security_policy_test_util/
lib.rs

1// Copyright 2020 The Fuchsia Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5use anyhow::Error;
6use component_events::events::*;
7use component_events::matcher::EventMatcher;
8use component_events::sequence::{EventSequence, Ordering};
9use fidl::endpoints::{create_proxy, ProtocolMarker};
10use fuchsia_component_test::{Capability, ChildOptions, RealmBuilder, RealmInstance, Ref, Route};
11use {
12    fidl_fuchsia_component as fcomponent, fidl_fuchsia_component_decl as fdecl,
13    fidl_fuchsia_io as fio, fidl_fuchsia_sys2 as fsys,
14};
15
16pub async fn start_policy_test(
17    component_manager_url: &str,
18    root_component_url: &str,
19) -> Result<(RealmInstance, fcomponent::RealmProxy, EventStream), Error> {
20    let builder = RealmBuilder::new().await.unwrap();
21    let root_child =
22        builder.add_child("root", root_component_url, ChildOptions::new().eager()).await.unwrap();
23    builder
24        .add_route(
25            Route::new()
26                .capability(Capability::protocol_by_name("fuchsia.logger.LogSink"))
27                .capability(Capability::protocol_by_name("fuchsia.process.Launcher"))
28                .from(Ref::parent())
29                .to(&root_child),
30        )
31        .await
32        .unwrap();
33    let instance = builder.build_in_nested_component_manager(component_manager_url).await.unwrap();
34    let proxy = instance
35        .root
36        .connect_to_protocol_at_exposed_dir::<fcomponent::EventStreamMarker>()
37        .unwrap();
38    proxy.wait_for_ready().await.unwrap();
39
40    let event_stream = EventStream::new(proxy);
41
42    instance.start_component_tree().await.unwrap();
43
44    // Wait for the root component to be started so we can connect to its Realm service.
45    let event_stream = EventSequence::new()
46        .has_subset(
47            vec![EventMatcher::ok().r#type(Started::TYPE).moniker("./root")],
48            Ordering::Unordered,
49        )
50        .expect_and_giveback(event_stream)
51        .await
52        .unwrap();
53    // Get to the Realm protocol
54    let realm_query =
55        instance.root.connect_to_protocol_at_exposed_dir::<fsys::RealmQueryMarker>().unwrap();
56    let (exposed_dir, server_end) = create_proxy();
57    realm_query
58        .open_directory("./root", fsys::OpenDirType::ExposedDir, server_end)
59        .await
60        .unwrap()
61        .unwrap();
62    let (realm, server_end) = create_proxy::<fcomponent::RealmMarker>();
63    exposed_dir
64        .open(
65            fcomponent::RealmMarker::DEBUG_NAME,
66            fio::Flags::PROTOCOL_SERVICE,
67            &Default::default(),
68            server_end.into_channel(),
69        )
70        .unwrap();
71    Ok((instance, realm, event_stream))
72}
73
74pub async fn open_exposed_dir(
75    realm: &fcomponent::RealmProxy,
76    name: &str,
77) -> Result<fio::DirectoryProxy, fcomponent::Error> {
78    let child_ref = fdecl::ChildRef { name: name.to_string(), collection: None };
79    let (exposed_dir, server_end) = create_proxy();
80    realm
81        .open_exposed_dir(&child_ref, server_end)
82        .await
83        .expect("open_exposed_dir failed")
84        .map(|_| exposed_dir)
85}