Пример #1
0
 def test_041_create_policy_abort(self):
     self.policy_mock.configure_mock(
         **{
             'side_effect':
             [qubespolicy.PolicyNotFound('service'), unittest.mock.DEFAULT],
             'return_value.evaluate.return_value.action':
             qubespolicy.Action.deny,
         })
     self.dbus_mock.configure_mock(
         **{
             'return_value.get.return_value.ConfirmPolicyCreate.return_value':
             False
         })
     retval = qubespolicy.cli.main(
         ['source-id', 'source', 'target', 'service', 'process_ident'])
     self.assertEqual(retval, 1)
     self.assertEqual(self.policy_mock.mock_calls, [
         ('', ('service', ), {}),
     ])
     self.assertEqual(self.dbus_mock.mock_calls, [
         ('', (), {}),
         ('().get',
          ('org.qubesos.PolicyAgent', '/org/qubesos/PolicyAgent'), {}),
         ('().get().ConfirmPolicyCreate', ('source', 'service'), {}),
     ])
     policy_path = os.path.join(self.policy_dir.name, 'service')
     self.assertFalse(os.path.exists(policy_path))
Пример #2
0
 def test_040_create_policy(self):
     self.policy_mock.configure_mock(
         **{
             'side_effect':
             [qubespolicy.PolicyNotFound('service'), unittest.mock.DEFAULT],
             'return_value.evaluate.return_value.action':
             qubespolicy.Action.allow,
         })
     self.dbus_mock.configure_mock(**{
         'return_value.get.return_value.ConfirmPolicyCreate.return_value':
         True
     })
     retval = qubespolicy.cli.main(
         ['source-id', 'source', 'target', 'service', 'process_ident'])
     self.assertEqual(retval, 0)
     self.assertEqual(self.policy_mock.mock_calls, [
         ('', ('service', ), {}),
         ('', ('service', ), {}),
         ('().evaluate', (self.system_info, 'source', 'target'), {}),
         ('().evaluate().target.__str__', (), {}),
         ('().evaluate().execute',
          ('process_ident,source,source-id', ), {}),
     ])
     self.assertEqual(self.dbus_mock.mock_calls, [
         ('', (), {}),
         ('().get',
          ('org.qubesos.PolicyAgent', '/org/qubesos/PolicyAgent'), {}),
         ('().get().ConfirmPolicyCreate', ('source', 'service'), {}),
     ])
     policy_path = os.path.join(self.policy_dir.name, 'service')
     self.assertTrue(os.path.exists(policy_path))
     with open(policy_path) as policy_file:
         self.assertEqual(
             policy_file.read(),
             "## Policy file automatically created on first service call.\n"
             "## Fill free to edit.\n"
             "## Note that policy parsing stops at the first match\n"
             "\n"
             "## Please use a single # to start your custom comments\n"
             "\n"
             "@anyvm  @anyvm  ask\n")