MercurialSymaptic / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw | help
os/persistentdata/persistentstorage/sql/TEST/t_sqlsecurity4.cpp
author sl
Tue, 10 Jun 2014 14:32:02 +0200
changeset 1 260cb5ec6c19
permissions -rw-r--r--
Update contrib. 
     1 // Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).

     2 // All rights reserved.

     3 // This component and the accompanying materials are made available

     4 // under the terms of "Eclipse Public License v1.0"

     5 // which accompanies this distribution, and is available

     6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".

     7 //

     8 // Initial Contributors:

     9 // Nokia Corporation - initial contribution.

    10 //

    11 // Contributors:

    12 //

    13 // Description:

    14 // t_sqlsecurity4 application has capabilities allowing read/write access to the test database

    15 // 

    16 //

    17 

    18 #include <e32test.h>

    19 #include <bautils.h>

    20 #include <sqldb.h>

    21 

    22 ///////////////////////////////////////////////////////////////////////////////////////

    23 //The test database has:

    24 //  SCHEMA database policy: ECapabilityReadDeviceData, ECapabilityWriteUserData, ECapabilityReadUserData

    25 //  WRITE database policy:  ECapabilityWriteUserData

    26 //  READ database policy:   ECapabilityReadUserData

    27 //

    28 //Database tables:

    29 //  TABLE A(F1 INTEGER, B1 BLOB)

    30 //  TABLE B(F2 INTEGER, F3 TEXT, B2 BLOB)

    31 //

    32 //Database data:

    33 //  TABLE A: {1, x'41414141414141414141'}, {2, x'42424242424242424242'}, {3, x'43434343434343434343'}, {4, x'44444444444444444444'}

    34 //  TABLE B: {2, "ABC", x'45454545454545454545'}, {4, "DEF", x'46464646464646464646'}

    35 

    36 ///////////////////////////////////////////////////////////////////////////////////////

    37 

    38 #define UNUSED_VAR(a) (a) = (a)

    39 

    40 RSqlDatabase TheDb;

    41 RTest TheTest(_L("t_sqlsecurity4 test"));

    42 

    43 _LIT(KTestDbName, "c:[21212125]t_ab.db");

    44 _LIT(KTestDbName2, "c:\\test\\t_sqlsecurity4_2.db");

    45 

    46 ///////////////////////////////////////////////////////////////////////////////////////

    47 //Restore original test database function

    48 void RestoreOriginalDb()

    49 	{

    50 	TheDb.Close();

    51 	TheDb.Open(KTestDbName);

    52 	

    53 	// Delete and restore the content of table A (unconditional DELETE, no READ operations)

    54 	TheDb.Exec(_L("DELETE FROM A"));

    55 	TheDb.Exec(_L("INSERT INTO A(F1,B1) VALUES(1,x'41414141414141414141');INSERT INTO A(F1,B1) VALUES(2,x'42424242424242424242');INSERT INTO A(F1,B1) VALUES(3,x'43434343434343434343');INSERT INTO A(F1,B1) VALUES(4,x'44444444444444444444');"));

    56 

    57 	// Delete and restore the content of table B (unconditional DELETE, no READ operations)

    58 	TheDb.Exec(_L("DELETE FROM B"));

    59 	TheDb.Exec(_L("INSERT INTO B(F2,F3,B2) VALUES(2, 'ABC',x'45454545454545454545');INSERT INTO B(F2,F3,B2) VALUES(4,'DEF',x'46464646464646464646');"));

    60 

    61 	TheDb.Close();	

    62 	}

    63 

    64 ///////////////////////////////////////////////////////////////////////////////////////

    65 //Test macros and functions

    66 void Check1(TInt aValue, TInt aLine)

    67 	{

    68 	if(!aValue)

    69 		{

    70 		RestoreOriginalDb();

    71 		RDebug::Print(_L("*** Line %d\r\n"), aLine);

    72 		TheTest(EFalse, aLine);

    73 		}

    74 	}

    75 void Check2(TInt aValue, TInt aExpected, TInt aLine)

    76 	{

    77 	if(aValue != aExpected)

    78 		{

    79 		RestoreOriginalDb();

    80 		RDebug::Print(_L("*** Line %d, Expected error: %d, got: %d\r\n"), aLine, aExpected, aValue);

    81 		TheTest(EFalse, aLine);

    82 		}

    83 	}

    84 #define TEST(arg) ::Check1((arg), __LINE__)

    85 #define TEST2(aValue, aExpected) ::Check2(aValue, aExpected, __LINE__)

    86 

    87 ///////////////////////////////////////////////////////////////////////////////////////

    88 

    89 //This functnion is called while there is an open secure connection.

    90 //The function will create a new, non-secure connection and check that the non-secure database schema can be modified,

    91 //while there is another alive, secure database connection.

    92 void NonSecureDbTest()

    93     {

    94     (void)RSqlDatabase::Delete(KTestDbName2);

    95     RSqlDatabase db;

    96     TInt err = db.Create(KTestDbName2);

    97     TEST2(err, KErrNone);

    98     

    99     err = db.Exec(_L("CREATE TABLE A(I1 INTEGER, I2 INTEGER)"));

   100     TEST(err >= 0);

   101     err = db.Exec(_L("CREATE TEMP TABLE B(I1 INTEGER, I2 INTEGER)"));

   102     TEST(err >= 0);

   103 

   104     //"CREATE VIRTUAL TABLE" statement not supported

   105     err = db.Exec(_L("CREATE VIRTUAL TABLE V1 USING FTS3(ColOne TEXT, ColTwo DATETIME)"));

   106     TPtrC msg = db.LastErrorMessage();

   107     TheTest.Printf(_L("*** \"CREATE VIRTUAL TABLE\" expected failure, msg=\"%S\", err=%d\r\n"), &msg, err);

   108     TEST(err != KErrNone);

   109     

   110     err = db.Exec(_L("CREATE TRIGGER T1 AFTER INSERT ON A BEGIN INSERT INTO B VALUES(new.I1, new.I2); END;"));

   111     TEST(err >= 0);

   112     err = db.Exec(_L("DROP TRIGGER T1"));

   113     TEST(err >= 0);

   114     err = db.Exec(_L("CREATE TEMP TRIGGER T2 AFTER UPDATE OF I1 ON A BEGIN UPDATE B SET I1 = new.I1; END;"));

   115     TEST(err >= 0);

   116     err = db.Exec(_L("DROP TRIGGER T2"));

   117     TEST(err >= 0);

   118 

   119     err = db.Exec(_L("CREATE VIEW V1 AS SELECT * FROM A"));

   120     TEST(err >= 0);

   121     err = db.Exec(_L("DROP VIEW V1"));

   122     TEST(err >= 0);

   123     err = db.Exec(_L("CREATE TEMP VIEW V2 AS SELECT * FROM A"));

   124     TEST(err >= 0);

   125     err = db.Exec(_L("DROP VIEW V2"));

   126     TEST(err >= 0);

   127 

   128     err = db.Exec(_L("CREATE INDEX Idx1 ON A(I1)"));

   129     TEST(err >= 0);

   130     err = db.Exec(_L("ANALYZE A"));

   131     TEST(err >= 0);

   132     err = db.Exec(_L("DROP INDEX Idx1"));

   133     TEST(err >= 0);

   134     err = db.Exec(_L("CREATE INDEX Idx2 ON B(I1)"));

   135     TEST(err >= 0);

   136     err = db.Exec(_L("DROP INDEX Idx2"));

   137     TEST(err >= 0);

   138         

   139     err = db.Exec(_L("DROP TABLE B"));

   140     TEST(err >= 0);

   141     err = db.Exec(_L("DROP TABLE A"));

   142     TEST(err >= 0);

   143     

   144     db.Close();

   145     (void)RSqlDatabase::Delete(KTestDbName2);

   146     }

   147 

   148 /**

   149 @SYMTestCaseID			SYSLIB-SQL-CT-1646

   150 @SYMTestCaseDesc		Testing database operations on a secure database.

   151 						The test application's capabilities allow read/write access to the test secure database.

   152 						Verify that any other kind of a database operation will fail with KErrPermissionDenied error.

   153 @SYMTestPriority		High

   154 @SYMTestActions			Testing database operations on a secure database.

   155 @SYMTestExpectedResults Test must not fail

   156 @SYMREQ					REQ5792

   157                         REQ5793

   158 */	

   159 void ReadWriteDatabaseTest()

   160 	{

   161 	RSqlDatabase db;

   162 	TInt err = TheDb.Open(KTestDbName);

   163 	TEST2(err, KErrNone);

   164 	

   165 	//Attempt to modify the database schema

   166 	err = TheDb.Exec(_L("CREATE TABLE C(FFF TEXT)"));

   167 	TEST2(err, KErrPermissionDenied);

   168     err = TheDb.Exec(_L("CREATE TEMP TABLE TBL1(COL1 INTEGER, COL2 INTEGER)"));

   169     TEST(err >= 0);

   170     err = TheDb.Exec(_L("CREATE TEMP TRIGGER del1 AFTER DELETE ON TBL1 BEGIN DELETE FROM A; END;"));

   171     TEST(err >= 0);

   172     err = TheDb.Exec(_L("DROP TRIGGER del1"));

   173     TEST(err >= 0);

   174     err = TheDb.Exec(_L("CREATE TEMP VIEW V1 AS SELECT * FROM TBL1"));

   175     TEST(err >= 0);

   176     err = TheDb.Exec(_L("DROP VIEW V1"));

   177     TEST(err >= 0);

   178     err = TheDb.Exec(_L("CREATE INDEX I1 ON TBL1(COL2)"));

   179     TEST(err >= 0);

   180     err = TheDb.Exec(_L("DROP INDEX I1"));

   181     TEST(err >= 0);

   182     err = TheDb.Exec(_L("DROP TABLE TBL1"));

   183     TEST(err >= 0);

   184     err = TheDb.Exec(_L("ANALYZE A"));

   185     TEST2(err, KErrPermissionDenied);

   186     err = TheDb.Exec(_L("CREATE VIEW V2 AS SELECT * FROM A"));

   187     TEST2(err, KErrPermissionDenied);

   188 	//Attempt to update the user data (but it includes a READ operation)

   189 	err = TheDb.Exec(_L("UPDATE A SET F1 = 11 WHERE F1 = 1"));

   190 	TEST(err >= 0);	

   191 	//Attempt to update the user data (unconditional UPDATE, no READ operations)

   192 	err = TheDb.Exec(_L("UPDATE A SET F1 = 11"));

   193 	TEST(err >= 0);	

   194 	//Attempt to delete the user data (but it includes a READ operation)

   195 	err = TheDb.Exec(_L("DELETE FROM B WHERE F2 = 2"));

   196 	TEST(err >= 0);	

   197 	//Attempt to delete the user data (unconditional DELETE, no READ operations)

   198 	err = TheDb.Exec(_L("DELETE FROM A"));

   199 	TEST(err >= 0);	

   200 	//Restore the deleted table A

   201 	err = TheDb.Exec(_L("INSERT INTO A(F1,B1) VALUES(1,x'41414141414141414141');INSERT INTO A(F1,B1) VALUES(2,x'42424242424242424242');INSERT INTO A(F1,B1) VALUES(3,x'43434343434343434343');INSERT INTO A(F1,B1) VALUES(4,x'44444444444444444444');"));

   202 	TEST(err >= 0);	

   203 	//Restore the deleted record in table B

   204 	err = TheDb.Exec(_L("INSERT INTO B(F2, F3, B2) VALUES(2, 'ABC', x'45454545454545454545');"));

   205 	TEST2(err, 1);

   206 	//Attempt to insert new user data

   207 	err = TheDb.Exec(_L("INSERT INTO B(F2, F3, B2) VALUES(6, 'GHI', x'47474747474747474747');"));

   208 	TEST2(err, 1);

   209 	//Attempt to read the user data

   210 	RSqlStatement stmt;

   211 	err = stmt.Prepare(TheDb, _L("SELECT A.F1 FROM B,A WHERE A.F1 = B.F2"));

   212 	TEST2(err, KErrNone);

   213 	//ColumnCount() has no capabilities assigned

   214 	TInt colCnt = stmt.ColumnCount();

   215 	TEST2(colCnt, 1);

   216 	//DeclaredColumnType() has no capabilities assigned

   217 	TSqlColumnType colType;

   218 	err = stmt.DeclaredColumnType(0, colType);

   219 	TEST2(err, KErrNone);

   220 	TEST2(colType, ESqlInt);

   221 	err = stmt.Next();

   222 	TEST2(err, KSqlAtRow);

   223 	RDebug::Print(_L("Value=%d\r\n"), stmt.ColumnInt(0));

   224 	err = stmt.Next();

   225 	TEST2(err, KSqlAtRow);

   226 	RDebug::Print(_L("Value=%d\r\n"), stmt.ColumnInt(0));

   227 	stmt.Close();

   228 	//Attempt to read the system data

   229 	err = stmt.Prepare(TheDb, _L("SELECT * FROM SQLITE_MASTER"));

   230 	TEST2(err, KErrNone);

   231 	err = stmt.Next();

   232 	TEST2(err, KSqlAtRow);

   233 	TPtrC p;

   234 	err = stmt.ColumnText(0, p);

   235 	TEST2(err, KErrNone);

   236 	RDebug::Print(_L("Value=%S\r\n"), &p);

   237 	stmt.Close();

   238 	

   239 	NonSecureDbTest();

   240 	

   241 	TheDb.Close();

   242 	}

   243 	

   244 /**

   245 @SYMTestCaseID			SYSLIB-SQL-UT-4097

   246 @SYMTestCaseDesc		Testing incremental blob reads and writes on a secure database.

   247 						The test application's capabilities allow read and write access to the blobs.

   248 						Verify that both reads and writes are allowed.

   249 @SYMTestPriority		Medium

   250 @SYMTestActions			Testing incremental blob reads and writes on a secure database.

   251 @SYMTestExpectedResults Test must not fail

   252 @SYMREQ					REQ5794

   253 */	

   254 void ReadWriteBlobTestL()

   255 	{

   256 	// Current database data:

   257 	// TABLE A: {1, x'41414141414141414141'}, {2, x'42424242424242424242'}, {3, x'43434343434343434343'}, {4, x'44444444444444444444'}

   258 	// TABLE B: {4, "DEF", x'46464646464646464646'} <- ROWID = 2, {2, "ABC", x'45454545454545454545'} <- ROWID = 3, {6, "GHI", x'47474747474747474747'} <- ROWID = 4

   259 

   260 	RSqlDatabase db;

   261 	TInt err = TheDb.Open(KTestDbName);

   262 	TEST2(err, KErrNone);

   263 			

   264 	// Attempt to read the blobs in tables A and B

   265 	RSqlBlobReadStream rdStrm;

   266 	CleanupClosePushL(rdStrm);

   267 	TBuf8<20> data;

   268 	TRAP(err, rdStrm.OpenL(TheDb, _L("A"), _L("B1"), 1));

   269 	TEST2(err, KErrNone);

   270 	TRAP(err, rdStrm.ReadL(data, 3));

   271 	TEST2(err, KErrNone);

   272 	TEST(data.Compare(_L8("AAA")) == 0);

   273 	rdStrm.Close();

   274 	TRAP(err, rdStrm.OpenL(TheDb, _L("B"), _L("B2"), 3));

   275 	TEST2(err, KErrNone);

   276 	TRAP(err, rdStrm.ReadL(data, 10));

   277 	TEST2(err, KErrNone);

   278 	TEST(data.Compare(_L8("EEEEEEEEEE")) == 0);

   279 	CleanupStack::PopAndDestroy(&rdStrm);	

   280 

   281 	HBufC8* wholeBuf = TSqlBlob::GetLC(TheDb, _L("A"), _L("B1"), 4);

   282 	TEST(wholeBuf->Des().Compare(_L8("DDDDDDDDDD")) == 0);	

   283 	CleanupStack::PopAndDestroy(wholeBuf);

   284 	wholeBuf = TSqlBlob::GetLC(TheDb, _L("B"), _L("B2"), 2);

   285 	TEST(wholeBuf->Des().Compare(_L8("FFFFFFFFFF")) == 0);	

   286 	CleanupStack::PopAndDestroy(wholeBuf);

   287 

   288 	HBufC8* buf = HBufC8::NewLC(10);	

   289 	TPtr8 bufPtr(buf->Des());	  

   290 	err = TSqlBlob::Get(TheDb, _L("A"), _L("B1"), bufPtr, 2);

   291 	TEST2(err, KErrNone); 

   292 	TEST(bufPtr.Compare(_L8("BBBBBBBBBB")) == 0);	

   293 	err = TSqlBlob::Get(TheDb, _L("B"), _L("B2"), bufPtr, 4);

   294 	TEST2(err, KErrNone); 

   295 	TEST(bufPtr.Compare(_L8("GGGGGGGGGG")) == 0);

   296 	CleanupStack::PopAndDestroy(buf); 

   297 	

   298 	// Attempt to write the blobs in tables A and B

   299 	RSqlBlobWriteStream wrStrm;

   300 	CleanupClosePushL(wrStrm);

   301 	TRAP(err, wrStrm.OpenL(TheDb, _L("A"), _L("B1"), 1));

   302 	TEST2(err, KErrNone);

   303 	TRAP(err, wrStrm.WriteL(_L8("ZZZ")));

   304 	TEST2(err, KErrNone);

   305 	wrStrm.Close();

   306 	TRAP(err, wrStrm.OpenL(TheDb, _L("B"), _L("B2"), 2));

   307 	TEST2(err, KErrNone);

   308 	TRAP(err, wrStrm.WriteL(_L8("XXXXXXXXX")));

   309 	TEST2(err, KErrNone);

   310 	CleanupStack::PopAndDestroy(&wrStrm);	

   311 

   312 	TRAP(err, TSqlBlob::SetL(TheDb, _L("A"), _L("B1"), _L8("UUUUUUUU"), 4));

   313 	TEST2(err, KErrNone);

   314 	TRAP(err, TSqlBlob::SetL(TheDb, _L("B"), _L("B2"), _L8("TT"), 2));

   315 	TEST2(err, KErrNone);

   316 	

   317 	// SQLite and system tables

   318 	

   319 	// Attempt to read from and write to the SQLite master table -

   320 	// reads should be permitted because read capability is enough for this, 

   321 	// writes should not be permitted because schema capability is required for this

   322 	CleanupClosePushL(rdStrm);

   323 	TRAP(err, rdStrm.OpenL(TheDb, _L("sqlite_master"), _L("tbl_name"), 1)); // TEXT column

   324 	TEST2(err, KErrNone);

   325 	TRAP(err, rdStrm.ReadL(data, 1));

   326 	TEST2(err, KErrNone);

   327 	CleanupStack::PopAndDestroy(&rdStrm); 	

   328 

   329 	wholeBuf = TSqlBlob::GetLC(TheDb, _L("sqlite_master"), _L("tbl_name"), 1);

   330 	TEST(wholeBuf->Length() > 0);	

   331 	CleanupStack::PopAndDestroy(wholeBuf);  	

   332 

   333 	buf = HBufC8::NewLC(100);

   334 	bufPtr.Set(buf->Des());	 	  

   335 	err = TSqlBlob::Get(TheDb, _L("sqlite_master"), _L("tbl_name"), bufPtr, 1);

   336 	TEST2(err, KErrNone); 

   337 	TEST(bufPtr.Length() > 0);	

   338 	CleanupStack::PopAndDestroy(buf); 

   339 	

   340 	CleanupClosePushL(wrStrm);

   341 	TRAP(err, wrStrm.OpenL(TheDb, _L("sqlite_master"), _L("tbl_name"), 1));

   342 	TEST2(err, KErrPermissionDenied);

   343 	CleanupStack::PopAndDestroy(&wrStrm);	

   344 

   345 	TRAP(err, TSqlBlob::SetL(TheDb, _L("sqlite_master"), _L("tbl_name"), _L8("VVVV"), 1));

   346 	TEST2(err, KErrPermissionDenied);

   347 

   348 	// Attempt to read from and write to the system tables - neither reads nor writes should be permitted

   349 	CleanupClosePushL(rdStrm);

   350 	TRAP(err, rdStrm.OpenL(TheDb, _L("symbian_security"), _L("PolicyData"), 1)); // BLOB column

   351 	TEST2(err, KErrPermissionDenied);

   352 	CleanupStack::PopAndDestroy(&rdStrm);	

   353 

   354 	TRAP(err, wholeBuf = TSqlBlob::GetLC(TheDb, _L("symbian_security"), _L("PolicyData"), 1));

   355 	TEST2(err, KErrPermissionDenied);

   356 

   357 	buf = HBufC8::NewLC(100);	

   358 	bufPtr.Set(buf->Des());	  

   359 	err = TSqlBlob::Get(TheDb, _L("symbian_security"), _L("PolicyData"), bufPtr, 1);

   360 	TEST2(err, KErrPermissionDenied); 

   361 	CleanupStack::PopAndDestroy(buf); 

   362 	

   363 	CleanupClosePushL(wrStrm);

   364 	TRAP(err, wrStrm.OpenL(TheDb, _L("symbian_security"), _L("PolicyData"), 1));

   365 	TEST2(err, KErrPermissionDenied);

   366 	CleanupStack::PopAndDestroy(&wrStrm);	

   367 

   368 	TRAP(err, TSqlBlob::SetL(TheDb, _L("symbian_security"), _L("PolicyData"), _L8("VVVV"), 1));

   369 	TEST2(err, KErrPermissionDenied);

   370 	

   371 	TheDb.Close();

   372 	}

   373 	

   374 void DoTestsL()

   375 	{

   376 	TheTest.Start(_L(" @SYMTestCaseID:SYSLIB-SQL-CT-1646 Read-write database access test "));

   377 	ReadWriteDatabaseTest();

   378 	

   379 	TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-SQL-UT-4097 Read-write blob access test"));

   380 	ReadWriteBlobTestL();

   381 	

   382 	RestoreOriginalDb(); // the same db is used by the other t_security test exe's

   383 	}

   384 

   385 TInt E32Main()

   386 	{

   387 	TheTest.Title();

   388 	

   389 	CTrapCleanup* tc = CTrapCleanup::New();

   390 	

   391 	__UHEAP_MARK;

   392 		

   393 	TRAPD(err, DoTestsL());

   394 	TEST2(err, KErrNone);

   395 

   396 	__UHEAP_MARKEND;

   397 	

   398 	TheTest.End();

   399 	TheTest.Close();

   400 	

   401 	delete tc;

   402 

   403 	User::Heap().Check();

   404 	return KErrNone;

   405 	}
Symaptic