Ubuntu Online Accounts API

Merge lp:~mardy/online-accounts-api/apparmor-1489489 into lp:online-accounts-api

apparmor-1489489
Merge into trunk

Proposed by Alberto Mardegan on 2016-10-04

Status:

Merged

Approved by:

Alberto Mardegan on 2016-10-05

Approved revision:

Merged at revision:

Proposed branch:

lp:~mardy/online-accounts-api/apparmor-1489489

Merge into:

lp:online-accounts-api

Diff against target:

157 lines (+51/-24)

4 files modified

src/lib/OnlineAccountsDaemon/client_registry.cpp (+16/-6)
tests/daemon/functional_tests/dbus_apparmor.py (+28/-14)
tests/daemon/functional_tests/fake_dbus_apparmor.h (+3/-3)
tests/daemon/functional_tests/functional_tests.cpp (+4/-1)

To merge this branch:

bzr merge lp:~mardy/online-accounts-api/apparmor-1489489

Medium

Confirmed

Link a bug report

Reviewer	Review Type	Date Requested	Status
Alexandre Abreu (community)		2016-10-04	Approve on 2016-10-04
Review via email: mp+307560@code.launchpad.net

Commit message

Use GetConnectionCredentials() method instead of the deprecated apparmor-specific method.

Description of the change

Use GetConnectionCredentials() method instead of the deprecated apparmor-specific method.

Revision history for this message

Alexandre Abreu (abreu-alexandre) wrote on 2016-10-04:

LGTM

review: Approve

lp:~mardy/online-accounts-api/apparmor-1489489 updated on 2016-10-13

28. By Alberto Mardegan on 2016-10-13: Merge from trunk
* Fix reply of password-based authentication (LP: #1628473)
* debian/control:
- Depend on qttools5-dev-tools for qdoc (LP: #1608814)
* debian/rules:
- No need to invoke dh_python

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Alberto Mardegan

Online Accounts

 === modified file 'src/lib/OnlineAccountsDaemon/client_registry.cpp'
 --- src/lib/OnlineAccountsDaemon/client_registry.cpp	2015-09-03 10:41:07 +0000
 +++ src/lib/OnlineAccountsDaemon/client_registry.cpp	2016-10-13 13:42:31 +0000
@@ -20,12 +20,15 @@
  #include "client_registry.h"
++#include <QByteArray>
  #include <QDBusConnection>
  #include <QDBusConnectionInterface>
  #include <QDBusMessage>
++#include <QDBusReply>
  #include <QDBusServiceWatcher>
  #include <QDebug>
  #include <QHash>
++#include <QVariantMap>
  #include <sys/apparmor.h>
  using namespace OnlineAccountsDaemon;
@@ -91,18 +94,25 @@
          QDBusMessage::createMethodCall(dbusService,
                                         "/org/freedesktop/DBus",
                                         "org.freedesktop.DBus",
--                                       "GetConnectionAppArmorSecurityContext");
++                                       "GetConnectionCredentials");
      msg << client;
--    QDBusMessage reply = m_connection.call(msg, QDBus::Block);
++    QDBusReply<QVariantMap> reply = m_connection.call(msg, QDBus::Block);
      QString context;
--    if (reply.type() == QDBusMessage::ReplyMessage) {
--        context = reply.arguments().value(0).value<QString>();
++    if (reply.isValid()) {
++        QVariantMap map = reply.value();
++        QByteArray label = map.value("LinuxSecurityLabel").toByteArray();
++        if (!label.isEmpty()) {
++            aa_splitcon(label.data(), NULL);
++            context = QString::fromUtf8(label);
++        }
      } else {
--        qWarning() << "Could not determine AppArmor context: " <<
--            reply.errorName() << ": " << reply.errorMessage();
++        QDBusError error = reply.error();
++        qWarning() << "Error getting app ID:" << error.name() <<
++            error.message();
          context = QStringLiteral("unconfined");
+     }
++    qDebug() << "Client security context:" << context;
      return context;
+ }
 === modified file 'tests/daemon/functional_tests/dbus_apparmor.py'
 --- tests/daemon/functional_tests/dbus_apparmor.py	2015-07-23 13:57:48 +0000
 +++ tests/daemon/functional_tests/dbus_apparmor.py	2016-10-13 13:42:31 +0000
@@ -1,4 +1,7 @@
--'''D-Bus mock template for GetConnectionAppArmorSecurityContext
++'''dbus mock template
++
++This creates the expected methods and properties of the
++org.freedesktop.DBus service.
  '''
  # This program is free software; you can redistribute it and/or modify it under
@@ -9,28 +12,39 @@
  __author__ = 'Alberto Mardegan'
  __email__ = 'alberto.mardegan@canonical.com'
--__copyright__ = '(c) 2015 Canonical Ltd.'
++__copyright__ = '(c) 2016 Canonical Ltd.'
  __license__ = 'LGPL 3+'
  import dbus
++import time
  from dbusmock import MOCK_IFACE
++import dbusmock
  BUS_NAME = 'mocked.org.freedesktop.dbus'
  MAIN_OBJ = '/org/freedesktop/DBus'
  MAIN_IFACE = 'org.freedesktop.DBus'
  SYSTEM_BUS = False
++ERROR_PREFIX = 'org.freedesktop.DBus.Error.'
++ERROR_NAME_HAS_NO_OWNER = ERROR_PREFIX + 'NameHasNoOwner'
++
++def get_credentials(self, service):
++    if service not in self.credentials:
++        raise dbus.exceptions.DBusException('Service not found',
++                                            name=ERROR_NAME_HAS_NO_OWNER)
++    return self.credentials[service]
++
++
  def load(mock, parameters):
--    mock.AddMethod(MAIN_IFACE,
--                   'GetConnectionAppArmorSecurityContext',
--                   's', 's',
--                   'ret = self.contexts.get(args[0], "unconfined")')
--
--    mock.contexts = {}
--
--@dbus.service.method(MOCK_IFACE, in_signature='ss', out_signature='')
--def AddClient(self, client, context):
--    '''Adds a client with its security context'''
--    self.contexts[client] = context
--
++    mock.get_credentials = get_credentials
++    mock.AddMethods(MAIN_IFACE, [
++        ('GetConnectionCredentials', 's', 'a{sv}', 'ret = self.get_credentials(self, args[0])'),
++    ])
++
++    mock.credentials = {}
++
++
++@dbus.service.method(MOCK_IFACE, in_signature='sa{sv}', out_signature='')
++def SetCredentials(self, service, credentials):
++    self.credentials[service] = credentials
 === modified file 'tests/daemon/functional_tests/fake_dbus_apparmor.h'
 --- tests/daemon/functional_tests/fake_dbus_apparmor.h	2015-07-23 13:57:48 +0000
 +++ tests/daemon/functional_tests/fake_dbus_apparmor.h	2016-10-13 13:42:31 +0000
@@ -21,7 +21,7 @@
  #ifndef OAD_FAKE_DBUS_APPARMOR_H
  #define OAD_FAKE_DBUS_APPARMOR_H
--#include <QString>
++#include <QVariantMap>
  #include <libqtdbusmock/DBusMock.h>
  class FakeDBusApparmor
@@ -33,8 +33,8 @@
                                   QDBusConnection::SessionBus);
+     }
--    void addClient(const QString &client, const QString context) {
--        mocked().call("AddClient", client, context);
++    void setCredentials(const QString &service, const QVariantMap &credentials) {
++        mocked().call("SetCredentials", service, credentials);
+     }
  private:
 === modified file 'tests/daemon/functional_tests/functional_tests.cpp'
 --- tests/daemon/functional_tests/functional_tests.cpp	2016-09-28 13:09:06 +0000
 +++ tests/daemon/functional_tests/functional_tests.cpp	2016-10-13 13:42:31 +0000
@@ -308,7 +308,10 @@
      DaemonInterface *daemon = new DaemonInterface(m_dbus->sessionConnection());
      TestProcess testProcess;
--    m_dbus->dbusApparmor().addClient(testProcess.uniqueName(), securityContext);
++    QVariantMap credentials {
++        { "LinuxSecurityLabel", securityContext.toUtf8() },
++    };
++    m_dbus->dbusApparmor().setCredentials(testProcess.uniqueName(), credentials);
      QList<AccountInfo> accountInfos = testProcess.getAccounts(filters);
      QList<int> accountIds;