test-bus-xml-policy.c revision 7447362c530e3f7128f16a35d1e43da4251144cc
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt This file is part of systemd.
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt Copyright 2014 Daniel Mack
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt systemd is free software; you can redistribute it and/or modify it
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt under the terms of the GNU Lesser General Public License as published by
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt the Free Software Foundation; either version 2.1 of the License, or
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt (at your option) any later version.
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt systemd is distributed in the hope that it will be useful, but
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt WITHOUT ANY WARRANTY; without even the implied warranty of
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt Lesser General Public License for more details.
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt You should have received a copy of the GNU Lesser General Public License
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt along with systemd; If not, see <http://www.gnu.org/licenses/>.
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flyktstatic int test_policy_load(Policy *p, const char *name) {
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt path = strjoin(TEST_DIR, "/bus-policy/", name, NULL);
a276e6d68606861b552140cbcc003f4af10626fcTom Gundersen log_error_errno(r, "Failed to load policy %s: %m", fn);
631bbe71298ec892f77f44f94feb612646fe6853Patrik Flykt /* Ownership tests */
631bbe71298ec892f77f44f94feb612646fe6853Patrik Flykt assert_se(test_policy_load(&p, "ownerships.conf") == 0);
631bbe71298ec892f77f44f94feb612646fe6853Patrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.test.test1") == true);
631bbe71298ec892f77f44f94feb612646fe6853Patrik Flykt assert_se(policy_check_own(&p, 1, 0, "org.test.test1") == true);
631bbe71298ec892f77f44f94feb612646fe6853Patrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.test.test2") == true);
631bbe71298ec892f77f44f94feb612646fe6853Patrik Flykt assert_se(policy_check_own(&p, 1, 0, "org.test.test2") == false);
631bbe71298ec892f77f44f94feb612646fe6853Patrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.test.test3") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_own(&p, 1, 0, "org.test.test3") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.test.test4") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_own(&p, 1, 0, "org.test.test4") == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt /* Signaltest */
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(test_policy_load(&p, "signals.conf") == 0);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_SIGNAL, "bli.bla.blubb", NULL, "/an/object/path", NULL) == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_one_send(&p, 1, 0, SD_BUS_MESSAGE_SIGNAL, "bli.bla.blubb", NULL, "/an/object/path", NULL) == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt /* Method calls */
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(test_policy_load(&p, "methods.conf") == 0);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "bli.bla.blubb", "Member") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "bli.bla.blubb", "Member") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int1", "Member") == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_one_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test3", "/an/object/path", "org.test.int3", "Member111") == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt /* User and groups */
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(test_policy_load(&p, "hello.conf") == 0);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_hello(&p, 0, 0) == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_hello(&p, 1, 0) == false);
ea3b3a75abb3f8b853f7da454b9b8e258a120eeaPatrik Flykt assert_se(policy_check_hello(&p, 0, 1) == false);
ea3b3a75abb3f8b853f7da454b9b8e258a120eeaPatrik Flykt /* dbus1 test file: ownership */
ea3b3a75abb3f8b853f7da454b9b8e258a120eeaPatrik Flykt assert_se(test_policy_load(&p, "check-own-rules.conf") >= 0);
ea3b3a75abb3f8b853f7da454b9b8e258a120eeaPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.freedesktop") == false);
ea3b3a75abb3f8b853f7da454b9b8e258a120eeaPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystem") == false);
ea3b3a75abb3f8b853f7da454b9b8e258a120eeaPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems") == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems.foo") == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems.foo.bar") == true);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2.foo") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.freedesktop.ManySystems2.foo.bar") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt /* dbus1 test file: many rules */
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(test_policy_load(&p, "many-rules.conf") >= 0);
a9aff3615b430f86bd0a824214d95f634efaf894Patrik Flykt /* dbus1 test file: generic test */
a9aff3615b430f86bd0a824214d95f634efaf894Patrik Flykt assert_se(test_policy_load(&p, "test.conf") >= 0);
a9aff3615b430f86bd0a824214d95f634efaf894Patrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.foo.FooService") == true);
a9aff3615b430f86bd0a824214d95f634efaf894Patrik Flykt assert_se(policy_check_own(&p, 0, 0, "org.foo.FooService2") == false);
a9aff3615b430f86bd0a824214d95f634efaf894Patrik Flykt assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == false);
f12abb48fc510b8b349c05e35ba048134debaf25Patrik Flykt assert_se(policy_check_one_send(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
f12abb48fc510b8b349c05e35ba048134debaf25Patrik Flykt assert_se(policy_check_one_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
f12abb48fc510b8b349c05e35ba048134debaf25Patrik Flykt assert_se(policy_check_one_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface2", "Member") == false);
f12abb48fc510b8b349c05e35ba048134debaf25Patrik Flykt assert_se(policy_check_one_recv(&p, 0, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService2", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
d1b0afe3653b4316a6361d204169620726d468a0Patrik Flykt assert_se(policy_check_own(&p, 100, 0, "org.foo.FooService") == false);
d1b0afe3653b4316a6361d204169620726d468a0Patrik Flykt assert_se(policy_check_own(&p, 100, 0, "org.foo.FooService2") == false);
d1b0afe3653b4316a6361d204169620726d468a0Patrik Flykt assert_se(policy_check_one_send(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.test.int2", "Member") == false);
d1b0afe3653b4316a6361d204169620726d468a0Patrik Flykt assert_se(policy_check_one_send(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.test.test1", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);
d1b0afe3653b4316a6361d204169620726d468a0Patrik Flykt assert_se(policy_check_one_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == true);
d1b0afe3653b4316a6361d204169620726d468a0Patrik Flykt assert_se(policy_check_one_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService", "/an/object/path", "org.foo.FooBroadcastInterface2", "Member") == false);
139b011ab81ccea1d51f09e0261a1c390115c6ffPatrik Flykt assert_se(policy_check_one_recv(&p, 100, 0, SD_BUS_MESSAGE_METHOD_CALL, "org.foo.FooService2", "/an/object/path", "org.foo.FooBroadcastInterface", "Member") == false);