From 4a22c69e132a1dea99a79a54bad654b64fb05fc0 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Tue, 2 Apr 2024 10:00:07 -0400 Subject: [PATCH] DiffResultDescriptor: Use the diff function directly. Don't indirectly specify the function by name. Signed-off-by: Chris PeBenito --- setools/diff/bool.py | 8 ++--- setools/diff/bounds.py | 16 ++++----- setools/diff/commons.py | 8 ++--- setools/diff/constraints.py | 33 +++++++++--------- setools/diff/default.py | 8 ++--- setools/diff/descriptors.py | 10 ++++-- setools/diff/fsuse.py | 8 ++--- setools/diff/genfscon.py | 8 ++--- setools/diff/ibendportcon.py | 8 ++--- setools/diff/ibpkeycon.py | 8 ++--- setools/diff/initsid.py | 8 ++--- setools/diff/mls.py | 24 ++++++------- setools/diff/mlsrules.py | 16 ++++----- setools/diff/netifcon.py | 8 ++--- setools/diff/nodecon.py | 8 ++--- setools/diff/objclass.py | 8 ++--- setools/diff/polcap.py | 6 ++-- setools/diff/portcon.py | 8 ++--- setools/diff/properties.py | 4 +-- setools/diff/rbacrules.py | 24 ++++++------- setools/diff/roles.py | 8 ++--- setools/diff/terules.py | 66 ++++++++++++++++++------------------ setools/diff/typeattr.py | 8 ++--- setools/diff/types.py | 8 ++--- setools/diff/users.py | 8 ++--- 25 files changed, 165 insertions(+), 162 deletions(-) diff --git a/setools/diff/bool.py b/setools/diff/bool.py index fce910df..04499aab 100644 --- a/setools/diff/bool.py +++ b/setools/diff/bool.py @@ -45,10 +45,6 @@ class BooleansDifference(Difference): """Determine the difference in type attributes between two policies.""" - added_booleans = DiffResultDescriptor[Boolean]("diff_booleans") - removed_booleans = DiffResultDescriptor[Boolean]("diff_booleans") - modified_booleans = DiffResultDescriptor[ModifiedBoolean]("diff_booleans") - def diff_booleans(self) -> None: """Generate the difference in type attributes between the policies.""" @@ -70,6 +66,10 @@ def diff_booleans(self) -> None: right_boolean.state, left_boolean.state)) + added_booleans = DiffResultDescriptor[Boolean](diff_booleans) + removed_booleans = DiffResultDescriptor[Boolean](diff_booleans) + modified_booleans = DiffResultDescriptor[ModifiedBoolean](diff_booleans) + # # Internal functions # diff --git a/setools/diff/bounds.py b/setools/diff/bounds.py index a0a1a99c..a94b88e6 100644 --- a/setools/diff/bounds.py +++ b/setools/diff/bounds.py @@ -27,14 +27,6 @@ class BoundsDifference(Difference): """Determine the difference in *bounds between two policies.""" - added_typebounds = DiffResultDescriptor[Bounds]("diff_typebounds") - removed_typebounds = DiffResultDescriptor[Bounds]("diff_typebounds") - modified_typebounds = DiffResultDescriptor[ModifiedBounds]("diff_typebounds") - - # Lists of rules for each policy - _left_typebounds: list[Bounds] | None = None - _right_typebounds: list[Bounds] | None = None - def diff_typebounds(self) -> None: """Generate the difference in typebound rules between the policies.""" @@ -56,6 +48,14 @@ def diff_typebounds(self) -> None: self.modified_typebounds.append(ModifiedBounds( left_bound, right_bound.parent, left_bound.parent)) + added_typebounds = DiffResultDescriptor[Bounds](diff_typebounds) + removed_typebounds = DiffResultDescriptor[Bounds](diff_typebounds) + modified_typebounds = DiffResultDescriptor[ModifiedBounds](diff_typebounds) + + # Lists of rules for each policy + _left_typebounds: list[Bounds] | None = None + _right_typebounds: list[Bounds] | None = None + # # Internal functions # diff --git a/setools/diff/commons.py b/setools/diff/commons.py index 381e5e62..4811889d 100644 --- a/setools/diff/commons.py +++ b/setools/diff/commons.py @@ -27,10 +27,6 @@ class CommonDifference(Difference): between two policies. """ - added_commons = DiffResultDescriptor[policyrep.Common]("diff_commons") - removed_commons = DiffResultDescriptor[policyrep.Common]("diff_commons") - modified_commons = DiffResultDescriptor[ModifiedCommon]("diff_commons") - def diff_commons(self) -> None: """Generate the difference in commons between the policies.""" @@ -56,6 +52,10 @@ def diff_commons(self) -> None: removed_perms, matched_perms)) + added_commons = DiffResultDescriptor[policyrep.Common](diff_commons) + removed_commons = DiffResultDescriptor[policyrep.Common](diff_commons) + modified_commons = DiffResultDescriptor[ModifiedCommon](diff_commons) + # # Internal functions # diff --git a/setools/diff/constraints.py b/setools/diff/constraints.py index b516e422..0488c46d 100644 --- a/setools/diff/constraints.py +++ b/setools/diff/constraints.py @@ -30,23 +30,6 @@ class ConstraintsDifference(Difference): be reflected as a difference. """ - added_constrains = DiffResultDescriptor[policyrep.Constraint]("diff_constrains") - removed_constrains = DiffResultDescriptor[policyrep.Constraint]("diff_constrains") - - added_mlsconstrains = DiffResultDescriptor[policyrep.Constraint]("diff_mlsconstrains") - removed_mlsconstrains = DiffResultDescriptor[policyrep.Constraint]("diff_mlsconstrains") - - added_validatetrans = DiffResultDescriptor[policyrep.Validatetrans]("diff_validatetrans") - removed_validatetrans = DiffResultDescriptor[policyrep.Validatetrans]("diff_validatetrans") - - added_mlsvalidatetrans = DiffResultDescriptor[policyrep.Validatetrans]("diff_mlsvalidatetrans") - removed_mlsvalidatetrans = DiffResultDescriptor[policyrep.Validatetrans]( - "diff_mlsvalidatetrans") - - # Lists of rules for each policy - _left_constraints: RuleList[policyrep.ConstraintRuletype, policyrep.AnyConstraint] = None - _right_constraints: RuleList[policyrep.ConstraintRuletype, policyrep.AnyConstraint] = None - def diff_constrains(self) -> None: """Generate the difference in constraint rules between the policies.""" @@ -121,6 +104,22 @@ def diff_mlsvalidatetrans(self) -> None: (ConstraintWrapper(c) for c in self._right_constraints[ policyrep.ConstraintRuletype.mlsvalidatetrans])) + added_constrains = DiffResultDescriptor[policyrep.Constraint](diff_constrains) + removed_constrains = DiffResultDescriptor[policyrep.Constraint](diff_constrains) + + added_mlsconstrains = DiffResultDescriptor[policyrep.Constraint](diff_mlsconstrains) + removed_mlsconstrains = DiffResultDescriptor[policyrep.Constraint](diff_mlsconstrains) + + added_validatetrans = DiffResultDescriptor[policyrep.Validatetrans](diff_validatetrans) + removed_validatetrans = DiffResultDescriptor[policyrep.Validatetrans](diff_validatetrans) + + added_mlsvalidatetrans = DiffResultDescriptor[policyrep.Validatetrans](diff_mlsvalidatetrans) + removed_mlsvalidatetrans = DiffResultDescriptor[policyrep.Validatetrans](diff_mlsvalidatetrans) + + # Lists of rules for each policy + _left_constraints: RuleList[policyrep.ConstraintRuletype, policyrep.AnyConstraint] = None + _right_constraints: RuleList[policyrep.ConstraintRuletype, policyrep.AnyConstraint] = None + # # Internal functions # diff --git a/setools/diff/default.py b/setools/diff/default.py index 24389b8d..41b3e84b 100644 --- a/setools/diff/default.py +++ b/setools/diff/default.py @@ -26,10 +26,6 @@ class DefaultsDifference(Difference): """Determine the difference in default_* between two policies.""" - added_defaults = DiffResultDescriptor[AnyDefault]("diff_defaults") - removed_defaults = DiffResultDescriptor[AnyDefault]("diff_defaults") - modified_defaults = DiffResultDescriptor[ModifiedDefault]("diff_defaults") - def diff_defaults(self) -> None: """Generate the difference in type defaults between the policies.""" @@ -73,6 +69,10 @@ def diff_defaults(self) -> None: added_default_range, removed_default_range)) + added_defaults = DiffResultDescriptor[AnyDefault](diff_defaults) + removed_defaults = DiffResultDescriptor[AnyDefault](diff_defaults) + modified_defaults = DiffResultDescriptor[ModifiedDefault](diff_defaults) + # # Internal functions # diff --git a/setools/diff/descriptors.py b/setools/diff/descriptors.py index 45c7b0cb..cdbffd9a 100644 --- a/setools/diff/descriptors.py +++ b/setools/diff/descriptors.py @@ -3,6 +3,7 @@ # SPDX-License-Identifier: LGPL-2.1-only # +from collections.abc import Callable import typing T = typing.TypeVar("T") @@ -15,7 +16,7 @@ class DiffResultDescriptor(typing.Generic[T]): # @properties could be used instead, but there are so # many result attributes, this will keep the code cleaner. - def __init__(self, diff_function: str) -> None: + def __init__(self, diff_function: Callable[[typing.Any], None]) -> None: self.diff_function = diff_function self.name: str @@ -27,8 +28,11 @@ def __get__(self, obj, objtype=None) -> list[T]: raise AttributeError if getattr(obj, self.name, None) is None: - diff = getattr(obj, self.diff_function) - diff() + # must specify obj here since the function is not bound to a + # a particular instance. Otherwise you get: + # TypeError: av_diff_template..diff() missing 1 required + # positional argument: 'self' + self.diff_function(obj) return getattr(obj, self.name) diff --git a/setools/diff/fsuse.py b/setools/diff/fsuse.py index 387b1d74..b43ca4ff 100644 --- a/setools/diff/fsuse.py +++ b/setools/diff/fsuse.py @@ -25,10 +25,6 @@ class FSUsesDifference(Difference): """Determine the difference in fs_use_* rules between two policies.""" - added_fs_uses = DiffResultDescriptor[FSUse]("diff_fs_uses") - removed_fs_uses = DiffResultDescriptor[FSUse]("diff_fs_uses") - modified_fs_uses = DiffResultDescriptor[ModifiedFSUse]("diff_fs_uses") - def diff_fs_uses(self) -> None: """Generate the difference in fs_use rules between the policies.""" @@ -49,6 +45,10 @@ def diff_fs_uses(self) -> None: right_rule.context, left_rule.context)) + added_fs_uses = DiffResultDescriptor[FSUse](diff_fs_uses) + removed_fs_uses = DiffResultDescriptor[FSUse](diff_fs_uses) + modified_fs_uses = DiffResultDescriptor[ModifiedFSUse](diff_fs_uses) + # # Internal functions # diff --git a/setools/diff/genfscon.py b/setools/diff/genfscon.py index 24c1b729..df14df69 100644 --- a/setools/diff/genfscon.py +++ b/setools/diff/genfscon.py @@ -25,10 +25,6 @@ class GenfsconsDifference(Difference): """Determine the difference in genfscon rules between two policies.""" - added_genfscons = DiffResultDescriptor[Genfscon]("diff_genfscons") - removed_genfscons = DiffResultDescriptor[Genfscon]("diff_genfscons") - modified_genfscons = DiffResultDescriptor[ModifiedGenfscon]("diff_genfscons") - def diff_genfscons(self) -> None: """Generate the difference in genfscon rules between the policies.""" @@ -49,6 +45,10 @@ def diff_genfscons(self) -> None: right_rule.context, left_rule.context)) + added_genfscons = DiffResultDescriptor[Genfscon](diff_genfscons) + removed_genfscons = DiffResultDescriptor[Genfscon](diff_genfscons) + modified_genfscons = DiffResultDescriptor[ModifiedGenfscon](diff_genfscons) + # # Internal functions # diff --git a/setools/diff/ibendportcon.py b/setools/diff/ibendportcon.py index 049d5da0..4a202517 100644 --- a/setools/diff/ibendportcon.py +++ b/setools/diff/ibendportcon.py @@ -25,10 +25,6 @@ class IbendportconsDifference(Difference): """Determine the difference in ibendportcons between two policies.""" - added_ibendportcons = DiffResultDescriptor[Ibendportcon]("diff_ibendportcons") - removed_ibendportcons = DiffResultDescriptor[Ibendportcon]("diff_ibendportcons") - modified_ibendportcons = DiffResultDescriptor[ModifiedIbendportcon]("diff_ibendportcons") - def diff_ibendportcons(self) -> None: """Generate the difference in ibendportcons between the policies.""" @@ -49,6 +45,10 @@ def diff_ibendportcons(self) -> None: self.modified_ibendportcons.append( ModifiedIbendportcon(left_ibep, right_ibep.context, left_ibep.context)) + added_ibendportcons = DiffResultDescriptor[Ibendportcon](diff_ibendportcons) + removed_ibendportcons = DiffResultDescriptor[Ibendportcon](diff_ibendportcons) + modified_ibendportcons = DiffResultDescriptor[ModifiedIbendportcon](diff_ibendportcons) + # # Internal functions # diff --git a/setools/diff/ibpkeycon.py b/setools/diff/ibpkeycon.py index 63aed241..ea2057fb 100644 --- a/setools/diff/ibpkeycon.py +++ b/setools/diff/ibpkeycon.py @@ -25,10 +25,6 @@ class IbpkeyconsDifference(Difference): """Determine the difference in ibpkeycons between two policies.""" - added_ibpkeycons = DiffResultDescriptor[Ibpkeycon]("diff_ibpkeycons") - removed_ibpkeycons = DiffResultDescriptor[Ibpkeycon]("diff_ibpkeycons") - modified_ibpkeycons = DiffResultDescriptor[ModifiedIbpkeycon]("diff_ibpkeycons") - def diff_ibpkeycons(self) -> None: """Generate the difference in ibpkeycons between the policies.""" @@ -49,6 +45,10 @@ def diff_ibpkeycons(self) -> None: self.modified_ibpkeycons.append( ModifiedIbpkeycon(left_ibpkey, right_ibpkey.context, left_ibpkey.context)) + added_ibpkeycons = DiffResultDescriptor[Ibpkeycon](diff_ibpkeycons) + removed_ibpkeycons = DiffResultDescriptor[Ibpkeycon](diff_ibpkeycons) + modified_ibpkeycons = DiffResultDescriptor[ModifiedIbpkeycon](diff_ibpkeycons) + # # Internal functions # diff --git a/setools/diff/initsid.py b/setools/diff/initsid.py index b87ab9d1..ebe3b28b 100644 --- a/setools/diff/initsid.py +++ b/setools/diff/initsid.py @@ -25,10 +25,6 @@ class InitialSIDsDifference(Difference): """Determine the difference in initsids between two policies.""" - added_initialsids = DiffResultDescriptor[policyrep.InitialSID]("diff_initialsids") - removed_initialsids = DiffResultDescriptor[policyrep.InitialSID]("diff_initialsids") - modified_initialsids = DiffResultDescriptor[ModifiedInitialSID]("diff_initialsids") - def diff_initialsids(self) -> None: """Generate the difference in initial SIDs between the policies.""" @@ -48,6 +44,10 @@ def diff_initialsids(self) -> None: self.modified_initialsids.append(ModifiedInitialSID( left_initialsid, right_initialsid.context, left_initialsid.context)) + added_initialsids = DiffResultDescriptor[policyrep.InitialSID](diff_initialsids) + removed_initialsids = DiffResultDescriptor[policyrep.InitialSID](diff_initialsids) + modified_initialsids = DiffResultDescriptor[ModifiedInitialSID](diff_initialsids) + # # Internal functions # diff --git a/setools/diff/mls.py b/setools/diff/mls.py index 3b4923a5..581ad54e 100644 --- a/setools/diff/mls.py +++ b/setools/diff/mls.py @@ -83,10 +83,6 @@ class CategoriesDifference(Difference): """Determine the difference in categories between two policies.""" - added_categories = DiffResultDescriptor[Category]("diff_categories") - removed_categories = DiffResultDescriptor[Category]("diff_categories") - modified_categories = DiffResultDescriptor[ModifiedCategory]("diff_categories") - def diff_categories(self) -> None: """Generate the difference in categories between the policies.""" @@ -111,6 +107,10 @@ def diff_categories(self) -> None: removed_aliases, matched_aliases)) + added_categories = DiffResultDescriptor[Category](diff_categories) + removed_categories = DiffResultDescriptor[Category](diff_categories) + modified_categories = DiffResultDescriptor[ModifiedCategory](diff_categories) + # # Internal functions # @@ -126,10 +126,6 @@ class SensitivitiesDifference(Difference): """Determine the difference in sensitivities between two policies.""" - added_sensitivities = DiffResultDescriptor[Sensitivity]("diff_sensitivities") - removed_sensitivities = DiffResultDescriptor[Sensitivity]("diff_sensitivities") - modified_sensitivities = DiffResultDescriptor[ModifiedSensitivity]("diff_sensitivities") - def diff_sensitivities(self) -> None: """Generate the difference in sensitivities between the policies.""" @@ -155,6 +151,10 @@ def diff_sensitivities(self) -> None: removed_aliases, matched_aliases)) + added_sensitivities = DiffResultDescriptor[Sensitivity](diff_sensitivities) + removed_sensitivities = DiffResultDescriptor[Sensitivity](diff_sensitivities) + modified_sensitivities = DiffResultDescriptor[ModifiedSensitivity](diff_sensitivities) + # # Internal functions # @@ -170,10 +170,6 @@ class LevelDeclsDifference(Difference): """Determine the difference in levels between two policies.""" - added_levels = DiffResultDescriptor[LevelDecl]("diff_levels") - removed_levels = DiffResultDescriptor[LevelDecl]("diff_levels") - modified_levels = DiffResultDescriptor[ModifiedLevelDecl]("diff_levels") - def diff_levels(self) -> None: """Generate the difference in levels between the policies.""" @@ -198,6 +194,10 @@ def diff_levels(self) -> None: self.modified_levels.append(ModifiedLevelDecl( left_level, added_categories, removed_categories, matched_categories)) + added_levels = DiffResultDescriptor[LevelDecl](diff_levels) + removed_levels = DiffResultDescriptor[LevelDecl](diff_levels) + modified_levels = DiffResultDescriptor[ModifiedLevelDecl](diff_levels) + # # Internal functions # diff --git a/setools/diff/mlsrules.py b/setools/diff/mlsrules.py index d64c68b2..6cf41127 100644 --- a/setools/diff/mlsrules.py +++ b/setools/diff/mlsrules.py @@ -30,14 +30,6 @@ class MLSRulesDifference(Difference): """Determine the difference in MLS rules between two policies.""" - added_range_transitions = DiffResultDescriptor[MLSRule]("diff_range_transitions") - removed_range_transitions = DiffResultDescriptor[MLSRule]("diff_range_transitions") - modified_range_transitions = DiffResultDescriptor[ModifiedMLSRule]("diff_range_transitions") - - # Lists of rules for each policy - _left_mls_rules: RuleList[MLSRuletype, MLSRule] = None - _right_mls_rules: RuleList[MLSRuletype, MLSRule] = None - def diff_range_transitions(self) -> None: """Generate the difference in range_transition rules between the policies.""" @@ -71,6 +63,14 @@ def diff_range_transitions(self) -> None: self.removed_range_transitions = removed self.modified_range_transitions = modified + added_range_transitions = DiffResultDescriptor[MLSRule](diff_range_transitions) + removed_range_transitions = DiffResultDescriptor[MLSRule](diff_range_transitions) + modified_range_transitions = DiffResultDescriptor[ModifiedMLSRule](diff_range_transitions) + + # Lists of rules for each policy + _left_mls_rules: RuleList[MLSRuletype, MLSRule] = None + _right_mls_rules: RuleList[MLSRuletype, MLSRule] = None + # # Internal functions # diff --git a/setools/diff/netifcon.py b/setools/diff/netifcon.py index 63a4b5fd..5ec55492 100644 --- a/setools/diff/netifcon.py +++ b/setools/diff/netifcon.py @@ -27,10 +27,6 @@ class NetifconsDifference(Difference): """Determine the difference in netifcons between two policies.""" - added_netifcons = DiffResultDescriptor[Netifcon]("diff_netifcons") - removed_netifcons = DiffResultDescriptor[Netifcon]("diff_netifcons") - modified_netifcons = DiffResultDescriptor[ModifiedNetifcon]("diff_netifcons") - def diff_netifcons(self) -> None: """Generate the difference in netifcons between the policies.""" @@ -65,6 +61,10 @@ def diff_netifcons(self) -> None: self.modified_netifcons.append(ModifiedNetifcon( left_netifcon, added_context, removed_context, added_packet, removed_packet)) + added_netifcons = DiffResultDescriptor[Netifcon](diff_netifcons) + removed_netifcons = DiffResultDescriptor[Netifcon](diff_netifcons) + modified_netifcons = DiffResultDescriptor[ModifiedNetifcon](diff_netifcons) + # # Internal functions # diff --git a/setools/diff/nodecon.py b/setools/diff/nodecon.py index e525422e..b0858770 100644 --- a/setools/diff/nodecon.py +++ b/setools/diff/nodecon.py @@ -26,10 +26,6 @@ class NodeconsDifference(Difference): """Determine the difference in nodecons between two policies.""" - added_nodecons = DiffResultDescriptor[Nodecon]("diff_nodecons") - removed_nodecons = DiffResultDescriptor[Nodecon]("diff_nodecons") - modified_nodecons = DiffResultDescriptor[ModifiedNodecon]("diff_nodecons") - def diff_nodecons(self) -> None: """Generate the difference in nodecons between the policies.""" @@ -50,6 +46,10 @@ def diff_nodecons(self) -> None: right_nodecon.context, left_nodecon.context)) + added_nodecons = DiffResultDescriptor[Nodecon](diff_nodecons) + removed_nodecons = DiffResultDescriptor[Nodecon](diff_nodecons) + modified_nodecons = DiffResultDescriptor[ModifiedNodecon](diff_nodecons) + # # Internal functions # diff --git a/setools/diff/objclass.py b/setools/diff/objclass.py index 14e88cc5..3946fd4c 100644 --- a/setools/diff/objclass.py +++ b/setools/diff/objclass.py @@ -51,10 +51,6 @@ class ObjClassDifference(Difference): between two policies. """ - added_classes = DiffResultDescriptor[ObjClass]("diff_classes") - removed_classes = DiffResultDescriptor[ObjClass]("diff_classes") - modified_classes = DiffResultDescriptor[ModifiedObjClass]("diff_classes") - def diff_classes(self) -> None: """Generate the difference in object classes between the policies.""" @@ -89,6 +85,10 @@ def diff_classes(self) -> None: removed_perms, matched_perms)) + added_classes = DiffResultDescriptor[ObjClass](diff_classes) + removed_classes = DiffResultDescriptor[ObjClass](diff_classes) + modified_classes = DiffResultDescriptor[ModifiedObjClass](diff_classes) + # # Internal functions # diff --git a/setools/diff/polcap.py b/setools/diff/polcap.py index 9faf2ac6..67e31e69 100644 --- a/setools/diff/polcap.py +++ b/setools/diff/polcap.py @@ -12,9 +12,6 @@ class PolCapsDifference(Difference): """Determine the difference in polcaps between two policies.""" - added_polcaps = DiffResultDescriptor[policyrep.PolicyCapability]("diff_polcaps") - removed_polcaps = DiffResultDescriptor[policyrep.PolicyCapability]("diff_polcaps") - def diff_polcaps(self) -> None: """Generate the difference in polcaps between the policies.""" @@ -25,6 +22,9 @@ def diff_polcaps(self) -> None: (SymbolWrapper(n) for n in self.left_policy.polcaps()), (SymbolWrapper(n) for n in self.right_policy.polcaps())) + added_polcaps = DiffResultDescriptor[policyrep.PolicyCapability](diff_polcaps) + removed_polcaps = DiffResultDescriptor[policyrep.PolicyCapability](diff_polcaps) + # # Internal functions # diff --git a/setools/diff/portcon.py b/setools/diff/portcon.py index 8f842c8d..9bc97010 100644 --- a/setools/diff/portcon.py +++ b/setools/diff/portcon.py @@ -25,10 +25,6 @@ class PortconsDifference(Difference): """Determine the difference in portcons between two policies.""" - added_portcons = DiffResultDescriptor[Portcon]("diff_portcons") - removed_portcons = DiffResultDescriptor[Portcon]("diff_portcons") - modified_portcons = DiffResultDescriptor[ModifiedPortcon]("diff_portcons") - def diff_portcons(self) -> None: """Generate the difference in portcons between the policies.""" @@ -49,6 +45,10 @@ def diff_portcons(self) -> None: right_portcon.context, left_portcon.context)) + added_portcons = DiffResultDescriptor[Portcon](diff_portcons) + removed_portcons = DiffResultDescriptor[Portcon](diff_portcons) + modified_portcons = DiffResultDescriptor[ModifiedPortcon](diff_portcons) + # # Internal functions # diff --git a/setools/diff/properties.py b/setools/diff/properties.py index 91c469a5..9a309ddf 100644 --- a/setools/diff/properties.py +++ b/setools/diff/properties.py @@ -30,8 +30,6 @@ class PropertiesDifference(Difference): (unknown permissions, MLS, etc.) between two policies. """ - modified_properties = DiffResultDescriptor[ModifiedProperty]("diff_properties") - def diff_properties(self) -> None: self.modified_properties = list[ModifiedProperty]() @@ -53,6 +51,8 @@ def diff_properties(self) -> None: self.right_policy.version, self.left_policy.version)) + modified_properties = DiffResultDescriptor[ModifiedProperty](diff_properties) + # # Internal functions # diff --git a/setools/diff/rbacrules.py b/setools/diff/rbacrules.py index 814c955c..c3736c06 100644 --- a/setools/diff/rbacrules.py +++ b/setools/diff/rbacrules.py @@ -30,18 +30,6 @@ class RBACRulesDifference(Difference): """Determine the difference in RBAC rules between two policies.""" - added_role_allows = DiffResultDescriptor[RoleAllow]("diff_role_allows") - removed_role_allows = DiffResultDescriptor[RoleAllow]("diff_role_allows") - # role allows cannot be modified, only added/removed - - added_role_transitions = DiffResultDescriptor[RoleTransition]("diff_role_transitions") - removed_role_transitions = DiffResultDescriptor[RoleTransition]("diff_role_transitions") - modified_role_transitions = DiffResultDescriptor[ModifiedRBACRule]("diff_role_transitions") - - # Lists of rules for each policy - _left_rbac_rules: RuleList[RBACRuletype, AnyRBACRule] = None - _right_rbac_rules: RuleList[RBACRuletype, AnyRBACRule] = None - def diff_role_allows(self) -> None: """Generate the difference in role allow rules between the policies.""" @@ -90,6 +78,18 @@ def diff_role_transitions(self) -> None: self.removed_role_transitions = removed self.modified_role_transitions = modified + added_role_allows = DiffResultDescriptor[RoleAllow](diff_role_allows) + removed_role_allows = DiffResultDescriptor[RoleAllow](diff_role_allows) + # role allows cannot be modified, only added/removed + + added_role_transitions = DiffResultDescriptor[RoleTransition](diff_role_transitions) + removed_role_transitions = DiffResultDescriptor[RoleTransition](diff_role_transitions) + modified_role_transitions = DiffResultDescriptor[ModifiedRBACRule](diff_role_transitions) + + # Lists of rules for each policy + _left_rbac_rules: RuleList[RBACRuletype, AnyRBACRule] = None + _right_rbac_rules: RuleList[RBACRuletype, AnyRBACRule] = None + # # Internal functions # diff --git a/setools/diff/roles.py b/setools/diff/roles.py index 8642c149..1c754413 100644 --- a/setools/diff/roles.py +++ b/setools/diff/roles.py @@ -46,10 +46,6 @@ class RolesDifference(Difference): """Determine the difference in roles between two policies.""" - added_roles = DiffResultDescriptor[Role]("diff_roles") - removed_roles = DiffResultDescriptor[Role]("diff_roles") - modified_roles = DiffResultDescriptor[ModifiedRole]("diff_roles") - def diff_roles(self) -> None: """Generate the difference in roles between the policies.""" @@ -76,6 +72,10 @@ def diff_roles(self) -> None: removed_types, matched_types)) + added_roles = DiffResultDescriptor[Role](diff_roles) + removed_roles = DiffResultDescriptor[Role](diff_roles) + modified_roles = DiffResultDescriptor[ModifiedRole](diff_roles) + # # Internal functions # diff --git a/setools/diff/terules.py b/setools/diff/terules.py index d2651720..50916e16 100644 --- a/setools/diff/terules.py +++ b/setools/diff/terules.py @@ -421,59 +421,59 @@ class TERulesDifference(Difference): """ diff_allows = av_diff_template(policyrep.TERuletype.allow) - added_allows = DiffResultDescriptor[policyrep.AVRule]("diff_allows") - removed_allows = DiffResultDescriptor[policyrep.AVRule]("diff_allows") - modified_allows = DiffResultDescriptor[ModifiedAVRule]("diff_allows") + added_allows = DiffResultDescriptor[policyrep.AVRule](diff_allows) + removed_allows = DiffResultDescriptor[policyrep.AVRule](diff_allows) + modified_allows = DiffResultDescriptor[ModifiedAVRule](diff_allows) diff_auditallows = av_diff_template(policyrep.TERuletype.auditallow) - added_auditallows = DiffResultDescriptor[policyrep.AVRule]("diff_auditallows") - removed_auditallows = DiffResultDescriptor[policyrep.AVRule]("diff_auditallows") - modified_auditallows = DiffResultDescriptor[ModifiedAVRule]("diff_auditallows") + added_auditallows = DiffResultDescriptor[policyrep.AVRule](diff_auditallows) + removed_auditallows = DiffResultDescriptor[policyrep.AVRule](diff_auditallows) + modified_auditallows = DiffResultDescriptor[ModifiedAVRule](diff_auditallows) diff_neverallows = av_diff_template(policyrep.TERuletype.neverallow) - added_neverallows = DiffResultDescriptor[policyrep.AVRule]("diff_neverallows") - removed_neverallows = DiffResultDescriptor[policyrep.AVRule]("diff_neverallows") - modified_neverallows = DiffResultDescriptor[ModifiedAVRule]("diff_neverallows") + added_neverallows = DiffResultDescriptor[policyrep.AVRule](diff_neverallows) + removed_neverallows = DiffResultDescriptor[policyrep.AVRule](diff_neverallows) + modified_neverallows = DiffResultDescriptor[ModifiedAVRule](diff_neverallows) diff_dontaudits = av_diff_template(policyrep.TERuletype.dontaudit) - added_dontaudits = DiffResultDescriptor[policyrep.AVRule]("diff_dontaudits") - removed_dontaudits = DiffResultDescriptor[policyrep.AVRule]("diff_dontaudits") - modified_dontaudits = DiffResultDescriptor[ModifiedAVRule]("diff_dontaudits") + added_dontaudits = DiffResultDescriptor[policyrep.AVRule](diff_dontaudits) + removed_dontaudits = DiffResultDescriptor[policyrep.AVRule](diff_dontaudits) + modified_dontaudits = DiffResultDescriptor[ModifiedAVRule](diff_dontaudits) diff_allowxperms = avx_diff_template(policyrep.TERuletype.allowxperm) - added_allowxperms = DiffResultDescriptor[policyrep.AVRuleXperm]("diff_allowxperms") - removed_allowxperms = DiffResultDescriptor[policyrep.AVRuleXperm]("diff_allowxperms") - modified_allowxperms = DiffResultDescriptor[ModifiedAVRuleXperm]("diff_allowxperms") + added_allowxperms = DiffResultDescriptor[policyrep.AVRuleXperm](diff_allowxperms) + removed_allowxperms = DiffResultDescriptor[policyrep.AVRuleXperm](diff_allowxperms) + modified_allowxperms = DiffResultDescriptor[ModifiedAVRuleXperm](diff_allowxperms) diff_auditallowxperms = avx_diff_template(policyrep.TERuletype.auditallowxperm) - added_auditallowxperms = DiffResultDescriptor[policyrep.AVRuleXperm]("diff_auditallowxperms") - removed_auditallowxperms = DiffResultDescriptor[policyrep.AVRuleXperm]("diff_auditallowxperms") - modified_auditallowxperms = DiffResultDescriptor[ModifiedAVRuleXperm]("diff_auditallowxperms") + added_auditallowxperms = DiffResultDescriptor[policyrep.AVRuleXperm](diff_auditallowxperms) + removed_auditallowxperms = DiffResultDescriptor[policyrep.AVRuleXperm](diff_auditallowxperms) + modified_auditallowxperms = DiffResultDescriptor[ModifiedAVRuleXperm](diff_auditallowxperms) diff_neverallowxperms = avx_diff_template(policyrep.TERuletype.neverallowxperm) - added_neverallowxperms = DiffResultDescriptor[policyrep.AVRuleXperm]("diff_neverallowxperms") - removed_neverallowxperms = DiffResultDescriptor[policyrep.AVRuleXperm]("diff_neverallowxperms") - modified_neverallowxperms = DiffResultDescriptor[ModifiedAVRuleXperm]("diff_neverallowxperms") + added_neverallowxperms = DiffResultDescriptor[policyrep.AVRuleXperm](diff_neverallowxperms) + removed_neverallowxperms = DiffResultDescriptor[policyrep.AVRuleXperm](diff_neverallowxperms) + modified_neverallowxperms = DiffResultDescriptor[ModifiedAVRuleXperm](diff_neverallowxperms) diff_dontauditxperms = avx_diff_template(policyrep.TERuletype.dontauditxperm) - added_dontauditxperms = DiffResultDescriptor[policyrep.AVRuleXperm]("diff_dontauditxperms") - removed_dontauditxperms = DiffResultDescriptor[policyrep.AVRuleXperm]("diff_dontauditxperms") - modified_dontauditxperms = DiffResultDescriptor[ModifiedAVRuleXperm]("diff_dontauditxperms") + added_dontauditxperms = DiffResultDescriptor[policyrep.AVRuleXperm](diff_dontauditxperms) + removed_dontauditxperms = DiffResultDescriptor[policyrep.AVRuleXperm](diff_dontauditxperms) + modified_dontauditxperms = DiffResultDescriptor[ModifiedAVRuleXperm](diff_dontauditxperms) diff_type_transitions = te_diff_template(policyrep.TERuletype.type_transition) - added_type_transitions = DiffResultDescriptor[policyrep.TERule]("diff_type_transitions") - removed_type_transitions = DiffResultDescriptor[policyrep.TERule]("diff_type_transitions") - modified_type_transitions = DiffResultDescriptor[ModifiedTERule]("diff_type_transitions") + added_type_transitions = DiffResultDescriptor[policyrep.TERule](diff_type_transitions) + removed_type_transitions = DiffResultDescriptor[policyrep.TERule](diff_type_transitions) + modified_type_transitions = DiffResultDescriptor[ModifiedTERule](diff_type_transitions) diff_type_changes = te_diff_template(policyrep.TERuletype.type_change) - added_type_changes = DiffResultDescriptor[policyrep.TERule]("diff_type_changes") - removed_type_changes = DiffResultDescriptor[policyrep.TERule]("diff_type_changes") - modified_type_changes = DiffResultDescriptor[ModifiedTERule]("diff_type_changes") + added_type_changes = DiffResultDescriptor[policyrep.TERule](diff_type_changes) + removed_type_changes = DiffResultDescriptor[policyrep.TERule](diff_type_changes) + modified_type_changes = DiffResultDescriptor[ModifiedTERule](diff_type_changes) diff_type_members = te_diff_template(policyrep.TERuletype.type_member) - added_type_members = DiffResultDescriptor[policyrep.TERule]("diff_type_members") - removed_type_members = DiffResultDescriptor[policyrep.TERule]("diff_type_members") - modified_type_members = DiffResultDescriptor[ModifiedTERule]("diff_type_members") + added_type_members = DiffResultDescriptor[policyrep.TERule](diff_type_members) + removed_type_members = DiffResultDescriptor[policyrep.TERule](diff_type_members) + modified_type_members = DiffResultDescriptor[ModifiedTERule](diff_type_members) _left_te_rules: RuleList[policyrep.TERuletype, policyrep.AnyTERule] = None _right_te_rules: RuleList[policyrep.TERuletype, policyrep.AnyTERule] = None diff --git a/setools/diff/typeattr.py b/setools/diff/typeattr.py index 66bdc9ce..376d67e6 100644 --- a/setools/diff/typeattr.py +++ b/setools/diff/typeattr.py @@ -45,10 +45,6 @@ class TypeAttributesDifference(Difference): """Determine the difference in type attributes between two policies.""" - added_type_attributes = DiffResultDescriptor[TypeAttribute]("diff_type_attributes") - removed_type_attributes = DiffResultDescriptor[TypeAttribute]("diff_type_attributes") - modified_type_attributes = DiffResultDescriptor[ModifiedTypeAttribute]("diff_type_attributes") - def diff_type_attributes(self) -> None: """Generate the difference in type attributes between the policies.""" @@ -74,6 +70,10 @@ def diff_type_attributes(self) -> None: self.modified_type_attributes.append(ModifiedTypeAttribute( left_attribute, added_types, removed_types, matched_types)) + added_type_attributes = DiffResultDescriptor[TypeAttribute](diff_type_attributes) + removed_type_attributes = DiffResultDescriptor[TypeAttribute](diff_type_attributes) + modified_type_attributes = DiffResultDescriptor[ModifiedTypeAttribute](diff_type_attributes) + # # Internal functions # diff --git a/setools/diff/types.py b/setools/diff/types.py index 6526d284..68d8d592 100644 --- a/setools/diff/types.py +++ b/setools/diff/types.py @@ -66,10 +66,6 @@ class TypesDifference(Difference): """Determine the difference in types between two policies.""" - added_types = DiffResultDescriptor[Type]("diff_types") - removed_types = DiffResultDescriptor[Type]("diff_types") - modified_types = DiffResultDescriptor[ModifiedType]("diff_types") - def diff_types(self) -> None: """Generate the difference in types between the policies.""" @@ -110,6 +106,10 @@ def diff_types(self) -> None: removed_aliases, matched_aliases)) + added_types = DiffResultDescriptor[Type](diff_types) + removed_types = DiffResultDescriptor[Type](diff_types) + modified_types = DiffResultDescriptor[ModifiedType](diff_types) + # # Internal functions # diff --git a/setools/diff/users.py b/setools/diff/users.py index 1e4f8e00..de2747b7 100644 --- a/setools/diff/users.py +++ b/setools/diff/users.py @@ -52,10 +52,6 @@ class UsersDifference(Difference): """Determine the difference in users between two policies.""" - added_users = DiffResultDescriptor[User]("diff_users") - removed_users = DiffResultDescriptor[User]("diff_users") - modified_users = DiffResultDescriptor[ModifiedUser]("diff_users") - def diff_users(self) -> None: """Generate the difference in users between the policies.""" @@ -137,6 +133,10 @@ def diff_users(self) -> None: added_range, removed_range)) + added_users = DiffResultDescriptor[User](diff_users) + removed_users = DiffResultDescriptor[User](diff_users) + modified_users = DiffResultDescriptor[ModifiedUser](diff_users) + # # Internal functions #