2024-10-25 17:12:13 +09:00
|
|
|
package app_test
|
|
|
|
|
|
|
|
import (
|
|
|
|
"io/fs"
|
|
|
|
"reflect"
|
|
|
|
"testing"
|
2024-10-27 11:56:20 +09:00
|
|
|
"time"
|
2024-10-25 17:12:13 +09:00
|
|
|
|
|
|
|
"git.ophivana.moe/security/fortify/helper/bwrap"
|
|
|
|
"git.ophivana.moe/security/fortify/internal/app"
|
2024-11-02 03:03:44 +09:00
|
|
|
"git.ophivana.moe/security/fortify/internal/linux"
|
2024-10-25 17:12:13 +09:00
|
|
|
"git.ophivana.moe/security/fortify/internal/system"
|
|
|
|
)
|
|
|
|
|
2024-10-25 17:44:29 +09:00
|
|
|
type sealTestCase struct {
|
|
|
|
name string
|
2024-11-02 03:03:44 +09:00
|
|
|
os linux.System
|
2024-10-25 17:44:29 +09:00
|
|
|
config *app.Config
|
|
|
|
id app.ID
|
|
|
|
wantSys *system.I
|
|
|
|
wantBwrap *bwrap.Config
|
|
|
|
}
|
|
|
|
|
2024-10-25 17:12:13 +09:00
|
|
|
func TestApp(t *testing.T) {
|
2024-11-21 12:13:12 +09:00
|
|
|
testCases := append(testCasesPd, testCasesNixos...)
|
2024-10-25 17:12:13 +09:00
|
|
|
|
|
|
|
for _, tc := range testCases {
|
|
|
|
t.Run(tc.name, func(t *testing.T) {
|
2024-10-25 17:44:29 +09:00
|
|
|
a := app.NewWithID(tc.id, tc.os)
|
2024-10-25 17:12:13 +09:00
|
|
|
|
|
|
|
if !t.Run("seal", func(t *testing.T) {
|
|
|
|
if err := a.Seal(tc.config); err != nil {
|
|
|
|
t.Errorf("Seal: error = %v", err)
|
|
|
|
}
|
|
|
|
}) {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
gotSys, gotBwrap := app.AppSystemBwrap(a)
|
|
|
|
|
|
|
|
t.Run("compare sys", func(t *testing.T) {
|
|
|
|
if !gotSys.Equal(tc.wantSys) {
|
|
|
|
t.Errorf("Seal: sys = %#v, want %#v",
|
|
|
|
gotSys, tc.wantSys)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("compare bwrap", func(t *testing.T) {
|
|
|
|
if !reflect.DeepEqual(gotBwrap, tc.wantBwrap) {
|
|
|
|
t.Errorf("seal: bwrap = %#v, want %#v",
|
|
|
|
gotBwrap, tc.wantBwrap)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func stubDirEntries(names ...string) (e []fs.DirEntry, err error) {
|
|
|
|
e = make([]fs.DirEntry, len(names))
|
|
|
|
for i, name := range names {
|
|
|
|
e[i] = stubDirEntryPath(name)
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
type stubDirEntryPath string
|
|
|
|
|
|
|
|
func (p stubDirEntryPath) Name() string {
|
|
|
|
return string(p)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p stubDirEntryPath) IsDir() bool {
|
|
|
|
panic("attempted to call IsDir")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p stubDirEntryPath) Type() fs.FileMode {
|
|
|
|
panic("attempted to call Type")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p stubDirEntryPath) Info() (fs.FileInfo, error) {
|
|
|
|
panic("attempted to call Info")
|
|
|
|
}
|
2024-10-27 11:56:20 +09:00
|
|
|
|
|
|
|
type stubFileInfoMode fs.FileMode
|
|
|
|
|
|
|
|
func (s stubFileInfoMode) Name() string {
|
|
|
|
panic("attempted to call Name")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoMode) Size() int64 {
|
|
|
|
panic("attempted to call Size")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoMode) Mode() fs.FileMode {
|
|
|
|
return fs.FileMode(s)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoMode) ModTime() time.Time {
|
|
|
|
panic("attempted to call ModTime")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoMode) IsDir() bool {
|
|
|
|
panic("attempted to call IsDir")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoMode) Sys() any {
|
|
|
|
panic("attempted to call Sys")
|
|
|
|
}
|
|
|
|
|
|
|
|
type stubFileInfoIsDir bool
|
|
|
|
|
|
|
|
func (s stubFileInfoIsDir) Name() string {
|
|
|
|
panic("attempted to call Name")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoIsDir) Size() int64 {
|
|
|
|
panic("attempted to call Size")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoIsDir) Mode() fs.FileMode {
|
|
|
|
panic("attempted to call Mode")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoIsDir) ModTime() time.Time {
|
|
|
|
panic("attempted to call ModTime")
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoIsDir) IsDir() bool {
|
|
|
|
return bool(s)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s stubFileInfoIsDir) Sys() any {
|
|
|
|
panic("attempted to call Sys")
|
|
|
|
}
|