diff options
| author | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-06-21 10:03:44 -0700 |
|---|---|---|
| committer | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-06-28 15:15:15 -0700 |
| commit | 93415b198a3ef427c02893b8fdf036aa75ffe50f (patch) | |
| tree | 419be5fa11e9102597d3409800a3d7df4138b05e /actions/policy_test.go | |
| parent | 77b226a90ef70b77ca556830528c013a23b01e57 (diff) | |
actions: error handling and API changed
This commit changes the error handling for the actions package to use
the error handling library github.com/pkg/errors. This means replacing
"errors" with "github.com/pkg/errors", reworking some of the error
values, and wrapping some errors with additional context.
This commit also changes the Protector/Policy API, moving most of the
package functionality into Protector or Policy methods. These types are
now "locked" when they are queried from the filesystem, and Unlock()
must be used to get their corresponding keys. Note that only certain
operations will require unlocking the keys. Certain unnecessary
functions and methods are also removed.
This CL also fixes two bugs reported by Tyler Hicks in CreateConfigFile.
CPU time is used instead of wall time, and kiB is used instead of kB.
Change-Id: I88f45659e9fe4938d148843e3289e7b6d5b698d8
Diffstat (limited to 'actions/policy_test.go')
| -rw-r--r-- | actions/policy_test.go | 76 |
1 files changed, 40 insertions, 36 deletions
diff --git a/actions/policy_test.go b/actions/policy_test.go index 07a7f87..96b9bb0 100644 --- a/actions/policy_test.go +++ b/actions/policy_test.go @@ -21,53 +21,54 @@ package actions import "testing" -// Makes a context, protector, and policy -func makeAll() (ctx *Context, protector *Protector, policy *Policy, err error) { - ctx, err = makeContext() +// Makes a protector and policy +func makeBoth() (*Protector, *Policy, error) { + protector, err := CreateProtector(testContext, testProtectorName, goodCallback) if err != nil { - return + return nil, nil, err } - protector, err = CreateProtector(ctx, testProtectorName, goodCallback) + policy, err := CreatePolicy(testContext, protector) if err != nil { - return + cleanupProtector(protector) + return nil, nil, err } - policy, err = CreatePolicy(ctx, protector) - return + return protector, policy, nil } -// Cleans up a context, protector, and policy -func cleanupAll(protector *Protector, policy *Policy) { - if policy != nil { - policy.Wipe() - } - if protector != nil { - protector.Wipe() - } - cleaupContext() +func cleanupProtector(protector *Protector) { + protector.Lock() + protector.Destroy() +} + +func cleanupPolicy(policy *Policy) { + policy.Lock() + policy.Destroy() } // Tests that we can make a policy/protector pair func TestCreatePolicy(t *testing.T) { - _, pro, pol, err := makeAll() - defer cleanupAll(pro, pol) + pro, pol, err := makeBoth() if err != nil { t.Error(err) } + cleanupPolicy(pol) + cleanupProtector(pro) } // Tests that we can add another protector to the policy func TestPolicyGoodAddProtector(t *testing.T) { - ctx, pro1, pol, err := makeAll() - defer cleanupAll(pro1, pol) + pro1, pol, err := makeBoth() + defer cleanupProtector(pro1) + defer cleanupPolicy(pol) if err != nil { t.Fatal(err) } - pro2, err := CreateProtector(ctx, testProtectorName2, goodCallback) + pro2, err := CreateProtector(testContext, testProtectorName2, goodCallback) if err != nil { t.Fatal(err) } - defer pro2.Wipe() + defer cleanupProtector(pro2) err = pol.AddProtector(pro2) if err != nil { @@ -77,8 +78,9 @@ func TestPolicyGoodAddProtector(t *testing.T) { // Tests that we cannot add a protector to a policy twice func TestPolicyBadAddProtector(t *testing.T) { - _, pro, pol, err := makeAll() - defer cleanupAll(pro, pol) + pro, pol, err := makeBoth() + defer cleanupProtector(pro) + defer cleanupPolicy(pol) if err != nil { t.Fatal(err) } @@ -90,24 +92,25 @@ func TestPolicyBadAddProtector(t *testing.T) { // Tests that we can remove a protector we added func TestPolicyGoodRemoveProtector(t *testing.T) { - ctx, pro1, pol, err := makeAll() - defer cleanupAll(pro1, pol) + pro1, pol, err := makeBoth() + defer cleanupProtector(pro1) + defer cleanupPolicy(pol) if err != nil { t.Fatal(err) } - pro2, err := CreateProtector(ctx, testProtectorName2, goodCallback) + pro2, err := CreateProtector(testContext, testProtectorName2, goodCallback) if err != nil { t.Fatal(err) } - defer pro2.Wipe() + defer cleanupProtector(pro2) err = pol.AddProtector(pro2) if err != nil { t.Fatal(err) } - err = pol.RemoveProtector(pro1.data.ProtectorDescriptor) + err = pol.RemoveProtector(pro1) if err != nil { t.Error(err) } @@ -115,23 +118,24 @@ func TestPolicyGoodRemoveProtector(t *testing.T) { // Tests various bad ways to remove protectors func TestPolicyBadRemoveProtector(t *testing.T) { - ctx, pro1, pol, err := makeAll() - defer cleanupAll(pro1, pol) + pro1, pol, err := makeBoth() + defer cleanupProtector(pro1) + defer cleanupPolicy(pol) if err != nil { t.Fatal(err) } - pro2, err := CreateProtector(ctx, testProtectorName2, goodCallback) + pro2, err := CreateProtector(testContext, testProtectorName2, goodCallback) if err != nil { t.Fatal(err) } - defer pro2.Wipe() + defer cleanupProtector(pro2) - if pol.RemoveProtector(pro2.data.ProtectorDescriptor) == nil { + if pol.RemoveProtector(pro2) == nil { t.Error("we should not be able to remove a protector we did not add") } - if pol.RemoveProtector(pro1.data.ProtectorDescriptor) == nil { + if pol.RemoveProtector(pro1) == nil { t.Error("we should not be able to remove all the protectors from a policy") } } |