File: test_boundsquery.py

package info (click to toggle)
setools 4.6.0-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 3,600 kB
  • sloc: python: 24,485; makefile: 14
file content (74 lines) | stat: -rw-r--r-- 2,753 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
# Copyright 2016, Tresys Technology, LLC
#
# SPDX-License-Identifier: GPL-2.0-only
#
import pytest
import setools


@pytest.mark.obj_args("tests/library/boundsquery.conf")
class TestBoundsQuery:

    def test_unset(self, compiled_policy: setools.SELinuxPolicy) -> None:
        """Bounds query with no criteria."""
        # query with no parameters gets all bounds.
        allbounds = sorted(compiled_policy.bounds())

        q = setools.BoundsQuery(compiled_policy)
        qbounds = sorted(q.results())

        assert allbounds == qbounds

    def test_parent_exact(self, compiled_policy: setools.SELinuxPolicy) -> None:
        """Bounds query with exact parent match."""
        q = setools.BoundsQuery(compiled_policy, parent="test1_parent", parent_regex=False)
        qbounds = sorted(q.results())
        assert 1 == len(qbounds)

        b = qbounds[0]
        assert setools.BoundsRuletype.typebounds == b.ruletype
        assert "test1_parent" == b.parent
        assert "test1_child" == b.child

    def test_parent_regex(self, compiled_policy: setools.SELinuxPolicy) -> None:
        """Bounds query with regex parent match."""
        q = setools.BoundsQuery(compiled_policy, parent="test2_parent?", parent_regex=True)
        qbounds = sorted(q.results())
        assert 2 == len(qbounds)

        b = qbounds[0]
        assert setools.BoundsRuletype.typebounds == b.ruletype
        assert "test2_parent1" == b.parent
        assert "test2_child2" == b.child

        b = qbounds[1]
        assert setools.BoundsRuletype.typebounds == b.ruletype
        assert "test2_parent2" == b.parent
        assert "test2_child1" == b.child

    def test_child_exact(self, compiled_policy: setools.SELinuxPolicy) -> None:
        """Bounds query with exact child match."""
        q = setools.BoundsQuery(compiled_policy, child="test10_child", child_regex=False)
        qbounds = sorted(q.results())
        assert 1 == len(qbounds)

        b = qbounds[0]
        assert setools.BoundsRuletype.typebounds == b.ruletype
        assert "test10_parent" == b.parent
        assert "test10_child" == b.child

    def test_child_regex(self, compiled_policy: setools.SELinuxPolicy) -> None:
        """Bounds query with regex child match."""
        q = setools.BoundsQuery(compiled_policy, child="test11_child?", child_regex=True)
        qbounds = sorted(q.results())
        assert 2 == len(qbounds)

        b = qbounds[0]
        assert setools.BoundsRuletype.typebounds == b.ruletype
        assert "test11_parent1" == b.parent
        assert "test11_child2" == b.child

        b = qbounds[1]
        assert setools.BoundsRuletype.typebounds == b.ruletype
        assert "test11_parent2" == b.parent
        assert "test11_child1" == b.child