf(_L("An attempt to read from table B\n"));
1.219 + //"Read table B" test must pass, because table B has no R policy
1.220 + TBool res = TheTbl.FirstL();
1.221 + TEST(!res);
1.222 +
1.223 + TheTbl.Close();
1.224 +
1.225 + TheTest.Printf(_L("An attempt to write in table C\n"));
1.226 + //"Write table C" test must fail, because the test app has no capabilities
1.227 + //to satisfy table C, policy W.
1.228 + err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly);
1.229 + TEST2(err, KErrNone);
1.230 + TRAP(err, TheTbl.InsertL());
1.231 + TEST2(err, KErrPermissionDenied);
1.232 + TRAP(err, TheTbl.UpdateL());
1.233 + TEST2(err, KErrPermissionDenied);
1.234 +
1.235 + TheTest.Printf(_L("An attempt to read from table C\n"));
1.236 + //"Read table C" test must pass, because table C has no R policy
1.237 + res = TheTbl.FirstL();
1.238 + TEST(!res);
1.239 +
1.240 + TheTbl.Close();
1.241 + }
1.242 +
1.243 +/**
1.244 +@SYMTestCaseID SYSLIB-DBMS-CT-0011
1.245 +@SYMTestCaseDesc SQL tests. The caller has a set of capabilities which satisfy database's
1.246 + schema security policy only. The test checks that the capapbility checking
1.247 + on the DBMS server side works properly. Some of the SQL statements won't be
1.248 + executed and the returned error will be KErrPermisssionDenied.
1.249 +@SYMTestPriority High
1.250 +@SYMTestActions Attempts to execute various INSERT/UPDATE/SELECT SQL statements.
1.251 +@SYMTestExpectedResults The test must not fail.
1.252 +@SYMREQ REQ2429
1.253 + DBMS shall provide an API to apply security policies to database tables.
1.254 +*/
1.255 +static void TblSqlL()
1.256 + {
1.257 + TheTest.Printf(_L("SELECT SQL\n"));
1.258 + //The test must fail, because the test app cannot satisfy table A, policy R.
1.259 + TInt err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM A")));
1.260 + TEST2(err, KErrPermissionDenied);
1.261 + //The test must pass, because table B has no R policy.
1.262 + err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM B")));
1.263 + TEST2(err, KErrNone);
1.264 + TheView.Close();
1.265 + //The test must pass, because table C has no R policy.
1.266 + err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM C")));
1.267 + TEST2(err, KErrNone);
1.268 + TheView.Close();
1.269 +
1.270 + TheTest.Printf(_L("INSERT/UPDATE SQL\n"));
1.271 + //The test must fail, because the test app cannot satisfy table A, policy W.
1.272 + err = TheDb.Execute(_L("INSERT INTO A (DATA2) VALUES(45)"));
1.273 + TEST2(err, KErrPermissionDenied);
1.274 + //The test must fail, because the test app cannot satisfy table B, policy W.
1.275 + err = TheDb.Execute(_L("INSERT INTO B (DATA2) VALUES(45)"));
1.276 + TEST2(err, KErrPermissionDenied);
1.277 + //The test must fail, because the test app cannot satisfy table C, policy W.
1.278 + err = TheDb.Execute(_L("INSERT INTO C (DATA2) VALUES(45)"));
1.279 + TEST2(err, KErrPermissionDenied);
1.280 +
1.281 + //The test must fail, because the test app cannot satisfy table A, policy W.
1.282 + err = TheDb.Execute(_L("UPDATE A SET DATA2=56 WHERE ID = 0"));
1.283 + TEST2(err, KErrPermissionDenied);
1.284 + //The test must fail, because the test app cannot satisfy table B, policy W.
1.285 + err = TheDb.Execute(_L("UPDATE B SET DATA2=56 WHERE ID = 0"));
1.286 + TEST2(err, KErrPermissionDenied);
1.287 + //The test must fail, because the test app cannot satisfy table C, policy W.
1.288 + err = TheDb.Execute(_L("UPDATE C SET DATA2=56 WHERE ID = 0"));
1.289 + TEST2(err, KErrPermissionDenied);
1.290 + }
1.291 +
1.292 +static void DoRunL()
1.293 + {
1.294 + TheTest.Start(_L("An app with \"SCHEMA\" capabilities set"));
1.295 +
1.296 + TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0008 Database test "));
1.297 + ::DbTestL();
1.298 +
1.299 + TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0009 Open table test "));
1.300 + ::TblOpenL();
1.301 +
1.302 + TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0010 Read/Write table test "));
1.303 + ::TblRWL();
1.304 +
1.305 + TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0011 SQL table test "));
1.306 + ::TblSqlL();
1.307 + }
1.308 +
1.309 +TInt E32Main()
1.310 + {
1.311 + __UHEAP_MARK;
1.312 + CTrapCleanup* tc = CTrapCleanup::New();
1.313 + TEST(tc != NULL);
1.314 +
1.315 + TInt err = TheDbs.Connect();
1.316 + TEST2(err, KErrNone);
1.317 +
1.318 + TRAP(err, ::DoRunL());
1.319 + TEST2(err, KErrNone);
1.320 +
1.321 + ::CleanupTest();
1.322 +
1.323 + TheTest.End();
1.324 + TheTest.Close();
1.325 +
1.326 + delete tc;
1.327 +
1.328 + __UHEAP_MARKEND;
1.329 + User::Heap().Check();
1.330 + return KErrNone;
1.331 + }