internal: wrap calls to os standard library functions

This change helps tests stub out and simulate OS behaviour during the sealing process. This also removes dependency on XDG_RUNTIME_DIR as the internal.System implementation provided to App provides a compat directory inside the tmpdir-based share when XDG_RUNTIME_DIR is unavailable. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-10-23 21:46:21 +09:00
parent e35c5fe3ed
commit 6bc5be7e5a
16 changed files with 161 additions and 101 deletions
--- a/internal/app/share.pulse.go
+++ b/internal/app/share.pulse.go
@@ -4,9 +4,9 @@ import (
 	"errors"
 	"fmt"
 	"io/fs"
-	"os"
 	"path"

+	"git.ophivana.moe/security/fortify/internal"
 	"git.ophivana.moe/security/fortify/internal/fmsg"
 	"git.ophivana.moe/security/fortify/internal/system"
 )
@@ -25,7 +25,7 @@ var (
 	ErrPulseMode   = errors.New("unexpected pulse socket mode")
 )

-func (seal *appSeal) sharePulse() error {
+func (seal *appSeal) sharePulse(os internal.System) error {
 	if !seal.et.Has(system.EPulse) {
 		return nil
 	}
@@ -65,7 +65,7 @@ func (seal *appSeal) sharePulse() error {
 	seal.sys.bwrap.SetEnv[pulseServer] = "unix:" + p

 	// publish current user's pulse cookie for target user
-	if src, err := discoverPulseCookie(); err != nil {
+	if src, err := discoverPulseCookie(os); err != nil {
 		return err
 	} else {
 		dst := path.Join(seal.share, "pulse-cookie")
@@ -78,7 +78,7 @@ func (seal *appSeal) sharePulse() error {
 }

 // discoverPulseCookie attempts various standard methods to discover the current user's PulseAudio authentication cookie
-func discoverPulseCookie() (string, error) {
+func discoverPulseCookie(os internal.System) (string, error) {
 	if p, ok := os.LookupEnv(pulseCookie); ok {
 		return p, nil
 	}