diff -r 000000000000 -r 08ec8eefde2f persistentstorage/dbms/tdbms/t_dbplatsec5.cpp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/persistentstorage/dbms/tdbms/t_dbplatsec5.cpp Fri Jan 22 11:06:30 2010 +0200 @@ -0,0 +1,229 @@ +// Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies). +// All rights reserved. +// This component and the accompanying materials are made available +// under the terms of "Eclipse Public License v1.0" +// which accompanies this distribution, and is available +// at the URL "http://www.eclipse.org/legal/epl-v10.html". +// +// Initial Contributors: +// Nokia Corporation - initial contribution. +// +// Contributors: +// +// Description: +// DBMS security policy - testing new APIs. +// This test app has "None" capabilities, +// The UID policy file is 11335579.spd. +// The test uses C:TESTDB.DB secure shared database, which has tables A, B and C, each of them +// with at least one record. +// Please, ensure that t_dbenvcreate test is executed before t_dbplatsec/t_dbplatsecperf tests! +// Please, ensure that t_dbenvdestroy test is executed after t_dbplatsec/t_dbplatsecperf tests! +// +// + +#include +#include +#include "t_dbplatsecutl.h" + +const TUid KSecureDbUid = {0x11335579}; +_LIT(KSecure, "SECURE"); +_LIT(KDbName, "C:TestDB.DB"); +_LIT(KTblNameA, "A"); +_LIT(KTblNameB, "B"); +_LIT(KTblNameC, "C"); + +static RTest TheTest(_L("t_dbplatsec5: DBMS platform security testing - 5")); +static RDbs TheDbs; +static RDbNamedDatabase TheDb; +static RDbTable TheTbl; +static RDbView TheView; + +TDBSCUtils TheDbscUtils(TheTest, NULL); + +/** +@SYMTestCaseID SYSLIB-DBMS-CT-0018 +@SYMTestCaseDesc Open table test. + This test app has no capabilities and it is restricted to be able to + open tables B and C in read-only mode. +@SYMTestPriority High +@SYMTestActions Open table test. +@SYMTestExpectedResults The test must not fail. +@SYMREQ REQ2429 + DBMS shall provide an API to apply security policies to database tables. +*/ +static void Test1L() + { + TheTest.Printf(_L("An attempt to open tables in update/insert mode\n")); + //The test must fail, because the test app cannot satisfy table A, B, C, policy W. + TInt err = TheTbl.Open(TheDb, KTblNameA); + TEST2(err, KErrPermissionDenied); + err = TheTbl.Open(TheDb, KTblNameB); + TEST2(err, KErrPermissionDenied); + err = TheTbl.Open(TheDb, KTblNameC); + TEST2(err, KErrPermissionDenied); + + TheTest.Printf(_L("An attempt to open tables in read-only mode\n")); + //The test must pass for table B & C, but the test app cannot satisfy table A, policy R. + err = TheTbl.Open(TheDb, KTblNameA, RDbRowSet::EReadOnly); + TEST2(err, KErrPermissionDenied); + err = TheTbl.Open(TheDb, KTblNameB, RDbRowSet::EReadOnly); + TEST2(err, KErrNone); + TheTbl.Close(); + err = TheTbl.Open(TheDb, KTblNameC, RDbRowSet::EReadOnly); + TEST2(err, KErrNone); + TheTbl.Close(); + + TheTest.Printf(_L("An attempt to read tables\n")); + //The test must pass for table B & C, but the test app cannot satisfy table A, policy R. + err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM A"))); + TEST2(err, KErrPermissionDenied); + err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM B"))); + TEST2(err, KErrNone); + TInt cnt = TheView.CountL(); + TEST(cnt > 0); + TheView.Close(); + err = TheView.Prepare(TheDb, TDbQuery(_L("SELECT * FROM C"))); + TEST2(err, KErrNone); + cnt = TheView.CountL(); + TEST(cnt > 0); + TheView.Close(); + } + +/** +@SYMTestCaseID SYSLIB-DBMS-CT-3407 +@SYMTestCaseDesc Test for defect DEF103023 - DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db. + The current test application has no capabilities at all. + "C:TestDB.DB" database is a secure shared database with: + - no "READ" polycy (no restrictions apply to the database read operations); + - "WRITE" policy with "WriteUserData" capability defined; + - "SCHEMA" policy with "NetworkServices" capability defined; + - table C has no defined securoty policy, so the database security policy will be used; + The current test application should be able to: + - begin/commit/rollback a "read-only" transaction; + But should fail if: + - begin a transaction and try to modify the database within the transaction; + This test function asserts the test cases described above. +@SYMTestPriority High +@SYMTestActions Test for defect DEF103023 - DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db. +@SYMTestExpectedResults Test must not fail +@SYMDEF DEF103023 +*/ +void DEF103023L() + { + TheTest.Printf(_L("Begin a transaction. Read-only operations tested\n")); + TInt err = TheDb.Begin(); + TEST2(err, KErrNone); + TheTest.Printf(_L("Perform some read-only operations inside the transaction\n")); + err = TheView.Prepare(TheDb, _L("SELECT * FROM C")); + TEST2(err, KErrNone); + err = TheView.EvaluateAll(); + TEST2(err, KErrNone); + TInt cnt = TheView.CountL(); + TEST(cnt > 0); + TBool rc = TheView.FirstL(); + TEST(rc); + TheView.GetL(); + TInt val = TheView.ColInt32(1); + rc = TheView.LastL(); + TEST(rc); + rc = TheView.NextL(); + TEST(!rc); + rc = TheView.PreviousL(); + TEST(rc); + TheView.BeginningL(); + TheView.EndL(); + TheView.Close(); + TheTest.Printf(_L("Commit a transaction\n")); + err = TheDb.Commit(); + TEST2(err, KErrNone); + // + TheTest.Printf(_L("Begin a transaction. Read-only operations tested\n")); + err = TheDb.Begin(); + TEST2(err, KErrNone); + err = TheView.Prepare(TheDb, _L("SELECT * FROM C")); + TEST2(err, KErrNone); + err = TheView.EvaluateAll(); + TEST2(err, KErrNone); + cnt = TheView.CountL(); + TEST(cnt > 0); + TheView.Close(); + TheTest.Printf(_L("Rollback a transaction\n")); + TheDb.Rollback(); + // + TheTest.Printf(_L("Begin a transaction. Tested operations violate the database security\n")); + err = TheDb.Begin(); + TEST2(err, KErrNone); + err = TheView.Prepare(TheDb, _L("SELECT * FROM C")); + TEST2(err, KErrNone); + err = TheView.EvaluateAll(); + TEST2(err, KErrNone); + rc = TheView.FirstL(); + TEST(rc); + TheView.GetL(); + TheTest.Printf(_L("An attempt to update a record within the transaction\n")); + TRAP(err, TheView.UpdateL()); + TEST2(err, KErrPermissionDenied); + TheTest.Printf(_L("An attempt to delete a record within the transaction\n")); + TRAP(err, TheView.DeleteL()); + TEST2(err, KErrPermissionDenied); + TheTest.Printf(_L("An attempt to insert a record within the transaction\n")); + TRAP(err, TheView.InsertL()); + TEST2(err, KErrPermissionDenied); + TheView.Close(); + TheTest.Printf(_L("An attempt to modify the database schema within the transaction\n")); + err = TheDb.Execute(_L("CREATE TABLE C2(Id INTEGER, Z INTEGER)")); + TEST2(err, KErrPermissionDenied); + TheTest.Printf(_L("An attempt to execute an INSERT statement within the transaction\n")); + err = TheDb.Execute(_L("INSERT INTO C VALUES(100)")); + TEST2(err, KErrPermissionDenied); + TheTest.Printf(_L("An attempt to modify the database within the transaction using RDbUpdate\n")); + RDbUpdate update; + err = update.Execute(TheDb, _L("INSERT INTO C VALUES(200)")); + TEST2(err, KErrPermissionDenied); + update.Close(); + TheTest.Printf(_L("Rollback a transaction\n")); + TheDb.Rollback(); + } + +void DoTestL() + { + TheTest.Start(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-0018 An app with \"None\" capabilities set ")); + Test1L(); + + TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-DBMS-CT-3407 DEF103023-DBMS requires ReadDeviceData and WriteDeviceData capability to read from the db ")); + DEF103023L(); + } + +TInt E32Main() + { + __UHEAP_MARK; + CTrapCleanup* tc = CTrapCleanup::New(); + TEST(tc != NULL); + + TInt err = TheDbs.Connect(); + TEST2(err, KErrNone); + + TBuf<32> format; + TheTest.Printf(_L("Open database\n")); + format.Copy(KSecure); + format.Append(KSecureDbUid.Name()); + err = TheDb.Open(TheDbs, KDbName, format); + TEST2(err, KErrNone); + + TRAP(err, DoTestL()); + TEST2(err, KErrNone); + + TheView.Close(); + TheTbl.Close(); + TheDb.Close(); + TheDbs.Close(); + + TheTest.End(); + TheTest.Close(); + + delete tc; + + __UHEAP_MARKEND; + User::Heap().Check(); + return KErrNone; + }