sl@0: // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
sl@0: // All rights reserved.
sl@0: // This component and the accompanying materials are made available
sl@0: // under the terms of "Eclipse Public License v1.0"
sl@0: // which accompanies this distribution, and is available
sl@0: // at the URL "http://www.eclipse.org/legal/epl-v10.html".
sl@0: //
sl@0: // Initial Contributors:
sl@0: // Nokia Corporation - initial contribution.
sl@0: //
sl@0: // Contributors:
sl@0: //
sl@0: // Description:
sl@0: // DBMS security policy - testing new APIs.
sl@0: // This test app has "NetworkServices" (SCHEMA) capability, which allows it to
sl@0: // modify the DBMS structure but not to write any data in the tables.
sl@0: // The UID policy file is 11335579.spd.
sl@0: // Please, ensure that t_dbenvcreate test is executed before t_dbplatsec<N>/t_dbplatsecperf tests!
sl@0: // Please, ensure that t_dbenvdestroy test is executed after t_dbplatsec<N>/t_dbplatsecperf tests!
sl@0: //
sl@0: //
sl@0:
sl@0: #include <e32test.h>
sl@0: #include <d32dbms.h>
sl@0: #include "t_dbplatsecutl.h"
sl@0:
sl@0: const TUid KSecureDbUid = {0x11335579};
sl@0: const TUid KProtSecureDbUid = {0x11335578};
sl@0: _LIT(KSecure, "SECURE");
sl@0: _LIT(KDbName, "C:TestDB2.dB");
sl@0: _LIT(KTblNameA, "A");
sl@0: _LIT(KTblNameB, "B");
sl@0: _LIT(KTblNameC, "C");
sl@0:
sl@0: static RTest TheTest(_L("t_dbplatsec1: DBMS platform security testing - 1"));
sl@0: static RDbs TheDbs;
sl@0: static RDbNamedDatabase TheDb;
sl@0: static RDbTable TheTbl;
sl@0: static RDbView TheView;
sl@0:
sl@0: static void CleanupTest()
sl@0: {
sl@0: TheView.Close();
sl@0: TheTbl.Close();
sl@0: TheDb.Close();
sl@0: TDBSCUtils::DeleteDatabase(TheDbs, KSecureDbUid, KDbName);
sl@0: TheDbs.Close();
sl@0: }
sl@0:
sl@0: TDBSCUtils TheDbscUtils(TheTest, &CleanupTest);
sl@0:
sl@0: static TColDef const KColumns[]=
sl@0: {
sl@0: {_S("ID"), EDbColInt32, TDbCol::ENotNull | TDbCol::EAutoIncrement},
sl@0: {_S("DATA1"), EDbColInt32, TDbCol::ENotNull},
sl@0: {_S("DATA2"), EDbColInt32, TDbCol::ENotNull},
sl@0: {0}
sl@0: };
sl@0:
sl@0: /**
sl@0: @SYMTestCaseID SYSLIB-DBMS-CT-0008
sl@0: @SYMTestCaseDesc Database tests. Some of the calls must fail because the caller has no enough rights
sl@0: for the requested operation.
sl@0: @SYMTestPriority High
sl@0: @SYMTestActions RDbNamedDatabase::Open()/RDbNamedDatabase::DatabaseNamesL()/RDbNamedDatabase::Create().
sl@0: @SYMTestExpectedResults The test must not fail.
sl@0: @SYMREQ REQ2429
sl@0: DBMS shall provide an API to apply security policies to database tables.
sl@0: */
sl@0: static void DbTestL()
sl@0: {
sl@0: TBuf<32> format;
sl@0:
sl@0: TDBSCUtils::DeleteDatabase(TheDbs, KSecureDbUid, KDbName);
sl@0: TheTest.Printf(_L("Create database\n"));
sl@0: //The test must pass, because the test app has "SCHEMA" capability
sl@0: format.Copy(KSecure);
sl@0: format.Append(KSecureDbUid.Name());
sl@0: TInt err = TheDb.Create(TheDbs, KDbName, format);
sl@0: TEST2(err, KErrNone);
sl@0:
sl@0: //The test must pass, because "DatabaseNamesL" is a DBMS operation available for everyone.
sl@0: TheTest.Printf(_L("Database list\n"));
sl@0: CDbDatabaseNames* dbNames = TheDbs.DatabaseNamesL(EDriveC, KSecureDbUid);
sl@0: TEST(dbNames->Count() > 0);
sl@0: TBool casePreserved = EFalse;
sl@0: for(TInt i=0;i<dbNames->Count();++i)
sl@0: {
sl@0: const TDesC& dbName = (*dbNames)[i];
sl@0: RDebug::Print(_L("--Database: %S\n"), &dbName);
sl@0: TBuf<128> dbName2;
sl@0: dbName2.Append(TChar('A' + EDriveC));
sl@0: dbName2.Append(TChar(':'));
sl@0: dbName2.Append(dbName);
sl@0: if(dbName2 == KDbName())
sl@0: {
sl@0: casePreserved = ETrue;
sl@0: }
sl@0: }
sl@0: //if casePreserved is non-zero that means the DBMS server does not change the database names to
sl@0: //upper or lower case - that's what we want to check
sl@0: TEST(casePreserved);
sl@0: delete dbNames;
sl@0:
sl@0: TheDb.Close();
sl@0:
sl@0: TheTest.Printf(_L("An attempt to create database - existing, but protected UID\n"));
sl@0: //The test must fail, because the test app does not have capabilities to satisfy
sl@0: //KProtSecureDbUid "SCHEMA" policy.
sl@0: format.Copy(KSecure);
sl@0: format.Append(KProtSecureDbUid.Name());
sl@0: err = TheDb.Create(TheDbs, KDbName, format);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0:
sl@0: //The test must pass, because the test app has "SCHEMA" capability (it must have capabilities,
sl@0: //satisfying at least one of the UID's R/W/S policies)
sl@0: TheTest.Printf(_L("Open database\n"));
sl@0: format.Copy(KSecure);
sl@0: format.Append(KSecureDbUid.Name());
sl@0: err = TheDb.Open(TheDbs, KDbName, format);
sl@0: TEST2(err, KErrNone);
sl@0: }
sl@0:
sl@0: /**
sl@0: @SYMTestCaseID SYSLIB-DBMS-CT-0009
sl@0: @SYMTestCaseDesc Opening table test. The caller has a set of capabilities which satisfy database's
sl@0: schema security policy only. The test checks that the capapbility checking
sl@0: on the DBMS server side works properly. Some of the initiated open table
sl@0: operations won't executed and the returned error will be KErrPermisssionDenied.
sl@0: @SYMTestPriority High
sl@0: @SYMTestActions Attempts to execute RDbTable::Open() on different tables from the test database.
sl@0: @SYMTestExpectedResults The test must not fail.
sl@0: @SYMREQ REQ2429
sl@0: DBMS shall provide an API to apply security policies to database tables.
sl@0: */
sl@0: static void TblOpenL()
sl@0: {
sl@0: TheTest.Printf(_L("Create tables\n"));
sl@0: //The test must pass, because the test app has "SCHEMA" capability
sl@0: CDbColSet* colset = TDBSCUtils::CreateColSetLC(KColumns);
sl@0: TInt err = TheDb.CreateTable(KTblNameA, *colset);//R: PowerMgmt, W: WriteUserData
sl@0: TEST2(err, KErrNone);
sl@0: err = TheDb.CreateTable(KTblNameB, *colset);//R: None, W: WriteUserData WriteDeviceData
sl@0: TEST2(err, KErrNone);
sl@0: err = TheDb.CreateTable(KTblNameC, *colset);//R: None, W: WriteUserData
sl@0: TEST2(err, KErrNone);
sl@0: CleanupStack::PopAndDestroy(colset);
sl@0:
sl@0: TheTest.Printf(_L("An attempt to open table A\n"));
sl@0: //The test must fail, because the test app has no capabilities to satisfy
sl@0: //R/W policies of table A
sl@0: err = TheTbl.Open(TheDb, KTblNameA);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EUpdatable);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EReadOnly);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EInsertOnly);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0:
sl@0: TheTest.Printf(_L("An attempt to open table B\n"));
sl@0: //Open table B in insert/update mode - the test must fail, because the test app has no
sl@0: //capabilities to satisfy table B, policy W.
sl@0: //Open table B in read-only mode - the test must pass, because table B has no R policy.
sl@0: err = TheTbl.Open(TheDb, KTblNameB);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EUpdatable);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EInsertOnly);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly);
sl@0: TEST2(err, KErrNone);
sl@0: TheTbl.Close();
sl@0:
sl@0: TheTest.Printf(_L("An attempt to open table C\n"));
sl@0: //Open table C in insert/update mode - the test must fail, because the test app has no
sl@0: //capabilities to satisfy table C, policy W.
sl@0: //Open table C in read-only mode - the test must pass, because table C has no R policy.
sl@0: err = TheTbl.Open(TheDb, KTblNameC);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EUpdatable);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EInsertOnly);
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly);
sl@0: TEST2(err, KErrNone);
sl@0: TheTbl.Close();
sl@0: }
sl@0:
sl@0: /**
sl@0: @SYMTestCaseID SYSLIB-DBMS-CT-0010
sl@0: @SYMTestCaseDesc Table R/w operations. The caller has a set of capabilities which satisfy database's
sl@0: schema security policy only. The test checks that the capapbility checking
sl@0: on the DBMS server side works properly. Some of the R/W table operations won't be
sl@0: executed and the returned error will be KErrPermisssionDenied.
sl@0: @SYMTestPriority High
sl@0: @SYMTestActions Attempts to execute RDbTable::Insert()/RDbTable::Update()/RDbTable::FirstL()
sl@0: on different tables from the test database.
sl@0: @SYMTestExpectedResults The test must not fail.
sl@0: @SYMREQ REQ2429
sl@0: DBMS shall provide an API to apply security policies to database tables.
sl@0: */
sl@0: static void TblRWL()
sl@0: {
sl@0: TheTest.Printf(_L("An attempt to write in table B\n"));
sl@0: TInt err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly);
sl@0: TEST2(err, KErrNone);
sl@0: //"Write table B" test must fail, because the test app has no capabilities
sl@0: //to satisfy table B, policy W.
sl@0: TRAP(err, TheTbl.InsertL());
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: TRAP(err, TheTbl.UpdateL());
sl@0: TEST2(err, KErrPermissionDenied);
sl@0:
sl@0: TheTest.Printf(_L("An attempt to read from table B\n"));
sl@0: //"Read table B" test must pass, because table B has no R policy
sl@0: TBool res = TheTbl.FirstL();
sl@0: TEST(!res);
sl@0:
sl@0: TheTbl.Close();
sl@0:
sl@0: TheTest.Printf(_L("An attempt to write in table C\n"));
sl@0: //"Write table C" test must fail, because the test app has no capabilities
sl@0: //to satisfy table C, policy W.
sl@0: err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly);
sl@0: TEST2(err, KErrNone);
sl@0: TRAP(err, TheTbl.InsertL());
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: TRAP(err, TheTbl.UpdateL());
sl@0: TEST2(err, KErrPermissionDenied);
sl@0:
sl@0: TheTest.Printf(_L("An attempt to read from table C\n"));
sl@0: //"Read table C" test must pass, because table C has no R policy
sl@0: res = TheTbl.FirstL();
sl@0: TEST(!res);
sl@0:
sl@0: TheTbl.Close();
sl@0: }
sl@0:
sl@0: /**
sl@0: @SYMTestCaseID SYSLIB-DBMS-CT-0011
sl@0: @SYMTestCaseDesc SQL tests. The caller has a set of capabilities which satisfy database's
sl@0: schema security policy only. The test checks that the capapbility checking
sl@0: on the DBMS server side works properly. Some of the SQL statements won't be
sl@0: executed and the returned error will be KErrPermisssionDenied.
sl@0: @SYMTestPriority High
sl@0: @SYMTestActions Attempts to execute various INSERT/UPDATE/SELECT SQL statements.
sl@0: @SYMTestExpectedResults The test must not fail.
sl@0: @SYMREQ REQ2429
sl@0: DBMS shall provide an API to apply security policies to database tables.
sl@0: */
sl@0: static void TblSqlL()
sl@0: {
sl@0: TheTest.Printf(_L("SELECT SQL\n"));
sl@0: //The test must fail, because the test app cannot satisfy table A, policy R.
sl@0: TInt err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM A")));
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: //The test must pass, because table B has no R policy.
sl@0: err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM B")));
sl@0: TEST2(err, KErrNone);
sl@0: TheView.Close();
sl@0: //The test must pass, because table C has no R policy.
sl@0: err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM C")));
sl@0: TEST2(err, KErrNone);
sl@0: TheView.Close();
sl@0:
sl@0: TheTest.Printf(_L("INSERT/UPDATE SQL\n"));
sl@0: //The test must fail, because the test app cannot satisfy table A, policy W.
sl@0: err = TheDb.Execute(_L("INSERT INTO A (DATA2) VALUES(45)"));
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: //The test must fail, because the test app cannot satisfy table B, policy W.
sl@0: err = TheDb.Execute(_L("INSERT INTO B (DATA2) VALUES(45)"));
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: //The test must fail, because the test app cannot satisfy table C, policy W.
sl@0: err = TheDb.Execute(_L("INSERT INTO C (DATA2) VALUES(45)"));
sl@0: TEST2(err, KErrPermissionDenied);
sl@0:
sl@0: //The test must fail, because the test app cannot satisfy table A, policy W.
sl@0: err = TheDb.Execute(_L("UPDATE A SET DATA2=56 WHERE ID = 0"));
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: //The test must fail, because the test app cannot satisfy table B, policy W.
sl@0: err = TheDb.Execute(_L("UPDATE B SET DATA2=56 WHERE ID = 0"));
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: //The test must fail, because the test app cannot satisfy table C, policy W.
sl@0: err = TheDb.Execute(_L("UPDATE C SET DATA2=56 WHERE ID = 0"));
sl@0: TEST2(err, KErrPermissionDenied);
sl@0: }
sl@0:
sl@0: static void DoRunL()
sl@0: {
sl@0: TheTest.Start(_L("An app with \"SCHEMA\" capabilities set"));
sl@0:
sl@0: TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0008 Database test "));
sl@0: ::DbTestL();
sl@0:
sl@0: TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0009 Open table test "));
sl@0: ::TblOpenL();
sl@0:
sl@0: TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0010 Read/Write table test "));
sl@0: ::TblRWL();
sl@0:
sl@0: TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0011 SQL table test "));
sl@0: ::TblSqlL();
sl@0: }
sl@0:
sl@0: TInt E32Main()
sl@0: {
sl@0: __UHEAP_MARK;
sl@0: CTrapCleanup* tc = CTrapCleanup::New();
sl@0: TEST(tc != NULL);
sl@0:
sl@0: TInt err = TheDbs.Connect();
sl@0: TEST2(err, KErrNone);
sl@0:
sl@0: TRAP(err, ::DoRunL());
sl@0: TEST2(err, KErrNone);
sl@0:
sl@0: ::CleanupTest();
sl@0:
sl@0: TheTest.End();
sl@0: TheTest.Close();
sl@0:
sl@0: delete tc;
sl@0:
sl@0: __UHEAP_MARKEND;
sl@0: User::Heap().Check();
sl@0: return KErrNone;
sl@0: }