[apparmor] [patch] Add severity() to BaseRule class

[Christian Boltz]

Hello,

this patch adds severity() to the BaseRule class

severity() will, surprise!, return the severity of a rule, or
'--' if a *Rule class doesn't implement the severity() function

Also add a test that checks the return value in BaseRule.


[ 19-baserule-add-severity.diff ]

=== modified file utils/apparmor/rule/__init__.py
--- utils/apparmor/rule/__init__.py     2015-05-24 15:09:45.053491065 +0200
+++ utils/apparmor/rule/__init__.py     2015-05-24 17:06:10.870529896 +0200
@@ -135,6 +135,12 @@
         '''compare if rule-specific variables are equal'''
         raise AppArmorBug("'%s' needs to implement is_equal_localvars(), but didn't" % (str(self)))
 
+    def severity(self, sev_db):
+        '''return severity of this rule (a number between 0 and 10, where 0 means harmless and 10 means critical),
+           or '--' if no severity check is implemented for this rule type.
+           sev_db must be an apparmor.severity.Severity object.'''
+        return '--'
+
     def modifiers_str(self):
         '''return the allow/deny and audit keyword as string, including whitespace'''
 
=== modified file utils/test/test-baserule.py
--- utils/test/test-baserule.py 2015-04-24 22:05:14.737651024 +0200
+++ utils/test/test-baserule.py 2015-05-24 17:04:12.643586340 +0200
@@ -51,6 +51,10 @@
         with self.assertRaises(AppArmorBug):
             parse_modifiers(matches)
 
+    def test_default_severity(self):
+        obj = BaseRule()
+        rank = obj.severity(None)
+        self.assertEqual(rank, '--')
 
 
 setup_all_loops(__name__)



Regards,

Christian Boltz
-- 
Argh, ich wollte heute doch gar nicht mehr siggen!
[Michael Hoffmann in dag°]