| # Authors: Karl MacMillan <[email protected]> |
| # |
| # Copyright (C) 2006 Red Hat |
| # see file 'COPYING' for use and warranty information |
| # |
| # This program is free software; you can redistribute it and/or |
| # modify it under the terms of the GNU General Public License as |
| # published by the Free Software Foundation; version 2 only |
| # |
| # This program is distributed in the hope that it will be useful, |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| # GNU General Public License for more details. |
| # |
| # You should have received a copy of the GNU General Public License |
| # along with this program; if not, write to the Free Software |
| # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
| # |
| |
| import unittest |
| import sepolgen.matching as matching |
| import sepolgen.refparser as refparser |
| import sepolgen.interfaces as interfaces |
| import sepolgen.access as access |
| |
| class TestMatch(unittest.TestCase): |
| def test(self): |
| a = matching.Match() |
| a.dist = 100 |
| a.info_dir_change = True |
| |
| b = matching.Match() |
| b.dist = 100 |
| b.info_dir_change = True |
| |
| self.assertEqual(a, b) |
| b.info_dir_change = False |
| self.assertTrue((a > b)) |
| self.assertTrue((b < a)) |
| |
| b.dist = 200 |
| |
| self.assertTrue((a < b)) |
| self.assertTrue((b > a)) |
| |
| class TestMatchList(unittest.TestCase): |
| def test_append(self): |
| ml = matching.MatchList() |
| ml.threshold = 100 |
| |
| a = matching.Match() |
| a.dist = 100 |
| ml.append(a) |
| self.assertEqual(len(ml), 1) |
| |
| a = matching.Match() |
| a.dist = 200 |
| ml.append(a) |
| self.assertEqual(len(ml), 2) |
| self.assertEqual(len(ml.bastards), 1) |
| |
| ml.allow_info_dir_change = False |
| a = matching.Match() |
| a.dist = 0 |
| a.info_dir_change = True |
| ml.append(a) |
| self.assertEqual(len(ml), 3) |
| self.assertEqual(len(ml.bastards), 2) |
| |
| def test_sort(self): |
| ml = matching.MatchList() |
| ml.threshold = 100 |
| |
| a = matching.Match() |
| a.dist = 100 |
| ml.append(a) |
| |
| b = matching.Match() |
| b.dist = 5 |
| ml.append(b) |
| |
| c = matching.Match() |
| c.dist = 0 |
| ml.append(c) |
| |
| l = [c, b, a] |
| |
| ml.sort() |
| |
| for x, y in zip(l, ml): |
| self.assertEqual(x, y) |
| |
| self.assertEqual(ml.best(), c) |
| |
| |
| test_expansion = """ |
| interface(`foo',` |
| gen_require(` |
| type usr_t; |
| ') |
| allow $1 usr_t:dir { create add_name }; |
| allow $1 usr_t:file { read write }; |
| ') |
| |
| interface(`map', ` |
| gen_require(` |
| type bar_t; |
| ') |
| allow $1 bar_t:file read; |
| allow $2 bar_t:file write; |
| |
| foo($2) |
| ') |
| |
| interface(`hard_map', ` |
| gen_require(` |
| type baz_t; |
| ') |
| allow $1 baz_t:file getattr; |
| allow $2 baz_t:file read; |
| allow $3 baz_t:file write; |
| |
| map($1, $2) |
| map($2, $3) |
| |
| # This should have no effect |
| foo($2) |
| ') |
| """ |
| |
| class AccessMatcher(unittest.TestCase): |
| def test_search(self): |
| h = refparser.parse(test_expansion) |
| i = interfaces.InterfaceSet() |
| i.add_headers(h) |
| |
| a = access.AccessVector(["foo_t", "usr_t", "dir", "create"]) |
| m = matching.AccessMatcher() |
| ml = matching.MatchList() |
| |
| ans = m.search_ifs(i, a, ml) |
| |
| |
| pass |
