apparmor.d/pkg/prebuild/directive/exec_test.go

// apparmor.d - Full set of apparmor profiles
// Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>
// SPDX-License-Identifier: GPL-2.0-only

package directive

import (
	"testing"

	"github.com/roddhjav/apparmor.d/pkg/paths"
	"github.com/roddhjav/apparmor.d/pkg/prebuild"
)

func TestExec_Apply(t *testing.T) {
	tests := []struct {
		name          string
		rootApparmord *paths.Path
		opt           *Option
		profile       string
		want          string
		wantErr       bool
	}{
		{
			name:          "exec",
			rootApparmord: paths.New("../../../apparmor.d/groups/kde/"),
			opt: &Option{
				Name:    "exec",
				ArgMap:  map[string]string{"DiscoverNotifier": ""},
				ArgList: []string{"DiscoverNotifier"},
				File:    nil,
				Raw:     "  #aa:exec DiscoverNotifier",
			},
			profile: `  #aa:exec DiscoverNotifier`,
			want: `  /{,usr/}lib{,exec,32,64}/*-linux-gnu*/{,libexec/}DiscoverNotifier Px,
  /{,usr/}lib{,exec,32,64}/DiscoverNotifier Px,`,
		},
		{
			name:          "exec-unconfined",
			rootApparmord: paths.New("../../../apparmor.d/groups/freedesktop/"),
			opt: &Option{
				Name:    "exec",
				ArgMap:  map[string]string{"U": "", "polkit-agent-helper": ""},
				ArgList: []string{"U", "polkit-agent-helper"},
				File:    nil,
				Raw:     "  #aa:exec U polkit-agent-helper",
			},
			profile: `  #aa:exec U polkit-agent-helper`,
			want: `  /{,usr/}lib{,exec,32,64}/polkit-[0-9]/polkit-agent-helper-[0-9] Ux,
  /{,usr/}lib{,exec,32,64}/polkit-agent-helper-[0-9] Ux,`,
		},
	}
	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			prebuild.RootApparmord = tt.rootApparmord
			got, err := Directives["exec"].Apply(tt.opt, tt.profile)
			if (err != nil) != tt.wantErr {
				t.Errorf("Exec.Apply() error = %v, wantErr %v", err, tt.wantErr)
				return
			}
			if got != tt.want {
				t.Errorf("Exec.Apply() = |%v|, want |%v|", got, tt.want)
			}
		})
	}
}
feat(build): add the exec directive. 2024-03-21 23:07:41 +01:00			`// apparmor.d - Full set of apparmor profiles`
			`// Copyright (C) 2021-2024 Alexandre Pujol <alexandre@pujol.io>`
			`// SPDX-License-Identifier: GPL-2.0-only`

			`package directive`

			`import (`
			`"testing"`

chore: use internal paths lib. 2024-04-28 01:36:16 +02:00			`"github.com/roddhjav/apparmor.d/pkg/paths"`
build: reorganise build: abi4, fallback, prebuild cli - ABI4 by default, fallback to abi 3. - aa-prebuild cli that can be used by other project shipping profiles. - --file option to cli to only build one dev profile. - add abi version filter to only & exclude directives. 2024-10-02 17:22:46 +02:00			`"github.com/roddhjav/apparmor.d/pkg/prebuild"`
feat(build): add the exec directive. 2024-03-21 23:07:41 +01:00			`)`

			`func TestExec_Apply(t *testing.T) {`
			`tests := []struct {`
			`name string`
			`rootApparmord *paths.Path`
			`opt *Option`
			`profile string`
			`want string`
feat(prebuild): add err reporting to builder & directive tasks. 2024-05-25 23:30:20 +02:00			`wantErr bool`
feat(build): add the exec directive. 2024-03-21 23:07:41 +01:00			`}{`
			`{`
			`name: "exec",`
			`rootApparmord: paths.New("../../../apparmor.d/groups/kde/"),`
			`opt: &Option{`
build(directive): support both liust & map. 2024-03-23 18:41:10 +01:00			`Name: "exec",`
			`ArgMap: map[string]string{"DiscoverNotifier": ""},`
			`ArgList: []string{"DiscoverNotifier"},`
			`File: nil,`
			`Raw: " #aa:exec DiscoverNotifier",`
feat(build): add the exec directive. 2024-03-21 23:07:41 +01:00			`},`
			profile: ` #aa:exec DiscoverNotifier`,
feat(aa): handle appending value to defined variables. 2024-05-30 15:23:56 +02:00			want: ` /{,usr/}lib{,exec,32,64}/-linux-gnu/{,libexec/}DiscoverNotifier Px,
			/{,usr/}lib{,exec,32,64}/DiscoverNotifier Px,`,
build: exex directive: add support for transition. 2024-03-22 20:47:45 +01:00			`},`
			`{`
			`name: "exec-unconfined",`
			`rootApparmord: paths.New("../../../apparmor.d/groups/freedesktop/"),`
			`opt: &Option{`
build(directive): support both liust & map. 2024-03-23 18:41:10 +01:00			`Name: "exec",`
			`ArgMap: map[string]string{"U": "", "polkit-agent-helper": ""},`
			`ArgList: []string{"U", "polkit-agent-helper"},`
			`File: nil,`
			`Raw: " #aa:exec U polkit-agent-helper",`
build: exex directive: add support for transition. 2024-03-22 20:47:45 +01:00			`},`
			profile: ` #aa:exec U polkit-agent-helper`,
feat(aa): handle appending value to defined variables. 2024-05-30 15:23:56 +02:00			want: ` /{,usr/}lib{,exec,32,64}/polkit-[0-9]/polkit-agent-helper-[0-9] Ux,
			/{,usr/}lib{,exec,32,64}/polkit-agent-helper-[0-9] Ux,`,
feat(build): add the exec directive. 2024-03-21 23:07:41 +01:00			`},`
			`}`
			`for _, tt := range tests {`
			`t.Run(tt.name, func(t *testing.T) {`
build: reorganise build: abi4, fallback, prebuild cli - ABI4 by default, fallback to abi 3. - aa-prebuild cli that can be used by other project shipping profiles. - --file option to cli to only build one dev profile. - add abi version filter to only & exclude directives. 2024-10-02 17:22:46 +02:00			`prebuild.RootApparmord = tt.rootApparmord`
feat(prebuild): add err reporting to builder & directive tasks. 2024-05-25 23:30:20 +02:00			`got, err := Directives["exec"].Apply(tt.opt, tt.profile)`
			`if (err != nil) != tt.wantErr {`
			`t.Errorf("Exec.Apply() error = %v, wantErr %v", err, tt.wantErr)`
			`return`
			`}`
			`if got != tt.want {`
feat(prebuilt): update aa usage to the last changes. 2024-04-23 22:43:22 +02:00			`t.Errorf("Exec.Apply() = \|%v\|, want \|%v\|", got, tt.want)`
feat(build): add the exec directive. 2024-03-21 23:07:41 +01:00			`}`
			`})`
			`}`
			`}`