Hallo, this patch adds tests for serialize_parse_profile_start() to test-aa.py to document the function's behaviour.
This patch obviously depends on the split off serialize_parse_profile_start_line() patch ;-) I propose this patch for trunk and 2.9 [ 13-add-tests-for-serialize_parse_profile_start.diff ] (yes, I've started numbering the patches ;-) --- utils/test/test-aa.py 2015-03-04 23:40:37.101565050 +0100 +++ utils/test/test-aa.py 2015-03-05 19:04:45.142411528 +0100 @@ -15,7 +15,7 @@ import shutil import tempfile from common_test import write_file -from apparmor.aa import check_for_apparmor, get_profile_flags, is_skippable_file, parse_profile_start +from apparmor.aa import check_for_apparmor, get_profile_flags, is_skippable_file, parse_profile_start, serialize_parse_profile_start from apparmor.common import AppArmorException, AppArmorBug class AaTestWithTempdir(unittest.TestCase): @@ -191,6 +191,85 @@ class AaTest_parse_profile_start(unittes with self.assertRaises(AppArmorBug): self._parse('xy', '/bar', '/bar') # not a profile start +class AaTest_serialize_parse_profile_start(unittest.TestCase): + def _parse(self, line, profile, hat, prof_data_profile, prof_data_external): + # 'correct' is always True in the code that uses serialize_parse_profile_start() (set some lines above the function call) + return serialize_parse_profile_start(line, 'somefile', 1, profile, hat, prof_data_profile, prof_data_external, True) + + def test_serialize_parse_profile_start_01(self): + result = self._parse('/foo {', None, None, False, False) + expected = ('/foo', '/foo', None, False, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_02(self): + result = self._parse('/foo (complain) {', None, None, False, False) + expected = ('/foo', '/foo', 'complain', False, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_03(self): + result = self._parse('profile foo /foo {', None, None, False, False) # named profile + expected = ('foo /foo', 'foo /foo', None, False, True) # XXX yes, that's what happens with the current code :-/ + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_04(self): + result = self._parse('profile /foo {', '/bar', '/bar', False, False) # child profile + expected = ('/bar', '/foo', None, True, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_05(self): + result = self._parse('/foo//bar {', None, None, False, False) # external hat + expected = ('/foo', 'bar', None, False, False) # note correct == False here + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_06(self): + result = self._parse('profile "/foo" (complain) {', None, None, False, False) + expected = ('/foo', '/foo', 'complain', False, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_07(self): + result = self._parse('/foo {', None, None, True, False) + expected = ('/foo', '/foo', None, False, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_08(self): + result = self._parse('/foo {', None, None, False, True) + expected = ('/foo', '/foo', None, False, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_09(self): + result = self._parse('/foo {', None, None, True, True) + expected = ('/foo', '/foo', None, False, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_10(self): + result = self._parse('profile /foo {', '/bar', '/bar', True, False) # child profile + expected = ('/bar', '/foo', None, True, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_11(self): + result = self._parse('profile /foo {', '/bar', '/bar', False, True) # child profile + expected = ('/bar', '/foo', None, True, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_12(self): + result = self._parse('profile /foo {', '/bar', '/bar', True, True) # child profile + expected = ('/bar', '/foo', None, True, True) + self.assertEqual(result, expected) + + def test_serialize_parse_profile_start_13(self): + result = self._parse('/foo {', '/bar', '/bar', False, False) # child profile without 'profile' keyword - XXX should this error out? + expected = ('/foo', '/foo', None, False, True) # note that in_contained_hat == False and that profile == hat == child profile + self.assertEqual(result, expected) + + + def test_serialize_parse_profile_start_invalid_01(self): + with self.assertRaises(AttributeError): # XXX change to AppArmorBug? + self._parse('xy', '/bar', '/bar', False, False) # not a profile start + + # XXX not catched as error. See also test_serialize_parse_profile_start_13() - maybe this is wanted behaviour here? + #def test_serialize_parse_profile_start_invalid_02(self): + # with self.assertRaises(AppArmorException): + # self._parse('/foo {', '/bar', '/bar', False, False) # child profile without profile keyword if __name__ == '__main__': unittest.main(verbosity=2) Regards, Christian Boltz -- Die Konsole muss ein Hermaphrodit, also zweigeschlechtlich, sein. Denn manchmal denk ich mir: So kurz angebunden und sachlich wie die ist, muss da ein Mann dahinter stecken. Aber wehe Du rufst ein Program mit -v (oder /sbin/lilo gar mit -vvv) auf, da wird sie gesprächig wie ein Marktweib. [Philipp Zacharias in suse-linux] -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor