utils: Add tests for get_local_include

Signed-off-by: Maxime Bélair <maxime.belair@canonical.com>
2025-08-21 17:47:10 +00:00 · 2025-08-14 09:57:02 +02:00 · 2025-08-14 09:57:02 +02:00 · ba336533ac
commit ba336533ac
parent 0d34f12d7e
1 changed files with 22 additions and 0 deletions
--- a/utils/test/test-profile-storage.py
+++ b/utils/test/test-profile-storage.py
@ -14,6 +14,7 @@ import unittest
 from apparmor.common import AppArmorBug, AppArmorException
 from apparmor.profile_storage import ProfileStorage, add_or_remove_flag, split_flags, var_transform
 from apparmor.rule.capability import CapabilityRule
+from apparmor.rule.include import IncludeRule
 from common_test import AATest, setup_all_loops


@ -313,6 +314,27 @@ class AaTest_var_transform(AATest):
        self.assertEqual(var_transform(params), expected)


+class AaTest_include(AATest):
+    tests = (
+        (('profile foo /foo {', []),                                        None),  # No include
+        (('profile foo /foo {', ['elsewhere/foo']),                         None),  # No include in local/
+        (('profile foo /foo {', ['local/foo']),                             "local/foo"),  # Single include, we pick it
+        (('profile foo /foo {', ['local/bar']),                             "local/bar"),  # Single include, we pick it
+        (('profile x//y /y {',  ['local/x..y', 'local/y']),                 "local/x..y"),  # Pick the include that matches the profile nam
+        (('profile foo /foo {', ['local/bar', 'local/foo', 'local/baz']),   "local/foo"),  # Pick the include that matches the profile name
+        (('/usr/bin/xx {',      ['local/usr.bin.xx', 'local/xx']),          "local/usr.bin.xx"),  # Pick the include that matches the profile name
+        (('profile foo /foo {', ['local/bar', 'local/baz', 'local/qux']),   "local/qux"),  # No match, pick the last one
+    )
+
+    def _run_test(self, params, expected):
+        (profile, hat, prof_storage) = ProfileStorage.parse(params[0], 'somefile', 1, None, None)
+
+        for inc in params[1]:
+            prof_storage.data['inc_ie'].add(IncludeRule(inc, True, True))
+
+        self.assertEqual(prof_storage.get_local_include(), expected)
+
+
 setup_all_loops(__name__)
 if __name__ == '__main__':
    unittest.main(verbosity=1)