security_policy_test_util/
lib.rs

1// Copyright 2020 The Fuchsia Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5use anyhow::Error;
6use component_events::events::*;
7use component_events::matcher::EventMatcher;
8use component_events::sequence::{EventSequence, Ordering};
9use fidl::endpoints::{create_proxy, ProtocolMarker};
10use fuchsia_component_test::{Capability, ChildOptions, RealmBuilder, RealmInstance, Ref, Route};
11use {
12    fidl_fuchsia_component as fcomponent, fidl_fuchsia_component_decl as fdecl,
13    fidl_fuchsia_io as fio, fidl_fuchsia_sys2 as fsys,
14};
15
16pub async fn start_policy_test(
17    component_manager_url: &str,
18    root_component_url: &str,
19) -> Result<(RealmInstance, fcomponent::RealmProxy, EventStream), Error> {
20    let builder = RealmBuilder::new().await.unwrap();
21    let root_child =
22        builder.add_child("root", root_component_url, ChildOptions::new().eager()).await.unwrap();
23    builder
24        .add_route(
25            Route::new()
26                .capability(Capability::protocol_by_name("fuchsia.logger.LogSink"))
27                .capability(Capability::protocol_by_name("fuchsia.process.Launcher"))
28                .from(Ref::parent())
29                .to(&root_child),
30        )
31        .await
32        .unwrap();
33    let instance = builder.build_in_nested_component_manager(component_manager_url).await.unwrap();
34    let proxy: fcomponent::EventStreamProxy =
35        instance.root.connect_to_protocol_at_exposed_dir().unwrap();
36    proxy.wait_for_ready().await.unwrap();
37
38    let event_stream = EventStream::new(proxy);
39
40    instance.start_component_tree().await.unwrap();
41
42    // Wait for the root component to be started so we can connect to its Realm service.
43    let event_stream = EventSequence::new()
44        .has_subset(
45            vec![EventMatcher::ok().r#type(Started::TYPE).moniker("./root")],
46            Ordering::Unordered,
47        )
48        .expect_and_giveback(event_stream)
49        .await
50        .unwrap();
51    // Get to the Realm protocol
52    let realm_query: fsys::RealmQueryProxy =
53        instance.root.connect_to_protocol_at_exposed_dir().unwrap();
54    let (exposed_dir, server_end) = create_proxy();
55    realm_query
56        .open_directory("./root", fsys::OpenDirType::ExposedDir, server_end)
57        .await
58        .unwrap()
59        .unwrap();
60    let (realm, server_end) = create_proxy::<fcomponent::RealmMarker>();
61    exposed_dir
62        .open(
63            fcomponent::RealmMarker::DEBUG_NAME,
64            fio::Flags::PROTOCOL_SERVICE,
65            &Default::default(),
66            server_end.into_channel(),
67        )
68        .unwrap();
69    Ok((instance, realm, event_stream))
70}
71
72pub async fn open_exposed_dir(
73    realm: &fcomponent::RealmProxy,
74    name: &str,
75) -> Result<fio::DirectoryProxy, fcomponent::Error> {
76    let child_ref = fdecl::ChildRef { name: name.to_string(), collection: None };
77    let (exposed_dir, server_end) = create_proxy();
78    realm
79        .open_exposed_dir(&child_ref, server_end)
80        .await
81        .expect("open_exposed_dir failed")
82        .map(|_| exposed_dir)
83}