PolicyKit: Branch 'master'

Fri Nov 30 13:44:46 PST 2007

src/polkit/polkit-authorization-db.c |   47 +++++++++++++++++++++++++++++++++--
 1 file changed, 45 insertions(+), 2 deletions(-)

New commits:
commit 4c27e54ae38a503f2c76367817e6443f4efbaf13
Author: David Zeuthen <davidz at redhat.com>
Date:   Fri Nov 30 16:43:17 2007 -0500

    add some more test cases for p-a-db.c

diff --git a/src/polkit/polkit-authorization-db.c b/src/polkit/polkit-authorization-db.c
index fb5bf0f..8bc0636 100644
--- a/src/polkit/polkit-authorization-db.c
+++ b/src/polkit/polkit-authorization-db.c
@@ -1153,6 +1153,7 @@ _run_test (void)
                 "";
         PolKitCaller *caller;
         PolKitAction *action;
+        PolKitSession *session;
         polkit_bool_t is_auth;
         polkit_bool_t is_neg;
         PolKitError *error;
@@ -1162,6 +1163,7 @@ _run_test (void)
         adb = NULL;
         caller = NULL;
         action = NULL;
+        session = NULL;
 
         start_time = polkit_sysdeps_get_start_time_for_pid (getpid ());
         if (start_time == 0)
@@ -1169,7 +1171,8 @@ _run_test (void)
         
         if (snprintf (test_pu3_run, sizeof (test_pu3_run), 
                       "scope=process:pid=%d:pid-start-time=%lld:action-id=org.example.per-process:when=1196307507:auth-as=500:constraint=none\n"
-                      "scope=process-one-shot:pid=%d:pid-start-time=%lld:action-id=org.example.per-process-one-shot:when=1196307507:auth-as=500:constraint=none\n",
+                      "scope=process-one-shot:pid=%d:pid-start-time=%lld:action-id=org.example.per-process-one-shot:when=1196307507:auth-as=500:constraint=none\n"
+                      "scope=session:session-id=%%2FSession1:action-id=org.example.per-session:when=1196307507:auth-as=500:constraint=none\n",
                       getpid (), start_time,
                       getpid (), start_time) >= (int) sizeof (test_pu3_run))
                 goto fail;
@@ -1293,7 +1296,7 @@ _run_test (void)
                 polkit_error_free (error);
         }
 
-        /* test: pu3 is authorized for org.example.per-process */
+        /* test: pu3 is authorized for org.example.per-process for just this process id */
         if (!polkit_action_set_action_id (action, "org.example.per-process"))
                 goto out;
 
@@ -1341,6 +1344,43 @@ _run_test (void)
                 polkit_error_free (error);
         }
 
+        if ((session = polkit_session_new ()) == NULL)
+                goto out;
+
+        /* test: pu3 only in the right session is authorized for org.example.per-session */
+        if (!polkit_action_set_action_id (action, "org.example.per-session"))
+                goto out;
+
+        if (setenv ("POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH", "/Session1", 1) != 0)
+                goto fail;
+        kit_assert (polkit_session_set_ck_is_local (session, TRUE));
+        if (!polkit_session_set_ck_objref (session, "/Session1"))
+                goto out;
+        kit_assert (polkit_caller_set_ck_session (caller, session));
+        error = NULL;
+        if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
+                kit_assert (! polkit_error_is_set (error) && is_auth && !is_neg);
+        } else {
+                kit_assert (polkit_error_is_set (error) && 
+                            polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
+                polkit_error_free (error);
+        }
+        
+        if (setenv ("POLKIT_TEST_PRETEND_TO_BE_CK_SESSION_OBJPATH", "/Session2", 1) != 0)
+                goto fail;
+        if (!polkit_session_set_ck_objref (session, "/Session2"))
+                goto out;
+        kit_assert (polkit_session_set_ck_is_local (session, TRUE));
+        kit_assert (polkit_caller_set_ck_session (caller, session));
+        error = NULL;
+        if (polkit_authorization_db_is_caller_authorized (adb, action, caller, FALSE, &is_auth, &is_neg, &error)) {
+                kit_assert (! polkit_error_is_set (error) && !is_auth && !is_neg);
+        } else {
+                kit_assert (polkit_error_is_set (error) && 
+                            polkit_error_get_error_code (error) == POLKIT_ERROR_OUT_OF_MEMORY);
+                polkit_error_free (error);
+        }
+        
 out:
 
         if (action != NULL)
@@ -1349,6 +1389,9 @@ out:
         if (caller != NULL)
                 polkit_caller_unref (caller);
 
+        if (session != NULL)
+                polkit_session_unref (session);
+
         if (adb != NULL) {
                 polkit_authorization_db_debug (adb);
                 polkit_authorization_db_validate (adb);
