github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/interfaces/builtin/location_observe_test.go (about) 1 // -*- Mode: Go; indent-tabs-mode: t -*- 2 3 /* 4 * Copyright (C) 2016 Canonical Ltd 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 3 as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <http://www.gnu.org/licenses/>. 17 * 18 */ 19 20 package builtin_test 21 22 import ( 23 . "gopkg.in/check.v1" 24 25 "github.com/snapcore/snapd/interfaces" 26 "github.com/snapcore/snapd/interfaces/apparmor" 27 "github.com/snapcore/snapd/interfaces/builtin" 28 "github.com/snapcore/snapd/snap" 29 "github.com/snapcore/snapd/snap/snaptest" 30 "github.com/snapcore/snapd/testutil" 31 ) 32 33 type LocationObserveInterfaceSuite struct { 34 iface interfaces.Interface 35 slotInfo *snap.SlotInfo 36 slot *interfaces.ConnectedSlot 37 plugInfo *snap.PlugInfo 38 plug *interfaces.ConnectedPlug 39 } 40 41 var _ = Suite(&LocationObserveInterfaceSuite{ 42 iface: builtin.MustInterface("location-observe"), 43 }) 44 45 func (s *LocationObserveInterfaceSuite) SetUpTest(c *C) { 46 var mockPlugSnapInfoYaml = `name: other 47 version: 1.0 48 apps: 49 app: 50 command: foo 51 plugs: [location-observe] 52 ` 53 var mockSlotSnapInfoYaml = `name: location 54 version: 1.0 55 apps: 56 app2: 57 command: foo 58 slots: [location-observe] 59 ` 60 snapInfo := snaptest.MockInfo(c, mockPlugSnapInfoYaml, nil) 61 s.plugInfo = snapInfo.Plugs["location-observe"] 62 s.plug = interfaces.NewConnectedPlug(s.plugInfo, nil, nil) 63 snapInfo = snaptest.MockInfo(c, mockSlotSnapInfoYaml, nil) 64 s.slotInfo = snapInfo.Slots["location-observe"] 65 s.slot = interfaces.NewConnectedSlot(s.slotInfo, nil, nil) 66 } 67 68 func (s *LocationObserveInterfaceSuite) TestName(c *C) { 69 c.Assert(s.iface.Name(), Equals, "location-observe") 70 } 71 72 // The label glob when all apps are bound to the location slot 73 func (s *LocationObserveInterfaceSuite) TestConnectedPlugSnippetUsesSlotLabelAll(c *C) { 74 app1 := &snap.AppInfo{Name: "app1"} 75 app2 := &snap.AppInfo{Name: "app2"} 76 slot := interfaces.NewConnectedSlot(&snap.SlotInfo{ 77 Snap: &snap.Info{ 78 SuggestedName: "location", 79 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 80 }, 81 Name: "location", 82 Interface: "location", 83 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 84 }, nil, nil) 85 86 apparmorSpec := &apparmor.Specification{} 87 err := apparmorSpec.AddConnectedPlug(s.iface, s.plug, slot) 88 c.Assert(err, IsNil) 89 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.other.app"}) 90 c.Assert(apparmorSpec.SnippetForTag("snap.other.app"), testutil.Contains, `peer=(label="snap.location.*"),`) 91 } 92 93 // The label uses alternation when some, but not all, apps is bound to the location slot 94 func (s *LocationObserveInterfaceSuite) TestConnectedPlugSnippetUsesSlotLabelSome(c *C) { 95 app1 := &snap.AppInfo{Name: "app1"} 96 app2 := &snap.AppInfo{Name: "app2"} 97 app3 := &snap.AppInfo{Name: "app3"} 98 slot := interfaces.NewConnectedSlot(&snap.SlotInfo{ 99 Snap: &snap.Info{ 100 SuggestedName: "location", 101 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2, "app3": app3}, 102 }, 103 Name: "location", 104 Interface: "location", 105 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 106 }, nil, nil) 107 108 apparmorSpec := &apparmor.Specification{} 109 err := apparmorSpec.AddConnectedPlug(s.iface, s.plug, slot) 110 c.Assert(err, IsNil) 111 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.other.app"}) 112 c.Assert(apparmorSpec.SnippetForTag("snap.other.app"), testutil.Contains, `peer=(label="snap.location.{app1,app2}"),`) 113 } 114 115 // The label uses short form when exactly one app is bound to the location slot 116 func (s *LocationObserveInterfaceSuite) TestConnectedPlugSnippetUsesSlotLabelOne(c *C) { 117 app := &snap.AppInfo{Name: "app"} 118 slot := interfaces.NewConnectedSlot(&snap.SlotInfo{ 119 Snap: &snap.Info{ 120 SuggestedName: "location", 121 Apps: map[string]*snap.AppInfo{"app": app}, 122 }, 123 Name: "location", 124 Interface: "location", 125 Apps: map[string]*snap.AppInfo{"app": app}, 126 }, nil, nil) 127 128 apparmorSpec := &apparmor.Specification{} 129 err := apparmorSpec.AddConnectedPlug(s.iface, s.plug, slot) 130 c.Assert(err, IsNil) 131 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.other.app"}) 132 c.Assert(apparmorSpec.SnippetForTag("snap.other.app"), testutil.Contains, `peer=(label="snap.location.app"),`) 133 } 134 135 // The label glob when all apps are bound to the location plug 136 func (s *LocationObserveInterfaceSuite) TestConnectedSlotSnippetUsesPlugLabelAll(c *C) { 137 app1 := &snap.AppInfo{Name: "app1"} 138 app2 := &snap.AppInfo{Name: "app2"} 139 plug := interfaces.NewConnectedPlug(&snap.PlugInfo{ 140 Snap: &snap.Info{ 141 SuggestedName: "location", 142 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 143 }, 144 Name: "location", 145 Interface: "location", 146 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 147 }, nil, nil) 148 149 apparmorSpec := &apparmor.Specification{} 150 err := apparmorSpec.AddConnectedSlot(s.iface, plug, s.slot) 151 c.Assert(err, IsNil) 152 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.location.app2"}) 153 c.Assert(apparmorSpec.SnippetForTag("snap.location.app2"), testutil.Contains, `peer=(label="snap.location.*"),`) 154 } 155 156 // The label uses alternation when some, but not all, apps is bound to the location plug 157 func (s *LocationObserveInterfaceSuite) TestConnectedSlotSnippetUsesPlugLabelSome(c *C) { 158 app1 := &snap.AppInfo{Name: "app1"} 159 app2 := &snap.AppInfo{Name: "app2"} 160 app3 := &snap.AppInfo{Name: "app3"} 161 plug := interfaces.NewConnectedPlug(&snap.PlugInfo{ 162 Snap: &snap.Info{ 163 SuggestedName: "location", 164 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2, "app3": app3}, 165 }, 166 Name: "location", 167 Interface: "location", 168 Apps: map[string]*snap.AppInfo{"app1": app1, "app2": app2}, 169 }, nil, nil) 170 171 apparmorSpec := &apparmor.Specification{} 172 err := apparmorSpec.AddConnectedSlot(s.iface, plug, s.slot) 173 c.Assert(err, IsNil) 174 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.location.app2"}) 175 c.Assert(apparmorSpec.SnippetForTag("snap.location.app2"), testutil.Contains, `peer=(label="snap.location.{app1,app2}"),`) 176 } 177 178 // The label uses short form when exactly one app is bound to the location plug 179 func (s *LocationObserveInterfaceSuite) TestConnectedSlotSnippetUsesPlugLabelOne(c *C) { 180 app := &snap.AppInfo{Name: "app"} 181 plug := interfaces.NewConnectedPlug(&snap.PlugInfo{ 182 Snap: &snap.Info{ 183 SuggestedName: "location", 184 Apps: map[string]*snap.AppInfo{"app": app}, 185 }, 186 Name: "location", 187 Interface: "location", 188 Apps: map[string]*snap.AppInfo{"app": app}, 189 }, nil, nil) 190 191 apparmorSpec := &apparmor.Specification{} 192 err := apparmorSpec.AddConnectedSlot(s.iface, plug, s.slot) 193 c.Assert(err, IsNil) 194 c.Assert(apparmorSpec.SecurityTags(), DeepEquals, []string{"snap.location.app2"}) 195 c.Assert(apparmorSpec.SnippetForTag("snap.location.app2"), testutil.Contains, `peer=(label="snap.location.app"),`) 196 } 197 198 func (s *LocationObserveInterfaceSuite) TestInterfaces(c *C) { 199 c.Check(builtin.Interfaces(), testutil.DeepContains, s.iface) 200 }