def test_ruleset_2(self):
ruleset = NetworkRuleset()
rules = [
'network inet6 raw,',
'allow network inet,',
'deny network udp, # example comment',
]
expected_raw = [
' network inet6 raw,',
' allow network inet,',
' deny network udp, # example comment',
'',
]
expected_clean = [
' deny network udp, # example comment',
'',
' allow network inet,',
' network inet6 raw,',
'',
]
for rule in rules:
ruleset.add(NetworkRule.parse(rule))
self.assertEqual(expected_raw, ruleset.get_raw(1))
self.assertEqual(expected_clean, ruleset.get_clean(1))
def test_empty_ruleset(self):
ruleset = NetworkRuleset()
ruleset_2 = NetworkRuleset()
self.assertEqual([], ruleset.get_raw(2))
self.assertEqual([], ruleset.get_clean(2))
self.assertEqual([], ruleset_2.get_raw(2))
self.assertEqual([], ruleset_2.get_clean(2))
class NetworkGlobTestAATest(AATest):
def setUp(self):
self.maxDiff = None
self.ruleset = NetworkRuleset()
def test_glob_1(self):
self.assertEqual(self.ruleset.get_glob('network inet,'), 'network,')
# not supported or used yet
# def test_glob_2(self):
# self.assertEqual(self.ruleset.get_glob('network inet raw,'), 'network inet,')
def test_glob_ext(self):
with self.assertRaises(NotImplementedError):
# get_glob_ext is not available for network rules
self.ruleset.get_glob_ext('network inet raw,')
class NetworkGlobTestAATest(AATest):
def setUp(self):
self.maxDiff = None
self.ruleset = NetworkRuleset()
def test_glob_1(self):
self.assertEqual(self.ruleset.get_glob('network inet,'), 'network,')
# not supported or used yet
# def test_glob_2(self):
# self.assertEqual(self.ruleset.get_glob('network inet raw,'), 'network inet,')
def test_glob_ext(self):
with self.assertRaises(AppArmorBug):
# get_glob_ext is not available for network rules
self.ruleset.get_glob_ext('network inet raw,')
def test_network_ruleset_repr(self):
obj = NetworkRuleset()
obj.add(NetworkRule('inet', 'stream'))
obj.add(NetworkRule.parse(' allow network inet stream, # foo'))
expected = '<NetworkRuleset>\n network inet stream,\n allow network inet stream, # foo\n</NetworkRuleset>'
self.assertEqual(str(obj), expected)
def test_ruleset_2(self):
ruleset = NetworkRuleset()
rules = [
'network inet6 raw,',
'allow network inet,',
'deny network udp, # example comment',
]
expected_raw = [
' network inet6 raw,',
' allow network inet,',
' deny network udp, # example comment',
'',
]
expected_clean = [
' deny network udp, # example comment',
'',
' allow network inet,',
' network inet6 raw,',
'',
]
for rule in rules:
ruleset.add(NetworkRule.parse(rule))
self.assertEqual(expected_raw, ruleset.get_raw(1))
self.assertEqual(expected_clean, ruleset.get_clean(1))
def test_empty_ruleset(self):
ruleset = NetworkRuleset()
ruleset_2 = NetworkRuleset()
self.assertEqual([], ruleset.get_raw(2))
self.assertEqual([], ruleset.get_clean(2))
self.assertEqual([], ruleset_2.get_raw(2))
self.assertEqual([], ruleset_2.get_clean(2))
def test_ruleset_1(self):
ruleset = NetworkRuleset()
rules = [
'network tcp,',
'network inet,',
]
expected_raw = [
'network tcp,',
'network inet,',
'',
]
expected_clean = [
'network inet,',
'network tcp,',
'',
]
for rule in rules:
ruleset.add(NetworkRule.parse(rule))
self.assertEqual(expected_raw, ruleset.get_raw())
self.assertEqual(expected_clean, ruleset.get_clean())
def test_ruleset_1(self):
ruleset = NetworkRuleset()
rules = [
'network tcp,',
'network inet,',
]
expected_raw = [
'network tcp,',
'network inet,',
'',
]
expected_clean = [
'network inet,',
'network tcp,',
'',
]
for rule in rules:
ruleset.add(NetworkRule.parse(rule))
self.assertEqual(expected_raw, ruleset.get_raw())
self.assertEqual(expected_clean, ruleset.get_clean())
def setUp(self):
self.maxDiff = None
self.ruleset = NetworkRuleset()
def setUp(self):
self.maxDiff = None
self.ruleset = NetworkRuleset()