IncludeRule: add get_full_paths()

This function returns a list of paths for an include rule. This can be - a single path if the include file is a file and exists - a single path if the include file doesn't exist, but doesn't have 'if exists' (this will cause a 'file not found' error when used) - a list of paths if the include is a directory - an empty list if the rule has 'if exists' and the file doesn't exist Also add some tests for get_full_paths()
2025-08-31 14:25:52 +00:00 · 2020-05-16 22:36:05 +02:00
parent d799195e0a
commit f3f597ff0b
2 changed files with 73 additions and 2 deletions
--- a/utils/test/test-include.py
+++ b/utils/test/test-include.py
@@ -15,7 +15,10 @@

 import unittest
 from collections import namedtuple
-from common_test import AATest, setup_all_loops
+from common_test import AATest, setup_all_loops, write_file
+
+import os
+import shutil

 from apparmor.rule.include import IncludeRule, IncludeRuleset
 #from apparmor.rule import BaseRule
@@ -336,6 +339,45 @@ class IncludeLogprofHeaderTest(AATest):
        obj = IncludeRule._parse(params)
        self.assertEqual(obj.logprof_header(), expected)

+class IncludeFullPathsTest(AATest):
+    def AASetup(self):
+        self.createTmpdir()
+
+        #copy the local profiles to the test directory
+        self.profile_dir = '%s/profiles' % self.tmpdir
+        shutil.copytree('../../profiles/apparmor.d/', self.profile_dir, symlinks=True)
+
+        inc_dir = os.path.join(self.profile_dir, 'abstractions/inc.d')
+        os.mkdir(inc_dir, 0o755)
+        write_file(inc_dir, 'incfoo', '/incfoo r,')
+        write_file(inc_dir, 'incbar', '/incbar r,')
+        write_file(inc_dir, 'README', '# README')  # gets skipped
+
+        sub_dir = os.path.join(self.profile_dir, 'abstractions/inc.d/subdir')  # gets skipped
+        os.mkdir(sub_dir, 0o755)
+
+        empty_dir = os.path.join(self.profile_dir, 'abstractions/empty.d')
+        os.mkdir(empty_dir, 0o755)
+
+    tests = [
+        #                                                 @@ will be replaced with self.profile_dir
+        ('include <abstractions/base>',                 ['@@/abstractions/base']                                            ),
+#       ('include "foo"',                               ['@@/foo']                                                          ),  # TODO: adjust logic to honor quoted vs. magic paths (and allow quoted relative paths in re_match_include_parse())
+        ('include "/foo/bar"',                          ['/foo/bar']                                                        ),
+        ('include <abstractions/inc.d>',                ['@@/abstractions/inc.d/incfoo', '@@/abstractions/inc.d/incbar']    ),
+        ('include <abstractions/empty.d>',              []                                                                  ),
+        ('include <abstractions/not_found>',            ['@@/abstractions/not_found']                                       ),
+        ('include if exists <abstractions/not_found>',  []                                                                  ),
+    ]
+
+    def _run_test(self, params, expected):
+        exp2 = []
+        for path in expected:
+            exp2.append(path.replace('@@', self.profile_dir))
+
+        obj = IncludeRule._parse(params)
+        self.assertEqual(obj.get_full_paths(self.profile_dir), exp2)
+
 ## --- tests for IncludeRuleset --- #

 class IncludeRulesTest(AATest):