diff --git a/utils/apparmor/aa.py b/utils/apparmor/aa.py index 4036252fa..0ab09dc91 100644 --- a/utils/apparmor/aa.py +++ b/utils/apparmor/aa.py @@ -1263,7 +1263,7 @@ def ask_rule_questions(prof_events, profile_name, the_profile, r_types): if inc: deleted = delete_all_duplicates(the_profile, inc, r_types) - the_profile['inc_ie'].add(IncludeRule.parse(selection)) + the_profile['inc_ie'].add(IncludeRule.create_instance(selection)) aaui.UI_Info(_('Adding %s to profile.') % selection) if deleted: @@ -1342,7 +1342,7 @@ def ask_rule_questions(prof_events, profile_name, the_profile, r_types): def selection_to_rule_obj(rule_obj, selection): rule_type = type(rule_obj) - return rule_type.parse(selection) + return rule_type.create_instance(selection) def set_options_audit_mode(rule_obj, options): @@ -2121,7 +2121,7 @@ def match_line_against_rule_classes(line, profile, file, lineno, in_preamble): _('Syntax Error: Unexpected %(rule)s entry found in file: %(file)s line: %(line)s') % {'file': file, 'line': lineno + 1, 'rule': rule_name}) - rule_obj = rule_class.parse(line) + rule_obj = rule_class.create_instance(line) return (rule_name, rule_obj) return (None, None) diff --git a/utils/apparmor/rule/__init__.py b/utils/apparmor/rule/__init__.py index 6ac59ca62..81b71aae7 100644 --- a/utils/apparmor/rule/__init__.py +++ b/utils/apparmor/rule/__init__.py @@ -114,7 +114,7 @@ class BaseRule: raise NotImplementedError("'%s' needs to implement _match(), but didn't" % (str(cls))) @classmethod - def parse(cls, raw_rule): + def create_instance(cls, raw_rule): """parse raw_rule and return a rule object""" rule = cls._parse(raw_rule) rule.raw_rule = raw_rule.strip() diff --git a/utils/test/test-aa.py b/utils/test/test-aa.py index 13f203bd1..12dddd00f 100644 --- a/utils/test/test-aa.py +++ b/utils/test/test-aa.py @@ -411,11 +411,11 @@ class AaTest_change_profile_flags(AaTestWithTempdir): class AaTest_set_options_audit_mode(AATest): tests = ( - ((FileRule.parse('audit /foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '/** r,']), ['audit /foo/bar r,', 'audit /foo/* r,', 'audit /** r,']), - ((FileRule.parse('audit /foo/bar r,'), ['/foo/bar r,', 'audit /foo/* r,', 'audit /** r,']), ['audit /foo/bar r,', 'audit /foo/* r,', 'audit /** r,']), - ((FileRule.parse('/foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '/** r,']), ['/foo/bar r,', '/foo/* r,', '/** r,']), - ((FileRule.parse('/foo/bar r,'), ['audit /foo/bar r,', 'audit /foo/* r,', 'audit /** r,']), ['/foo/bar r,', '/foo/* r,', '/** r,']), - ((FileRule.parse('audit /foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '#include ']), ['audit /foo/bar r,', 'audit /foo/* r,', '#include ']), + ((FileRule.create_instance('audit /foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '/** r,']), ['audit /foo/bar r,', 'audit /foo/* r,', 'audit /** r,']), + ((FileRule.create_instance('audit /foo/bar r,'), ['/foo/bar r,', 'audit /foo/* r,', 'audit /** r,']), ['audit /foo/bar r,', 'audit /foo/* r,', 'audit /** r,']), + ((FileRule.create_instance('/foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '/** r,']), ['/foo/bar r,', '/foo/* r,', '/** r,']), + ((FileRule.create_instance('/foo/bar r,'), ['audit /foo/bar r,', 'audit /foo/* r,', 'audit /** r,']), ['/foo/bar r,', '/foo/* r,', '/** r,']), + ((FileRule.create_instance('audit /foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '#include ']), ['audit /foo/bar r,', 'audit /foo/* r,', '#include ']), ) def _run_test(self, params, expected): @@ -426,11 +426,11 @@ class AaTest_set_options_audit_mode(AATest): class AaTest_set_options_owner_mode(AATest): tests = ( - ((FileRule.parse('owner /foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '/** r,']), ['owner /foo/bar r,', 'owner /foo/* r,', 'owner /** r,']), - ((FileRule.parse('owner /foo/bar r,'), ['/foo/bar r,', 'owner /foo/* r,', 'owner /** r,']), ['owner /foo/bar r,', 'owner /foo/* r,', 'owner /** r,']), - ((FileRule.parse('/foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '/** r,']), ['/foo/bar r,', '/foo/* r,', '/** r,']), - ((FileRule.parse('/foo/bar r,'), ['owner /foo/bar r,', 'owner /foo/* r,', 'owner /** r,']), ['/foo/bar r,', '/foo/* r,', '/** r,']), - ((FileRule.parse('audit owner /foo/bar r,'), ['audit /foo/bar r,', 'audit /foo/* r,', '#include ']), ['audit owner /foo/bar r,', 'audit owner /foo/* r,', '#include ']), + ((FileRule.create_instance('owner /foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '/** r,']), ['owner /foo/bar r,', 'owner /foo/* r,', 'owner /** r,']), + ((FileRule.create_instance('owner /foo/bar r,'), ['/foo/bar r,', 'owner /foo/* r,', 'owner /** r,']), ['owner /foo/bar r,', 'owner /foo/* r,', 'owner /** r,']), + ((FileRule.create_instance('/foo/bar r,'), ['/foo/bar r,', '/foo/* r,', '/** r,']), ['/foo/bar r,', '/foo/* r,', '/** r,']), + ((FileRule.create_instance('/foo/bar r,'), ['owner /foo/bar r,', 'owner /foo/* r,', 'owner /** r,']), ['/foo/bar r,', '/foo/* r,', '/** r,']), + ((FileRule.create_instance('audit owner /foo/bar r,'), ['audit /foo/bar r,', 'audit /foo/* r,', '#include ']), ['audit owner /foo/bar r,', 'audit owner /foo/* r,', '#include ']), ) def _run_test(self, params, expected): @@ -567,9 +567,9 @@ class AaTest_get_file_perms_1(AATest): profile = apparmor.aa.ProfileStorage('/test', '/test', 'test-aa.py') # simple profile without any includes - profile['file'].add(FileRule.parse('owner /usr/share/common-licenses/** w,')) - profile['file'].add(FileRule.parse('/dev/null rwk,')) - profile['file'].add(FileRule.parse('/foo/bar rwix,')) + profile['file'].add(FileRule.create_instance('owner /usr/share/common-licenses/** w,')) + profile['file'].add(FileRule.create_instance('/dev/null rwk,')) + profile['file'].add(FileRule.create_instance('/foo/bar rwix,')) perms = get_file_perms(profile, params, False, False) # only testing with audit and deny = False self.assertEqual(perms, expected) @@ -601,14 +601,14 @@ class AaTest_get_file_perms_2(AATest): apparmor.aa.load_include(os.path.join(self.profile_dir, 'abstractions/aspell')) profile = apparmor.aa.ProfileStorage('/test', '/test', 'test-aa.py') - profile['inc_ie'].add(IncludeRule.parse('include ')) - profile['inc_ie'].add(IncludeRule.parse('include ')) - profile['inc_ie'].add(IncludeRule.parse('include ')) + profile['inc_ie'].add(IncludeRule.create_instance('include ')) + profile['inc_ie'].add(IncludeRule.create_instance('include ')) + profile['inc_ie'].add(IncludeRule.create_instance('include ')) - profile['file'].add(FileRule.parse('owner /usr/share/common-licenses/** w,')) - profile['file'].add(FileRule.parse('owner /usr/share/common-licenses/what/ever a,')) # covered by the above 'w' rule, so 'a' should be ignored - profile['file'].add(FileRule.parse('/dev/null rwk,')) - profile['file'].add(FileRule.parse('/foo/bar rwix,')) + profile['file'].add(FileRule.create_instance('owner /usr/share/common-licenses/** w,')) + profile['file'].add(FileRule.create_instance('owner /usr/share/common-licenses/what/ever a,')) # covered by the above 'w' rule, so 'a' should be ignored + profile['file'].add(FileRule.create_instance('/dev/null rwk,')) + profile['file'].add(FileRule.create_instance('/foo/bar rwix,')) perms = get_file_perms(profile, params, False, False) # only testing with audit and deny = False self.assertEqual(perms, expected) @@ -644,14 +644,14 @@ class AaTest_propose_file_rules(AATest): apparmor.aa.user_globs['/no/thi*ng'] = AARE('/no/thi*ng', True) profile = apparmor.aa.ProfileStorage('/test', '/test', 'test-aa.py') - profile['inc_ie'].add(IncludeRule.parse('include ')) - profile['inc_ie'].add(IncludeRule.parse('include ')) - profile['inc_ie'].add(IncludeRule.parse('include ')) + profile['inc_ie'].add(IncludeRule.create_instance('include ')) + profile['inc_ie'].add(IncludeRule.create_instance('include ')) + profile['inc_ie'].add(IncludeRule.create_instance('include ')) - profile['file'].add(FileRule.parse('owner /usr/share/common-licenses/** w,')) - profile['file'].add(FileRule.parse('/dev/null rwk,')) - profile['file'].add(FileRule.parse('/foo/bar rwix,')) - profile['file'].add(FileRule.parse('/foo/log a,')) # will be replaced with '/foo/log w,' (not 'wa') + profile['file'].add(FileRule.create_instance('owner /usr/share/common-licenses/** w,')) + profile['file'].add(FileRule.create_instance('/dev/null rwk,')) + profile['file'].add(FileRule.create_instance('/foo/bar rwix,')) + profile['file'].add(FileRule.create_instance('/foo/log a,')) # will be replaced with '/foo/log w,' (not 'wa') rule_obj = FileRule(params[0], params[1], None, FileRule.ALL, owner=False, log_event=True) proposals = propose_file_rules(profile, rule_obj) @@ -688,10 +688,10 @@ class AaTest_propose_file_rules_with_absolute_includes(AATest): apparmor.aa.load_include(abs_include3) profile = apparmor.aa.ProfileStorage('/test', '/test', 'test-aa.py') - profile['inc_ie'].add(IncludeRule.parse('include ')) - profile['inc_ie'].add(IncludeRule.parse('include "%s"' % abs_include1)) - profile['inc_ie'].add(IncludeRule.parse('include "%s"' % abs_include2)) - profile['inc_ie'].add(IncludeRule.parse('include "%s"' % abs_include3)) + profile['inc_ie'].add(IncludeRule.create_instance('include ')) + profile['inc_ie'].add(IncludeRule.create_instance('include "%s"' % abs_include1)) + profile['inc_ie'].add(IncludeRule.create_instance('include "%s"' % abs_include2)) + profile['inc_ie'].add(IncludeRule.create_instance('include "%s"' % abs_include3)) rule_obj = FileRule(params[0], params[1], None, FileRule.ALL, owner=False, log_event=True) proposals = propose_file_rules(profile, rule_obj) diff --git a/utils/test/test-abi.py b/utils/test/test-abi.py index 5fad6d72b..abb57e679 100644 --- a/utils/test/test-abi.py +++ b/utils/test/test-abi.py @@ -60,7 +60,7 @@ class AbiTestParse(AbiTest): def _run_test(self, rawrule, expected): self.assertTrue(AbiRule.match(rawrule)) - obj = AbiRule.parse(rawrule) + obj = AbiRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -76,7 +76,7 @@ class AbiTestParseInvalid(AbiTest): def _run_test(self, rawrule, expected): self.assertTrue(AbiRule.match(rawrule)) # the above invalid rules still match the main regex! with self.assertRaises(expected): - AbiRule.parse(rawrule) + AbiRule.create_instance(rawrule) # class AbiTestParseFromLog(AbiTest): # we'll never have log events for abi @@ -142,7 +142,7 @@ class InvalidAbiTest(AATest): obj = None self.assertEqual(AbiRule.match(rawrule), matches_regex) with self.assertRaises(AppArmorException): - obj = AbiRule.parse(rawrule) + obj = AbiRule.create_instance(rawrule) self.assertIsNone(obj, 'AbiRule handed back an object unexpectedly') @@ -163,7 +163,7 @@ class InvalidAbiTest(AATest): class WriteAbiTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(AbiRule.match(rawrule)) - obj = AbiRule.parse(rawrule) + obj = AbiRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -196,8 +196,8 @@ class WriteAbiTestAATest(AATest): class AbiCoveredTest(AATest): def _run_test(self, param, expected): - obj = AbiRule.parse(self.rule) - check_obj = AbiRule.parse(param) + obj = AbiRule.create_instance(self.rule) + check_obj = AbiRule.create_instance(param) self.assertTrue(AbiRule.match(param)) @@ -234,7 +234,7 @@ class AbiCoveredTest_02(AbiCoveredTest): # class AbiCoveredTest_Invalid(AATest): # def test_borked_obj_is_covered_1(self): -# obj = AbiRule.parse('abi ') +# obj = AbiRule.create_instance('abi ') # # testobj = AbiRule('foo', True, True) # testobj.path = '' @@ -243,7 +243,7 @@ class AbiCoveredTest_02(AbiCoveredTest): # obj.is_covered(testobj) # # def test_borked_obj_is_covered_2(self): -# obj = AbiRule.parse('abi send set=quit peer=/foo,') +# obj = AbiRule.create_instance('abi send set=quit peer=/foo,') # # testobj = AbiRule('send', 'quit', '/foo') # testobj.abi = '' @@ -252,7 +252,7 @@ class AbiCoveredTest_02(AbiCoveredTest): # obj.is_covered(testobj) # # def test_borked_obj_is_covered_3(self): -# obj = AbiRule.parse('abi send set=quit peer=/foo,') +# obj = AbiRule.create_instance('abi send set=quit peer=/foo,') # # testobj = AbiRule('send', 'quit', '/foo') # testobj.peer = '' @@ -261,7 +261,7 @@ class AbiCoveredTest_02(AbiCoveredTest): # obj.is_covered(testobj) # # def test_invalid_is_covered(self): -# obj = AbiRule.parse('abi send,') +# obj = AbiRule.create_instance('abi send,') # # testobj = BaseRule() # different type # @@ -269,7 +269,7 @@ class AbiCoveredTest_02(AbiCoveredTest): # obj.is_covered(testobj) # # def test_invalid_is_equal(self): -# obj = AbiRule.parse('abi send,') +# obj = AbiRule.create_instance('abi send,') # # testobj = BaseRule() # different type # @@ -284,7 +284,7 @@ class AbiLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = AbiRule.parse(params) + obj = AbiRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -326,7 +326,7 @@ class AbiRulesTest(AATest): ] for rule in rules: - ruleset.add(AbiRule.parse(rule)) + ruleset.add(AbiRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) diff --git a/utils/test/test-alias.py b/utils/test/test-alias.py index 6448ab2e2..aca63bc13 100644 --- a/utils/test/test-alias.py +++ b/utils/test/test-alias.py @@ -51,7 +51,7 @@ class AliasTestParse(AliasTest): def _run_test(self, rawrule, expected): self.assertTrue(AliasRule.match(rawrule)) - obj = AliasRule.parse(rawrule) + obj = AliasRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -69,7 +69,7 @@ class AliasTestParseInvalid(AliasTest): def _run_test(self, rawrule, expected): self.assertEqual(AliasRule.match(rawrule), expected[0]) with self.assertRaises(expected[1]): - AliasRule.parse(rawrule) + AliasRule.create_instance(rawrule) class AliasFromInit(AliasTest): @@ -121,7 +121,7 @@ class InvalidAliasTest(AATest): obj = None self.assertEqual(AliasRule.match(rawrule), matches_regex) with self.assertRaises(AppArmorException): - obj = AliasRule.parse(rawrule) + obj = AliasRule.create_instance(rawrule) self.assertIsNone(obj, 'AliasRule handed back an object unexpectedly') @@ -146,7 +146,7 @@ class WriteAliasTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(AliasRule.match(rawrule)) - obj = AliasRule.parse(rawrule) + obj = AliasRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -172,8 +172,8 @@ class WriteAliasTestAATest(AATest): class AliasCoveredTest(AATest): def _run_test(self, param, expected): - obj = AliasRule.parse(self.rule) - check_obj = AliasRule.parse(param) + obj = AliasRule.create_instance(self.rule) + check_obj = AliasRule.create_instance(param) self.assertTrue(AliasRule.match(param)) @@ -201,7 +201,7 @@ class AliasCoveredTest_01(AliasCoveredTest): class AliasCoveredTest_Invalid(AATest): # def test_borked_obj_is_covered_1(self): - # obj = AliasRule.parse('alias /foo -> /bar,') + # obj = AliasRule.create_instance('alias /foo -> /bar,') # # testobj = AliasRule('/foo', '/bar') # @@ -209,7 +209,7 @@ class AliasCoveredTest_Invalid(AATest): # obj.is_covered(testobj) # # def test_borked_obj_is_covered_2(self): - # obj = AliasRule.parse('alias /foo -> /bar,') + # obj = AliasRule.create_instance('alias /foo -> /bar,') # # testobj = AliasRule('/foo', '/bar') # testobj.target = '' @@ -218,7 +218,7 @@ class AliasCoveredTest_Invalid(AATest): # obj.is_covered(testobj) def test_invalid_is_covered_3(self): - obj = AliasRule.parse('alias /foo -> /bar,') + obj = AliasRule.create_instance('alias /foo -> /bar,') testobj = BaseRule() # different type @@ -226,7 +226,7 @@ class AliasCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = AliasRule.parse('alias /foo -> /bar,') + obj = AliasRule.create_instance('alias /foo -> /bar,') testobj = BaseRule() # different type @@ -240,7 +240,7 @@ class AliasLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = AliasRule.parse(params) + obj = AliasRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -289,7 +289,7 @@ class AliasRulesTest(AATest): ] for rule in rules: - ruleset.add(AliasRule.parse(rule)) + ruleset.add(AliasRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) diff --git a/utils/test/test-baserule.py b/utils/test/test-baserule.py index b95aa4473..1765ef6f6 100644 --- a/utils/test/test-baserule.py +++ b/utils/test/test-baserule.py @@ -23,9 +23,9 @@ class TestBaserule(AATest): with self.assertRaises(NotImplementedError): BaseRule._parse('foo') - def test_abstract__parse_2(self): + def test_abstract__create_instance_2(self): with self.assertRaises(NotImplementedError): - BaseRule.parse('foo') + BaseRule.create_instance('foo') def test_abstract__match(self): with self.assertRaises(NotImplementedError): diff --git a/utils/test/test-boolean.py b/utils/test/test-boolean.py index a6f35ba65..0afcc4127 100644 --- a/utils/test/test-boolean.py +++ b/utils/test/test-boolean.py @@ -54,7 +54,7 @@ class BooleanTestParse(BooleanTest): def _run_test(self, rawrule, expected): self.assertTrue(BooleanRule.match(rawrule)) - obj = BooleanRule.parse(rawrule) + obj = BooleanRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -74,7 +74,7 @@ class BooleanTestParseInvalid(BooleanTest): def _run_test(self, rawrule, expected): self.assertEqual(BooleanRule.match(rawrule), expected[0]) with self.assertRaises(expected[1]): - BooleanRule.parse(rawrule) + BooleanRule.create_instance(rawrule) class BooleanFromInit(BooleanTest): @@ -129,7 +129,7 @@ class InvalidBooleanTest(AATest): obj = None self.assertEqual(BooleanRule.match(rawrule), matches_regex) with self.assertRaises(AppArmorException): - obj = BooleanRule.parse(rawrule) + obj = BooleanRule.create_instance(rawrule) self.assertIsNone(obj, 'BooleanRule handed back an object unexpectedly') @@ -151,7 +151,7 @@ class WriteBooleanTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(BooleanRule.match(rawrule)) - obj = BooleanRule.parse(rawrule) + obj = BooleanRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -177,8 +177,8 @@ class WriteBooleanTestAATest(AATest): class BooleanCoveredTest(AATest): def _run_test(self, param, expected): - obj = BooleanRule.parse(self.rule) - check_obj = BooleanRule.parse(param) + obj = BooleanRule.create_instance(self.rule) + check_obj = BooleanRule.create_instance(param) self.assertTrue(BooleanRule.match(param)) @@ -218,7 +218,7 @@ class BooleanCoveredTest_02(BooleanCoveredTest): class BooleanCoveredTest_Invalid(AATest): def test_borked_obj_is_covered_2(self): - obj = BooleanRule.parse('$foo = true') + obj = BooleanRule.create_instance('$foo = true') testobj = BooleanRule('$foo', 'true') testobj.value = '' @@ -227,7 +227,7 @@ class BooleanCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_covered_3(self): - obj = BooleanRule.parse('$foo = true') + obj = BooleanRule.create_instance('$foo = true') testobj = BaseRule() # different type @@ -235,7 +235,7 @@ class BooleanCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = BooleanRule.parse('$foo = true') + obj = BooleanRule.create_instance('$foo = true') testobj = BaseRule() # different type @@ -249,7 +249,7 @@ class BooleanLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = BooleanRule.parse(params) + obj = BooleanRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -290,7 +290,7 @@ class BooleanRulesTest(AATest): ] for rule in rules: - ruleset.add(BooleanRule.parse(rule)) + ruleset.add(BooleanRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -299,9 +299,9 @@ class BooleanRulesTest(AATest): def test_ruleset_overwrite(self): ruleset = BooleanRuleset() - ruleset.add(BooleanRule.parse('$foo = true')) + ruleset.add(BooleanRule.create_instance('$foo = true')) with self.assertRaises(AppArmorException): - ruleset.add(BooleanRule.parse('$foo = false')) # attempt to redefine @{foo} + ruleset.add(BooleanRule.create_instance('$foo = false')) # attempt to redefine @{foo} class BooleanGlobTestAATest(AATest): diff --git a/utils/test/test-capability.py b/utils/test/test-capability.py index d39e5fa25..bef91ff66 100644 --- a/utils/test/test-capability.py +++ b/utils/test/test-capability.py @@ -31,7 +31,7 @@ _ = init_translation() class CapabilityTest(AATest): def _compare_obj_with_rawrule(self, rawrule, expected): - obj = CapabilityRule.parse(rawrule) + obj = CapabilityRule.create_instance(rawrule) self.assertTrue(CapabilityRule.match(rawrule)) self.assertEqual(rawrule.strip(), obj.raw_rule) @@ -222,7 +222,7 @@ class InvalidCapabilityTest(AATest): def _check_invalid_rawrule(self, rawrule): obj = None with self.assertRaises(AppArmorException): - obj = CapabilityRule.parse(rawrule) + obj = CapabilityRule.create_instance(rawrule) self.assertFalse(CapabilityRule.match(rawrule)) self.assertIsNone(obj, 'CapbilityRule handed back an object unexpectedly') @@ -267,7 +267,7 @@ class InvalidCapabilityTest(AATest): class WriteCapabilityTest(AATest): def _check_write_rule(self, rawrule, cleanrule): - obj = CapabilityRule.parse(rawrule) + obj = CapabilityRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -296,18 +296,18 @@ class WriteCapabilityTest(AATest): class CapabilityCoveredTest(AATest): def _is_covered(self, obj, rule_to_test): self.assertTrue(CapabilityRule.match(rule_to_test)) - return obj.is_covered(CapabilityRule.parse(rule_to_test)) + return obj.is_covered(CapabilityRule.create_instance(rule_to_test)) def _is_covered_exact(self, obj, rule_to_test): self.assertTrue(CapabilityRule.match(rule_to_test)) - return obj.is_covered(CapabilityRule.parse(rule_to_test), True, True) + return obj.is_covered(CapabilityRule.create_instance(rule_to_test), True, True) def _is_equal(self, obj, rule_to_test, strict): self.assertTrue(CapabilityRule.match(rule_to_test)) - return obj.is_equal(CapabilityRule.parse(rule_to_test), strict) + return obj.is_equal(CapabilityRule.create_instance(rule_to_test), strict) def test_covered_single(self): - obj = CapabilityRule.parse('capability sys_admin,') + obj = CapabilityRule.create_instance('capability sys_admin,') self.assertTrue(self._is_covered(obj, 'capability sys_admin,')) @@ -317,7 +317,7 @@ class CapabilityCoveredTest(AATest): self.assertFalse(self._is_covered(obj, 'capability,')) def test_covered_audit(self): - obj = CapabilityRule.parse('audit capability sys_admin,') + obj = CapabilityRule.create_instance('audit capability sys_admin,') self.assertTrue(self._is_covered(obj, 'capability sys_admin,')) self.assertTrue(self._is_covered(obj, 'audit capability sys_admin,')) @@ -327,7 +327,7 @@ class CapabilityCoveredTest(AATest): self.assertFalse(self._is_covered(obj, 'capability,')) def test_covered_check_audit(self): - obj = CapabilityRule.parse('audit capability sys_admin,') + obj = CapabilityRule.create_instance('audit capability sys_admin,') self.assertFalse(self._is_covered_exact(obj, 'capability sys_admin,')) self.assertTrue(self._is_covered_exact(obj, 'audit capability sys_admin,')) @@ -337,7 +337,7 @@ class CapabilityCoveredTest(AATest): self.assertFalse(self._is_covered_exact(obj, 'capability,')) def test_equal(self): - obj = CapabilityRule.parse('capability sys_admin,') + obj = CapabilityRule.create_instance('capability sys_admin,') self.assertTrue(self._is_equal(obj, 'capability sys_admin,', True)) self.assertFalse(self._is_equal(obj, 'allow capability sys_admin,', True)) @@ -349,7 +349,7 @@ class CapabilityCoveredTest(AATest): self.assertFalse(self._is_equal(obj, 'audit capability sys_admin,', False)) def test_covered_multi(self): - obj = CapabilityRule.parse('capability audit_write sys_admin,') + obj = CapabilityRule.create_instance('capability audit_write sys_admin,') self.assertTrue(self._is_covered(obj, 'capability sys_admin,')) self.assertTrue(self._is_covered(obj, 'capability audit_write,')) @@ -361,7 +361,7 @@ class CapabilityCoveredTest(AATest): self.assertFalse(self._is_covered(obj, 'capability,')) def test_covered_all(self): - obj = CapabilityRule.parse('capability,') + obj = CapabilityRule.create_instance('capability,') self.assertTrue(self._is_covered(obj, 'capability sys_admin,')) self.assertTrue(self._is_covered(obj, 'capability audit_write,')) @@ -372,7 +372,7 @@ class CapabilityCoveredTest(AATest): self.assertFalse(self._is_covered(obj, 'audit capability,')) def test_covered_deny(self): - obj = CapabilityRule.parse('capability sys_admin,') + obj = CapabilityRule.create_instance('capability sys_admin,') self.assertTrue(self._is_covered(obj, 'capability sys_admin,')) @@ -382,7 +382,7 @@ class CapabilityCoveredTest(AATest): self.assertFalse(self._is_covered(obj, 'capability,')) def test_covered_deny_2(self): - obj = CapabilityRule.parse('deny capability sys_admin,') + obj = CapabilityRule.create_instance('deny capability sys_admin,') self.assertTrue(self._is_covered(obj, 'deny capability sys_admin,')) @@ -392,7 +392,7 @@ class CapabilityCoveredTest(AATest): self.assertFalse(self._is_covered(obj, 'deny capability,')) def test_invalid_is_covered(self): - obj = CapabilityRule.parse('capability sys_admin,') + obj = CapabilityRule.create_instance('capability sys_admin,') testobj = BaseRule() # different type @@ -400,7 +400,7 @@ class CapabilityCoveredTest(AATest): obj.is_covered(testobj) def test_borked_obj_is_covered(self): - obj = CapabilityRule.parse('capability sys_admin,') + obj = CapabilityRule.create_instance('capability sys_admin,') testobj = CapabilityRule('chown') testobj.capability.clear() @@ -409,7 +409,7 @@ class CapabilityCoveredTest(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = CapabilityRule.parse('capability sys_admin,') + obj = CapabilityRule.create_instance('capability sys_admin,') testobj = BaseRule() # different type @@ -457,7 +457,7 @@ class CapabilityLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = CapabilityRule.parse(params) + obj = CapabilityRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -492,7 +492,7 @@ class CapabilityRulesTest(AATest): ] for rule in rules: - ruleset.add(CapabilityRule.parse(rule)) + ruleset.add(CapabilityRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -521,7 +521,7 @@ class CapabilityRulesTest(AATest): ] for rule in rules: - ruleset.add(CapabilityRule.parse(rule)) + ruleset.add(CapabilityRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw(1)) self.assertEqual(expected_clean, ruleset.get_clean(1)) @@ -555,59 +555,59 @@ class CapabilityRulesCoveredTest(AATest): ] for rule in rules: - self.ruleset.add(CapabilityRule.parse(rule)) + self.ruleset.add(CapabilityRule.create_instance(rule)) def test_ruleset_is_covered_1(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('capability chown,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('capability chown,'))) def test_ruleset_is_covered_2(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('capability sys_admin,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('capability sys_admin,'))) def test_ruleset_is_covered_3(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('allow capability sys_admin,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('allow capability sys_admin,'))) def test_ruleset_is_covered_4(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('capability setuid,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('capability setuid,'))) def test_ruleset_is_covered_5(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('allow capability setgid,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('allow capability setgid,'))) def test_ruleset_is_covered_6(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('capability setgid setuid,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('capability setgid setuid,'))) def test_ruleset_is_covered_7(self): - pass # self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('capability sys_admin chown,'))) # fails because it is split over two rule objects internally + pass # self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('capability sys_admin chown,'))) # fails because it is split over two rule objects internally def test_ruleset_is_covered_8(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('capability kill,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('capability kill,'))) def test_ruleset_is_covered_9(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('deny capability chown,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('deny capability chown,'))) def test_ruleset_is_covered_10(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('deny capability sys_admin,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('deny capability sys_admin,'))) def test_ruleset_is_covered_11(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('deny capability sys_admin chown,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('deny capability sys_admin chown,'))) def test_ruleset_is_covered_12(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('deny capability setgid,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('deny capability setgid,'))) def test_ruleset_is_covered_13(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('deny capability kill,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('deny capability kill,'))) def test_ruleset_is_covered_14(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('audit capability chown,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('audit capability chown,'))) def test_ruleset_is_covered_15(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('audit capability sys_admin,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('audit capability sys_admin,'))) def test_ruleset_is_covered_16(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('audit capability sys_admin chown,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('audit capability sys_admin chown,'))) def test_ruleset_is_covered_17(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('audit capability setgid,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('audit capability setgid,'))) def test_ruleset_is_covered_18(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('audit capability kill,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('audit capability kill,'))) def test_ruleset_is_covered_19(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('deny capability chgrp,'))) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('deny capability chgrp,'))) def test_ruleset_is_covered_20(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('audit deny capability chgrp,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('audit deny capability chgrp,'))) def test_ruleset_is_covered_21(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('audit capability chgrp,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('audit capability chgrp,'))) def test_ruleset_is_covered_22(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('capability chgrp,'))) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('capability chgrp,'))) def test_ruleset_is_covered_23(self): - self.assertTrue(self.ruleset.is_covered(CapabilityRule.parse('capability chgrp,'), check_allow_deny=False)) + self.assertTrue(self.ruleset.is_covered(CapabilityRule.create_instance('capability chgrp,'), check_allow_deny=False)) def test_ruleset_is_covered_24(self): - self.assertFalse(self.ruleset.is_covered(CapabilityRule.parse('deny capability chown,'), check_allow_deny=False)) + self.assertFalse(self.ruleset.is_covered(CapabilityRule.create_instance('deny capability chown,'), check_allow_deny=False)) # XXX - disabling these until we decide whether or not checking whether # a log is covered by rules should be a separate entry point, possibly @@ -660,7 +660,7 @@ class CapabilityDeleteTest(AATest): ] for rule in rules: - self.ruleset.add(CapabilityRule.parse(rule)) + self.ruleset.add(CapabilityRule.create_instance(rule)) def test_delete(self): expected_raw = [ @@ -745,7 +745,7 @@ class CapabilityDeleteTest(AATest): ] for rule in rules: - inc.add(CapabilityRule.parse(rule)) + inc.add(CapabilityRule.create_instance(rule)) expected_raw = [ ' allow capability sys_admin,', @@ -766,7 +766,7 @@ class CapabilityDeleteTest(AATest): ] for rule in rules: - inc.add(CapabilityRule.parse(rule)) + inc.add(CapabilityRule.create_instance(rule)) expected_raw = [ ' capability chown,', @@ -788,7 +788,7 @@ class CapabilityDeleteTest(AATest): self.assertEqual(expected_clean, self.ruleset.get_clean(1)) def test_delete_duplicates_3(self): - self.ruleset.add(CapabilityRule.parse('audit capability dac_override,')) + self.ruleset.add(CapabilityRule.create_instance('audit capability dac_override,')) inc = CapabilityRuleset() rules = [ @@ -796,7 +796,7 @@ class CapabilityDeleteTest(AATest): ] for rule in rules: - inc.add(CapabilityRule.parse(rule)) + inc.add(CapabilityRule.create_instance(rule)) expected_raw = [ ' capability chown,', @@ -824,7 +824,7 @@ class CapabilityDeleteTest(AATest): rules = ['capability,'] for rule in rules: - inc.add(CapabilityRule.parse(rule)) + inc.add(CapabilityRule.create_instance(rule)) expected_raw = [ ' deny capability chgrp, # example comment', @@ -884,7 +884,7 @@ class CapabilityDeleteTest(AATest): obj = CapabilityRuleset() for rule in rules: - obj.add(CapabilityRule.parse(rule)) + obj.add(CapabilityRule.create_instance(rule)) deleted = obj.delete_duplicates(None) diff --git a/utils/test/test-change_profile.py b/utils/test/test-change_profile.py index 38375fc3d..f76ff8f6c 100644 --- a/utils/test/test-change_profile.py +++ b/utils/test/test-change_profile.py @@ -78,7 +78,7 @@ class ChangeProfileTestParse(ChangeProfileTest): def _run_test(self, rawrule, expected): self.assertTrue(ChangeProfileRule.match(rawrule)) - obj = ChangeProfileRule.parse(rawrule) + obj = ChangeProfileRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -94,7 +94,7 @@ class ChangeProfileTestParseInvalid(ChangeProfileTest): def _run_test(self, rawrule, expected): self.assertFalse(ChangeProfileRule.match(rawrule)) with self.assertRaises(expected): - ChangeProfileRule.parse(rawrule) + ChangeProfileRule.create_instance(rawrule) class ChangeProfileTestParseFromLog(ChangeProfileTest): @@ -190,7 +190,7 @@ class InvalidChangeProfileTest(AATest): obj = None self.assertFalse(ChangeProfileRule.match(rawrule)) with self.assertRaises(AppArmorException): - obj = ChangeProfileRule.parse(rawrule) + obj = ChangeProfileRule.create_instance(rawrule) self.assertIsNone(obj, 'ChangeProfileRule handed back an object unexpectedly') @@ -229,7 +229,7 @@ class WriteChangeProfileTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(ChangeProfileRule.match(rawrule)) - obj = ChangeProfileRule.parse(rawrule) + obj = ChangeProfileRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -247,8 +247,8 @@ class WriteChangeProfileTestAATest(AATest): class ChangeProfileCoveredTest(AATest): def _run_test(self, param, expected): - obj = ChangeProfileRule.parse(self.rule) - check_obj = ChangeProfileRule.parse(param) + obj = ChangeProfileRule.create_instance(self.rule) + check_obj = ChangeProfileRule.create_instance(param) self.assertTrue(ChangeProfileRule.match(param)) @@ -359,7 +359,7 @@ class ChangeProfileCoveredTest_06(ChangeProfileCoveredTest): class ChangeProfileCoveredTest_Invalid(AATest): def test_borked_obj_is_covered_1(self): - obj = ChangeProfileRule.parse('change_profile /foo,') + obj = ChangeProfileRule.create_instance('change_profile /foo,') testobj = ChangeProfileRule(None, '/foo', '/bar') testobj.execcond = '' @@ -368,7 +368,7 @@ class ChangeProfileCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_borked_obj_is_covered_2(self): - obj = ChangeProfileRule.parse('change_profile /foo,') + obj = ChangeProfileRule.create_instance('change_profile /foo,') testobj = ChangeProfileRule(None, '/foo', '/bar') testobj.targetprofile = '' @@ -377,7 +377,7 @@ class ChangeProfileCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_covered(self): - obj = ChangeProfileRule.parse('change_profile /foo,') + obj = ChangeProfileRule.create_instance('change_profile /foo,') testobj = BaseRule() # different type @@ -385,7 +385,7 @@ class ChangeProfileCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = ChangeProfileRule.parse('change_profile -> /bar,') + obj = ChangeProfileRule.create_instance('change_profile -> /bar,') testobj = BaseRule() # different type @@ -406,7 +406,7 @@ class ChangeProfileLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = ChangeProfileRule.parse(params) + obj = ChangeProfileRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -441,7 +441,7 @@ class ChangeProfileRulesTest(AATest): ] for rule in rules: - ruleset.add(ChangeProfileRule.parse(rule)) + ruleset.add(ChangeProfileRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -470,7 +470,7 @@ class ChangeProfileRulesTest(AATest): ] for rule in rules: - ruleset.add(ChangeProfileRule.parse(rule)) + ruleset.add(ChangeProfileRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw(1)) self.assertEqual(expected_clean, ruleset.get_clean(1)) diff --git a/utils/test/test-dbus.py b/utils/test/test-dbus.py index e3f69ae0c..cbece0dc6 100644 --- a/utils/test/test-dbus.py +++ b/utils/test/test-dbus.py @@ -103,7 +103,7 @@ class DbusTestParse(DbusTest): def _run_test(self, rawrule, expected): self.assertTrue(DbusRule.match(rawrule)) - obj = DbusRule.parse(rawrule) + obj = DbusRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -126,7 +126,7 @@ class DbusTestParseInvalid(DbusTest): def _run_test(self, rawrule, expected): self.assertTrue(DbusRule.match(rawrule)) # the above invalid rules still match the main regex! with self.assertRaises(expected): - DbusRule.parse(rawrule) + DbusRule.create_instance(rawrule) class DbusTestParseFromLog(DbusTest): @@ -309,7 +309,7 @@ class InvalidDbusTest(AATest): obj = None self.assertFalse(DbusRule.match(rawrule)) with self.assertRaises(AppArmorException): - obj = DbusRule.parse(rawrule) + obj = DbusRule.create_instance(rawrule) self.assertIsNone(obj, 'DbusRule handed back an object unexpectedly') @@ -380,7 +380,7 @@ class InvalidDbusTest(AATest): class WriteDbusTest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(DbusRule.match(rawrule), 'DbusRule.match() failed') - obj = DbusRule.parse(rawrule) + obj = DbusRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -436,8 +436,8 @@ class WriteDbusTest(AATest): class DbusCoveredTest(AATest): def _run_test(self, param, expected): - obj = DbusRule.parse(self.rule) - check_obj = DbusRule.parse(param) + obj = DbusRule.create_instance(self.rule) + check_obj = DbusRule.create_instance(param) self.assertTrue(DbusRule.match(param)) @@ -766,7 +766,7 @@ class DbusCoveredTest_Invalid(AATest): self.obj.is_covered(self.testobj) def test_invalid_is_covered(self): - obj = DbusRule.parse('dbus send,') + obj = DbusRule.create_instance('dbus send,') testobj = BaseRule() # different type @@ -774,7 +774,7 @@ class DbusCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = DbusRule.parse('dbus send,') + obj = DbusRule.create_instance('dbus send,') testobj = BaseRule() # different type @@ -798,7 +798,7 @@ class DbusLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = DbusRule.parse(params) + obj = DbusRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -833,7 +833,7 @@ class DbusRulesTest(AATest): ] for rule in rules: - ruleset.add(DbusRule.parse(rule)) + ruleset.add(DbusRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -862,7 +862,7 @@ class DbusRulesTest(AATest): ] for rule in rules: - ruleset.add(DbusRule.parse(rule)) + ruleset.add(DbusRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw(1)) self.assertEqual(expected_clean, ruleset.get_clean(1)) diff --git a/utils/test/test-file.py b/utils/test/test-file.py index ade409f3e..bbc0b177e 100644 --- a/utils/test/test-file.py +++ b/utils/test/test-file.py @@ -105,7 +105,7 @@ class FileTestParse(FileTest): def _run_test(self, rawrule, expected): self.assertTrue(FileRule.match(rawrule)) - obj = FileRule.parse(rawrule) + obj = FileRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -128,7 +128,7 @@ class FileTestParseInvalid(FileTest): def _run_test(self, rawrule, expected): self.assertTrue(FileRule.match(rawrule)) # the above invalid rules still match the main regex! with self.assertRaises(expected): - FileRule.parse(rawrule) + FileRule.create_instance(rawrule) class FileTestNonMatch(AATest): @@ -305,7 +305,7 @@ class InvalidFileTest(AATest): obj = None self.assertFalse(FileRule.match(rawrule)) with self.assertRaises(AppArmorException): - obj = FileRule.parse(rawrule) + obj = FileRule.create_instance(rawrule) self.assertIsNone(obj, 'FileRule handed back an object unexpectedly') @@ -358,7 +358,7 @@ class FileGlobTest(AATest): exp_can_glob, exp_can_glob_ext, exp_rule_glob, exp_rule_glob_ext = expected # test glob() - rule_obj = FileRule.parse(params) + rule_obj = FileRule.create_instance(params) self.assertEqual(exp_can_glob, rule_obj.can_glob) self.assertEqual(exp_can_glob_ext, rule_obj.can_glob_ext) @@ -366,7 +366,7 @@ class FileGlobTest(AATest): self.assertEqual(rule_obj.get_clean(), exp_rule_glob) # test glob_ext() - rule_obj = FileRule.parse(params) + rule_obj = FileRule.create_instance(params) self.assertEqual(exp_can_glob, rule_obj.can_glob) self.assertEqual(exp_can_glob_ext, rule_obj.can_glob_ext) @@ -389,7 +389,7 @@ class FileGlobTest(AATest): class WriteFileTest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(FileRule.match(rawrule), 'FileRule.match() failed') - obj = FileRule.parse(rawrule) + obj = FileRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -459,8 +459,8 @@ class WriteFileTest(AATest): class FileCoveredTest(AATest): def _run_test(self, param, expected): - obj = FileRule.parse(self.rule) - check_obj = FileRule.parse(param) + obj = FileRule.create_instance(self.rule) + check_obj = FileRule.create_instance(param) self.assertTrue(FileRule.match(param)) @@ -790,7 +790,7 @@ class FileCoveredTest_ManualOrInvalid(AATest): self.obj.is_covered(self.testobj) def test_invalid_is_covered(self): - obj = FileRule.parse('file,') + obj = FileRule.create_instance('file,') testobj = BaseRule() # different type @@ -798,7 +798,7 @@ class FileCoveredTest_ManualOrInvalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = FileRule.parse('file,') + obj = FileRule.create_instance('file,') testobj = BaseRule() # different type @@ -824,7 +824,7 @@ class FileSeverityTest(AATest): def _run_test(self, params, expected): sev_db = severity.Severity('../severity.db', 'unknown') - obj = FileRule.parse(params) + obj = FileRule.create_instance(params) rank = obj.severity(sev_db) self.assertEqual(rank, expected) @@ -850,20 +850,20 @@ class FileLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = FileRule.parse(params[0]) + obj = FileRule.create_instance(params[0]) if params[1] or params[2]: obj.original_perms = {'allow': {'all': params[1], 'owner': params[2]}} self.assertEqual(obj.logprof_header(), expected) def test_empty_original_perms(self): - obj = FileRule.parse('/foo rw,') + obj = FileRule.create_instance('/foo rw,') obj.original_perms = {'allow': {'all': set(), 'owner': set()}} self.assertEqual(obj.logprof_header(), [_('Path'), '/foo', _('New Mode'), _('rw')]) class FileEditHeaderTest(AATest): def _run_test(self, params, expected): - rule_obj = FileRule.parse(params) + rule_obj = FileRule.create_instance(params) self.assertEqual(rule_obj.can_edit, True) prompt, path_to_edit = rule_obj.edit_header() self.assertEqual(path_to_edit, expected) @@ -875,7 +875,7 @@ class FileEditHeaderTest(AATest): ) def test_edit_header_bare_file(self): - rule_obj = FileRule.parse('file,') + rule_obj = FileRule.create_instance('file,') self.assertEqual(rule_obj.can_edit, False) with self.assertRaises(AppArmorBug): rule_obj.edit_header() @@ -900,7 +900,7 @@ class FileValidateAndStoreEditTest(AATest): ) def test_validate_not_a_path(self): - rule_obj = FileRule.parse('/foo/bar/baz r,') + rule_obj = FileRule.create_instance('/foo/bar/baz r,') with self.assertRaises(AppArmorException): rule_obj.validate_edit('foo/bar/baz') @@ -909,7 +909,7 @@ class FileValidateAndStoreEditTest(AATest): rule_obj.store_edit('foo/bar/baz') def test_validate_edit_bare_file(self): - rule_obj = FileRule.parse('file,') + rule_obj = FileRule.create_instance('file,') self.assertEqual(rule_obj.can_edit, False) with self.assertRaises(AppArmorBug): @@ -954,7 +954,7 @@ class FileRulesTest(AATest): deleted = 0 for rule in rules: - deleted += ruleset.add(FileRule.parse(rule)) + deleted += ruleset.add(FileRule.create_instance(rule)) self.assertEqual(deleted, 0) self.assertEqual(expected_raw, ruleset.get_raw()) @@ -985,7 +985,7 @@ class FileRulesTest(AATest): deleted = 0 for rule in rules: - deleted += ruleset.add(FileRule.parse(rule)) + deleted += ruleset.add(FileRule.create_instance(rule)) self.assertEqual(deleted, 0) self.assertEqual(expected_raw, ruleset.get_raw(1)) @@ -1019,12 +1019,12 @@ class FileRulesTest(AATest): deleted = 0 for rule in rules: - deleted += ruleset.add(FileRule.parse(rule)) + deleted += ruleset.add(FileRule.create_instance(rule)) self.assertEqual(deleted, 0) # rules[] are added without cleanup mode, so the superfluous '/foo/baz rw,' should be kept for rule in rules_with_cleanup: - deleted += ruleset.add(FileRule.parse(rule), cleanup=True) + deleted += ruleset.add(FileRule.create_instance(rule), cleanup=True) self.assertEqual(deleted, 1) # rules_with_cleanup made '/foo/bar r,' superfluous self.assertEqual(expected_raw, ruleset.get_raw(1)) @@ -1062,7 +1062,7 @@ class FileGetRulesForPath(AATest): ruleset = FileRuleset() for rule in rules: - ruleset.add(FileRule.parse(rule)) + ruleset.add(FileRule.create_instance(rule)) matching = ruleset.get_rules_for_path(*params) self. assertEqual(matching.get_clean(), expected) @@ -1095,7 +1095,7 @@ class FileGetPermsForPath_1(AATest): ruleset = FileRuleset() for rule in rules: - ruleset.add(FileRule.parse(rule)) + ruleset.add(FileRule.create_instance(rule)) perms = ruleset.get_perms_for_path(*params) self. assertEqual(perms, expected) @@ -1132,7 +1132,7 @@ class FileGetPermsForPath_2(AATest): ruleset = FileRuleset() for rule in rules: - ruleset.add(FileRule.parse(rule)) + ruleset.add(FileRule.create_instance(rule)) perms = ruleset.get_perms_for_path(*params) self. assertEqual(perms, expected) @@ -1155,7 +1155,7 @@ class FileGetExecRulesForPath_1(AATest): ruleset = FileRuleset() for rule in rules: - ruleset.add(FileRule.parse(rule)) + ruleset.add(FileRule.create_instance(rule)) perms = ruleset.get_exec_rules_for_path(params) matches = perms.get_clean() @@ -1179,7 +1179,7 @@ class FileGetExecRulesForPath_2(AATest): ruleset = FileRuleset() for rule in rules: - ruleset.add(FileRule.parse(rule)) + ruleset.add(FileRule.create_instance(rule)) perms = ruleset.get_exec_rules_for_path(params, only_exact_matches=False) matches = perms.get_clean() @@ -1206,9 +1206,9 @@ class FileGetExecConflictRules_1(AATest): ruleset = FileRuleset() for rule in rules: - ruleset.add(FileRule.parse(rule)) + ruleset.add(FileRule.create_instance(rule)) - rule_obj = FileRule.parse(params) + rule_obj = FileRule.create_instance(params) conflicts = ruleset.get_exec_conflict_rules(rule_obj) self. assertEqual(conflicts.get_clean(), expected) diff --git a/utils/test/test-include.py b/utils/test/test-include.py index 6b5d57b25..4fa6933ee 100644 --- a/utils/test/test-include.py +++ b/utils/test/test-include.py @@ -89,7 +89,7 @@ class IncludeTestParse(IncludeTest): def _run_test(self, rawrule, expected): self.assertTrue(IncludeRule.match(rawrule)) - obj = IncludeRule.parse(rawrule) + obj = IncludeRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -105,7 +105,7 @@ class IncludeTestParseInvalid(IncludeTest): def _run_test(self, rawrule, expected): self.assertTrue(IncludeRule.match(rawrule)) # the above invalid rules still match the main regex! with self.assertRaises(expected): - IncludeRule.parse(rawrule) + IncludeRule.create_instance(rawrule) # class IncludeTestParseFromLog(IncludeTest): # we'll never have log events for includes @@ -167,7 +167,7 @@ class InvalidIncludeTest(AATest): obj = None self.assertEqual(IncludeRule.match(rawrule), matches_regex) with self.assertRaises(AppArmorException): - obj = IncludeRule.parse(rawrule) + obj = IncludeRule.create_instance(rawrule) self.assertIsNone(obj, 'IncludeRule handed back an object unexpectedly') @@ -188,7 +188,7 @@ class InvalidIncludeTest(AATest): class WriteIncludeTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(IncludeRule.match(rawrule)) - obj = IncludeRule.parse(rawrule) + obj = IncludeRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -246,8 +246,8 @@ class WriteIncludeTestAATest(AATest): class IncludeCoveredTest(AATest): def _run_test(self, param, expected): - obj = IncludeRule.parse(self.rule) - check_obj = IncludeRule.parse(param) + obj = IncludeRule.create_instance(self.rule) + check_obj = IncludeRule.create_instance(param) self.assertTrue(IncludeRule.match(param)) @@ -289,7 +289,7 @@ class IncludeCoveredTest_02(IncludeCoveredTest): class IncludeCoveredTest_Invalid(AATest): # def test_borked_obj_is_covered_1(self): - # obj = IncludeRule.parse('include ') + # obj = IncludeRule.create_instance('include ') # # testobj = IncludeRule('foo', True, True) # testobj.path = '' @@ -298,7 +298,7 @@ class IncludeCoveredTest_Invalid(AATest): # obj.is_covered(testobj) def test_invalid_is_covered(self): - obj = IncludeRule.parse('include ') + obj = IncludeRule.create_instance('include ') testobj = BaseRule() # different type @@ -306,7 +306,7 @@ class IncludeCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = IncludeRule.parse('include ') + obj = IncludeRule.create_instance('include ') testobj = BaseRule() # different type @@ -321,7 +321,7 @@ class IncludeLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = IncludeRule.parse(params) + obj = IncludeRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -361,7 +361,7 @@ class IncludeFullPathsTest(AATest): for path in expected: exp2.append(path.replace('@@', self.profile_dir)) - obj = IncludeRule.parse(params) + obj = IncludeRule.create_instance(params) self.assertEqual(obj.get_full_paths(self.profile_dir), exp2) @@ -418,7 +418,7 @@ class IncludeRulesTest(AATest): ] for rule in rules: - ruleset.add(IncludeRule.parse(rule)) + ruleset.add(IncludeRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -465,7 +465,7 @@ class IncludeRulesTest(AATest): ] for rule in rules: - ruleset.add(IncludeRule.parse(rule)) + ruleset.add(IncludeRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) diff --git a/utils/test/test-network.py b/utils/test/test-network.py index 465003b6f..360e988c8 100644 --- a/utils/test/test-network.py +++ b/utils/test/test-network.py @@ -85,7 +85,7 @@ class NetworkTestParse(NetworkTest): def _run_test(self, rawrule, expected): self.assertTrue(NetworkRule.match(rawrule)) - obj = NetworkRule.parse(rawrule) + obj = NetworkRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -101,7 +101,7 @@ class NetworkTestParseInvalid(NetworkTest): def _run_test(self, rawrule, expected): self.assertTrue(NetworkRule.match(rawrule)) # the above invalid rules still match the main regex! with self.assertRaises(expected): - NetworkRule.parse(rawrule) + NetworkRule.create_instance(rawrule) class NetworkTestParseFromLog(NetworkTest): @@ -192,7 +192,7 @@ class InvalidNetworkTest(AATest): obj = None self.assertFalse(NetworkRule.match(rawrule)) with self.assertRaises(AppArmorException): - obj = NetworkRule.parse(rawrule) + obj = NetworkRule.create_instance(rawrule) self.assertIsNone(obj, 'NetworkRule handed back an object unexpectedly') @@ -220,7 +220,7 @@ class InvalidNetworkTest(AATest): class WriteNetworkTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(NetworkRule.match(rawrule)) - obj = NetworkRule.parse(rawrule) + obj = NetworkRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -247,8 +247,8 @@ class WriteNetworkTestAATest(AATest): class NetworkCoveredTest(AATest): def _run_test(self, param, expected): - obj = NetworkRule.parse(self.rule) - check_obj = NetworkRule.parse(param) + obj = NetworkRule.create_instance(self.rule) + check_obj = NetworkRule.create_instance(param) self.assertTrue(NetworkRule.match(param)) @@ -351,7 +351,7 @@ class NetworkCoveredTest_05(NetworkCoveredTest): class NetworkCoveredTest_Invalid(AATest): def test_borked_obj_is_covered_1(self): - obj = NetworkRule.parse('network inet,') + obj = NetworkRule.create_instance('network inet,') testobj = NetworkRule('inet', 'stream') testobj.domain = '' @@ -360,7 +360,7 @@ class NetworkCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_borked_obj_is_covered_2(self): - obj = NetworkRule.parse('network inet,') + obj = NetworkRule.create_instance('network inet,') testobj = NetworkRule('inet', 'stream') testobj.type_or_protocol = '' @@ -369,7 +369,7 @@ class NetworkCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_covered(self): - obj = NetworkRule.parse('network inet,') + obj = NetworkRule.create_instance('network inet,') testobj = BaseRule() # different type @@ -377,7 +377,7 @@ class NetworkCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = NetworkRule.parse('network inet,') + obj = NetworkRule.create_instance('network inet,') testobj = BaseRule() # different type @@ -397,14 +397,14 @@ class NetworkLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = NetworkRule.parse(params) + obj = NetworkRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) class NetworkRuleReprTest(AATest): tests = ( - (NetworkRule('inet', 'stream'), ' network inet stream,'), - (NetworkRule.parse(' allow network inet stream, # foo'), ' allow network inet stream, # foo'), + (NetworkRule('inet', 'stream'), ' network inet stream,'), + (NetworkRule.create_instance(' allow network inet stream, # foo'), ' allow network inet stream, # foo'), ) def _run_test(self, params, expected): @@ -442,7 +442,7 @@ class NetworkRulesTest(AATest): ] for rule in rules: - ruleset.add(NetworkRule.parse(rule)) + ruleset.add(NetworkRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -471,7 +471,7 @@ class NetworkRulesTest(AATest): ] for rule in rules: - ruleset.add(NetworkRule.parse(rule)) + ruleset.add(NetworkRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw(1)) self.assertEqual(expected_clean, ruleset.get_clean(1)) @@ -503,7 +503,7 @@ class NetworkRulesetReprTest(AATest): def test_network_ruleset_repr(self): obj = NetworkRuleset() obj.add(NetworkRule('inet', 'stream')) - obj.add(NetworkRule.parse(' allow network inet stream, # foo')) + obj.add(NetworkRule.create_instance(' allow network inet stream, # foo')) expected = '\n network inet stream,\n allow network inet stream, # foo\n' self.assertEqual(str(obj), expected) diff --git a/utils/test/test-profile-list.py b/utils/test/test-profile-list.py index ac4831b61..cd40a445d 100644 --- a/utils/test/test-profile-list.py +++ b/utils/test/test-profile-list.py @@ -176,9 +176,9 @@ class TestAdd_inc_ie(AATest): self.assertEqual(list(self.pl.files.keys()), []) def test_dedup_inc_ie_1(self): - self.pl.add_inc_ie('/etc/apparmor.d/bin.foo', IncludeRule.parse('include ')) - self.pl.add_inc_ie('/etc/apparmor.d/bin.foo', IncludeRule.parse('#include if exists # comment')) - self.pl.add_inc_ie('/etc/apparmor.d/bin.foo', IncludeRule.parse(' #include ')) + self.pl.add_inc_ie('/etc/apparmor.d/bin.foo', IncludeRule.create_instance('include ')) + self.pl.add_inc_ie('/etc/apparmor.d/bin.foo', IncludeRule.create_instance('#include if exists # comment')) + self.pl.add_inc_ie('/etc/apparmor.d/bin.foo', IncludeRule.create_instance(' #include ')) deleted = self.pl.delete_preamble_duplicates('/etc/apparmor.d/bin.foo') self.assertEqual(deleted, 2) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) @@ -214,8 +214,8 @@ class TestAdd_abi(AATest): self.assertEqual(list(self.pl.files.keys()), []) def test_dedup_abi_1(self): - self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule.parse('abi ,')) - self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule.parse(' abi , # comment')) + self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule.create_instance('abi ,')) + self.pl.add_abi('/etc/apparmor.d/bin.foo', AbiRule.create_instance(' abi , # comment')) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) deleted = self.pl.delete_preamble_duplicates('/etc/apparmor.d/bin.foo') self.assertEqual(deleted, 1) @@ -296,9 +296,9 @@ class TestAdd_variable(AATest): self.assertEqual(list(self.pl.files.keys()), []) def test_dedup_variable_1(self): - self.pl.add_variable('/etc/apparmor.d/bin.foo', VariableRule.parse('@{foo} = /foo')) - self.pl.add_variable('/etc/apparmor.d/bin.foo', VariableRule.parse('@{foo} += /bar # comment')) - self.pl.add_variable('/etc/apparmor.d/bin.foo', VariableRule.parse('@{foo} += /bar /baz')) + self.pl.add_variable('/etc/apparmor.d/bin.foo', VariableRule.create_instance('@{foo} = /foo')) + self.pl.add_variable('/etc/apparmor.d/bin.foo', VariableRule.create_instance('@{foo} += /bar # comment')) + self.pl.add_variable('/etc/apparmor.d/bin.foo', VariableRule.create_instance('@{foo} += /bar /baz')) deleted = self.pl.delete_preamble_duplicates('/etc/apparmor.d/bin.foo') self.assertEqual(deleted, 1) self.assertEqual(list(self.pl.files.keys()), ['/etc/apparmor.d/bin.foo']) diff --git a/utils/test/test-ptrace.py b/utils/test/test-ptrace.py index 1d6a60289..793605360 100644 --- a/utils/test/test-ptrace.py +++ b/utils/test/test-ptrace.py @@ -68,7 +68,7 @@ class PtraceTestParse(PtraceTest): def _run_test(self, rawrule, expected): self.assertTrue(PtraceRule.match(rawrule)) - obj = PtraceRule.parse(rawrule) + obj = PtraceRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -86,7 +86,7 @@ class PtraceTestParseInvalid(PtraceTest): def _run_test(self, rawrule, expected): self.assertTrue(PtraceRule.match(rawrule)) # the above invalid rules still match the main regex! with self.assertRaises(expected): - PtraceRule.parse(rawrule) + PtraceRule.create_instance(rawrule) class PtraceTestParseFromLog(PtraceTest): @@ -180,7 +180,7 @@ class InvalidPtraceTest(AATest): obj = None self.assertFalse(PtraceRule.match(rawrule)) with self.assertRaises(AppArmorException): - obj = PtraceRule.parse(rawrule) + obj = PtraceRule.create_instance(rawrule) self.assertIsNone(obj, 'PtraceRule handed back an object unexpectedly') @@ -208,7 +208,7 @@ class InvalidPtraceTest(AATest): class WritePtraceTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(PtraceRule.match(rawrule)) - obj = PtraceRule.parse(rawrule) + obj = PtraceRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -256,8 +256,8 @@ class WritePtraceTestAATest(AATest): class PtraceCoveredTest(AATest): def _run_test(self, param, expected): - obj = PtraceRule.parse(self.rule) - check_obj = PtraceRule.parse(param) + obj = PtraceRule.create_instance(self.rule) + check_obj = PtraceRule.create_instance(param) self.assertTrue(PtraceRule.match(param)) @@ -436,7 +436,7 @@ class PtraceCoveredTest_08(PtraceCoveredTest): class PtraceCoveredTest_Invalid(AATest): def test_borked_obj_is_covered_1(self): - obj = PtraceRule.parse('ptrace read peer=/foo,') + obj = PtraceRule.create_instance('ptrace read peer=/foo,') testobj = PtraceRule('read', '/foo') testobj.access = '' @@ -445,7 +445,7 @@ class PtraceCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_borked_obj_is_covered_2(self): - obj = PtraceRule.parse('ptrace read peer=/foo,') + obj = PtraceRule.create_instance('ptrace read peer=/foo,') testobj = PtraceRule('read', '/foo') testobj.peer = '' @@ -454,7 +454,7 @@ class PtraceCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_covered(self): - obj = PtraceRule.parse('ptrace read,') + obj = PtraceRule.create_instance('ptrace read,') testobj = BaseRule() # different type @@ -462,7 +462,7 @@ class PtraceCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal_1(self): - obj = PtraceRule.parse('ptrace read,') + obj = PtraceRule.create_instance('ptrace read,') testobj = BaseRule() # different type @@ -470,9 +470,9 @@ class PtraceCoveredTest_Invalid(AATest): obj.is_equal(testobj) def test_invalid_is_equal_2(self): - obj = PtraceRule.parse('ptrace read,') + obj = PtraceRule.create_instance('ptrace read,') - testobj = PtraceRule.parse('ptrace read,') + testobj = PtraceRule.create_instance('ptrace read,') testobj.all_peers = False # make testobj invalid (should trigger exception in _is_equal_aare()) with self.assertRaises(AppArmorBug): @@ -491,7 +491,7 @@ class PtraceLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = PtraceRule.parse(params) + obj = PtraceRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -530,7 +530,7 @@ class PtraceRulesTest(AATest): ] for rule in rules: - ruleset.add(PtraceRule.parse(rule)) + ruleset.add(PtraceRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -564,7 +564,7 @@ class PtraceRulesTest(AATest): ] for rule in rules: - ruleset.add(PtraceRule.parse(rule)) + ruleset.add(PtraceRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw(1)) self.assertEqual(expected_clean, ruleset.get_clean(1)) diff --git a/utils/test/test-rlimit.py b/utils/test/test-rlimit.py index be3ddebd5..5d059da0c 100644 --- a/utils/test/test-rlimit.py +++ b/utils/test/test-rlimit.py @@ -71,7 +71,7 @@ class RlimitTestParse(RlimitTest): def _run_test(self, rawrule, expected): self.assertTrue(RlimitRule.match(rawrule)) - obj = RlimitRule.parse(rawrule) + obj = RlimitRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -95,7 +95,7 @@ class RlimitTestParseInvalid(RlimitTest): def _run_test(self, rawrule, expected): # self.assertFalse(RlimitRule.match(rawrule)) # the main regex isn't very strict with self.assertRaises(expected): - RlimitRule.parse(rawrule) + RlimitRule.create_instance(rawrule) class RlimitTestParseFromLog(RlimitTest): @@ -181,7 +181,7 @@ class InvalidRlimitTest(AATest): obj = None self.assertFalse(RlimitRule.match(rawrule)) with self.assertRaises(AppArmorException): - obj = RlimitRule.parse(rawrule) + obj = RlimitRule.create_instance(rawrule) self.assertIsNone(obj, 'RlimitRule handed back an object unexpectedly') @@ -220,7 +220,7 @@ class WriteRlimitTest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(RlimitRule.match(rawrule)) - obj = RlimitRule.parse(rawrule) + obj = RlimitRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -238,8 +238,8 @@ class WriteRlimitTest(AATest): class RlimitCoveredTest(AATest): def _run_test(self, param, expected): - obj = RlimitRule.parse(self.rule) - check_obj = RlimitRule.parse(param) + obj = RlimitRule.create_instance(self.rule) + check_obj = RlimitRule.create_instance(param) self.assertTrue(RlimitRule.match(param)) @@ -336,7 +336,7 @@ class RlimitCoveredTest_05(RlimitCoveredTest): class RlimitCoveredTest_Invalid(AATest): def test_borked_obj_is_covered_1(self): - obj = RlimitRule.parse('set rlimit cpu <= 1024,') + obj = RlimitRule.create_instance('set rlimit cpu <= 1024,') testobj = RlimitRule('cpu', '1024') testobj.rlimit = '' @@ -345,7 +345,7 @@ class RlimitCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_borked_obj_is_covered_2(self): - obj = RlimitRule.parse('set rlimit cpu <= 1024,') + obj = RlimitRule.create_instance('set rlimit cpu <= 1024,') testobj = RlimitRule('cpu', '1024') testobj.value = '' @@ -354,7 +354,7 @@ class RlimitCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_covered(self): - obj = RlimitRule.parse('set rlimit cpu <= 1024,') + obj = RlimitRule.create_instance('set rlimit cpu <= 1024,') testobj = BaseRule() # different type @@ -362,7 +362,7 @@ class RlimitCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = RlimitRule.parse('set rlimit cpu <= 1024,') + obj = RlimitRule.create_instance('set rlimit cpu <= 1024,') testobj = BaseRule() # different type @@ -379,7 +379,7 @@ class RlimitLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = RlimitRule.parse(params) + obj = RlimitRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -414,7 +414,7 @@ class RlimitRulesTest(AATest): ] for rule in rules: - ruleset.add(RlimitRule.parse(rule)) + ruleset.add(RlimitRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) diff --git a/utils/test/test-signal.py b/utils/test/test-signal.py index ac68b12e5..19ffaccfb 100644 --- a/utils/test/test-signal.py +++ b/utils/test/test-signal.py @@ -69,7 +69,7 @@ class SignalTestParse(SignalTest): def _run_test(self, rawrule, expected): self.assertTrue(SignalRule.match(rawrule)) - obj = SignalRule.parse(rawrule) + obj = SignalRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -90,7 +90,7 @@ class SignalTestParseInvalid(SignalTest): def _run_test(self, rawrule, expected): self.assertTrue(SignalRule.match(rawrule)) # the above invalid rules still match the main regex! with self.assertRaises(expected): - SignalRule.parse(rawrule) + SignalRule.create_instance(rawrule) class SignalTestParseFromLog(SignalTest): @@ -192,7 +192,7 @@ class InvalidSignalTest(AATest): obj = None self.assertFalse(SignalRule.match(rawrule)) with self.assertRaises(AppArmorException): - obj = SignalRule.parse(rawrule) + obj = SignalRule.create_instance(rawrule) self.assertIsNone(obj, 'SignalRule handed back an object unexpectedly') @@ -227,7 +227,7 @@ class InvalidSignalTest(AATest): class WriteSignalTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(SignalRule.match(rawrule)) - obj = SignalRule.parse(rawrule) + obj = SignalRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -272,8 +272,8 @@ class WriteSignalTestAATest(AATest): class SignalCoveredTest(AATest): def _run_test(self, param, expected): - obj = SignalRule.parse(self.rule) - check_obj = SignalRule.parse(param) + obj = SignalRule.create_instance(self.rule) + check_obj = SignalRule.create_instance(param) self.assertTrue(SignalRule.match(param)) @@ -498,7 +498,7 @@ class SignalCoveredTest_09(SignalCoveredTest): class SignalCoveredTest_Invalid(AATest): def test_borked_obj_is_covered_1(self): - obj = SignalRule.parse('signal send peer=/foo,') + obj = SignalRule.create_instance('signal send peer=/foo,') testobj = SignalRule('send', 'quit', '/foo') testobj.access = '' @@ -507,7 +507,7 @@ class SignalCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_borked_obj_is_covered_2(self): - obj = SignalRule.parse('signal send set=quit peer=/foo,') + obj = SignalRule.create_instance('signal send set=quit peer=/foo,') testobj = SignalRule('send', 'quit', '/foo') testobj.signal = '' @@ -516,7 +516,7 @@ class SignalCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_borked_obj_is_covered_3(self): - obj = SignalRule.parse('signal send set=quit peer=/foo,') + obj = SignalRule.create_instance('signal send set=quit peer=/foo,') testobj = SignalRule('send', 'quit', '/foo') testobj.peer = '' @@ -525,7 +525,7 @@ class SignalCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_covered(self): - obj = SignalRule.parse('signal send,') + obj = SignalRule.create_instance('signal send,') testobj = BaseRule() # different type @@ -533,7 +533,7 @@ class SignalCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = SignalRule.parse('signal send,') + obj = SignalRule.create_instance('signal send,') testobj = BaseRule() # different type @@ -556,7 +556,7 @@ class SignalLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = SignalRule.parse(params) + obj = SignalRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) @@ -591,7 +591,7 @@ class SignalRulesTest(AATest): ] for rule in rules: - ruleset.add(SignalRule.parse(rule)) + ruleset.add(SignalRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -620,7 +620,7 @@ class SignalRulesTest(AATest): ] for rule in rules: - ruleset.add(SignalRule.parse(rule)) + ruleset.add(SignalRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw(1)) self.assertEqual(expected_clean, ruleset.get_clean(1)) diff --git a/utils/test/test-variable.py b/utils/test/test-variable.py index 8e1c4b4ba..8381bbe61 100644 --- a/utils/test/test-variable.py +++ b/utils/test/test-variable.py @@ -87,7 +87,7 @@ class VariableTestParse(VariableTest): def _run_test(self, rawrule, expected): self.assertTrue(VariableRule.match(rawrule)) - obj = VariableRule.parse(rawrule) + obj = VariableRule.create_instance(rawrule) self.assertEqual(rawrule.strip(), obj.raw_rule) self._compare_obj(obj, expected) @@ -108,7 +108,7 @@ class VariableTestParseInvalid(VariableTest): def _run_test(self, rawrule, expected): self.assertEqual(VariableRule.match(rawrule), expected[0]) with self.assertRaises(expected[1]): - VariableRule.parse(rawrule) + VariableRule.create_instance(rawrule) class VariableFromInit(VariableTest): @@ -173,7 +173,7 @@ class InvalidVariableTest(AATest): obj = None self.assertEqual(VariableRule.match(rawrule), matches_regex) with self.assertRaises(AppArmorException): - obj = VariableRule.parse(rawrule) + obj = VariableRule.create_instance(rawrule) self.assertIsNone(obj, 'VariableRule handed back an object unexpectedly') @@ -200,7 +200,7 @@ class WriteVariableTestAATest(AATest): def _run_test(self, rawrule, expected): self.assertTrue(VariableRule.match(rawrule)) - obj = VariableRule.parse(rawrule) + obj = VariableRule.create_instance(rawrule) clean = obj.get_clean() raw = obj.get_raw() @@ -226,8 +226,8 @@ class WriteVariableTestAATest(AATest): class VariableCoveredTest(AATest): def _run_test(self, param, expected): - obj = VariableRule.parse(self.rule) - check_obj = VariableRule.parse(param) + obj = VariableRule.create_instance(self.rule) + check_obj = VariableRule.create_instance(param) self.assertTrue(VariableRule.match(param)) @@ -280,7 +280,7 @@ class VariableCoveredTest_02(VariableCoveredTest): class VariableCoveredTest_Invalid(AATest): # def test_borked_obj_is_covered_1(self): - # obj = VariableRule.parse('@{foo} = /bar') + # obj = VariableRule.create_instance('@{foo} = /bar') # # testobj = VariableRule('@{foo}', '=', '/bar') # testobj.mode = '' @@ -289,7 +289,7 @@ class VariableCoveredTest_Invalid(AATest): # obj.is_covered(testobj) def test_borked_obj_is_covered_2(self): - obj = VariableRule.parse('@{foo} = /bar') + obj = VariableRule.create_instance('@{foo} = /bar') testobj = VariableRule('@{foo}', '=', {'/bar'}) testobj.values = '' @@ -298,7 +298,7 @@ class VariableCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_covered_3(self): - obj = VariableRule.parse('@{foo} = /bar') + obj = VariableRule.create_instance('@{foo} = /bar') testobj = BaseRule() # different type @@ -306,7 +306,7 @@ class VariableCoveredTest_Invalid(AATest): obj.is_covered(testobj) def test_invalid_is_equal(self): - obj = VariableRule.parse('@{foo} = /bar') + obj = VariableRule.create_instance('@{foo} = /bar') testobj = BaseRule() # different type @@ -320,7 +320,7 @@ class VariableLogprofHeaderTest(AATest): ) def _run_test(self, params, expected): - obj = VariableRule.parse(params) + obj = VariableRule.create_instance(params) self.assertEqual(obj.logprof_header(), expected) # --- tests for VariableRuleset --- # @@ -380,7 +380,7 @@ class VariableRulesTest(AATest): } for rule in rules: - ruleset.add(VariableRule.parse(rule)) + ruleset.add(VariableRule.create_instance(rule)) self.assertEqual(expected_raw, ruleset.get_raw()) self.assertEqual(expected_clean, ruleset.get_clean()) @@ -390,9 +390,9 @@ class VariableRulesTest(AATest): def test_ruleset_overwrite(self): ruleset = VariableRuleset() - ruleset.add(VariableRule.parse('@{foo} = /bar')) + ruleset.add(VariableRule.create_instance('@{foo} = /bar')) with self.assertRaises(AppArmorException): - ruleset.add(VariableRule.parse('@{foo} = /asdf')) # attempt to redefine @{foo} + ruleset.add(VariableRule.create_instance('@{foo} = /asdf')) # attempt to redefine @{foo} self.assertEqual({'=': {'@{foo}': {'/bar'}}, '+=': {}}, ruleset.get_merged_variables())