github.com/google/capslock@v0.2.3-0.20240517042941-dac19fc347c0/interesting/interesting_test.go

github.com/google/capslock@v0.2.3-0.20240517042941-dac19fc347c0/interesting/interesting_test.go (about)

     1  // Copyright 2023 Google LLC
     2  //
     3  // Use of this source code is governed by a BSD-style
     4  // license that can be found in the LICENSE file or at
     5  // https://developers.google.com/open-source/licenses/bsd
     6  
     7  package interesting
     8  
     9  import (
    10  	"strings"
    11  	"testing"
    12  
    13  	cpb "github.com/google/capslock/proto"
    14  )
    15  
    16  const (
    17  	userCapabilityMap = `
    18  # Override existing package capability
    19  package runtime CAPABILITY_NETWORK
    20  # Specify package capability for a new package
    21  package example.com/some/package CAPABILITY_OPERATING_SYSTEM
    22  # Specify package capability for a new function
    23  func example.com/some/package.Foo CAPABILITY_FILES
    24  # Override existing function capability
    25  func fmt.Sprintf CAPABILITY_FILES
    26  `
    27  )
    28  
    29  
    30  func TestInteresting(t *testing.T) {
    31  	classifier := DefaultClassifier()
    32  	for _, c := range []struct {
    33  		pkg, fn string
    34  		want    cpb.Capability
    35  	}{
    36  		{
    37  			"os",
    38  			"os.Open",
    39  			cpb.Capability_CAPABILITY_FILES,
    40  		},
    41  		{
    42  			"fmt",
    43  			"fmt.Sprintf",
    44  			cpb.Capability_CAPABILITY_SAFE,
    45  		},
    46  		{
    47  			"example.com/some/package",
    48  			"example.com/some/package.Foo",
    49  			cpb.Capability_CAPABILITY_UNSPECIFIED,
    50  		},
    51  		{
    52  			"example.com/some/package",
    53  			"example.com/some/package.Foo_Cfunc_GoString",
    54  			cpb.Capability_CAPABILITY_CGO,
    55  		},
    56  		{
    57  			"os",
    58  			"os.SomeNewFunctionWithNoFunctionLevelCategoryYet",
    59  			cpb.Capability_CAPABILITY_OPERATING_SYSTEM,
    60  		},
    61  		{
    62  			"runtime",
    63  			"runtime.SomeOtherFunctionWithNoFunctionLevelCategoryYet",
    64  			cpb.Capability_CAPABILITY_RUNTIME,
    65  		},
    66  		{
    67  			"runtime",
    68  			"(*runtime.Func).Name",
    69  			cpb.Capability_CAPABILITY_SAFE,
    70  		},
    71  		{
    72  			"foo",
    73  			"foo.Something_Cfunc_GoString",
    74  			cpb.Capability_CAPABILITY_CGO,
    75  		},
    76  		{
    77  			"foo",
    78  			"foo.Something",
    79  			cpb.Capability_CAPABILITY_UNSPECIFIED,
    80  		},
    81  	} {
    82  		if got := classifier.FunctionCategory(c.pkg, c.fn); got != c.want {
    83  			t.Errorf("FunctionCategory(%q, %q): got %q, want %q", c.pkg, c.fn, got, c.want)
    84  		}
    85  	}
    86  }
    87  
    88  func TestUserWithBuiltin(t *testing.T) {
    89  	classifier, err := LoadClassifier(t.Name(), strings.NewReader(userCapabilityMap), false)
    90  	if err != nil {
    91  		t.Fatalf("LoadClassifier failed: %v", err)
    92  	}
    93  	for _, c := range []struct {
    94  		pkg, fn string
    95  		want    cpb.Capability
    96  	}{
    97  		{
    98  			"os",
    99  			"os.Open",
   100  			cpb.Capability_CAPABILITY_FILES,
   101  		},
   102  		{
   103  			"os",
   104  			"os.SomeNewFunctionWithNoFunctionLevelCategoryYet",
   105  			cpb.Capability_CAPABILITY_OPERATING_SYSTEM,
   106  		},
   107  		{
   108  			"fmt",
   109  			"fmt.Sprintf",
   110  			cpb.Capability_CAPABILITY_FILES,
   111  		},
   112  		{
   113  			"example.com/some/package",
   114  			"example.com/some/package.Foo",
   115  			cpb.Capability_CAPABILITY_FILES,
   116  		},
   117  		{
   118  			"example.com/some/package",
   119  			"example.com/some/package.OtherFoo",
   120  			cpb.Capability_CAPABILITY_OPERATING_SYSTEM,
   121  		},
   122  		{
   123  			"runtime",
   124  			"runtime.SomeFunction",
   125  			cpb.Capability_CAPABILITY_NETWORK,
   126  		},
   127  	} {
   128  		if got := classifier.FunctionCategory(c.pkg, c.fn); got != c.want {
   129  			t.Errorf("FunctionCategory(%q, %q): got %q, want %q", c.pkg, c.fn, got, c.want)
   130  		}
   131  	}
   132  }
   133  
   134  func TestUserWithoutBuiltin(t *testing.T) {
   135  	classifier, err := LoadClassifier(t.Name(), strings.NewReader(userCapabilityMap), true)
   136  	if err != nil {
   137  		t.Fatalf("LoadClassifier failed: %v", err)
   138  	}
   139  	for _, c := range []struct {
   140  		pkg, fn string
   141  		want    cpb.Capability
   142  	}{
   143  		{
   144  			"os",
   145  			"os.Open",
   146  			cpb.Capability_CAPABILITY_UNSPECIFIED,
   147  		},
   148  		{
   149  			"os",
   150  			"os.SomeNewFunctionWithNoFunctionLevelCategoryYet",
   151  			cpb.Capability_CAPABILITY_UNSPECIFIED,
   152  		},
   153  		{
   154  			"fmt",
   155  			"fmt.Sprintf",
   156  			cpb.Capability_CAPABILITY_FILES,
   157  		},
   158  		{
   159  			"example.com/some/package",
   160  			"example.com/some/package.Foo",
   161  			cpb.Capability_CAPABILITY_FILES,
   162  		},
   163  		{
   164  			"example.com/some/package",
   165  			"example.com/some/package.OtherFoo",
   166  			cpb.Capability_CAPABILITY_OPERATING_SYSTEM,
   167  		},
   168  		{
   169  			"runtime",
   170  			"runtime.SomeFunction",
   171  			cpb.Capability_CAPABILITY_NETWORK,
   172  		},
   173  	} {
   174  		if got := classifier.FunctionCategory(c.pkg, c.fn); got != c.want {
   175  			t.Errorf("FunctionCategory(%q, %q): got %q, want %q", c.pkg, c.fn, got, c.want)
   176  		}
   177  	}
   178  }