src/test-libdbuspolicy1-access-deny-gdi \
src/test-libdbuspolicy1-send_destination_prefix-deny \
src/test-libdbuspolicy1-send_destination_prefix-deny-gdi \
- src/test-serializer
+ src/test-serializer \
+ src/test-libdbuspolicy1-multiple-includedirs
check_PROGRAMS = $(TESTS)
src_test_libdbuspolicy1_send_destination_prefix_deny_SOURCES = src/test-libdbuspolicy1-send_destination_prefix-deny.cpp
src_test_libdbuspolicy1_send_destination_prefix_deny_gdi_SOURCES = src/test-libdbuspolicy1-send_destination_prefix-deny-gdi.cpp
src_test_serializer_SOURCES = src/test-serializer.cpp
+src_test_libdbuspolicy1_multiple_includedirs_SOURCES = src/test-libdbuspolicy1-multiple-includedirs.cpp
noinst_LTLIBRARIES = src/libinternal.la
src_libinternal_la_SOURCES =\
src_test_libdbuspolicy1_send_destination_prefix_deny_LDADD = $(TESTS_LDADD)
src_test_libdbuspolicy1_send_destination_prefix_deny_gdi_LDADD = $(TESTS_LDADD)
src_test_serializer_LDADD = $(TESTS_LDADD)
+src_test_libdbuspolicy1_multiple_includedirs_LDADD = $(TESTS_LDADD)
if ENABLE_STANDALONE_TESTS
noinst_LTLIBRARIES += src/libinternalfortests.la
--- /dev/null
+#include "internal/naive_policy_checker.hpp"
+#include "internal/tslog.hpp"
+
+#include <stdexcept>
+#include <iostream>
+
+ldp_xml_parser::Decision test_destination(const ldp_serialized::StorageBackendSerialized &db, const char *destination) {
+ KdbusBusNames names;
+ ldp_xml_parser::MatchItemSend item("ex.ample.interface", "ExampleMember", "/Ex/Ample/Path",
+ ldp_xml_parser::MessageType::METHOD_CALL, names.addSpaceSeparatedNames(destination));
+
+ return db.getDecisionItemUser(0, item).getDecision();
+}
+
+#define tassert(COND) do { if (!(COND)) throw std::runtime_error("test failed: " #COND); } while (0)
+
+int main() try {
+ tslog::init();
+
+ auto &checker = policy_checker_system();
+ checker.initDb("tests/default_deny/system-multiple-includedirs.conf");
+
+ auto &db = checker.getPolicyDb();
+ tassert(test_destination(db, "org.tizen.test.allow-me-for-root") == ldp_xml_parser::Decision::ALLOW);
+ tassert(test_destination(db, "org.tizen.test.deny-me-for-root") == ldp_xml_parser::Decision::DENY);
+ tassert(test_destination(db, "org.tizen.test.another-allow-me-for-root") == ldp_xml_parser::Decision::ALLOW);
+ tassert(test_destination(db, "org.tizen.test.another-deny-me-for-root") == ldp_xml_parser::Decision::DENY);
+ tassert(test_destination(db, "org.tizen.test.yet-another-allow-me-for-root") == ldp_xml_parser::Decision::ALLOW);
+ tassert(test_destination(db, "org.tizen.test.yet-another-deny-me-for-root") == ldp_xml_parser::Decision::DENY);
+
+ return 0;
+} catch (std::runtime_error &e) {
+ std::cerr << e.what();
+ return 1;
+}
--- /dev/null
+<!DOCTYPE busconfig PUBLIC
+ "-//tizen//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.tizen.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <policy user="root">
+ <allow send_destination="org.tizen.test.another-allow-me-for-root"/>
+ <deny send_destination="org.tizen.test.another-deny-me-for-root"/>
+ </policy>
+
+</busconfig>
+<!-- vim: set ft=xml: -->
--- /dev/null
+<!-- This configuration file controls the systemwide message bus.
+ Add a system-local.conf and edit that rather than changing this
+ file directly. -->
+
+<!-- Note that there are any number of ways you can hose yourself
+ security-wise by screwing up this file; in particular, you
+ probably don't want to listen on any more addresses, add any more
+ auth mechanisms, run as a different user, etc. -->
+
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <include>system-base.conf</include>
+
+ <includedir>another-system.d</includedir>
+ <includedir>yet-another-system.d</includedir>
+
+</busconfig>
+<!-- vim: set ft=xml: -->
--- /dev/null
+<!DOCTYPE busconfig PUBLIC
+ "-//tizen//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.tizen.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <policy user="root">
+ <deny send_destination="org.tizen.test.deny-me-for-root"/>
+ <allow send_destination="org.tizen.test.allow-me-for-root"/>
+ </policy>
+
+ <policy context="default">
+ <deny send_destination_prefix="org.tizen.test"/>
+ </policy>
+</busconfig>
+<!-- vim: set ft=xml: -->
--- /dev/null
+<!DOCTYPE busconfig PUBLIC
+ "-//tizen//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.tizen.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <policy user="root">
+ <allow send_destination="org.tizen.test.yet-another-allow-me-for-root"/>
+ <deny send_destination="org.tizen.test.yet-another-deny-me-for-root"/>
+ </policy>
+
+</busconfig>
+<!-- vim: set ft=xml: -->