mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move check_and_split_list() to BaseRule

Browse source 
We'll need this function in more rule classes ;-)



Acked-by: Seth Arnold <seth.arnold@canonical.com>

Bug: https://launchpad.net/bugs/1604872
This commit is contained in:
Christian Boltz 2015-12-04 12:02:33 +01:00
parent fce7d080df
commit 6ee8cc6203
2 changed files with 24 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
utils/apparmor/rule/__init__.py
View file

@ -343,6 +343,29 @@ class BaseRuleset(object):
raise NotImplementedError("get_glob_ext is not available for this rule type!") raise NotImplementedError("get_glob_ext is not available for this rule type!")
def check_and_split_list(lst, allowed_keywords, all_obj, classname, keyword_name):
'''check if lst is all_obj or contains only items listed in allowed_keywords'''
if lst == all_obj:
return None, True, None
elif type(lst) == str:
result_list = {lst}
elif (type(lst) == list or type(lst) == tuple) and len(lst) > 0:
result_list = set(lst)
else:
raise AppArmorBug('Passed unknown %(type)s object to %(classname)s: %(unknown_object)s' %
{'type': type(lst), 'classname': classname, 'unknown_object': str(lst)})
unknown_items = set()
for item in result_list:
if not item.strip():
raise AppArmorBug('Passed empty %(keyword_name)s to %(classname)s' %
{'keyword_name': keyword_name, 'classname': classname})
if item not in allowed_keywords:
unknown_items.add(item)
return result_list, False, unknown_items
def parse_comment(matches): def parse_comment(matches):
'''returns the comment (with a leading space) from the matches object''' '''returns the comment (with a leading space) from the matches object'''
comment = '' comment = ''

26
utils/apparmor/rule/signal.py
View file

@ -16,7 +16,7 @@ import re
from apparmor.regex import RE_PROFILE_SIGNAL, RE_PROFILE_NAME from apparmor.regex import RE_PROFILE_SIGNAL, RE_PROFILE_NAME
from apparmor.common import AppArmorBug, AppArmorException from apparmor.common import AppArmorBug, AppArmorException
from apparmor.rule import BaseRule, BaseRuleset, parse_modifiers, quote_if_needed from apparmor.rule import BaseRule, BaseRuleset, check_and_split_list, parse_modifiers, quote_if_needed
# setup module translations # setup module translations
from apparmor.translations import init_translation from apparmor.translations import init_translation
@ -271,27 +271,3 @@ class SignalRuleset(BaseRuleset):
# XXX only remove one part, not all # XXX only remove one part, not all
return 'signal,' return 'signal,'
def check_and_split_list(lst, allowed_keywords, all_obj, classname, keyword_name):
'''check if lst is all_obj or contains only items listed in allowed_keywords'''
if lst == all_obj:
return None, True, None
elif type(lst) == str:
result_list = {lst}
elif (type(lst) == list or type(lst) == tuple) and len(lst) > 0:
result_list = set(lst)
else:
raise AppArmorBug('Passed unknown %(type)s object to %(classname)s: %(unknown_object)s' %
{'type': type(lst), 'classname': classname, 'unknown_object': str(lst)})
unknown_items = set()
for item in result_list:
if not item.strip():
raise AppArmorBug('Passed empty %(keyword_name)s to %(classname)s' %
{'keyword_name': keyword_name, 'classname': classname})
if item not in allowed_keywords:
unknown_items.add(item)
return result_list, False, unknown_items