[thirdparty/systemd.git] / src / bus-proxyd / test-bus-policy.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2014 Daniel Mack

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <sys/socket.h>
#include <sys/un.h>
#include <sys/types.h>
#include <fcntl.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <sys/poll.h>
#include <stddef.h>
#include <getopt.h>

#include "log.h"
#include "util.h"
#include "sd-bus.h"
#include "bus-internal.h"
#include "bus-message.h"
#include "bus-util.h"
#include "bus-internal.h"
#include "build.h"
#include "strv.h"
#include "def.h"
#include "capability.h"

#include <bus-proxyd/bus-policy.h>

static int test_policy_load(Policy *p, const char *name)
{
        char *path;
        int r = 0;

        path = strjoin(TEST_DIR, "/bus-policy/", name, NULL);

        if (access(path, R_OK) == 0)
                policy_load(p, STRV_MAKE(path));
        else
                r = -ENOENT;

        free(path);

        return r;
}

int main(int argc, char *argv[]) {

        Policy p = {};
        struct ucred ucred = {};
        char **names_strv;
        Hashmap *names_hash;

        /* Ownership tests */
        assert_se(test_policy_load(&p, "ownerships.conf") == 0);

        ucred.uid = 0;
        assert_se(policy_check_own(&p, &ucred, "org.test.test1") == true);
        ucred.uid = 1;
        assert_se(policy_check_own(&p, &ucred, "org.test.test1") == true);

        ucred.uid = 0;
        assert_se(policy_check_own(&p, &ucred, "org.test.test2") == true);
        ucred.uid = 1;
        assert_se(policy_check_own(&p, &ucred, "org.test.test2") == false);

        ucred.uid = 0;
        assert_se(policy_check_own(&p, &ucred, "org.test.test3") == false);
        ucred.uid = 1;
        assert_se(policy_check_own(&p, &ucred, "org.test.test3") == false);

        ucred.uid = 0;
        assert_se(policy_check_own(&p, &ucred, "org.test.test4") == false);
        ucred.uid = 1;
        assert_se(policy_check_own(&p, &ucred, "org.test.test4") == true);

        policy_free(&p);

        /* Signaltest */
        assert_se(test_policy_load(&p, "signals.conf") == 0);
        names_strv = STRV_MAKE("bli.bla.blubb");

        ucred.uid = 0;
        assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_SIGNAL, NULL, "/an/object/path", NULL) == true);

        ucred.uid = 1;
        assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_SIGNAL, NULL, "/an/object/path", NULL) == false);

        policy_free(&p);

        /* Method calls */
        assert_se(test_policy_load(&p, "methods.conf") == 0);
        names_strv = STRV_MAKE("org.test.test1");
        policy_dump(&p);

        ucred.uid = 0;

        assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "bli.bla.blubb", "Member") == false);
        assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "bli.bla.blubb", "Member") == false);
        assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int1", "Member") == true);
        assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int2", "Member") == true);

        names_hash = hashmap_new(&string_hash_ops);
        assert(names_hash != NULL);
        assert_se(hashmap_put(names_hash, "org.test.test3", NULL) >= 0);
        assert_se(policy_check_recv(&p, &ucred, names_hash, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int3", "Member111") == true);

        policy_free(&p);

        /* User and groups */
        assert_se(test_policy_load(&p, "hello.conf") == 0);
        policy_dump(&p);

        ucred.uid = 0;
        assert_se(policy_check_hello(&p, &ucred) == true);

        ucred.uid = 1;
        assert_se(policy_check_hello(&p, &ucred) == false);

        ucred.uid = 0;
        ucred.gid = 1;
        assert_se(policy_check_hello(&p, &ucred) == false);

        policy_free(&p);

        return EXIT_SUCCESS;
}
Commit	Line	Data
20725d92 DM	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2014 Daniel Mack
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <sys/socket.h>
	23	#include <sys/un.h>
	24	#include <sys/types.h>
	25	#include <fcntl.h>
	26	#include <unistd.h>
	27	#include <string.h>
	28	#include <errno.h>
	29	#include <sys/poll.h>
	30	#include <stddef.h>
	31	#include <getopt.h>
	32
	33	#include "log.h"
	34	#include "util.h"
	35	#include "sd-bus.h"
	36	#include "bus-internal.h"
	37	#include "bus-message.h"
	38	#include "bus-util.h"
	39	#include "bus-internal.h"
	40	#include "build.h"
	41	#include "strv.h"
	42	#include "def.h"
	43	#include "capability.h"
	44
	45	#include <bus-proxyd/bus-policy.h>
	46
45f1b67a DM	47	static int test_policy_load(Policy p, const char name)
	48	{
	49	char *path;
	50	int r = 0;
	51
	52	path = strjoin(TEST_DIR, "/bus-policy/", name, NULL);
	53
	54	if (access(path, R_OK) == 0)
	55	policy_load(p, STRV_MAKE(path));
	56	else
	57	r = -ENOENT;
	58
	59	free(path);
	60
	61	return r;
	62	}
	63
20725d92 DM	64	int main(int argc, char *argv[]) {
	65
	66	Policy p = {};
20725d92	67	struct ucred ucred = {};
078ef7b8 DM	68	char **names_strv;
078ef7b8 DM	69	Hashmap *names_hash;
20725d92 DM	70
20725d92 DM	71	/* Ownership tests */
45f1b67a	72	assert_se(test_policy_load(&p, "ownerships.conf") == 0);
20725d92	73
20725d92	74	ucred.uid = 0;
078ef7b8	75	assert_se(policy_check_own(&p, &ucred, "org.test.test1") == true);
20725d92	76	ucred.uid = 1;
078ef7b8	77	assert_se(policy_check_own(&p, &ucred, "org.test.test1") == true);
20725d92	78
20725d92	79	ucred.uid = 0;
078ef7b8	80	assert_se(policy_check_own(&p, &ucred, "org.test.test2") == true);
20725d92	81	ucred.uid = 1;
078ef7b8	82	assert_se(policy_check_own(&p, &ucred, "org.test.test2") == false);
20725d92	83
20725d92	84	ucred.uid = 0;
078ef7b8	85	assert_se(policy_check_own(&p, &ucred, "org.test.test3") == false);
20725d92	86	ucred.uid = 1;
078ef7b8	87	assert_se(policy_check_own(&p, &ucred, "org.test.test3") == false);
20725d92	88
20725d92	89	ucred.uid = 0;
078ef7b8	90	assert_se(policy_check_own(&p, &ucred, "org.test.test4") == false);
20725d92	91	ucred.uid = 1;
078ef7b8	92	assert_se(policy_check_own(&p, &ucred, "org.test.test4") == true);
20725d92 DM	93
	94	policy_free(&p);
	95
078ef7b8	96	/* Signaltest */
45f1b67a	97	assert_se(test_policy_load(&p, "signals.conf") == 0);
078ef7b8	98	names_strv = STRV_MAKE("bli.bla.blubb");
20725d92	99
20725d92	100	ucred.uid = 0;
078ef7b8	101	assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_SIGNAL, NULL, "/an/object/path", NULL) == true);
20725d92 DM	102
20725d92 DM	103	ucred.uid = 1;
078ef7b8	104	assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_SIGNAL, NULL, "/an/object/path", NULL) == false);
20725d92 DM	105
	106	policy_free(&p);
	107
	108	/* Method calls */
45f1b67a	109	assert_se(test_policy_load(&p, "methods.conf") == 0);
078ef7b8 DM	110	names_strv = STRV_MAKE("org.test.test1");
078ef7b8 DM	111	policy_dump(&p);
20725d92 DM	112
20725d92 DM	113	ucred.uid = 0;
20725d92	114
078ef7b8 DM	115	assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "bli.bla.blubb", "Member") == false);
	116	assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "bli.bla.blubb", "Member") == false);
	117	assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int1", "Member") == true);
	118	assert_se(policy_check_send(&p, &ucred, names_strv, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int2", "Member") == true);
20725d92	119
078ef7b8 DM	120	names_hash = hashmap_new(&string_hash_ops);
	121	assert(names_hash != NULL);
	122	assert_se(hashmap_put(names_hash, "org.test.test3", NULL) >= 0);
	123	assert_se(policy_check_recv(&p, &ucred, names_hash, SD_BUS_MESSAGE_METHOD_CALL, "/an/object/path", "org.test.int3", "Member111") == true);
20725d92 DM	124
	125	policy_free(&p);
	126
	127	/* User and groups */
45f1b67a	128	assert_se(test_policy_load(&p, "hello.conf") == 0);
20725d92 DM	129	policy_dump(&p);
	130
	131	ucred.uid = 0;
078ef7b8	132	assert_se(policy_check_hello(&p, &ucred) == true);
20725d92 DM	133
20725d92 DM	134	ucred.uid = 1;
078ef7b8	135	assert_se(policy_check_hello(&p, &ucred) == false);
20725d92 DM	136
	137	ucred.uid = 0;
	138	ucred.gid = 1;
078ef7b8	139	assert_se(policy_check_hello(&p, &ucred) == false);
20725d92 DM	140
	141	policy_free(&p);
	142
20725d92 DM	143	return EXIT_SUCCESS;
20725d92 DM	144	}