MercurialSymaptic / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw | help
os/persistentdata/persistentstorage/dbms/tdbms/t_dbplatsec5.cpp
author sl
Tue, 10 Jun 2014 14:32:02 +0200
changeset 1 260cb5ec6c19
permissions -rw-r--r--
Update contrib. 
     1 // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).

     2 // All rights reserved.

     3 // This component and the accompanying materials are made available

     4 // under the terms of "Eclipse Public License v1.0"

     5 // which accompanies this distribution, and is available

     6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".

     7 //

     8 // Initial Contributors:

     9 // Nokia Corporation - initial contribution.

    10 //

    11 // Contributors:

    12 //

    13 // Description:

    14 // DBMS security policy - testing new APIs.

    15 // This test app has "None" capabilities,

    16 // The UID policy file is 11335579.spd.

    17 // The test uses C:TESTDB.DB secure shared database, which has tables A, B and C, each of them

    18 // with at least one record.

    19 // Please, ensure that t_dbenvcreate test is executed before t_dbplatsec<N>/t_dbplatsecperf tests!

    20 // Please, ensure that t_dbenvdestroy test is executed after t_dbplatsec<N>/t_dbplatsecperf tests!

    21 // 

    22 //

    23 

    24 #include <e32test.h>

    25 #include <d32dbms.h>

    26 #include "t_dbplatsecutl.h"

    27 

    28 const TUid KSecureDbUid = {0x11335579};

    29 _LIT(KSecure,	"SECURE");

    30 _LIT(KDbName,	"C:TestDB.DB");

    31 _LIT(KTblNameA,	"A");

    32 _LIT(KTblNameB,	"B");

    33 _LIT(KTblNameC,	"C");

    34 

    35 static RTest 				TheTest(_L("t_dbplatsec5: DBMS platform security testing - 5"));

    36 static RDbs 				TheDbs;

    37 static RDbNamedDatabase 	TheDb;

    38 static RDbTable 			TheTbl;

    39 static RDbView 				TheView;

    40 

    41 TDBSCUtils 	TheDbscUtils(TheTest, NULL);

    42 

    43 /**

    44 @SYMTestCaseID SYSLIB-DBMS-CT-0018

    45 @SYMTestCaseDesc Open table test.

    46 				 This test app has no capabilities and it is restricted to be able to

    47 				 open tables B and C in read-only mode.

    48 @SYMTestPriority High

    49 @SYMTestActions  Open table test.

    50 @SYMTestExpectedResults The test must not fail.

    51 @SYMREQ REQ2429

    52                  DBMS shall provide an API to apply security policies to database tables.

    53 */

    54 static void Test1L()

    55 	{

    56 	TheTest.Printf(_L("An attempt to open tables in update/insert mode\n"));

    57 	//The test must fail, because the test app cannot satisfy table A, B, C, policy W.

    58 	TInt err = TheTbl.Open(TheDb, KTblNameA);

    59 	TEST2(err, KErrPermissionDenied);

    60 	err = TheTbl.Open(TheDb, KTblNameB);

    61 	TEST2(err, KErrPermissionDenied);

    62 	err = TheTbl.Open(TheDb, KTblNameC);

    63 	TEST2(err, KErrPermissionDenied);

    64 

    65 	TheTest.Printf(_L("An attempt to open tables in read-only mode\n"));

    66 	//The test must pass for table B & C, but the test app cannot satisfy table A, policy R.

    67 	err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EReadOnly);

    68 	TEST2(err, KErrPermissionDenied);

    69 	err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly);

    70 	TEST2(err, KErrNone);

    71 	TheTbl.Close();

    72 	err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly);

    73 	TEST2(err, KErrNone);

    74 	TheTbl.Close();

    75 

    76 	TheTest.Printf(_L("An attempt to read tables\n"));

    77 	//The test must pass for table B & C, but the test app cannot satisfy table A, policy R.

    78 	err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM A")));

    79 	TEST2(err, KErrPermissionDenied);

    80 	err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM B")));

    81 	TEST2(err, KErrNone);

    82 	TInt cnt = TheView.CountL();

    83 	TEST(cnt > 0);

    84 	TheView.Close();

    85 	err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM C")));

    86 	TEST2(err, KErrNone);

    87 	cnt = TheView.CountL();

    88 	TEST(cnt > 0);

    89 	TheView.Close();

    90 	}

    91 

    92 /**

    93 @SYMTestCaseID			SYSLIB-DBMS-CT-3407

    94 @SYMTestCaseDesc		Test for defect DEF103023 - DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db.

    95  						The current test application has no capabilities at all.

    96  						"C:TestDB.DB" database is a secure shared database with:

    97  							- no "READ" polycy (no restrictions apply to the database read operations);

    98  							- "WRITE" policy with "WriteUserData" capability defined;

    99  							- "SCHEMA" policy with "NetworkServices" capability defined;

   100  							- table C has no defined securoty policy, so the database security policy will be used;

   101  						The current test application should be able to:

   102  							- begin/commit/rollback a "read-only" transaction;

   103  						But should fail if:

   104  							- begin a transaction and try to modify the database within the transaction;

   105  						This test function asserts the test cases described above.

   106 @SYMTestPriority		High

   107 @SYMTestActions			Test for defect DEF103023 - DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db.

   108 @SYMTestExpectedResults Test must not fail

   109 @SYMDEF					DEF103023

   110 */

   111 void DEF103023L()

   112 	{

   113 	TheTest.Printf(_L("Begin a transaction. Read-only operations tested\n"));

   114 	TInt err = TheDb.Begin();

   115 	TEST2(err, KErrNone);

   116 	TheTest.Printf(_L("Perform some read-only operations inside the transaction\n"));

   117 	err = TheView.Prepare(TheDb, _L("SELECT * FROM C"));

   118 	TEST2(err, KErrNone);

   119 	err = TheView.EvaluateAll();

   120 	TEST2(err, KErrNone);

   121 	TInt cnt = TheView.CountL();

   122 	TEST(cnt > 0);

   123 	TBool rc = TheView.FirstL();

   124 	TEST(rc);

   125 	TheView.GetL();

   126 	TInt val = TheView.ColInt32(1);

   127 	rc = TheView.LastL();

   128 	TEST(rc);

   129 	rc = TheView.NextL();

   130 	TEST(!rc);

   131 	rc = TheView.PreviousL();

   132 	TEST(rc);

   133 	TheView.BeginningL();

   134 	TheView.EndL();

   135 	TheView.Close();

   136 	TheTest.Printf(_L("Commit a transaction\n"));

   137 	err = TheDb.Commit();

   138 	TEST2(err, KErrNone);

   139 	//

   140 	TheTest.Printf(_L("Begin a transaction. Read-only operations tested\n"));

   141 	err = TheDb.Begin();

   142 	TEST2(err, KErrNone);

   143 	err = TheView.Prepare(TheDb, _L("SELECT * FROM C"));

   144 	TEST2(err, KErrNone);

   145 	err = TheView.EvaluateAll();

   146 	TEST2(err, KErrNone);

   147 	cnt = TheView.CountL();

   148 	TEST(cnt > 0);

   149 	TheView.Close();

   150 	TheTest.Printf(_L("Rollback a transaction\n"));

   151 	TheDb.Rollback();

   152 	//

   153 	TheTest.Printf(_L("Begin a transaction. Tested operations violate the database security\n"));

   154 	err = TheDb.Begin();

   155 	TEST2(err, KErrNone);

   156 	err = TheView.Prepare(TheDb, _L("SELECT * FROM C"));

   157 	TEST2(err, KErrNone);

   158 	err = TheView.EvaluateAll();

   159 	TEST2(err, KErrNone);

   160 	rc = TheView.FirstL();

   161 	TEST(rc);

   162 	TheView.GetL();

   163 	TheTest.Printf(_L("An attempt to update a record within the transaction\n"));

   164 	TRAP(err, TheView.UpdateL());

   165 	TEST2(err, KErrPermissionDenied);

   166 	TheTest.Printf(_L("An attempt to delete a record within the transaction\n"));

   167 	TRAP(err, TheView.DeleteL());

   168 	TEST2(err, KErrPermissionDenied);

   169 	TheTest.Printf(_L("An attempt to insert a record within the transaction\n"));

   170 	TRAP(err, TheView.InsertL());

   171 	TEST2(err, KErrPermissionDenied);

   172 	TheView.Close();

   173 	TheTest.Printf(_L("An attempt to modify the database schema within the transaction\n"));

   174 	err = TheDb.Execute(_L("CREATE TABLE C2(Id INTEGER, Z INTEGER)"));

   175 	TEST2(err, KErrPermissionDenied);

   176 	TheTest.Printf(_L("An attempt to execute an INSERT statement within the transaction\n"));

   177 	err = TheDb.Execute(_L("INSERT INTO C VALUES(100)"));

   178 	TEST2(err, KErrPermissionDenied);

   179 	TheTest.Printf(_L("An attempt to modify the database within the transaction using RDbUpdate\n"));

   180 	RDbUpdate update;

   181 	err = update.Execute(TheDb, _L("INSERT INTO C VALUES(200)"));

   182 	TEST2(err, KErrPermissionDenied);

   183 	update.Close();

   184 	TheTest.Printf(_L("Rollback a transaction\n"));

   185 	TheDb.Rollback();

   186 	}

   187 

   188 void DoTestL()

   189 	{

   190 	TheTest.Start(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0018 An app with \"None\" capabilities set "));

   191 	Test1L();

   192 

   193 	TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-3407 DEF103023-DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db "));

   194 	DEF103023L();

   195 	}

   196 

   197 TInt E32Main()

   198     {

   199 	__UHEAP_MARK;

   200 	CTrapCleanup* tc = CTrapCleanup::New();

   201 	TEST(tc != NULL);

   202 

   203 	TInt err = TheDbs.Connect();

   204 	TEST2(err, KErrNone);

   205 

   206 	TBuf<32> format;

   207 	TheTest.Printf(_L("Open database\n"));

   208 	format.Copy(KSecure);

   209 	format.Append(KSecureDbUid.Name());

   210 	err = TheDb.Open(TheDbs, KDbName, format);

   211 	TEST2(err, KErrNone);

   212 

   213 	TRAP(err, DoTestL());

   214 	TEST2(err, KErrNone);

   215 

   216 	TheView.Close();

   217 	TheTbl.Close();

   218 	TheDb.Close();

   219 	TheDbs.Close();

   220 

   221 	TheTest.End();

   222 	TheTest.Close();

   223 

   224 	delete tc;

   225 

   226 	__UHEAP_MARKEND;

   227 	User::Heap().Check();

   228 	return KErrNone;

   229     }
Symaptic