mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

Add match() and _match() class methods to rule classes

Browse Source 
Add match() and _match() class methods to rule classes:
- _match() returns a regex match object for the given raw_rule
- match() converts the _match() result to True or False

The primary usage is to get an answer to the question "is this raw_rule
your job?". (For a moment, I thought about naming the function
*Rule.myjob() instead of *Rule.match() ;-)

My next patch will change aa.py to use *Rule.match() instead of directly
using RE_*, which will make the import list much shorter and hide
another implementation detail inside the rule classes.

Also change _parse() to use _match() instead of the regex, and add some
tests for match() and _match().


Acked-by: Seth Arnold <seth.arnold@canonical.com>
This commit is contained in:
Christian Boltz
2015-04-26 21:59:12 +02:00
parent f340126ec1
commit 6dade51f92
6 changed files with 54 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
utils/test/test-capability.py
View File

@@ -30,6 +30,7 @@ class CapabilityTest(unittest.TestCase):
obj = CapabilityRule.parse(rawrule)
self.assertTrue(CapabilityRule.match(rawrule))
self.assertEqual(rawrule.strip(), obj.raw_rule)
self._compare_obj(obj, expected)
@@ -220,6 +221,7 @@ class InvalidCapabilityTest(unittest.TestCase):
with self.assertRaises(AppArmorException):
obj = CapabilityRule(CapabilityRule.parse(rawrule))
self.assertFalse(CapabilityRule.match(rawrule))
self.assertIsNone(obj, 'CapbilityRule handed back an object unexpectedly')
def test_invalid_cap_missing_comma(self):
@@ -269,6 +271,7 @@ class WriteCapabilityTest(unittest.TestCase):
clean = obj.get_clean()
raw = obj.get_raw()
self.assertTrue(CapabilityRule.match(rawrule))
self.assertEqual(cleanrule.strip(), clean, 'unexpected clean rule')
self.assertEqual(rawrule.strip(), raw, 'unexpected raw rule')
@@ -294,12 +297,15 @@ class CapabilityCoveredTest(unittest.TestCase):
self.maxDiff = None
def _is_covered(self, obj, rule_to_test):
self.assertTrue(CapabilityRule.match(rule_to_test))
return obj.is_covered(CapabilityRule.parse(rule_to_test))
def _is_covered_exact(self, obj, rule_to_test):
self.assertTrue(CapabilityRule.match(rule_to_test))
return obj.is_covered(CapabilityRule.parse(rule_to_test), True, True)
def _is_equal(self, obj, rule_to_test, strict):
self.assertTrue(CapabilityRule.match(rule_to_test))
return obj.is_equal(CapabilityRule.parse(rule_to_test), strict)
def test_covered_single(self):