From: Sangwan Kwon Date: Mon, 23 Sep 2019 01:09:43 +0000 (+0900) Subject: Add policyd-sdk as header only library X-Git-Tag: submit/tizen/20200810.073515~195 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=26fa39fc3669941169aa877dd1768c72c9ae35cb;p=platform%2Fcore%2Fsecurity%2Fvist.git Add policyd-sdk as header only library Policyd-sdk includes the minimum headers that policyd-sever and policyd-provider look at in common. Policy provider just needs policyd-sdk to make the plugin. Signed-off-by: Sangwan Kwon --- diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 41fa308..82f4c86 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -12,13 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License -SET(TARGET_OSQUERY_LIB osquery) SET(TARGET_APIX_LIB apix) +SET(TARGET_OSQUERY_LIB osquery) +SET(TARGET_POLICYD_LIB policyd) -ADD_SUBDIRECTORY(osquery) ADD_SUBDIRECTORY(apix) - -IF(DEFINED GBS_BUILD) - SET(TARGET_POLICYD_LIB policyd) - ADD_SUBDIRECTORY(policyd) -ENDIF(DEFINED GBS_BUILD) +ADD_SUBDIRECTORY(osquery) +ADD_SUBDIRECTORY(policyd) diff --git a/src/policyd/CMakeLists.txt b/src/policyd/CMakeLists.txt index a9b322f..5beb1f2 100644 --- a/src/policyd/CMakeLists.txt +++ b/src/policyd/CMakeLists.txt @@ -18,58 +18,61 @@ SET(TARGET_POLICYD_TEST policyd-test) SET(${TARGET_POLICYD_LIB}_SRCS "") SET(${TARGET_POLICYD_LIB}_TESTS "") -SET(DEPENDENCY appsvc - aul - bundle - capi-base-common - capi-system-info - capi-system-system-settings - cynara-client - cynara-session - deviced - gio-2.0 - glib-2.0 - klay - libtzplatform-config - notification - pkgmgr - pkgmgr-info - security-privilege-manager - sqlite3 - syspopup-caller - vconf) +IF(DEFINED GBS_BUILD) + SET(DEPENDENCY appsvc + aul + bundle + capi-base-common + capi-system-info + capi-system-system-settings + cynara-client + cynara-session + deviced + gio-2.0 + glib-2.0 + klay + libtzplatform-config + notification + pkgmgr + pkgmgr-info + security-privilege-manager + sqlite3 + syspopup-caller + vconf) -PKG_CHECK_MODULES(POLICYD_DEPS REQUIRED ${DEPENDENCY}) + PKG_CHECK_MODULES(POLICYD_DEPS REQUIRED ${DEPENDENCY}) -INCLUDE_DIRECTORIES(SYSTEM . ${POLICYD_DEPS_INCLUDE_DIRS}) + INCLUDE_DIRECTORIES(SYSTEM . ${POLICYD_DEPS_INCLUDE_DIRS}) -ADD_DEFINITIONS(-DDATA_PATH="${DATA_INSTALL_DIR}" - -DRUN_PATH="${RUN_INSTALL_DIR}" - -DDB_PATH="${DB_INSTALL_DIR}" - -DPLUGIN_INSTALL_DIR="${PLUGIN_INSTALL_DIR}" - -DEVENT_CONFIGURE_DIR="${EVENT_CONFIGURE_DIR}") + ADD_DEFINITIONS(-DDATA_PATH="${DATA_INSTALL_DIR}" + -DRUN_PATH="${RUN_INSTALL_DIR}" + -DDB_PATH="${DB_INSTALL_DIR}" + -DPLUGIN_INSTALL_DIR="${PLUGIN_INSTALL_DIR}" + -DEVENT_CONFIGURE_DIR="${EVENT_CONFIGURE_DIR}") + ADD_DEFINITIONS(-DUG_WAYLAND) -ADD_SUBDIRECTORY(client) -ADD_SUBDIRECTORY(conf) -ADD_SUBDIRECTORY(pil) -ADD_SUBDIRECTORY(server) -ADD_SUBDIRECTORY(tools) + ADD_SUBDIRECTORY(client) + ADD_SUBDIRECTORY(conf) + ADD_SUBDIRECTORY(pil) + ADD_SUBDIRECTORY(server) + ADD_SUBDIRECTORY(tools) + ADD_SUBDIRECTORY(ui) -ADD_DEFINITIONS(-DUG_WAYLAND) -ADD_SUBDIRECTORY(ui) + ADD_LIBRARY(${TARGET_POLICYD_LIB} STATIC ${${TARGET_POLICYD_LIB}_SRCS}) -ADD_LIBRARY(${TARGET_POLICYD_LIB} STATIC ${${TARGET_POLICYD_LIB}_SRCS}) + TARGET_LINK_LIBRARIES(${TARGET_POLICYD_LIB} ${POLICYD_DEPS_LIBRARIES} pthread dl) -TARGET_LINK_LIBRARIES(${TARGET_POLICYD_LIB} ${POLICYD_DEPS_LIBRARIES} pthread dl) + SET_TARGET_PROPERTIES(${TARGET_POLICYD_LIB} PROPERTIES COMPILE_FLAGS "-fPIE") + SET_TARGET_PROPERTIES(${TARGET_POLICYD_LIB} PROPERTIES LINK_FLAGS "-pie") +ENDIF(DEFINED GBS_BUILD) -SET_TARGET_PROPERTIES(${TARGET_POLICYD_LIB} PROPERTIES COMPILE_FLAGS "-fPIE") -SET_TARGET_PROPERTIES(${TARGET_POLICYD_LIB} PROPERTIES LINK_FLAGS "-pie") +ADD_SUBDIRECTORY(sdk) ADD_EXECUTABLE(${TARGET_POLICYD_TEST} ../apix/main/tests.cpp ${${TARGET_POLICYD_LIB}_TESTS}) -TARGET_LINK_LIBRARIES(${TARGET_POLICYD_TEST} ${TARGET_POLICYD_LIB} - gtest) +TARGET_LINK_LIBRARIES(${TARGET_POLICYD_TEST} gtest + pthread) ADD_TEST(${TARGET_POLICYD_TEST} ${TARGET_POLICYD_TEST}) INSTALL(TARGETS ${TARGET_POLICYD_TEST} DESTINATION ${CMAKE_INSTALL_BINDIR} diff --git a/src/policyd/pil/domain-policy.h b/src/policyd/pil/domain-policy.h deleted file mode 100644 index 87bfca1..0000000 --- a/src/policyd/pil/domain-policy.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#pragma once - -#include -#include - -#include - -#include "policy-model.h" - -class DomainPolicy : public AbstractPolicy { -public: - DomainPolicy(const std::string& name) : AbstractPolicy(name) {} - virtual ~DomainPolicy() = default; - - DomainPolicy(const DomainPolicy&) = delete; - DomainPolicy& operator=(const DomainPolicy&) = delete; - - DomainPolicy(DomainPolicy&&) = default; - DomainPolicy& operator=(DomainPolicy&&) = default; - - inline void set(const DataSetInt& val) override - { - PolicyAdmin admin(rmi::Service::getPeerPid(), rmi::Service::getPeerUid()); - PolicyStorage::update(id, admin.getName(), admin.getUid(), val); - - std::lock_guard mtxGuard(mtx); - this->enforce(admin.getUid()); - } - - inline DataSetInt get() override - { - uid_t domain = rmi::Service::getPeerUid(); - - std::lock_guard mtxGuard(mtx); - if (!current.count(domain)) - enforce(domain); - - return current[domain].value; - } - -private: - inline void enforce(uid_t domain) override - { - auto value = initial; - if (!ready[domain]) - current[domain] = initial; - - PolicyStorage::strictize(id, value, domain); - if (current[domain] != value) { - apply(value, domain); - current[domain] = value; - } - - ready[domain] = true; - } - -private: - std::unordered_map current; - std::unordered_map ready; -}; diff --git a/src/policyd/pil/global-policy.h b/src/policyd/pil/global-policy.h deleted file mode 100644 index a99198b..0000000 --- a/src/policyd/pil/global-policy.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#pragma once - -#include -#include - -#include - -#include "policy-model.h" - -class GlobalPolicy : public AbstractPolicy { -public: - GlobalPolicy(const std::string& name) : AbstractPolicy(name) {} - virtual ~GlobalPolicy() = default; - - GlobalPolicy(const GlobalPolicy&) = delete; - GlobalPolicy& operator=(const GlobalPolicy&) = delete; - - GlobalPolicy(GlobalPolicy&&) = default; - GlobalPolicy& operator=(GlobalPolicy&&) = default; - - inline void set(const DataSetInt& val) override - { - PolicyAdmin admin(rmi::Service::getPeerPid(), rmi::Service::getPeerUid()); - PolicyStorage::update(id, admin.getName(), admin.getUid(), val); - - std::lock_guard mtxGuard(mtx); - enforce(-1); - } - - inline DataSetInt get() override - { - std::lock_guard mtxGuard(mtx); - if (!ready) { - enforce(-1); - ready = true; - } - return current.value; - } - -private: - inline void enforce(uid_t) override - { - auto value = initial; - PolicyStorage::strictize(id, value); - if (current != value) { - apply(value); - current = value; - } - } - -private: - DataSetInt current; - bool ready = false; -}; diff --git a/src/policyd/pil/policy-model.h b/src/policyd/pil/policy-model.h deleted file mode 100644 index 2f0580a..0000000 --- a/src/policyd/pil/policy-model.h +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#pragma once - -#include -#include -#include -#include - -#include - -#include "policy-storage.h" -#include "policy-admin.h" -#include "observer.h" - -class AbstractPolicy; - -struct AbstractPolicyProvider { - AbstractPolicyProvider() {} - virtual ~AbstractPolicyProvider() {} - - std::vector> policies; -}; - -class AbstractPolicy : public Observer { -public: - explicit AbstractPolicy(const std::string& name) : name(name) - { - this->id = PolicyStorage::define(name, initial); - if (id < 0) - throw runtime::Exception("Failed to define policy"); - - PolicyStorage::subscribeEvent(this); - } - - ~AbstractPolicy() = default; - - AbstractPolicy(const AbstractPolicy&) = delete; - AbstractPolicy& operator=(const AbstractPolicy&) = delete; - - AbstractPolicy(AbstractPolicy&&) = default; - AbstractPolicy& operator=(AbstractPolicy&&) = default; - - virtual void set(const DataSetInt& value) = 0; - virtual DataSetInt get() = 0; - - virtual bool apply(const DataSetInt& value, uid_t domain = 0) = 0; - - inline void onEvent(uid_t domain) - { - std::lock_guard mtxGuard(mtx); - enforce(domain); - } - - std::string name; - -protected: - int id = -1; - std::mutex mtx; - DataSetInt initial; - -private: - virtual void enforce(uid_t domain = 0) = 0; -}; diff --git a/src/policyd/pil/tests/policy_tests.cpp b/src/policyd/pil/tests/policy_tests.cpp deleted file mode 100644 index f5af517..0000000 --- a/src/policyd/pil/tests/policy_tests.cpp +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -#include - -#include "../global-policy.h" -#include "../domain-policy.h" -#include "../policy-storage.h" -#include "../policy-event.h" - -/// TODO(Sangwan): Refactor policy-model -/// => Let client know only global-policy or domain-policy - -class PolicyModelTests : public testing::Test {}; - -class TestGlobalPolicy : public GlobalPolicy { -public: - TestGlobalPolicy() : GlobalPolicy("test_policy") - { - PolicyEventNotifier::create("test_policy"); - } - - bool apply(const DataSetInt&, uid_t) - { - PolicyEventNotifier::emit("test_policy", "allowed"); - return true; - } -}; - -TEST_F(PolicyModelTests, global_policy) { - AbstractPolicyProvider provider; - provider.policies.emplace_back(std::make_shared()); - - EXPECT_EQ(provider.policies.size(), 1); -} diff --git a/src/policyd/sdk/CMakeLists.txt b/src/policyd/sdk/CMakeLists.txt new file mode 100644 index 0000000..fb08801 --- /dev/null +++ b/src/policyd/sdk/CMakeLists.txt @@ -0,0 +1,17 @@ +# Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +FILE(GLOB SDK_TESTS "tests/*.cpp") +ADD_POLICYD_TEST(${SDK_TESTS}) diff --git a/src/policyd/sdk/domain-policy.h b/src/policyd/sdk/domain-policy.h new file mode 100644 index 0000000..f27e105 --- /dev/null +++ b/src/policyd/sdk/domain-policy.h @@ -0,0 +1,62 @@ +/* + * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#pragma once + +#include "policy-model.h" + +#include +#include +#include + +#include + +namespace policyd { + +class DomainPolicy : public PolicyModel { +public: + explicit DomainPolicy(std::string name, PolicyValue initial) noexcept : + PolicyModel(std::move(name), std::move(initial)) {} + virtual ~DomainPolicy() = default; + + DomainPolicy(DomainPolicy&&) = default; + DomainPolicy& operator=(DomainPolicy&&) = default; + + inline void set(uid_t domain, const PolicyValue& value) { + current[domain] = value; + + try { + this->onChanged(domain, value); + } catch (const std::exception& e) { + current.erase(domain); + std::rethrow_exception(std::current_exception()); + } + } + + inline const PolicyValue& get(uid_t domain) const { + if (!current.count(domain)) + throw std::runtime_error("Policy value should be set once before use."); + + return current.at(domain); + } + + virtual void onChanged(uid_t domain, const PolicyValue& value) = 0; + +private: + std::unordered_map current; +}; + +} // namespace policyd diff --git a/src/policyd/sdk/global-policy.h b/src/policyd/sdk/global-policy.h new file mode 100644 index 0000000..a83cf75 --- /dev/null +++ b/src/policyd/sdk/global-policy.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#pragma once + +#include "policy-model.h" + +#include +#include + +namespace policyd { + +class GlobalPolicy : public PolicyModel { +public: + explicit GlobalPolicy(std::string name, PolicyValue initial) noexcept : + PolicyModel(std::move(name), std::move(initial)) {} + virtual ~GlobalPolicy() = default; + + GlobalPolicy(GlobalPolicy&&) = default; + GlobalPolicy& operator=(GlobalPolicy&&) = default; + + inline void set(const PolicyValue& value) { + current = value; + ready = true; + + try { + this->onChanged(value); + } catch (const std::exception& e) { + ready = false; + std::rethrow_exception(std::current_exception()); + } + } + + inline const PolicyValue& get() const { + if (!ready) + throw std::runtime_error("Policy value should be set once before use."); + + return current; + } + + virtual void onChanged(const PolicyValue& value) = 0; + +private: + PolicyValue current; + bool ready = false; +}; + +} // namespace policyd diff --git a/src/policyd/sdk/policy-model.h b/src/policyd/sdk/policy-model.h new file mode 100644 index 0000000..95b5dfe --- /dev/null +++ b/src/policyd/sdk/policy-model.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#pragma once + +#include"policy-value.h" + +#include + +namespace policyd { + +class PolicyModel { +public: + explicit PolicyModel(std::string name, PolicyValue initial) noexcept : + name(std::move(name)), initial(std::move(initial)) {} + virtual ~PolicyModel() = default; + + PolicyModel(const PolicyModel&) = delete; + PolicyModel& operator=(const PolicyModel&) = delete; + + PolicyModel(PolicyModel&&) = default; + PolicyModel& operator=(PolicyModel&&) = default; + + const std::string& getName() const noexcept { return name; } + const PolicyValue& getInitial() const noexcept { return initial; } + +protected: + std::string name; + PolicyValue initial; +}; + +} // namespace policyd diff --git a/src/policyd/sdk/policy-provider.h b/src/policyd/sdk/policy-provider.h new file mode 100644 index 0000000..35f1658 --- /dev/null +++ b/src/policyd/sdk/policy-provider.h @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#pragma once + +#include "domain-policy.h" +#include "global-policy.h" + +#include +#include + +namespace policyd { + +class PolicyProvider final { +public: + explicit PolicyProvider(std::string name) noexcept : name(std::move(name)) {} + + inline void add(std::shared_ptr&& policy) { + global.emplace(policy->getName(), std::move(policy)); + } + + inline void add(std::shared_ptr&& policy) { + domain.emplace(policy->getName(), std::move(policy)); + } + + inline const std::string& getName() const noexcept { return name; } + + std::size_t gsize() { return global.size(); } + std::size_t dsize() { return domain.size(); } + +private: + std::string name; + std::unordered_map> global; + std::unordered_map> domain; +}; + +using PolicyFactory = PolicyProvider* (*)(); + +} // namespace policyd diff --git a/src/policyd/sdk/policy-value.h b/src/policyd/sdk/policy-value.h new file mode 100644 index 0000000..206d4c2 --- /dev/null +++ b/src/policyd/sdk/policy-value.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#pragma once + +namespace policyd { + +// TODO: Support various value type +struct PolicyValue final { + explicit PolicyValue(int value) noexcept : value(value) {} + explicit PolicyValue() noexcept = default; + ~PolicyValue() = default; + + PolicyValue(const PolicyValue&) noexcept = default; + PolicyValue& operator=(const PolicyValue&) noexcept = default; + + PolicyValue(PolicyValue&&) noexcept = default; + PolicyValue& operator=(PolicyValue&&) noexcept = default; + + PolicyValue& operator=(int val) { + value = val; + return *this; + } + + operator int() const { return value; } + bool operator==(const PolicyValue& rhs) const { return value == rhs.value; } + bool operator!=(const PolicyValue& rhs) const { return value != rhs.value; } + + int value = -1; +}; + +} // namespace policyd diff --git a/src/policyd/sdk/tests/policy_tests.cpp b/src/policyd/sdk/tests/policy_tests.cpp new file mode 100644 index 0000000..568d21c --- /dev/null +++ b/src/policyd/sdk/tests/policy_tests.cpp @@ -0,0 +1,104 @@ +/* + * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#include + +#include "../domain-policy.h" +#include "../global-policy.h" +#include "../policy-provider.h" + +#include + +namespace { + int g_value = -1; + int d_value = -1; + uid_t d_uid = 0; +} // anonymous namespace + +using namespace policyd; + +class PolicyModelTests : public testing::Test {}; + +class TestGlobalPolicy : public GlobalPolicy { +public: + TestGlobalPolicy() : GlobalPolicy("test_policy", PolicyValue(1)) {} + + virtual void onChanged(const PolicyValue& value) { + g_value = value; + } +}; + +TEST_F(PolicyModelTests, global_policy) { + TestGlobalPolicy policy; + + EXPECT_EQ(policy.getName(), "test_policy"); + EXPECT_EQ(policy.getInitial(), 1); + + // Policy value should be set once before use + bool isRaised = false; + try { + auto value = policy.get(); + } catch (const std::exception&) { + isRaised = true; + } + + EXPECT_TRUE(isRaised); + + policy.set(PolicyValue(3)); + EXPECT_EQ(3, g_value); + EXPECT_EQ(3, policy.get()); +} + +class TestDomainPolicy : public DomainPolicy { +public: + TestDomainPolicy() : DomainPolicy("test_policy", PolicyValue(1)) {} + + virtual void onChanged(uid_t domain, const PolicyValue& value) { + d_uid = domain; + d_value = value; + } +}; + +TEST_F(PolicyModelTests, domain_policy) { + TestDomainPolicy policy; + uid_t domain = 5001; + + EXPECT_EQ(policy.getName(), "test_policy"); + EXPECT_EQ(policy.getInitial(), 1); + + // Policy value should be set once before use + bool isRaised = false; + try { + auto value = policy.get(domain); + } catch (const std::exception&) { + isRaised = true; + } + + EXPECT_TRUE(isRaised); + + policy.set(domain, PolicyValue(3)); + EXPECT_EQ(d_uid, domain); + EXPECT_EQ(3, policy.get(domain)); +} + +TEST_F(PolicyModelTests, policy_provider) { + PolicyProvider provider("testProvider"); + provider.add(std::make_shared()); + provider.add(std::make_shared()); + + EXPECT_EQ(1, provider.gsize()); + EXPECT_EQ(1, provider.dsize()); +}