|
1 // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // DBMS security policy - testing new APIs. |
|
15 // This test app has "None" capabilities, |
|
16 // The UID policy file is 11335579.spd. |
|
17 // The test uses C:TESTDB.DB secure shared database, which has tables A, B and C, each of them |
|
18 // with at least one record. |
|
19 // Please, ensure that t_dbenvcreate test is executed before t_dbplatsec<N>/t_dbplatsecperf tests! |
|
20 // Please, ensure that t_dbenvdestroy test is executed after t_dbplatsec<N>/t_dbplatsecperf tests! |
|
21 // |
|
22 // |
|
23 |
|
24 #include <e32test.h> |
|
25 #include <d32dbms.h> |
|
26 #include "t_dbplatsecutl.h" |
|
27 |
|
28 const TUid KSecureDbUid = {0x11335579}; |
|
29 _LIT(KSecure, "SECURE"); |
|
30 _LIT(KDbName, "C:TestDB.DB"); |
|
31 _LIT(KTblNameA, "A"); |
|
32 _LIT(KTblNameB, "B"); |
|
33 _LIT(KTblNameC, "C"); |
|
34 |
|
35 static RTest TheTest(_L("t_dbplatsec5: DBMS platform security testing - 5")); |
|
36 static RDbs TheDbs; |
|
37 static RDbNamedDatabase TheDb; |
|
38 static RDbTable TheTbl; |
|
39 static RDbView TheView; |
|
40 |
|
41 TDBSCUtils TheDbscUtils(TheTest, NULL); |
|
42 |
|
43 /** |
|
44 @SYMTestCaseID SYSLIB-DBMS-CT-0018 |
|
45 @SYMTestCaseDesc Open table test. |
|
46 This test app has no capabilities and it is restricted to be able to |
|
47 open tables B and C in read-only mode. |
|
48 @SYMTestPriority High |
|
49 @SYMTestActions Open table test. |
|
50 @SYMTestExpectedResults The test must not fail. |
|
51 @SYMREQ REQ2429 |
|
52 DBMS shall provide an API to apply security policies to database tables. |
|
53 */ |
|
54 static void Test1L() |
|
55 { |
|
56 TheTest.Printf(_L("An attempt to open tables in update/insert mode\n")); |
|
57 //The test must fail, because the test app cannot satisfy table A, B, C, policy W. |
|
58 TInt err = TheTbl.Open(TheDb, KTblNameA); |
|
59 TEST2(err, KErrPermissionDenied); |
|
60 err = TheTbl.Open(TheDb, KTblNameB); |
|
61 TEST2(err, KErrPermissionDenied); |
|
62 err = TheTbl.Open(TheDb, KTblNameC); |
|
63 TEST2(err, KErrPermissionDenied); |
|
64 |
|
65 TheTest.Printf(_L("An attempt to open tables in read-only mode\n")); |
|
66 //The test must pass for table B & C, but the test app cannot satisfy table A, policy R. |
|
67 err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EReadOnly); |
|
68 TEST2(err, KErrPermissionDenied); |
|
69 err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly); |
|
70 TEST2(err, KErrNone); |
|
71 TheTbl.Close(); |
|
72 err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly); |
|
73 TEST2(err, KErrNone); |
|
74 TheTbl.Close(); |
|
75 |
|
76 TheTest.Printf(_L("An attempt to read tables\n")); |
|
77 //The test must pass for table B & C, but the test app cannot satisfy table A, policy R. |
|
78 err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM A"))); |
|
79 TEST2(err, KErrPermissionDenied); |
|
80 err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM B"))); |
|
81 TEST2(err, KErrNone); |
|
82 TInt cnt = TheView.CountL(); |
|
83 TEST(cnt > 0); |
|
84 TheView.Close(); |
|
85 err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM C"))); |
|
86 TEST2(err, KErrNone); |
|
87 cnt = TheView.CountL(); |
|
88 TEST(cnt > 0); |
|
89 TheView.Close(); |
|
90 } |
|
91 |
|
92 /** |
|
93 @SYMTestCaseID SYSLIB-DBMS-CT-3407 |
|
94 @SYMTestCaseDesc Test for defect DEF103023 - DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db. |
|
95 The current test application has no capabilities at all. |
|
96 "C:TestDB.DB" database is a secure shared database with: |
|
97 - no "READ" polycy (no restrictions apply to the database read operations); |
|
98 - "WRITE" policy with "WriteUserData" capability defined; |
|
99 - "SCHEMA" policy with "NetworkServices" capability defined; |
|
100 - table C has no defined securoty policy, so the database security policy will be used; |
|
101 The current test application should be able to: |
|
102 - begin/commit/rollback a "read-only" transaction; |
|
103 But should fail if: |
|
104 - begin a transaction and try to modify the database within the transaction; |
|
105 This test function asserts the test cases described above. |
|
106 @SYMTestPriority High |
|
107 @SYMTestActions Test for defect DEF103023 - DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db. |
|
108 @SYMTestExpectedResults Test must not fail |
|
109 @SYMDEF DEF103023 |
|
110 */ |
|
111 void DEF103023L() |
|
112 { |
|
113 TheTest.Printf(_L("Begin a transaction. Read-only operations tested\n")); |
|
114 TInt err = TheDb.Begin(); |
|
115 TEST2(err, KErrNone); |
|
116 TheTest.Printf(_L("Perform some read-only operations inside the transaction\n")); |
|
117 err = TheView.Prepare(TheDb, _L("SELECT * FROM C")); |
|
118 TEST2(err, KErrNone); |
|
119 err = TheView.EvaluateAll(); |
|
120 TEST2(err, KErrNone); |
|
121 TInt cnt = TheView.CountL(); |
|
122 TEST(cnt > 0); |
|
123 TBool rc = TheView.FirstL(); |
|
124 TEST(rc); |
|
125 TheView.GetL(); |
|
126 TInt val = TheView.ColInt32(1); |
|
127 rc = TheView.LastL(); |
|
128 TEST(rc); |
|
129 rc = TheView.NextL(); |
|
130 TEST(!rc); |
|
131 rc = TheView.PreviousL(); |
|
132 TEST(rc); |
|
133 TheView.BeginningL(); |
|
134 TheView.EndL(); |
|
135 TheView.Close(); |
|
136 TheTest.Printf(_L("Commit a transaction\n")); |
|
137 err = TheDb.Commit(); |
|
138 TEST2(err, KErrNone); |
|
139 // |
|
140 TheTest.Printf(_L("Begin a transaction. Read-only operations tested\n")); |
|
141 err = TheDb.Begin(); |
|
142 TEST2(err, KErrNone); |
|
143 err = TheView.Prepare(TheDb, _L("SELECT * FROM C")); |
|
144 TEST2(err, KErrNone); |
|
145 err = TheView.EvaluateAll(); |
|
146 TEST2(err, KErrNone); |
|
147 cnt = TheView.CountL(); |
|
148 TEST(cnt > 0); |
|
149 TheView.Close(); |
|
150 TheTest.Printf(_L("Rollback a transaction\n")); |
|
151 TheDb.Rollback(); |
|
152 // |
|
153 TheTest.Printf(_L("Begin a transaction. Tested operations violate the database security\n")); |
|
154 err = TheDb.Begin(); |
|
155 TEST2(err, KErrNone); |
|
156 err = TheView.Prepare(TheDb, _L("SELECT * FROM C")); |
|
157 TEST2(err, KErrNone); |
|
158 err = TheView.EvaluateAll(); |
|
159 TEST2(err, KErrNone); |
|
160 rc = TheView.FirstL(); |
|
161 TEST(rc); |
|
162 TheView.GetL(); |
|
163 TheTest.Printf(_L("An attempt to update a record within the transaction\n")); |
|
164 TRAP(err, TheView.UpdateL()); |
|
165 TEST2(err, KErrPermissionDenied); |
|
166 TheTest.Printf(_L("An attempt to delete a record within the transaction\n")); |
|
167 TRAP(err, TheView.DeleteL()); |
|
168 TEST2(err, KErrPermissionDenied); |
|
169 TheTest.Printf(_L("An attempt to insert a record within the transaction\n")); |
|
170 TRAP(err, TheView.InsertL()); |
|
171 TEST2(err, KErrPermissionDenied); |
|
172 TheView.Close(); |
|
173 TheTest.Printf(_L("An attempt to modify the database schema within the transaction\n")); |
|
174 err = TheDb.Execute(_L("CREATE TABLE C2(Id INTEGER, Z INTEGER)")); |
|
175 TEST2(err, KErrPermissionDenied); |
|
176 TheTest.Printf(_L("An attempt to execute an INSERT statement within the transaction\n")); |
|
177 err = TheDb.Execute(_L("INSERT INTO C VALUES(100)")); |
|
178 TEST2(err, KErrPermissionDenied); |
|
179 TheTest.Printf(_L("An attempt to modify the database within the transaction using RDbUpdate\n")); |
|
180 RDbUpdate update; |
|
181 err = update.Execute(TheDb, _L("INSERT INTO C VALUES(200)")); |
|
182 TEST2(err, KErrPermissionDenied); |
|
183 update.Close(); |
|
184 TheTest.Printf(_L("Rollback a transaction\n")); |
|
185 TheDb.Rollback(); |
|
186 } |
|
187 |
|
188 void DoTestL() |
|
189 { |
|
190 TheTest.Start(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0018 An app with \"None\" capabilities set ")); |
|
191 Test1L(); |
|
192 |
|
193 TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-3407 DEF103023-DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db ")); |
|
194 DEF103023L(); |
|
195 } |
|
196 |
|
197 TInt E32Main() |
|
198 { |
|
199 __UHEAP_MARK; |
|
200 CTrapCleanup* tc = CTrapCleanup::New(); |
|
201 TEST(tc != NULL); |
|
202 |
|
203 TInt err = TheDbs.Connect(); |
|
204 TEST2(err, KErrNone); |
|
205 |
|
206 TBuf<32> format; |
|
207 TheTest.Printf(_L("Open database\n")); |
|
208 format.Copy(KSecure); |
|
209 format.Append(KSecureDbUid.Name()); |
|
210 err = TheDb.Open(TheDbs, KDbName, format); |
|
211 TEST2(err, KErrNone); |
|
212 |
|
213 TRAP(err, DoTestL()); |
|
214 TEST2(err, KErrNone); |
|
215 |
|
216 TheView.Close(); |
|
217 TheTbl.Close(); |
|
218 TheDb.Close(); |
|
219 TheDbs.Close(); |
|
220 |
|
221 TheTest.End(); |
|
222 TheTest.Close(); |
|
223 |
|
224 delete tc; |
|
225 |
|
226 __UHEAP_MARKEND; |
|
227 User::Heap().Check(); |
|
228 return KErrNone; |
|
229 } |