From 9812c38b838969f2981ad1b21ef84ca8c03d81a8 Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sat, 25 May 2024 22:22:57 +0100
Subject: [PATCH] test(aa): add unit tests for the link rule.

---
 pkg/aa/data_test.go  | 21 ++++++++++++++++++++-
 pkg/aa/rules_test.go | 23 +++++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/pkg/aa/data_test.go b/pkg/aa/data_test.go
index 36058820..d034788d 100644
--- a/pkg/aa/data_test.go
+++ b/pkg/aa/data_test.go
@@ -292,6 +292,7 @@ var (
 	}
 
 	// Link
+	link3LogStr = `apparmor="ALLOWED" operation="link" class="file" profile="dolphin" name="@{user_config_dirs}/kiorc"  comm="dolphin" requested_mask="l" denied_mask="l" fsuid=1000 ouid=1000 target="@{user_config_dirs}/#3954"`
 	link1Log    = map[string]string{
 		"apparmor":       "ALLOWED",
 		"operation":      "link",
@@ -307,13 +308,31 @@ var (
 		"FSUID":          "root",
 		"OUID":           "root",
 	}
+	link3Log = map[string]string{
+		"apparmor":       "ALLOWED",
+		"operation":      "link",
+		"class":          "file",
+		"profile":        "dolphin",
+		"name":           "@{user_config_dirs}/kiorc",
+		"comm":           "dolphin",
+		"requested_mask": "l",
+		"denied_mask":    "l",
+		"fsuid":          "1000",
+		"ouid":           "1000",
+		"target":         "@{user_config_dirs}/#3954",
+	}
 	link1 = &Link{
 		Path:   "/tmp/mkinitcpio.QDWtza/early@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst",
 		Target: "/tmp/mkinitcpio.QDWtza/root@{lib}/firmware/i915/dg1_dmc_ver2_02.bin.zst",
 	}
-	link2 = &File{
+	link2 = &Link{
 		Owner:  true,
 		Path:   "@{user_config_dirs}/powerdevilrc{,.@{rand6}}",
 		Target: "@{user_config_dirs}/#@{int}",
 	}
+	link3 = &Link{
+		Owner:  true,
+		Path:   "@{user_config_dirs}/kiorc",
+		Target: "@{user_config_dirs}/#3954",
+	}
 )
diff --git a/pkg/aa/rules_test.go b/pkg/aa/rules_test.go
index d2d9bf87..67c8397e 100644
--- a/pkg/aa/rules_test.go
+++ b/pkg/aa/rules_test.go
@@ -94,6 +94,12 @@ func TestRules_FromLog(t *testing.T) {
 			log:     link1Log,
 			want:    link1,
 		},
+		{
+			name:    "link",
+			fromLog: newFileFromLog,
+			log:     link3Log,
+			want:    link3,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -267,6 +273,12 @@ func TestRules_Less(t *testing.T) {
 			other: &File{Path: "/usr/share/poppler/cMap/Identity-H"},
 			want:  true,
 		},
+		{
+			name:  "link",
+			rule:  link1,
+			other: link2,
+			want:  true,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -363,6 +375,12 @@ func TestRules_Equals(t *testing.T) {
 			other: file2,
 			want:  true,
 		},
+		{
+			name:  "link",
+			rule:  link1,
+			other: link3,
+			want:  false,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -473,6 +491,11 @@ func TestRules_String(t *testing.T) {
 			rule: file1,
 			want: "/usr/share/poppler/cMap/Identity-H r,",
 		},
+		{
+			name: "link",
+			rule: link3,
+			want: "owner link @{user_config_dirs}/kiorc -> @{user_config_dirs}/#3954,",
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {