MercurialSymaptic / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw | help
os/persistentdata/persistentstorage/sql/TEST/t_sqlsecurity2.cpp
author sl
Tue, 10 Jun 2014 14:32:02 +0200
changeset 1 260cb5ec6c19
permissions -rw-r--r--
Update contrib. 
     1 // Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).

     2 // All rights reserved.

     3 // This component and the accompanying materials are made available

     4 // under the terms of "Eclipse Public License v1.0"

     5 // which accompanies this distribution, and is available

     6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".

     7 //

     8 // Initial Contributors:

     9 // Nokia Corporation - initial contribution.

    10 //

    11 // Contributors:

    12 //

    13 // Description:

    14 // t_sqlsecurity2 application has capabilities allowing read-only access to the test database

    15 // 

    16 //

    17 

    18 #include <e32test.h>

    19 #include <bautils.h>

    20 #include <sqldb.h>

    21 

    22 ///////////////////////////////////////////////////////////////////////////////////////

    23 //The test database has:

    24 //  SCHEMA database policy: ECapabilityReadDeviceData, ECapabilityWriteUserData, ECapabilityReadUserData

    25 //  WRITE database policy:  ECapabilityWriteUserData

    26 //  READ database policy:   ECapabilityReadUserData

    27 //

    28 //Database tables:

    29 //  TABLE A(F1 INTEGER, B1 BLOB)

    30 //  TABLE B(F2 INTEGER, F3 TEXT, B2 BLOB)

    31 //

    32 //Database data:

    33 //  TABLE A: {1, x'41414141414141414141'}, {2, x'42424242424242424242'}, {3, x'43434343434343434343'}, {4, x'44444444444444444444'}

    34 //  TABLE B: {2, "ABC", x'45454545454545454545'}, {4, "DEF", x'46464646464646464646'}

    35 

    36 ///////////////////////////////////////////////////////////////////////////////////////

    37 

    38 #define UNUSED_VAR(a) (a) = (a)

    39 

    40 RTest TheTest(_L("t_sqlsecurity2 test"));

    41 RSqlDatabase TheDb;

    42 

    43 _LIT(KTestDbName, "c:[21212125]t_ab.db");

    44 _LIT(KTestDbName2, "c:\\test\\t_sqlsecurity2_2.db");

    45 

    46 ///////////////////////////////////////////////////////////////////////////////////////

    47 

    48 void DeleteTestDb()

    49 	{

    50 	TheDb.Close();

    51 	(void)RSqlDatabase::Delete(KTestDbName2);

    52 	}

    53 

    54 ///////////////////////////////////////////////////////////////////////////////////////

    55 ///////////////////////////////////////////////////////////////////////////////////////

    56 //Test macros and functions

    57 void Check1(TInt aValue, TInt aLine)

    58 	{

    59 	if(!aValue)

    60 		{

    61 		DeleteTestDb();

    62 		RDebug::Print(_L("*** Line %d\r\n"), aLine);

    63 		TheTest(EFalse, aLine);

    64 		}

    65 	}

    66 void Check2(TInt aValue, TInt aExpected, TInt aLine)

    67 	{

    68 	if(aValue != aExpected)

    69 		{

    70 		DeleteTestDb();

    71 		RDebug::Print(_L("*** Line %d, Expected error: %d, got: %d\r\n"), aLine, aExpected, aValue);

    72 		TheTest(EFalse, aLine);

    73 		}

    74 	}

    75 #define TEST(arg) ::Check1((arg), __LINE__)

    76 #define TEST2(aValue, aExpected) ::Check2(aValue, aExpected, __LINE__)

    77 

    78 ///////////////////////////////////////////////////////////////////////////////////////

    79 

    80 /**

    81 @SYMTestCaseID			SYSLIB-SQL-CT-1644

    82 @SYMTestCaseDesc		Testing database operations on a secure database.

    83 						The test application's capabilities allow read-only access to the test secure database.

    84 						Verify that any other kind of a database operation will fail with KErrPermissionDenied error.

    85 @SYMTestPriority		High

    86 @SYMTestActions			Testing database operations on a secure database.

    87 @SYMTestExpectedResults Test must not fail

    88 @SYMREQ					REQ5792

    89                         REQ5793

    90 */	

    91 void ReadOnlyDatabaseTest()

    92 	{

    93 	TInt err = TheDb.Open(KTestDbName);

    94 	TEST2(err, KErrNone);

    95 	

    96 	//Attempt to modify the database schema

    97 	err = TheDb.Exec(_L("CREATE TABLE C(FFF TEXT)"));

    98 	TEST2(err, KErrPermissionDenied);

    99     err = TheDb.Exec(_L("CREATE TEMP TABLE TBL100(COL1 INTEGER)"));

   100     TEST(err >= 0);

   101     err = TheDb.Exec(_L("CREATE INDEX IDX100 ON TBL100(COL1)"));

   102     TEST(err >= 0);

   103     err = TheDb.Exec(_L("DROP INDEX IDX100"));

   104     TEST(err >= 0);

   105     err = TheDb.Exec(_L("DROP TABLE TBL100"));

   106     TEST(err >= 0);

   107 	//Attempt to update the user data

   108 	err = TheDb.Exec(_L("UPDATE A SET F1 = 11 WHERE F1 = 1"));

   109 	TEST2(err, KErrPermissionDenied);

   110 	//Attempt to delete the user data

   111 	err = TheDb.Exec(_L("DELETE FROM B WHERE F2 = 2"));

   112 	TEST2(err, KErrPermissionDenied);

   113 	//Attempt to insert new user data

   114 	err = TheDb.Exec(_L("INSERT INTO B(F2, F3) VALUES(22, 'AAA')"));

   115 	TEST2(err, KErrPermissionDenied);

   116 	//Attempt to read the user data

   117 	RSqlStatement stmt;

   118 	err = stmt.Prepare(TheDb, _L("SELECT A.F1 FROM B,A WHERE A.F1 = B.F2"));

   119 	TEST2(err, KErrNone);

   120 	//ColumnCount() has no capabilities assigned

   121 	TInt colCnt = stmt.ColumnCount();

   122 	TEST2(colCnt, 1);

   123 	//DeclaredColumnType() has no capabilities assigned

   124 	TSqlColumnType colType;

   125 	err = stmt.DeclaredColumnType(0, colType);

   126 	TEST2(err, KErrNone);

   127 	TEST2(colType, ESqlInt);

   128 	err = stmt.Next();

   129 	TEST2(err, KSqlAtRow);

   130 	RDebug::Print(_L("Value=%d\r\n"), stmt.ColumnInt(0));

   131 	err = stmt.Next();

   132 	TEST2(err, KSqlAtRow);

   133 	RDebug::Print(_L("Value=%d\r\n"), stmt.ColumnInt(0));

   134 	stmt.Close();

   135 	//Attempt to read the system data

   136 	err = stmt.Prepare(TheDb, _L("SELECT * FROM SQLITE_MASTER"));

   137 	TEST2(err, KErrNone);

   138 	err = stmt.Next();

   139 	TEST2(err, KSqlAtRow);

   140 	TPtrC p;

   141 	err = stmt.ColumnText(0, p);

   142 	TEST2(err, KErrNone);

   143 	RDebug::Print(_L("Value=%S\r\n"), &p);

   144 	stmt.Close();

   145 

   146 	//Attempt to execute PRAGMA statement directly

   147 	err = TheDb.Exec(_L("PRAGMA encoding = \"UTF-8\""));

   148 	TEST2(err, KErrPermissionDenied);

   149 	

   150 	TheDb.Close();

   151 	}

   152 

   153 /**

   154 @SYMTestCaseID			SYSLIB-SQL-UT-4009

   155 @SYMTestCaseDesc		PlatSec warnings can occur even if an SQL database is successfully opened.

   156 						This test application has a "ReadUserData" capability, and that should allow the

   157 						test database ("c:[21212125]t_ab.db") to be opened successfully, because the "read" 

   158 						database policy consists of a "ReadUserData" capability only.

   159 						No platsec warnings should be seen in the log file ("epocwind.out" file).

   160 @SYMTestPriority		High

   161 @SYMTestActions			PlatSec warnings can occur even if an SQL database is successfully opened.

   162 @SYMTestExpectedResults Test must not fail

   163 @SYMDEF					DEF115811

   164 */	

   165 void DEF115811()

   166 	{

   167 	TInt err = TheDb.Open(KTestDbName);

   168 	TEST2(err, KErrNone);

   169 	TheDb.Close();

   170 	}

   171 	

   172 /**

   173 @SYMTestCaseID			SYSLIB-SQL-UT-4095

   174 @SYMTestCaseDesc		Testing incremental blob reads on a secure database.

   175 						The test application's capabilities allow read-only access to the blobs.

   176 						Verify that any attempt to write to a blob will fail with KErrPermissionDenied.

   177 @SYMTestPriority		High

   178 @SYMTestActions			Testing incremental blob reads on a secure database.

   179 @SYMTestExpectedResults Test must not fail

   180 @SYMREQ					REQ5794

   181 */

   182 void ReadOnlyBlobTestL()

   183 	{

   184 	TInt err = TheDb.Open(KTestDbName);

   185 	TEST2(err, KErrNone);

   186 		

   187 	// Attempt to read the blobs in tables A and B

   188 	RSqlBlobReadStream rdStrm;

   189 	CleanupClosePushL(rdStrm);

   190 	TBuf8<20> data;

   191 	TRAP(err, rdStrm.OpenL(TheDb, _L("A"), _L("B1"), 1));

   192 	TEST2(err, KErrNone);

   193 	TRAP(err, rdStrm.ReadL(data, 3));

   194 	TEST2(err, KErrNone);

   195 	TEST(data.Compare(_L8("AAA")) == 0);

   196 	rdStrm.Close();

   197 	TRAP(err, rdStrm.OpenL(TheDb, _L("B"), _L("B2"), 2));

   198 	TEST2(err, KErrNone);

   199 	TRAP(err, rdStrm.ReadL(data, 10));

   200 	TEST2(err, KErrNone);

   201 	TEST(data.Compare(_L8("FFFFFFFFFF")) == 0);

   202 	CleanupStack::PopAndDestroy(&rdStrm); 	

   203 	

   204 	HBufC8* wholeBuf = TSqlBlob::GetLC(TheDb, _L("A"), _L("B1"), 4);

   205 	TEST(wholeBuf->Des().Compare(_L8("DDDDDDDDDD")) == 0);	

   206 	CleanupStack::PopAndDestroy(wholeBuf); 

   207 	wholeBuf = TSqlBlob::GetLC(TheDb, _L("B"), _L("B2"), 1);

   208 	TEST(wholeBuf->Des().Compare(_L8("EEEEEEEEEE")) == 0);	

   209 	CleanupStack::PopAndDestroy(wholeBuf); 

   210 

   211 	HBufC8* buf = HBufC8::NewLC(10);	

   212 	TPtr8 bufPtr(buf->Des());	  

   213 	err = TSqlBlob::Get(TheDb, _L("A"), _L("B1"), bufPtr, 2);

   214 	TEST2(err, KErrNone); 

   215 	TEST(bufPtr.Compare(_L8("BBBBBBBBBB")) == 0);	

   216 	err = TSqlBlob::Get(TheDb, _L("B"), _L("B2"), bufPtr, 2);

   217 	TEST2(err, KErrNone); 

   218 	TEST(bufPtr.Compare(_L8("FFFFFFFFFF")) == 0);

   219 	CleanupStack::PopAndDestroy(buf); 

   220 	

   221 	// Attempt to write to the blobs in tables A and B

   222 	RSqlBlobWriteStream wrStrm;

   223 	CleanupClosePushL(wrStrm);

   224 	TRAP(err, wrStrm.OpenL(TheDb, _L("A"), _L("B1"), 1));

   225 	TEST2(err, KErrPermissionDenied);

   226 	wrStrm.Close();

   227 	TRAP(err, wrStrm.OpenL(TheDb, _L("B"), _L("B2"), 1));

   228 	TEST2(err, KErrPermissionDenied);

   229 	CleanupStack::PopAndDestroy(&wrStrm);	

   230 

   231 	TRAP(err, TSqlBlob::SetL(TheDb, _L("A"), _L("B1"), _L8("VVVV"), 1));

   232 	TEST2(err, KErrPermissionDenied);

   233 	TRAP(err, TSqlBlob::SetL(TheDb, _L("B"), _L("B2"), _L8("VVVV"), 1));

   234 	TEST2(err, KErrPermissionDenied);

   235 	

   236 	// SQLite and system tables

   237 	

   238 	// Attempt to read from and write to the SQLite master table - only reads should be permitted

   239 	CleanupClosePushL(rdStrm);

   240 	TRAP(err, rdStrm.OpenL(TheDb, _L("sqlite_master"), _L("tbl_name"), 1)); // TEXT column

   241 	TEST2(err, KErrNone);

   242 	TRAP(err, rdStrm.ReadL(data, 1));

   243 	TEST2(err, KErrNone);

   244 	CleanupStack::PopAndDestroy(&rdStrm);	

   245 

   246 	wholeBuf = TSqlBlob::GetLC(TheDb, _L("sqlite_master"), _L("tbl_name"), 1);

   247 	TEST(wholeBuf->Length() > 0);	

   248 	CleanupStack::PopAndDestroy(wholeBuf); 	

   249 

   250 	buf = HBufC8::NewLC(100);

   251 	bufPtr.Set(buf->Des());	 	  

   252 	err = TSqlBlob::Get(TheDb, _L("sqlite_master"), _L("tbl_name"), bufPtr, 1);

   253 	TEST2(err, KErrNone); 

   254 	TEST(bufPtr.Length() > 0);	

   255 	CleanupStack::PopAndDestroy(buf); 

   256 	

   257 	CleanupClosePushL(wrStrm);

   258 	TRAP(err, wrStrm.OpenL(TheDb, _L("sqlite_master"), _L("tbl_name"), 1));

   259 	TEST2(err, KErrPermissionDenied);

   260 	CleanupStack::PopAndDestroy(&wrStrm);	

   261 

   262 	TRAP(err, TSqlBlob::SetL(TheDb, _L("sqlite_master"), _L("tbl_name"), _L8("VVVV"), 1));

   263 	TEST2(err, KErrPermissionDenied);

   264 

   265 	// Attempt to read from and write to the system tables - neither reads nor writes should be permitted

   266 	CleanupClosePushL(rdStrm);

   267 	TRAP(err, rdStrm.OpenL(TheDb, _L("symbian_security"), _L("PolicyData"), 1)); // BLOB column

   268 	TEST2(err, KErrPermissionDenied);

   269 	CleanupStack::PopAndDestroy(&rdStrm);	

   270 

   271 	TRAP(err, wholeBuf = TSqlBlob::GetLC(TheDb, _L("symbian_security"), _L("PolicyData"), 1));

   272 	TEST2(err, KErrPermissionDenied);

   273 

   274 	buf = HBufC8::NewLC(100);	

   275 	bufPtr.Set(buf->Des());	  

   276 	err = TSqlBlob::Get(TheDb, _L("symbian_security"), _L("PolicyData"), bufPtr, 1);

   277 	TEST2(err, KErrPermissionDenied); 

   278 	CleanupStack::PopAndDestroy(buf); 

   279 	

   280 	CleanupClosePushL(wrStrm);

   281 	TRAP(err, wrStrm.OpenL(TheDb, _L("symbian_security"), _L("PolicyData"), 1));

   282 	TEST2(err, KErrPermissionDenied);

   283 	CleanupStack::PopAndDestroy(&wrStrm);	

   284 

   285 	TRAP(err, TSqlBlob::SetL(TheDb, _L("symbian_security"), _L("PolicyData"), _L8("VVVV"), 1));

   286 	TEST2(err, KErrPermissionDenied);

   287 	

   288 	TheDb.Close();

   289 	}

   290 

   291 /**

   292 @SYMTestCaseID			SYSLIB-SQL-UT-4078

   293 @SYMTestCaseDesc		RSqlDatabase::Compact(), platsec test.

   294 						The test verifies that RSqlDatabase::Compact() can be called

   295 						on the main or on an attached database no matter what the client capabilities are.

   296 @SYMTestPriority		Medium

   297 @SYMTestActions			RSqlDatabase::Compact(), platsec test.

   298 @SYMTestExpectedResults Test must not fail

   299 @SYMREQ					REQ10405

   300 */

   301 void CompactTest()

   302 	{

   303 	TInt err = TheDb.Open(KTestDbName);

   304 	TEST2(err, KErrNone);

   305 	

   306 	err = TheDb.Compact(RSqlDatabase::EMaxCompaction);

   307 	TEST(err >= 0);

   308 	

   309 	TRequestStatus stat;

   310 	TheDb.Compact(RSqlDatabase::EMaxCompaction, stat);

   311 	User::WaitForRequest(stat);

   312 	TEST(stat.Int() >= 0);

   313 

   314 	TheDb.Close();

   315 	

   316 	err = TheDb.Create(KTestDbName2);

   317 	TEST2(err, KErrNone);

   318 	_LIT(KDbName, "Db");

   319 	err = TheDb.Attach(KTestDbName, KDbName);

   320 	TEST2(err, KErrNone);

   321 

   322 	err = TheDb.Compact(RSqlDatabase::EMaxCompaction, KDbName);

   323 	TEST(err >= 0);

   324 

   325 	TheDb.Compact(RSqlDatabase::EMaxCompaction, stat, KDbName);

   326 	User::WaitForRequest(stat);

   327 	TEST(stat.Int() >= 0);

   328 	

   329 	err = TheDb.Detach(KDbName);

   330 	TheDb.Close();

   331 	(void)RSqlDatabase::Delete(KTestDbName2);

   332 	}

   333 

   334 void DoTestsL()

   335 	{

   336 	TheTest.Start(_L(" @SYMTestCaseID:SYSLIB-SQL-CT-1644 Read-only database access test "));

   337 	ReadOnlyDatabaseTest();

   338 

   339 	TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-SQL-UT-4009 DEF115811 - PlatSec warnings can occur even if an SQL database is successfully opened "));

   340 	DEF115811();

   341 	

   342 	TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-SQL-UT-4095 - Read-only blob access test"));

   343 	ReadOnlyBlobTestL();

   344 	

   345 	TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-SQL-UT-4078 - RSqlDatabase::Compact() test"));

   346 	CompactTest();

   347 	}

   348 

   349 TInt E32Main()

   350 	{

   351 	TheTest.Title();

   352 	

   353 	CTrapCleanup* tc = CTrapCleanup::New();

   354 	

   355 	__UHEAP_MARK;

   356 

   357 	TRAPD(err, DoTestsL());

   358 	TEST2(err, KErrNone);

   359 

   360 	__UHEAP_MARKEND;

   361 	

   362 	TheTest.End();

   363 	TheTest.Close();

   364 	

   365 	delete tc;

   366 

   367 	User::Heap().Check();

   368 	return KErrNone;

   369 	}
Symaptic