apparmor/libraries/libapparmor/swig/python/test/test_python.py.in

#! @PYTHON@
# ------------------------------------------------------------------
#
#   Copyright (C) 2013 Canonical Ltd.
#   Author: Steve Beattie <steve@nxnw.org>
#
#   This program is free software; you can redistribute it and/or
#   modify it under the terms of version 2 of the GNU General Public
#   License published by the Free Software Foundation.
#
# ------------------------------------------------------------------

import ctypes
import os
import unittest

import LibAppArmor as libapparmor

TESTDIR = "../../../testsuite/test_multi"

# map of testsuite .out entries that aren't a simple to_lower() and
# s/ /_/ of the field name

OUTPUT_MAP = {
    'Event type':       'event',
    'Mask':             'requested_mask',
    'Command':          'comm',
    'Token':            'magic_token',
    'ErrorCode':        'error_code',
    'Network family':   'net_family',
    'Socket type':      'net_sock_type',
    'Protocol':         'net_protocol',
    'Local addr':       'net_local_addr',
    'Foreign addr':     'net_foreign_addr',
    'Local port':       'net_local_port',
    'Foreign port':     'net_foreign_port',
    'Audit subid':      'audit_sub_id',
}

# FIXME: pull this automatically out of LibAppArmor, but swig
# classes aren't real enough. (Perhaps we're not using swig correctly)
EVENT_MAP = {
    libapparmor.AA_RECORD_ALLOWED:  'AA_RECORD_ALLOWED',
    libapparmor.AA_RECORD_AUDIT:    'AA_RECORD_AUDIT',
    libapparmor.AA_RECORD_DENIED:   'AA_RECORD_DENIED',
    libapparmor.AA_RECORD_ERROR:    'AA_RECORD_ERROR',
    libapparmor.AA_RECORD_HINT:     'AA_RECORD_HINT',
    libapparmor.AA_RECORD_INVALID:  'AA_RECORD_INVALID',
    libapparmor.AA_RECORD_STATUS:   'AA_RECORD_STATUS',
}

# default is None if not in this table
NO_VALUE_MAP = {
    'fsuid': int(ctypes.c_ulong(-1).value),
    'ouid':  int(ctypes.c_ulong(-1).value),
}


class AAPythonBindingsTests(unittest.TestCase):

    def setUp(self):
        # REPORT ALL THE OUTPUT
        self.maxDiff = None

    def _runtest(self, testname):
        infile = "%s.in" % (testname)
        outfile = "%s.out" % (testname)
        # infile *should* only contain one line
        with open(os.path.join(TESTDIR, infile), 'r') as f:
            line = f.read()
            swig_record = libapparmor.parse_record(line)

        record = self.create_record_dict(swig_record)
        record['file'] = infile
        libapparmor.free_record(swig_record)

        expected = self.parse_output_file(outfile)
        self.assertEqual(expected, record,
                         "expected records did not match\n"
                         "expected = %s\nactual = %s" % (expected, record))

    def parse_output_file(self, outfile):
        """parse testcase .out file and return dict"""

        output = dict()
        with open(os.path.join(TESTDIR, outfile), 'r') as f:
            lines = f.readlines()

        count = 0
        for l in lines:
            line = l.rstrip('\n')
            count += 1
            if line == "START":
                self.assertEqual(count, 1,
                                  "Unexpected output format in %s" % (outfile))
                continue
            else:
                key, value = line.split(": ", 1)
                if key in OUTPUT_MAP:
                    newkey = OUTPUT_MAP[key]
                else:
                    newkey = key.lower().replace(' ', '_')
                # check if entry already exists?
                output[newkey] = value

        return output

    def create_record_dict(self, record):
        """parse the swig created record and construct a dict from it"""

        new_record = dict()
        for key in [x for x in dir(record) if not (x.startswith('_') or x == 'this')]:
            value = getattr(record, key)
            if key == "event" and value in EVENT_MAP:
                new_record[key] = EVENT_MAP[value]
            elif key == "version":
                # FIXME: out files should report log version?
                # FIXME: or can we just deprecate v1 logs?
                continue
            elif key in NO_VALUE_MAP:
                if NO_VALUE_MAP[key] == value:
                    continue
                else:
                    new_record[key] = str(value)
            elif value or value == '':
                new_record[key] = str(value)

        return new_record


def find_testcases(testdir):
    """dig testcases out of passed directory"""

    for f in os.listdir(testdir):
        if f.endswith(".in"):
            yield f[:-3]


def main():
    for f in find_testcases(TESTDIR):
        def stub_test(self, testname=f):
            self._runtest(testname)
        stub_test.__doc__ = "test %s" % (f)
        setattr(AAPythonBindingsTests, 'test_%s' % (f), stub_test)
    return unittest.main(verbosity=2)


if __name__ == "__main__":
    main()
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00			`#! @PYTHON@`
			`# ------------------------------------------------------------------`
			`#`
			`# Copyright (C) 2013 Canonical Ltd.`
			`# Author: Steve Beattie <steve@nxnw.org>`
			`#`
			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of version 2 of the GNU General Public`
			`# License published by the Free Software Foundation.`
			`#`
			`# ------------------------------------------------------------------`

			`import ctypes`
			`import os`
			`import unittest`
Order imports and module-level dunder name assignments. 2022-08-07 20:32:07 -04:00
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00			`import LibAppArmor as libapparmor`

			`TESTDIR = "../../../testsuite/test_multi"`

			`# map of testsuite .out entries that aren't a simple to_lower() and`
			`# s/ /_/ of the field name`

			`OUTPUT_MAP = {`
			`'Event type': 'event',`
			`'Mask': 'requested_mask',`
			`'Command': 'comm',`
			`'Token': 'magic_token',`
			`'ErrorCode': 'error_code',`
			`'Network family': 'net_family',`
			`'Socket type': 'net_sock_type',`
			`'Protocol': 'net_protocol',`
			`'Local addr': 'net_local_addr',`
			`'Foreign addr': 'net_foreign_addr',`
			`'Local port': 'net_local_port',`
			`'Foreign port': 'net_foreign_port',`
			`'Audit subid': 'audit_sub_id',`
			`}`

			`# FIXME: pull this automatically out of LibAppArmor, but swig`
			`# classes aren't real enough. (Perhaps we're not using swig correctly)`
			`EVENT_MAP = {`
			`libapparmor.AA_RECORD_ALLOWED: 'AA_RECORD_ALLOWED',`
			`libapparmor.AA_RECORD_AUDIT: 'AA_RECORD_AUDIT',`
			`libapparmor.AA_RECORD_DENIED: 'AA_RECORD_DENIED',`
			`libapparmor.AA_RECORD_ERROR: 'AA_RECORD_ERROR',`
			`libapparmor.AA_RECORD_HINT: 'AA_RECORD_HINT',`
			`libapparmor.AA_RECORD_INVALID: 'AA_RECORD_INVALID',`
			`libapparmor.AA_RECORD_STATUS: 'AA_RECORD_STATUS',`
			`}`

			`# default is None if not in this table`
			`NO_VALUE_MAP = {`
libapparmor python binding - fix 32bit test failures The python bindings were using the wrong data type cast (long long instead of just long) on the value '-1' that is used to indicate no value for the 'fsuid' and 'ouid' fields in the returned data structure. Thus a bunch of the tests were failing in 32bit environments. This patch corrects the issue. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Seth Arnold <seth.arnold@canonical.com> 2013-09-16 10:26:06 -07:00			`'fsuid': int(ctypes.c_ulong(-1).value),`
			`'ouid': int(ctypes.c_ulong(-1).value),`
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00			`}`


			`class AAPythonBindingsTests(unittest.TestCase):`

			`def setUp(self):`
			`# REPORT ALL THE OUTPUT`
			`self.maxDiff = None`

			`def _runtest(self, testname):`
			`infile = "%s.in" % (testname)`
			`outfile = "%s.out" % (testname)`
			`# infile should only contain one line`
			`with open(os.path.join(TESTDIR, infile), 'r') as f:`
			`line = f.read()`
			`swig_record = libapparmor.parse_record(line)`

			`record = self.create_record_dict(swig_record)`
			`record['file'] = infile`
			`libapparmor.free_record(swig_record)`

			`expected = self.parse_output_file(outfile)`
Replace deprecated assertEquals with assertEqual assertEquals is deprecated since Python 2.7 and 3.2. 2019-02-26 21:27:00 +01:00			`self.assertEqual(expected, record,`
Break lines before binary operators. 2022-08-07 17:06:08 -04:00			`"expected records did not match\n"`
			`"expected = %s\nactual = %s" % (expected, record))`
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00
			`def parse_output_file(self, outfile):`
Use triple double-quoted strings for docstrings. 2022-08-07 14:57:30 -04:00			`"""parse testcase .out file and return dict"""`
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00
			`output = dict()`
			`with open(os.path.join(TESTDIR, outfile), 'r') as f:`
			`lines = f.readlines()`

			`count = 0`
			`for l in lines:`
			`line = l.rstrip('\n')`
			`count += 1`
			`if line == "START":`
Replace deprecated assertEquals with assertEqual assertEquals is deprecated since Python 2.7 and 3.2. 2019-02-26 21:27:00 +01:00			`self.assertEqual(count, 1,`
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00			`"Unexpected output format in %s" % (outfile))`
			`continue`
			`else:`
			`key, value = line.split(": ", 1)`
			`if key in OUTPUT_MAP:`
			`newkey = OUTPUT_MAP[key]`
			`else:`
			`newkey = key.lower().replace(' ', '_')`
			`# check if entry already exists?`
			`output[newkey] = value`

			`return output`

			`def create_record_dict(self, record):`
Use triple double-quoted strings for docstrings. 2022-08-07 14:57:30 -04:00			`"""parse the swig created record and construct a dict from it"""`
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00
			`new_record = dict()`
			`for key in [x for x in dir(record) if not (x.startswith('_') or x == 'this')]:`
libapparmor python: Fix 'aa_log_record' object has no attribute '__getattr__' When building with swig 4 we are seeing the error AttributeError: 'aa_log_record' object has no attribute '__getattr__' Which forces swig to use modern classes which do not generate __getattr__ methods. issue: https://gitlab.com/apparmor/apparmor/issues/33 Acked-by: Seth Arnold <seth.arnold@canonical.com> Acked-by: Steve Beattie <steve@nxnw.org> Signed-off-by: John Johansen <john.johansen@canonical.com> 2019-06-04 13:16:43 -07:00			`value = getattr(record, key)`
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00			`if key == "event" and value in EVENT_MAP:`
			`new_record[key] = EVENT_MAP[value]`
			`elif key == "version":`
			`# FIXME: out files should report log version?`
			`# FIXME: or can we just deprecate v1 logs?`
			`continue`
			`elif key in NO_VALUE_MAP:`
			`if NO_VALUE_MAP[key] == value:`
			`continue`
			`else:`
			`new_record[key] = str(value)`
libapparmor: fix swig test_apparmor.py for zero length ptrace records The added testcase for a ptrace target with an empty string (ptrace_garbage_lp1689667_1.in) was causing the swig python test script to fail. The generated python swig record for libapparmor ends up setting a number of fields to None or other values that indicate the value is unset, and the test script was checking if the value in the field didn't evaluate to False in a python 'if' test. Unfortunately, python evaluates the empty string '' as False in 'if' tests, resulting in the specific field that contained the empty string to be dropped from the returned record. This commit fixes that by special case checking for the empty string. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: John Johansen <john.johansen@canonical.com> 2017-10-18 16:54:56 -07:00			`elif value or value == '':`
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00			`new_record[key] = str(value)`

			`return new_record`


			`def find_testcases(testdir):`
Use triple double-quoted strings for docstrings. 2022-08-07 14:57:30 -04:00			`"""dig testcases out of passed directory"""`
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00
			`for f in os.listdir(testdir):`
			`if f.endswith(".in"):`
			`yield f[:-3]`


			`def main():`
			`for f in find_testcases(TESTDIR):`
			`def stub_test(self, testname=f):`
			`self._runtest(testname)`
			`stub_test.__doc__ = "test %s" % (f)`
			`setattr(AAPythonBindingsTests, 'test_%s' % (f), stub_test)`
			`return unittest.main(verbosity=2)`

Use triple double-quoted strings for docstrings. 2022-08-07 14:57:30 -04:00
Subject: libapparmor - add python bindings tests based on C tests This patch adds tests for the swig generated python library bindings that reuse the C language tests. Fitting it into autotools was a bit of a trick, and is likely pretty brittle, as before the test script runs, it needs to know the location of the built libapparmor.so library, the built _LibAppArmor.so library and the python wrapper bits (thankfully, the latter two are the same directory). It's also unclear how to get autotools to emit the output of the test_python.py script when building, rather than just summarizing it as one test run. Also note that test_python.py is doing a bit of magic to automatically generate test case methods based on the contents of the test_multi/ directory. This has the disadvantage of breaking tools like nosetests and other external tools that try to automatically detect testcases. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2013-09-06 14:18:08 -07:00			`if __name__ == "__main__":`
			`main()`