[CP-2] I don't want to see data from Pure in Center when Pure is locked [CP-48] Re-enabled USB security [CP-49] Update test harness with usb security
13 files changed, 90 insertions(+), 16 deletions(-) M image/user/db/sms_003.sql M module-apps/application-settings-new/ApplicationSettings.cpp M module-services/service-desktop/ServiceDesktop.cpp M module-services/service-desktop/USBSecurityModel.cpp M test/pytest/service-bluetooth/test_pairing_hmi_perspective.py M test/pytest/service-desktop/test_backup.py M test/pytest/service-desktop/test_battery_file.py M test/pytest/service-desktop/test_calendar.py M test/pytest/service-desktop/test_device_info.py M test/pytest/service-desktop/test_restore.py A test/pytest/service-desktop/test_security.py M test/pytest/service-desktop/test_templates.py M test/pytest/test_call_back.py
M image/user/db/sms_003.sql => image/user/db/sms_003.sql +7 -6
@@ 1,16 1,17 @@ -- Copyright (c) 2017-2021, Mudita Sp. z.o.o. All rights reserved. -- For licensing, see https://github.com/mudita/MuditaOS/LICENSE.md BEGIN TRANSACTION; INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (5,1,1,1618907731,3,2,'Hi! How are you today?',8); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (6,1,1,1618907732,3,2,'I hope you''re feeling better now...',2); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (7,2,2,1547492320,3,0,'Thank you for today!' || CHAR(10) || 'You chose a fantastic place :)',8); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (8,2,2,1547492320,4,0,'It was great seeing you too :*',4); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (14,1,1,1618907733,3,2,'Thanks :) Today is better than yesterday',4); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (1,2,2,1547492320,3,0,'Thank you for today!' || CHAR(10) || 'You chose a fantastic place :)',8); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (2,2,2,1547492321,4,0,'It was great seeing you too :*',4); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (3,1,1,1618907731,3,2,'Hi! How are you today?',8); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (4,1,1,1618907732,3,2,'I hope you''re feeling better now...',8); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (5,1,1,1618907733,3,2,'Thanks :) Today is better than yesterday',4); INSERT OR REPLACE INTO "sms" ("_id","thread_id","contact_id","date","date_send","error_code","body","type") VALUES (6,1,1,1618907734,3,2,'I''m happy to hear that :)',8); INSERT OR REPLACE INTO "templates" ("_id","text","lastUsageTimestamp") VALUES (1,'Thanks for reaching out. I can''t talk right now, I''ll call you later',4); INSERT OR REPLACE INTO "templates" ("_id","text","lastUsageTimestamp") VALUES (2,'I''ll call you later',3); INSERT OR REPLACE INTO "templates" ("_id","text","lastUsageTimestamp") VALUES (3,'I''ll be there in 15 minutes',2); INSERT OR REPLACE INTO "templates" ("_id","text","lastUsageTimestamp") VALUES (4,'Some test template number, which is too long to be displayed.',1); INSERT OR REPLACE INTO "templates" ("_id","text","lastUsageTimestamp") VALUES (5,'Give me 5 minutes',5); INSERT OR REPLACE INTO "threads" ("_id","date","msg_count","read","contact_id","number_id","snippet","last_dir") VALUES (1,1574335694,3,1,1,1,'Thanks :) Today is better than yesterday',4); INSERT OR REPLACE INTO "threads" ("_id","date","msg_count","read","contact_id","number_id","snippet","last_dir") VALUES (1,1574335694,3,1,1,1,'I''m happy to hear that :)',4); INSERT OR REPLACE INTO "threads" ("_id","date","msg_count","read","contact_id","number_id","snippet","last_dir") VALUES (2,1618910720,2,0,2,2,'It was great seeing you too :*',4); COMMIT;
M module-apps/application-settings-new/ApplicationSettings.cpp => module-apps/application-settings-new/ApplicationSettings.cpp +1 -3
@@ 300,12 300,10 @@ namespace app ::settings::Cellular::volte_on, [this](const std::string &value) { volteChanged(value); }, ::settings::SettingsScope::Global); /* settings->registerValueChange( ::settings::SystemProperties::usbSecurity, [this](std::string value) { usbSecured = utils::getNumericValue<bool>(value); }, [this](const std::string &value) { usbSecured = utils::getNumericValue<bool>(value); }, ::settings::SettingsScope::Global); */ settings->registerValueChange( ::settings::Cellular::offlineMode, [this](const std::string &value) { flightModeOn = utils::getNumericValue<bool>(value); },
M module-services/service-desktop/ServiceDesktop.cpp => module-services/service-desktop/ServiceDesktop.cpp +13 -4
@@ 261,8 261,18 @@ sys::ReturnCodes ServiceDesktop::InitHandler() }); connect(typeid(locks::UnlockedPhone), [&](sys::Message *msg) { LOG_INFO("Passcode accepted. Enabling endpoints."); usbSecurityModel->setEndpointSecurity(EndpointSecurity::Allow); if (usbSecurityModel->isSecurityEnabled()) { LOG_INFO("Phone unlocked. Enabling endpoints."); usbSecurityModel->setEndpointSecurity(EndpointSecurity::Allow); } return sys::MessageNone{}; }); connect(typeid(locks::LockedPhone), [&](sys::Message *msg) { if (usbSecurityModel->isSecurityEnabled()) { LOG_INFO("Phone locked. Securing endpoints."); usbSecurityModel->setEndpointSecurity(EndpointSecurity::Block); } return sys::MessageNone{}; }); @@ 286,8 296,7 @@ sys::ReturnCodes ServiceDesktop::InitHandler() settings->registerValueChange( ::settings::SystemProperties::usbSecurity, [this](std::string value) { bool securityEnabled = usbSecurityModel->isSecurityEnabled(); usbSecurityModel->enableEndpointSecurity(securityEnabled); bool securityEnabled = utils::getNumericValue<bool>(value); usbSecurityModel->setEndpointSecurity(securityEnabled ? EndpointSecurity::Block : EndpointSecurity::Allow); }, settings::SettingsScope::Global);
M module-services/service-desktop/USBSecurityModel.cpp => module-services/service-desktop/USBSecurityModel.cpp +2 -1
@@ 56,7 56,8 @@ namespace sdesktop auto USBSecurityModel::isSecurityEnabled() const -> bool { return false; return utils::getNumericValue<bool>( settings->getValue(settings::SystemProperties::usbSecurity, settings::SettingsScope::Global)); } void USBSecurityModel::enableEndpointSecurity(bool securityEnabled)
M test/pytest/service-bluetooth/test_pairing_hmi_perspective.py => test/pytest/service-bluetooth/test_pairing_hmi_perspective.py +1 -0
@@ 14,6 14,7 @@ from bt_fixtures import * @pytest.mark.usefixtures("bt_main_window") @pytest.mark.usefixtures("phone_in_desktop") @pytest.mark.usefixtures("phone_unlocked") @pytest.mark.usefixtures("usb_unlocked") @pytest.mark.skipif("not config.getvalue('--bt_device')", reason='--bt_device was not specified') def test_bt_pairing_hmi(harness, bt_device): if not bt_device:
M test/pytest/service-desktop/test_backup.py => test/pytest/service-desktop/test_backup.py +1 -0
@@ 6,6 6,7 @@ import os from harness import log from harness.interface.defs import status @pytest.mark.service_desktop_test @pytest.mark.rt1051 @pytest.mark.usefixtures("usb_unlocked")
M test/pytest/service-desktop/test_battery_file.py => test/pytest/service-desktop/test_battery_file.py +1 -0
@@ 3,6 3,7 @@ import pytest from harness.interface.defs import status @pytest.mark.rt1051 @pytest.mark.service_desktop_test @pytest.mark.usefixtures("usb_unlocked")
M test/pytest/service-desktop/test_calendar.py => test/pytest/service-desktop/test_calendar.py +1 -0
@@ 4,6 4,7 @@ import pytest from harness.interface.defs import status import copy @pytest.mark.rt1051 @pytest.mark.service_desktop_test @pytest.mark.usefixtures("usb_unlocked")
M test/pytest/service-desktop/test_device_info.py => test/pytest/service-desktop/test_device_info.py +2 -1
@@ 1,8 1,9 @@ # Copyright (c) 2017-2020, Mudita Sp. z.o.o. All rights reserved. # Copyright (c) 2017-2021, Mudita Sp. z.o.o. All rights reserved. # For licensing, see https://github.com/mudita/MuditaOS/LICENSE.md import pytest from harness.interface.defs import status @pytest.mark.service_desktop_test @pytest.mark.usefixtures("usb_unlocked") def test_device_info(harness):
M test/pytest/service-desktop/test_restore.py => test/pytest/service-desktop/test_restore.py +1 -0
@@ 5,6 5,7 @@ import time from harness.interface.defs import status from harness import log @pytest.mark.service_desktop_test @pytest.mark.rt1051 @pytest.mark.usefixtures("usb_unlocked")
A test/pytest/service-desktop/test_security.py => test/pytest/service-desktop/test_security.py +58 -0
@@ 0,0 1,58 @@ # Copyright (c) 2017-2021, Mudita Sp. z.o.o. All rights reserved. # For licensing, see https://github.com/mudita/MuditaOS/LICENSE.md import pytest from harness.interface.defs import status @pytest.mark.service_desktop_test @pytest.mark.usefixtures("usb_unlocked") def test_security_usb_unlocked(harness): body = {} ret = harness.endpoint_request("deviceInfo", "get", body) assert ret["status"] == status["OK"] @pytest.mark.service_desktop_test @pytest.mark.usefixtures("usb_locked") def test_security_usb_locked(harness): body = {} ret = harness.endpoint_request("usbSecurity", "get", body) assert ret["status"] == status["Forbidden"] @pytest.mark.service_desktop_test @pytest.mark.usefixtures("usb_locked") def test_all_other_endpoints_usb_locked(harness): body = {} endpoints_list = ["deviceInfo", "update", "filesystemUpload", "backup", "restore", "factory", "contacts", "messages", "calllog", "events", "bluetooth"] for endpoint_name in endpoints_list: print(endpoint_name) ret = harness.endpoint_request(endpoint_name, "get", body) assert ret["status"] == status["Forbidden"] ret = harness.endpoint_request(endpoint_name, "post", body) assert ret["status"] == status["Forbidden"] ret = harness.endpoint_request(endpoint_name, "put", body) assert ret["status"] == status["Forbidden"] ret = harness.endpoint_request(endpoint_name, "del", body) assert ret["status"] == status["Forbidden"] ret = harness.endpoint_request("developerMode", "get", body) assert ret["status"] == status["OK"] harness.unlock_usb()
M test/pytest/service-desktop/test_templates.py => test/pytest/service-desktop/test_templates.py +1 -1
@@ 149,7 149,7 @@ def test_get_template_by_id(harness): @pytest.mark.service_desktop_test @pytest.mark.usefixtures("usb_unlocked") def test_get_templates_without_paggination(harness): def test_get_templates_without_pagination(harness): templates_tester = TemplatesTester(harness) templates_tester.test_getting_templates_without_pagination()
M test/pytest/test_call_back.py => test/pytest/test_call_back.py +1 -0
@@ 10,6 10,7 @@ from module_apps.call_utils import get_calllog_count, select_call_button @pytest.mark.usefixtures("phone_ends_test_in_desktop") @pytest.mark.usefixtures("phone_in_desktop") @pytest.mark.usefixtures("phone_unlocked") @pytest.mark.usefixtures("usb_unlocked") def test_call(harness, call_duration): count_before = get_calllog_count(harness)