Merge lp:~unity-team/libusermetrics/security-review into lp:libusermetrics

Proposed by Pete Woods
Status: Merged
Approved by: Pete Woods
Approved revision: 140
Merged at revision: 139
Proposed branch: lp:~unity-team/libusermetrics/security-review
Merge into: lp:libusermetrics
Diff against target: 745 lines (+290/-153)
14 files modified
po/en_GB.po (+99/-95)
po/libusermetrics.pot (+12/-16)
src/usermetricsservice/Authentication.cpp (+13/-1)
src/usermetricsservice/Authentication.h (+7/-0)
src/usermetricsservice/DBusUserData.cpp (+2/-1)
src/usermetricsservice/DBusUserMetrics.cpp (+18/-8)
src/usermetricsservice/DBusUserMetrics.h (+2/-1)
src/usermetricsservice/database/DataSource.cpp (+5/-2)
src/usermetricsservice/database/DataSource.h (+4/-3)
src/usermetricsservice/main.cpp (+1/-1)
tests/data/broken-theme/default.xml (+7/-0)
tests/unit/usermetricsservice/CMakeLists.txt (+1/-0)
tests/unit/usermetricsservice/TestAuthentication.cpp (+62/-0)
tests/unit/usermetricsservice/TestUserMetricsService.cpp (+57/-25)
To merge this branch: bzr merge lp:~unity-team/libusermetrics/security-review
Reviewer Review Type Date Requested Status
PS Jenkins bot (community) continuous-integration Approve
Unity Team Pending
Review via email: mp+188540@code.launchpad.net

Commit message

Repond to security team's review

Description of the change

Repond to security team's review

To post a comment you must log in.
140. By Pete Woods

Handle new unconfined data sources with the same ID

Revision history for this message
PS Jenkins bot (ps-jenkins) wrote :
review: Needs Fixing (continuous-integration)
Revision history for this message
PS Jenkins bot (ps-jenkins) :
review: Approve (continuous-integration)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'po/en_GB.po'
2--- po/en_GB.po 2013-09-26 11:02:49 +0000
3+++ po/en_GB.po 2013-10-01 10:41:24 +0000
4@@ -7,7 +7,7 @@
5 msgstr ""
6 "Project-Id-Version: libusermetrics\n"
7 "Report-Msgid-Bugs-To: \n"
8-"POT-Creation-Date: 2013-09-26 16:22+0100\n"
9+"POT-Creation-Date: 2013-10-01 11:14+0100\n"
10 "PO-Revision-Date: 2013-07-05 15:09+0100\n"
11 "Last-Translator: Pete Woods <pete.woods@canonical.com>\n"
12 "Language-Team: British English <en@li.org>\n"
13@@ -17,17 +17,52 @@
14 "Content-Transfer-Encoding: 8bit\n"
15 "Plural-Forms: nplurals=2; plural=(n != 1);\n"
16
17+#: src/usermetricsservice/DBusUserData.cpp:99
18+msgid "Attempt to create data set owned by another application"
19+msgstr "Attempt to create data set owned by another application"
20+
21+#: src/usermetricsservice/DBusUserData.cpp:88
22+msgid "Attempt to create data set owned by another user"
23+msgstr "Attempt to create data set owned by another user"
24+
25+#: src/usermetricsservice/DBusUserMetrics.cpp:239
26+#, fuzzy
27+msgid "Attempt to create user data owned by another user"
28+msgstr "Attempt to create user data owned by another user"
29+
30+#: src/usermetricsservice/DBusDataSet.cpp:178
31+msgid "Attempt to increment data owned by another application"
32+msgstr "Attempt to increment data owned by another application"
33+
34+#: src/usermetricsservice/DBusDataSet.cpp:170
35+msgid "Attempt to increment data owned by another user"
36+msgstr "Attempt to increment data owned by another user"
37+
38+#: src/usermetricsservice/DBusDataSet.cpp:151
39+msgid "Attempt to update data owned by another application"
40+msgstr "Attempt to update data owned by another application"
41+
42+#: src/usermetricsservice/DBusDataSet.cpp:143
43+msgid "Attempt to update data owned by another user"
44+msgstr "Attempt to update data owned by another user"
45+
46+#: src/libusermetricsoutput/GSettingsColorThemeProvider.cpp:99
47+#, qt-format
48+msgid "Cannot open XML file '%1' for reading"
49+msgstr ""
50+
51 #: src/usermetricsservice/main.cpp:59
52 msgid "Could not open database"
53 msgstr "Could not open database"
54
55-#: src/usermetricsservice/main.cpp:72
56-msgid "Unable to register user metrics service on DBus"
57-msgstr "Unable to register user metrics service on DBus"
58+#: src/usermetricsservice/DBusUserData.cpp:49
59+msgid "Could not register user data object with DBus"
60+msgstr "Could not register user data object with DBus"
61
62-#: src/usermetricsservice/main.cpp:82
63-msgid "Unable to unregister user metrics service on DBus"
64-msgstr "Unable to unregister user metrics service on DBus"
65+#: src/usermetricsservice/DBusDataSet.cpp:127
66+#: src/usermetricsservice/DBusUserData.cpp:123
67+msgid "Could not save data set"
68+msgstr "Could not save data set"
69
70 #: src/usermetricsservice/DBusDataSource.cpp:68
71 #: src/usermetricsservice/DBusDataSource.cpp:86
72@@ -38,118 +73,87 @@
73 #: src/usermetricsservice/DBusDataSource.cpp:190
74 #: src/usermetricsservice/DBusDataSource.cpp:216
75 #: src/usermetricsservice/DBusDataSource.cpp:234
76-#: src/usermetricsservice/DBusUserMetrics.cpp:174
77+#: src/usermetricsservice/DBusUserMetrics.cpp:177
78 msgid "Could not save data source"
79 msgstr "Couldn't save data source"
80
81-#: src/usermetricsservice/DBusUserMetrics.cpp:54
82-msgid "Unable to register user metrics object on DBus"
83-msgstr "Unable to register user metrics object on DBus"
84-
85-#: src/usermetricsservice/DBusUserMetrics.cpp:140
86-msgid "Data source query failed"
87-msgstr "Data source query failed"
88-
89-#: src/usermetricsservice/DBusUserMetrics.cpp:190
90-msgid "Attempt to create data source owned by another application"
91-msgstr "Attempt to create data source owned by another application"
92-
93-#: src/usermetricsservice/DBusUserMetrics.cpp:241
94-#, fuzzy
95-msgid "Attempt to create user data owned by another user"
96-msgstr "Attempt to create user data owned by another user"
97-
98-#: src/usermetricsservice/DBusUserMetrics.cpp:250
99-msgid "User data query failed"
100-msgstr "User data query failed"
101-
102-#: src/usermetricsservice/DBusUserMetrics.cpp:259
103+#: src/usermetricsservice/DBusUserMetrics.cpp:257
104 msgid "Could not save user data"
105 msgstr "Couldn't save user data"
106
107-#: src/usermetricsservice/DBusDataSet.cpp:127
108-#: src/usermetricsservice/DBusUserData.cpp:122
109-msgid "Could not save data set"
110-msgstr "Could not save data set"
111-
112-#: src/usermetricsservice/DBusDataSet.cpp:143
113-msgid "Attempt to update data owned by another user"
114-msgstr "Attempt to update data owned by another user"
115-
116-#: src/usermetricsservice/DBusDataSet.cpp:151
117-msgid "Attempt to update data owned by another application"
118-msgstr "Attempt to update data owned by another application"
119-
120-#: src/usermetricsservice/DBusDataSet.cpp:170
121-msgid "Attempt to increment data owned by another user"
122-msgstr "Attempt to increment data owned by another user"
123-
124-#: src/usermetricsservice/DBusDataSet.cpp:178
125-msgid "Attempt to increment data owned by another application"
126-msgstr "Attempt to increment data owned by another application"
127-
128-#: src/usermetricsservice/DBusUserData.cpp:49
129-msgid "Could not register user data object with DBus"
130-msgstr "Could not register user data object with DBus"
131-
132-#: src/usermetricsservice/DBusUserData.cpp:79
133-msgid "Unknown data source"
134-msgstr "Unknown data source"
135-
136-#: src/usermetricsservice/DBusUserData.cpp:88
137-msgid "Attempt to create data set owned by another user"
138-msgstr "Attempt to create data set owned by another user"
139-
140-#: src/usermetricsservice/DBusUserData.cpp:98
141-msgid "Attempt to create data set owned by another application"
142-msgstr "Attempt to create data set owned by another application"
143-
144-#: src/usermetricsservice/DBusUserData.cpp:109
145+#: src/libusermetricsinput/main.cpp:37
146+msgid "DATA_SOURCE_ID FORMAT_STRING EMPTY_DATA_STRING USERNAME <DATA>"
147+msgstr "DATA_SOURCE_ID FORMAT_STRING EMPTY_DATA_STRING USERNAME <DATA>"
148+
149+#: src/libusermetricsinput/main-increment.cpp:37
150+#, fuzzy
151+msgid "DATA_SOURCE_ID FORMAT_STRING EMPTY_DATA_STRING USERNAME [AMOUNT]"
152+msgstr "DATA_SOURCE_ID FORMAT_STRING EMPTY_DATA_STRING USERNAME [AMOUNT]"
153+
154+#: src/usermetricsservice/DBusUserData.cpp:110
155 msgid "Data set query failed"
156 msgstr "Data set query failed"
157
158-#: src/usermetricsservice/DBusUserData.cpp:132
159-msgid "New data set could not be found"
160-msgstr "New data set couldn't be found"
161+#: src/libusermetricsoutput/UserMetricsImpl.cpp:260
162+msgid "Data source not found"
163+msgstr "Data source not found"
164+
165+#: src/usermetricsservice/DBusUserMetrics.cpp:143
166+msgid "Data source query failed"
167+msgstr "Data source query failed"
168
169 #: src/modules/UserMetrics/Metric.cpp:28
170 msgid "Failed to connect to metrics service:"
171 msgstr "Failed to connect to metrics service:"
172
173+#: src/modules/UserMetrics/Metric.cpp:115
174+msgid "Failed to increment metric:"
175+msgstr ""
176+
177 #: src/modules/UserMetrics/Metric.cpp:102
178 msgid "Failed to register user metric:"
179 msgstr "Failed to register user metric:"
180
181-#: src/modules/UserMetrics/Metric.cpp:115
182-msgid "Failed to increment metric:"
183-msgstr ""
184-
185 #: src/modules/UserMetrics/Metric.cpp:127
186 msgid "Failed to update metric:"
187 msgstr "Failed to update metric:"
188
189+#: src/usermetricsservice/DBusUserData.cpp:133
190+msgid "New data set could not be found"
191+msgstr "New data set couldn't be found"
192+
193+#: src/libusermetricsoutput/UserMetricsImpl.cpp:266
194+msgid "No data for today"
195+msgstr "No data for today"
196+
197+#: src/libusermetricsoutput/UserMetricsImpl.cpp:198
198+msgid "No data sources available"
199+msgstr "No data sources available"
200+
201+#: src/usermetricsservice/DBusUserMetrics.cpp:54
202+msgid "Unable to register user metrics object on DBus"
203+msgstr "Unable to register user metrics object on DBus"
204+
205+#: src/usermetricsservice/main.cpp:72
206+msgid "Unable to register user metrics service on DBus"
207+msgstr "Unable to register user metrics service on DBus"
208+
209+#: src/usermetricsservice/main.cpp:82
210+msgid "Unable to unregister user metrics service on DBus"
211+msgstr "Unable to unregister user metrics service on DBus"
212+
213+#: src/usermetricsservice/DBusUserData.cpp:79
214+msgid "Unknown data source"
215+msgstr "Unknown data source"
216+
217 #: src/libusermetricsinput/main-increment.cpp:35
218 #: src/libusermetricsinput/main.cpp:35
219 msgid "Usage: "
220 msgstr "Usage: "
221
222-#: src/libusermetricsinput/main-increment.cpp:37
223-#, fuzzy
224-msgid "DATA_SOURCE_ID FORMAT_STRING EMPTY_DATA_STRING USERNAME [AMOUNT]"
225-msgstr "DATA_SOURCE_ID FORMAT_STRING EMPTY_DATA_STRING USERNAME [AMOUNT]"
226-
227-#: src/libusermetricsinput/main.cpp:37
228-msgid "DATA_SOURCE_ID FORMAT_STRING EMPTY_DATA_STRING USERNAME <DATA>"
229-msgstr "DATA_SOURCE_ID FORMAT_STRING EMPTY_DATA_STRING USERNAME <DATA>"
230-
231-#: src/libusermetricsoutput/UserMetricsImpl.cpp:198
232-msgid "No data sources available"
233-msgstr "No data sources available"
234-
235-#: src/libusermetricsoutput/UserMetricsImpl.cpp:260
236-msgid "Data source not found"
237-msgstr "Data source not found"
238-
239-#: src/libusermetricsoutput/UserMetricsImpl.cpp:266
240-msgid "No data for today"
241-msgstr "No data for today"
242+#: src/usermetricsservice/DBusUserMetrics.cpp:248
243+msgid "User data query failed"
244+msgstr "User data query failed"
245+
246+#~ msgid "Attempt to create data source owned by another application"
247+#~ msgstr "Attempt to create data source owned by another application"
248
249=== modified file 'po/libusermetrics.pot'
250--- po/libusermetrics.pot 2013-09-26 11:02:49 +0000
251+++ po/libusermetrics.pot 2013-10-01 10:41:24 +0000
252@@ -8,7 +8,7 @@
253 msgstr ""
254 "Project-Id-Version: libusermetrics\n"
255 "Report-Msgid-Bugs-To: \n"
256-"POT-Creation-Date: 2013-09-26 16:22+0100\n"
257+"POT-Creation-Date: 2013-10-01 11:16+0100\n"
258 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
259 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
260 "Language-Team: LANGUAGE <LL@li.org>\n"
261@@ -38,7 +38,7 @@
262 #: src/usermetricsservice/DBusDataSource.cpp:190
263 #: src/usermetricsservice/DBusDataSource.cpp:216
264 #: src/usermetricsservice/DBusDataSource.cpp:234
265-#: src/usermetricsservice/DBusUserMetrics.cpp:174
266+#: src/usermetricsservice/DBusUserMetrics.cpp:177
267 msgid "Could not save data source"
268 msgstr ""
269
270@@ -46,28 +46,24 @@
271 msgid "Unable to register user metrics object on DBus"
272 msgstr ""
273
274-#: src/usermetricsservice/DBusUserMetrics.cpp:140
275+#: src/usermetricsservice/DBusUserMetrics.cpp:143
276 msgid "Data source query failed"
277 msgstr ""
278
279-#: src/usermetricsservice/DBusUserMetrics.cpp:190
280-msgid "Attempt to create data source owned by another application"
281-msgstr ""
282-
283-#: src/usermetricsservice/DBusUserMetrics.cpp:241
284+#: src/usermetricsservice/DBusUserMetrics.cpp:239
285 msgid "Attempt to create user data owned by another user"
286 msgstr ""
287
288-#: src/usermetricsservice/DBusUserMetrics.cpp:250
289+#: src/usermetricsservice/DBusUserMetrics.cpp:248
290 msgid "User data query failed"
291 msgstr ""
292
293-#: src/usermetricsservice/DBusUserMetrics.cpp:259
294+#: src/usermetricsservice/DBusUserMetrics.cpp:257
295 msgid "Could not save user data"
296 msgstr ""
297
298 #: src/usermetricsservice/DBusDataSet.cpp:127
299-#: src/usermetricsservice/DBusUserData.cpp:122
300+#: src/usermetricsservice/DBusUserData.cpp:123
301 msgid "Could not save data set"
302 msgstr ""
303
304@@ -99,15 +95,15 @@
305 msgid "Attempt to create data set owned by another user"
306 msgstr ""
307
308-#: src/usermetricsservice/DBusUserData.cpp:98
309+#: src/usermetricsservice/DBusUserData.cpp:99
310 msgid "Attempt to create data set owned by another application"
311 msgstr ""
312
313-#: src/usermetricsservice/DBusUserData.cpp:109
314+#: src/usermetricsservice/DBusUserData.cpp:110
315 msgid "Data set query failed"
316 msgstr ""
317
318-#: src/usermetricsservice/DBusUserData.cpp:132
319+#: src/usermetricsservice/DBusUserData.cpp:133
320 msgid "New data set could not be found"
321 msgstr ""
322
323@@ -152,7 +148,7 @@
324 msgid "No data for today"
325 msgstr ""
326
327-#: src/libusermetricsoutput/GSettingsColorThemeProvider.cpp:79
328+#: src/libusermetricsoutput/GSettingsColorThemeProvider.cpp:99
329 #, qt-format
330 msgid "Cannot open XML file '%1' for reading"
331-msgstr ""
332\ No newline at end of file
333+msgstr ""
334
335=== modified file 'src/usermetricsservice/Authentication.cpp'
336--- src/usermetricsservice/Authentication.cpp 2013-09-24 16:20:00 +0000
337+++ src/usermetricsservice/Authentication.cpp 2013-10-01 10:41:24 +0000
338@@ -26,7 +26,9 @@
339
340 namespace UserMetricsService {
341
342-Authentication::Authentication() {
343+Authentication::Authentication() :
344+ m_clickRegex(
345+ "[a-z0-9][a-z0-9+.-]+_[a-zA-Z0-9+.-]+_[0-9][a-zA-Z0-9.+:~-]*") {
346 }
347
348 Authentication::~Authentication() {
349@@ -48,6 +50,8 @@
350 QString confinementContext(QString::fromUtf8(con));
351 free(con);
352
353+ canonicalizeConfinementContext(confinementContext);
354+
355 return confinementContext;
356 }
357
358@@ -89,4 +93,12 @@
359 }
360 }
361
362+void Authentication::canonicalizeConfinementContext(
363+ QString &confinementContext) const {
364+ if (m_clickRegex.exactMatch(confinementContext)) {
365+ QStringList split(confinementContext.split("_"));
366+ confinementContext = split.first();
367+ }
368+}
369+
370 } /* namespace UserMetricsService */
371
372=== modified file 'src/usermetricsservice/Authentication.h'
373--- src/usermetricsservice/Authentication.h 2013-09-24 16:20:00 +0000
374+++ src/usermetricsservice/Authentication.h 2013-10-01 10:41:24 +0000
375@@ -20,6 +20,7 @@
376 #define USERMETRICSSERVICE_AUTHENTICATION_H_
377
378 #include <QtCore/QString>
379+#include <QtCore/QRegExp>
380 #include <QtDBus/QDBusError>
381
382 QT_BEGIN_NAMESPACE
383@@ -41,6 +42,12 @@
384
385 virtual void sendErrorReply(const QDBusContext &context,
386 QDBusError::ErrorType type, const QString &msg = QString()) const;
387+
388+ virtual void canonicalizeConfinementContext(
389+ QString &confinementContext) const;
390+
391+protected:
392+ QRegExp m_clickRegex;
393 };
394
395 }
396
397=== modified file 'src/usermetricsservice/DBusUserData.cpp'
398--- src/usermetricsservice/DBusUserData.cpp 2013-09-24 16:33:47 +0000
399+++ src/usermetricsservice/DBusUserData.cpp 2013-10-01 10:41:24 +0000
400@@ -91,7 +91,8 @@
401
402 QString confinementContext(m_authentication->getConfinementContext(*this));
403 DataSource dataSource;
404- DataSource::findByName(dataSourceName, &dataSource);
405+ DataSource::findByNameAndSecret(dataSourceName, confinementContext,
406+ &dataSource);
407 if (dataSource.secret() != "unconfined"
408 && dataSource.secret() != confinementContext) {
409 m_authentication->sendErrorReply(*this, QDBusError::AccessDenied,
410
411=== modified file 'src/usermetricsservice/DBusUserMetrics.cpp'
412--- src/usermetricsservice/DBusUserMetrics.cpp 2013-09-25 10:09:12 +0000
413+++ src/usermetricsservice/DBusUserMetrics.cpp 2013-10-01 10:41:24 +0000
414@@ -134,7 +134,21 @@
415 QDjangoQuerySet<DataSource> dataSourcesQuery;
416 QDjangoQuerySet<DataSource> query(
417 dataSourcesQuery.filter(
418- QDjangoWhere("name", QDjangoWhere::Equals, name)));
419+ QDjangoWhere("name", QDjangoWhere::Equals, name)
420+ && QDjangoWhere("secret", QDjangoWhere::Equals,
421+ confinementContext)));
422+
423+ if (query.size() == -1) {
424+ throw logic_error(_("Data source query failed"));
425+ }
426+
427+ // If there is both an unconfined one and a confined one
428+ if (query.size() == 0) {
429+ query = dataSourcesQuery.filter(
430+ QDjangoWhere("name", QDjangoWhere::Equals, name)
431+ && QDjangoWhere("secret", QDjangoWhere::Equals,
432+ "unconfined"));
433+ }
434
435 if (query.size() == -1) {
436 throw logic_error(_("Data source query failed"));
437@@ -184,11 +198,6 @@
438 if (confinementContext != "unconfined") {
439 dbusDataSource->setSecret(confinementContext);
440 }
441- } else if (dataSource.secret() != confinementContext) {
442- m_authentication->sendErrorReply(*this, QDBusError::AccessDenied,
443- _(
444- "Attempt to create data source owned by another application"));
445- return QDBusObjectPath();
446 }
447
448 if (dataSource.formatString() != formatString) {
449@@ -267,9 +276,10 @@
450 return QDBusObjectPath((*m_userData.constFind(userData.id()))->path());
451 }
452
453-DBusDataSourcePtr DBusUserMetrics::dataSource(const QString &name) const {
454+DBusDataSourcePtr DBusUserMetrics::dataSource(const QString &name,
455+ const QString &secret) const {
456 DataSource dataSource;
457- DataSource::findByName(name, &dataSource);
458+ DataSource::findByNameAndSecret(name, secret, &dataSource);
459
460 return m_dataSources.value(dataSource.id());
461 }
462
463=== modified file 'src/usermetricsservice/DBusUserMetrics.h'
464--- src/usermetricsservice/DBusUserMetrics.h 2013-09-24 11:26:56 +0000
465+++ src/usermetricsservice/DBusUserMetrics.h 2013-10-01 10:41:24 +0000
466@@ -60,7 +60,8 @@
467 const QString &formatString, const QString &emptyDataString,
468 const QString &textDomain, int type, const QVariantMap &options);
469
470- QSharedPointer<DBusDataSource> dataSource(const QString &name) const;
471+ QSharedPointer<DBusDataSource> dataSource(const QString &name,
472+ const QString &secret = QString("unconfined")) const;
473
474 QList<QDBusObjectPath> userDatas() const;
475
476
477=== modified file 'src/usermetricsservice/database/DataSource.cpp'
478--- src/usermetricsservice/database/DataSource.cpp 2013-09-24 11:26:56 +0000
479+++ src/usermetricsservice/database/DataSource.cpp 2013-10-01 10:41:24 +0000
480@@ -123,9 +123,12 @@
481 QDjangoWhere("id", QDjangoWhere::Equals, id), dataSource);
482 }
483
484-void DataSource::findByName(const QString &name, DataSource *dataSource) {
485+void DataSource::findByNameAndSecret(const QString &name, const QString &secret,
486+ DataSource *dataSource) {
487 QDjangoQuerySet<DataSource>().get(
488- QDjangoWhere("name", QDjangoWhere::Equals, name), dataSource);
489+ QDjangoWhere("name", QDjangoWhere::Equals, name)
490+ && QDjangoWhere("secret", QDjangoWhere::Equals, secret),
491+ dataSource);
492 }
493
494 bool DataSource::exists(const QString &name) {
495
496=== modified file 'src/usermetricsservice/database/DataSource.h'
497--- src/usermetricsservice/database/DataSource.h 2013-09-24 11:26:56 +0000
498+++ src/usermetricsservice/database/DataSource.h 2013-10-01 10:41:24 +0000
499@@ -48,10 +48,10 @@
500
501 Q_PROPERTY(double maximum READ maximum WRITE setMaximum)
502
503+Q_CLASSINFO("__meta__", "unique_together=name,secret")
504+
505 Q_CLASSINFO("id", "primary_key=true auto_increment=true")
506
507-Q_CLASSINFO("name", "unique=true")
508-
509 public:
510 explicit DataSource(QObject *parent = 0);
511
512@@ -59,7 +59,8 @@
513
514 static void findById(int id, DataSource *dataSource);
515
516- static void findByName(const QString &name, DataSource *dataSource);
517+ static void findByNameAndSecret(const QString &name, const QString &secret,
518+ DataSource *dataSource);
519
520 static bool exists(const QString &name);
521
522
523=== modified file 'src/usermetricsservice/main.cpp'
524--- src/usermetricsservice/main.cpp 2013-09-24 11:26:56 +0000
525+++ src/usermetricsservice/main.cpp 2013-10-01 10:41:24 +0000
526@@ -46,7 +46,7 @@
527 bindtextdomain(GETTEXT_PACKAGE, LOCALEDIR);
528 textdomain(GETTEXT_PACKAGE);
529
530- QString databaseName("/var/lib/usermetrics/usermetrics5.db");
531+ QString databaseName("/var/lib/usermetrics/usermetrics6.db");
532 QStringList arguments(application.arguments());
533 if (arguments.size() == 2) {
534 databaseName = arguments.at(1);
535
536=== added directory 'tests/data/broken-theme'
537=== added file 'tests/data/broken-theme/default.xml'
538--- tests/data/broken-theme/default.xml 1970-01-01 00:00:00 +0000
539+++ tests/data/broken-theme/default.xml 2013-10-01 10:41:24 +0000
540@@ -0,0 +1,7 @@
541+<?xml version="1.0" encoding="UTF-8"?>
542+<themes xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
543+ xsi:noNamespaceSchemaLocation="color-theme.xsd">
544+ <theme>
545+ <foreground start="#e54c19" main="#ff9900" end="#e54c19" />
546+ </theme>
547+</themes>
548\ No newline at end of file
549
550=== modified file 'tests/unit/usermetricsservice/CMakeLists.txt'
551--- tests/unit/usermetricsservice/CMakeLists.txt 2013-08-15 09:06:26 +0000
552+++ tests/unit/usermetricsservice/CMakeLists.txt 2013-10-01 10:41:24 +0000
553@@ -1,6 +1,7 @@
554
555 set(
556 USERMETRICSSERVICE_UNIT_TESTS_SRC
557+ TestAuthentication.cpp
558 TestUserMetricsService.cpp
559 )
560
561
562=== added file 'tests/unit/usermetricsservice/TestAuthentication.cpp'
563--- tests/unit/usermetricsservice/TestAuthentication.cpp 1970-01-01 00:00:00 +0000
564+++ tests/unit/usermetricsservice/TestAuthentication.cpp 2013-10-01 10:41:24 +0000
565@@ -0,0 +1,62 @@
566+/*
567+ * Copyright (C) 2013 Canonical, Ltd.
568+ *
569+ * This program is free software; you can redistribute it and/or modify
570+ * it under the terms of the GNU General Public License as published by
571+ * the Free Software Foundation; version 3.
572+ *
573+ * This program is distributed in the hope that it will be useful,
574+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
575+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
576+ * GNU General Public License for more details.
577+ *
578+ * You should have received a copy of the GNU General Public License
579+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
580+ *
581+ * Author: Pete Woods <pete.woods@canonical.com>
582+ */
583+
584+#include <stdexcept>
585+
586+#include <usermetricsservice/Authentication.h>
587+
588+#include <gtest/gtest.h>
589+
590+using namespace testing;
591+using namespace UserMetricsService;
592+
593+namespace {
594+
595+class TestAuthentication: public Test {
596+protected:
597+ TestAuthentication() {
598+ }
599+
600+ virtual ~TestAuthentication() {
601+ }
602+
603+ void checkCanoncialize(const QString &expected,
604+ const QString &confinementContext) {
605+ QString input(confinementContext);
606+ auth.canonicalizeConfinementContext(input);
607+ EXPECT_EQ(expected, input);
608+ }
609+
610+ Authentication auth;
611+};
612+
613+TEST_F(TestAuthentication, CanonicalizesContexts) {
614+ checkCanoncialize("com.ubuntu.dropping-letters",
615+ "com.ubuntu.dropping-letters_dropping-letters_0.1.2.2");
616+}
617+
618+TEST_F(TestAuthentication, IgnoresFullPaths) {
619+ checkCanoncialize("/foo/bar/baz", "/foo/bar/baz");
620+}
621+
622+TEST_F(TestAuthentication, IgnoresNormalNames) {
623+ checkCanoncialize("my_cool_app", "my_cool_app");
624+}
625+
626+} // namespace
627+
628
629=== modified file 'tests/unit/usermetricsservice/TestUserMetricsService.cpp'
630--- tests/unit/usermetricsservice/TestUserMetricsService.cpp 2013-09-25 10:09:12 +0000
631+++ tests/unit/usermetricsservice/TestUserMetricsService.cpp 2013-10-01 10:41:24 +0000
632@@ -629,7 +629,7 @@
633 EXPECT_EQ(QDBusObjectPath(), alice->createDataSet("twitter"));
634 }
635
636-TEST_F(TestUserMetricsService, CantCreateAnotherAppsData) {
637+TEST_F(TestUserMetricsService, AppsDataIsScopedBySecret) {
638 ON_CALL(*authentication, getConfinementContext(
639 _)).WillByDefault(Return(QString("/bin/twitter")));
640
641@@ -649,10 +649,7 @@
642 ON_CALL(*authentication, getConfinementContext(
643 _)).WillByDefault(Return(QString("/bin/facebook")));
644
645- EXPECT_CALL(*authentication,
646- sendErrorReply(_, QDBusError::AccessDenied, QString("Attempt to create data source owned by another application")));
647-
648- ASSERT_EQ(QDBusObjectPath(),
649+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSource(2)),
650 userMetrics.createDataSource("twitter", "foo", "", "", 0,
651 QVariantMap()));
652 }
653@@ -711,12 +708,14 @@
654 authentication);
655 userMetrics.createDataSource("twitter", "foo", "", "", 0, QVariantMap());
656
657- ASSERT_NE(QDBusObjectPath(), userMetrics.createUserData("alice"));
658+ ASSERT_EQ(QDBusObjectPath(DBusPaths::userData(1)),
659+ userMetrics.createUserData("alice"));
660
661 DBusUserDataPtr alice(userMetrics.userData("alice"));
662 ASSERT_FALSE(alice.isNull());
663
664- ASSERT_NE(QDBusObjectPath(), alice->createDataSet("twitter"));
665+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSet(1)),
666+ alice->createDataSet("twitter"));
667 DBusDataSetPtr twitter(alice->dataSet("twitter"));
668
669 twitter->update(QVariantList() << 1.0 << 0.0);
670@@ -747,24 +746,57 @@
671 DBusUserMetrics userMetrics(systemConnection(), dateFactory,
672 authentication);
673
674- ASSERT_NE(QDBusObjectPath(),
675- userMetrics.createDataSource("twitter", "foo", "", "", 0,
676- QVariantMap()));
677-
678- ON_CALL(*authentication, getConfinementContext(
679- _)).WillByDefault(Return(QString("/bin/twitter")));
680-
681- ASSERT_NE(QDBusObjectPath(),
682- userMetrics.createDataSource("twitter", "foo", "", "", 0,
683- QVariantMap()));
684-
685- ON_CALL(*authentication, getConfinementContext(
686- _)).WillByDefault(Return(QString("/bin/facebook")));
687-
688- EXPECT_CALL(*authentication,
689- sendErrorReply(_, QDBusError::AccessDenied, QString("Attempt to create data source owned by another application")));
690-
691- ASSERT_EQ(QDBusObjectPath(),
692+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSource(1)),
693+ userMetrics.createDataSource("twitter", "foo", "", "", 0,
694+ QVariantMap()));
695+
696+ ON_CALL(*authentication, getConfinementContext(
697+ _)).WillByDefault(Return(QString("/bin/twitter")));
698+
699+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSource(1)),
700+ userMetrics.createDataSource("twitter", "foo", "", "", 0,
701+ QVariantMap()));
702+
703+ ON_CALL(*authentication, getConfinementContext(
704+ _)).WillByDefault(Return(QString("/bin/facebook")));
705+
706+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSource(2)),
707+ userMetrics.createDataSource("twitter", "foo", "", "", 0,
708+ QVariantMap()));
709+}
710+
711+TEST_F(TestUserMetricsService, SharedDataSourceIdWrangling) {
712+ EXPECT_CALL(*dateFactory, currentDate()).WillRepeatedly(
713+ Return(QDate(2001, 3, 5)));
714+
715+ DBusUserMetrics userMetrics(systemConnection(), dateFactory,
716+ authentication);
717+
718+ ON_CALL(*authentication, getConfinementContext(
719+ _)).WillByDefault(Return(QString("/bin/twitter")));
720+
721+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSource(1)),
722+ userMetrics.createDataSource("twitter", "foo", "", "", 0,
723+ QVariantMap()));
724+
725+ ON_CALL(*authentication, getConfinementContext(
726+ _)).WillByDefault(Return(QString("unconfined")));
727+
728+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSource(2)),
729+ userMetrics.createDataSource("twitter", "foo", "", "", 0,
730+ QVariantMap()));
731+
732+ ON_CALL(*authentication, getConfinementContext(
733+ _)).WillByDefault(Return(QString("/bin/twitter")));
734+
735+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSource(1)),
736+ userMetrics.createDataSource("twitter", "foo", "", "", 0,
737+ QVariantMap()));
738+
739+ ON_CALL(*authentication, getConfinementContext(
740+ _)).WillByDefault(Return(QString("/bin/facebook")));
741+
742+ ASSERT_EQ(QDBusObjectPath(DBusPaths::dataSource(2)),
743 userMetrics.createDataSource("twitter", "foo", "", "", 0,
744 QVariantMap()));
745 }

Subscribers

People subscribed via source and target branches

to all changes: