1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
// Copyright (C) 2022 Bayerische Motoren Werke Aktiengesellschaft (BMW AG)
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
#include <memory>
#include <gtest/gtest.h>
#include "../../common/utility.hpp"
namespace {
std::string configuration_file { "/vsomeip/0_0/vsomeip_security.json" };
vsomeip_v3::uid_t valid_uid = 4002200;
vsomeip_v3::gid_t valid_gid = 4003014;
}
// Since this set of tests check a private method, there is the need to indirectly change the
// parameters used by load_policies, and check its changes using other methods.
// The remove_security_policy method checks if there is any loaded policy.
// The is_audit method checks the check_credentials value.
// No test was created for allow_remote_clients because it was inacessible.
TEST(load_policies, any_policies_present)
{
// LOADED POLICIES --------------------------------------------------------------------------//
std::unique_ptr<vsomeip_v3::policy_manager_impl> security(new vsomeip_v3::policy_manager_impl);
// Force load of some policies.
std::set<std::string> its_failed;
std::vector<vsomeip_v3::configuration_element> policy_elements;
std::set<std::string> input { utility::get_policies_path() + configuration_file };
utility::read_data(input, policy_elements, its_failed);
// Check if the load worked.
ASSERT_EQ(its_failed.size(), 0);
// Using load function to indirectly call load_policies.
security->load(policy_elements.at(0));
// Check that the policies were loaded from the file by trying to remove one of the loaded
// policies.
// If the policy is present, remove_security_policy returns true.
ASSERT_TRUE(security->remove_security_policy(valid_uid,valid_gid))
<< "Trying to remove a policy that is supposed to exist, but doesn't";
// POLICIES NOT LOADED -----------------------------------------------------------------------//
// Remove all the policies from the file.
policy_elements.at(0).tree_.get_child("security").erase("policies");
// Using load function to indirectly call load_policies.
security->load(policy_elements.at(0));
// Check that no policies were loaded.
ASSERT_FALSE(security->remove_security_policy(valid_uid,valid_gid))
<< "Trying to remove a policy should not exist, but it exists";
}
TEST(load_policies, check_credentials)
{
// CHECK CREDENTIALS NOT SET -----------------------------------------------------------------//
std::unique_ptr<vsomeip_v3::policy_manager_impl> security(new vsomeip_v3::policy_manager_impl);
// Force load of some policies without the check credentials value set.
std::set<std::string> its_failed;
std::vector<vsomeip_v3::configuration_element> policy_elements;
std::set<std::string> input { utility::get_policies_path() + configuration_file };
utility::read_data(input, policy_elements, its_failed);
// Check if the load worked.
ASSERT_EQ(its_failed.size(), 0);
security->load(policy_elements.at(0));
// Check that the check_credentials value was not set, using the is_audit method.
ASSERT_TRUE(security->is_audit())
<< "Check credentials value should be false when no value is loaded";
// CHECK CREDENTIALS SET TRUE ----------------------------------------------------------------//
// Load the check credentials value as false.
bool check_credentials_value {true};
policy_elements.at(0).tree_.add<bool>("security.check_credentials", check_credentials_value);
security->load(policy_elements.at(0));
// Check that the check_credentials flag was not set internally, using the is_audit method.
ASSERT_FALSE(security->is_audit())
<< "Check credentials flag should be true when the check_credential value is loaded as"
"true";
// CHECK CREDENTIALS SET FALSE ---------------------------------------------------------------//
// Load the check credentials value as false.
check_credentials_value = false;
policy_elements.at(0).tree_.put<bool>("security.check_credentials", check_credentials_value);
security->load(policy_elements.at(0));
// Check that the check_credentials flag was set false, using the is_audit method.
ASSERT_TRUE(security->is_audit())
<< "Check credentials flag should be false when the check_credential value is loaded as"
"false";
}
|