diff --git a/src/maat_config_monitor.c b/src/maat_config_monitor.c index a28bfaf..88c9999 100644 --- a/src/maat_config_monitor.c +++ b/src/maat_config_monitor.c @@ -373,6 +373,11 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff) */ cJSON *tmp_rule = NULL; cJSON_ArrayForEach(tmp_rule, rules) { + cJSON *priority_obj = cJSON_GetObjectItem(tmp_rule, "priority"); + if (priority_obj == NULL) { + cJSON_AddNumberToObject(tmp_rule, "priority", 1000); + } + cJSON *tmp_and_condition = NULL; cJSON *condition_array = cJSON_GetObjectItem(tmp_rule, "and_conditions"); cJSON_ArrayForEach(tmp_and_condition, condition_array) { diff --git a/src/maat_rule.c b/src/maat_rule.c index 56fa48e..0f7320d 100644 --- a/src/maat_rule.c +++ b/src/maat_rule.c @@ -42,13 +42,6 @@ struct rule_schema { struct log_handle *logger; }; -struct rule_item { - int condition_num; - uuid_t rule_uuid; - char *table_line; - size_t table_line_len; -}; - struct condition_query_key { uuid_t object_uuid; char field_name[MAX_FIELD_NAME_LEN]; @@ -131,9 +124,9 @@ struct rule_sort_para { struct maat_rule { uint32_t magic_num; int condition_num; + int ptiority; int table_id; uuid_t rule_uuid; - void *user_data; // rule_item struct rule_condition conditions[MAX_ITEMS_PER_BOOL_EXPR]; }; @@ -161,26 +154,10 @@ static UT_icd ut_object_uuid_icd = {sizeof(uuid_t), NULL, NULL, NULL}; static UT_icd ut_maat_item_icd = {sizeof(struct maat_item), NULL, NULL, NULL}; static UT_icd ut_hit_path_icd = {sizeof(struct internal_hit_path), NULL, NULL, NULL}; -static void rule_item_free(struct rule_item *item) -{ - item->condition_num = 0; - - if (item->table_line != NULL) { - FREE(item->table_line); - } - - FREE(item); -} - static void maat_rule_free(struct maat_rule *rule) { struct rule_condition *condition = NULL; - if (rule->user_data != NULL) { - rule_item_free(rule->user_data); - rule->user_data = NULL; - } - for (int i = 0; i < MAX_ITEMS_PER_BOOL_EXPR; i++) { condition = rule->conditions + i; @@ -232,9 +209,45 @@ static int validate_table_not_condition(struct rule_runtime *rule_rt, return 0; } +static int rule_accept_tag_match(struct rule_schema *schema, const char *line, + const char *table_name, struct log_handle *logger) +{ + size_t n_tag = table_manager_accept_tags_count(schema->ref_tbl_mgr); + cJSON *tmp_obj = NULL; + cJSON *table_json = cJSON_Parse(line); + int ret = TAG_MATCH_MATCHED; + + tmp_obj = cJSON_GetObjectItem(table_json, "effective_range"); + + if ((tmp_obj && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) { + char *tag_str = cJSON_Print(tmp_obj); + ret = table_manager_accept_tags_match(schema->ref_tbl_mgr, tag_str); + FREE(tag_str); + if (TAG_MATCH_ERR == ret) { + log_fatal(logger, MODULE_RULE, + "[%s:%d] table: <%s> has invalid tag format in line:%s", + __FUNCTION__, __LINE__, table_name, line); + goto END; + } + + if (TAG_MATCH_UNMATCHED == ret) { + log_fatal(logger, MODULE_RULE, + "[%s:%d] table: <%s> has unmatched tag in line:%s", + __FUNCTION__, __LINE__, table_name, line); + goto END; + } + } + +END: + if (table_json) { + cJSON_Delete(table_json); + } + + return ret; +} + static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule_schema *schema, - const char *table_name, uuid_t rule_uuid, - const char *table_line, struct rule_item *rule_item) + const char *table_name, uuid_t rule_uuid, const char *table_line) { struct maat_rule *rule = ALLOC(struct maat_rule, 1); struct log_handle *logger = rule_rt->logger; @@ -250,10 +263,25 @@ static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule goto error; } + int ret = rule_accept_tag_match(schema, table_line, table_name, logger); + if (ret == TAG_MATCH_UNMATCHED) { + goto error; + } + + rule->table_id = table_id; rule->magic_num = MAAT_RULE_MAGIC; uuid_copy(rule->rule_uuid, rule_uuid); + tmp_obj = cJSON_GetObjectItem(table_json, "priority"); + if (tmp_obj == NULL || tmp_obj->type != cJSON_Number) { + log_fatal(logger, MODULE_RULE, + "[%s:%d] table: <%s> has no priority or not number format", + __FUNCTION__, __LINE__, table_name); + goto error; + } + rule->ptiority = tmp_obj->valueint; + for(int i = 0; i < MAX_ITEMS_PER_BOOL_EXPR; i++) { utarray_new(rule->conditions[i].literals, &ut_condition_literal_icd); rule->conditions[i].in_use = 0; @@ -346,9 +374,6 @@ static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule condition->in_use = 1; } - rule_item->condition_num = rule->condition_num; - rule->user_data = rule_item; - if (table_json) { cJSON_Delete(table_json); } @@ -367,78 +392,6 @@ error: return NULL; } -static int rule_accept_tag_match(struct rule_schema *schema, const char *line, - const char *table_name, struct log_handle *logger) -{ - size_t n_tag = table_manager_accept_tags_count(schema->ref_tbl_mgr); - cJSON *tmp_obj = NULL; - cJSON *table_json = cJSON_Parse(line); - int ret = TAG_MATCH_MATCHED; - - tmp_obj = cJSON_GetObjectItem(table_json, "effective_range"); - - if ((tmp_obj && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) { - char *tag_str = cJSON_Print(tmp_obj); - ret = table_manager_accept_tags_match(schema->ref_tbl_mgr, tag_str); - FREE(tag_str); - if (TAG_MATCH_ERR == ret) { - log_fatal(logger, MODULE_RULE, - "[%s:%d] table: <%s> has invalid tag format in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto END; - } - - if (TAG_MATCH_UNMATCHED == ret) { - log_fatal(logger, MODULE_RULE, - "[%s:%d] table: <%s> has unmatched tag in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto END; - } - } - -END: - if (table_json) { - cJSON_Delete(table_json); - } - - return ret; -} - -static struct rule_item *rule_item_new(const char *table_line, struct rule_schema *schema, - const char *table_name, struct log_handle *logger) -{ - int ret = rule_accept_tag_match(schema, table_line, table_name, logger); - if (ret == TAG_MATCH_UNMATCHED) { - return NULL; - } - - cJSON *tmp_obj = NULL; - struct rule_item *rule_item = ALLOC(struct rule_item, 1); - cJSON *table_json = cJSON_Parse(table_line); - - tmp_obj = cJSON_GetObjectItem(table_json, "uuid"); - if (tmp_obj == NULL && tmp_obj->type != cJSON_String) { - log_fatal(logger, MODULE_RULE, - "[%s:%d] table: <%s> has no rule_id or not string format in line:%s", - __FUNCTION__, __LINE__, table_name, table_line); - goto error; - } - uuid_parse(tmp_obj->valuestring, rule_item->rule_uuid); - - rule_item->table_line_len = strlen(table_line); - rule_item->table_line = ALLOC(char, rule_item->table_line_len + 1); - memcpy(rule_item->table_line, table_line, rule_item->table_line_len); - - cJSON_Delete(table_json); - return rule_item; -error: - if (table_json) { - cJSON_Delete(table_json); - } - FREE(rule_item); - return NULL; -} - static void rcu_rule_cfg_free(void *user_ctx, void *data) { struct maat_rule *rule = (struct maat_rule *)data; @@ -805,8 +758,8 @@ maat_rule_bool_matcher_match(struct rule_runtime *rule_rt, continue; } - if (rule->user_data != NULL) { - user_data_array[ud_result_cnt] = rule->user_data; + if (rule != NULL) { + user_data_array[ud_result_cnt] = rule; ud_result_cnt++; } } @@ -1106,13 +1059,13 @@ size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id, int bool_match_ret = bool_matcher_match(rule_rt->bm, (unsigned long long *)utarray_eltptr(rule_compile_state->all_hit_conditions, 0), - utarray_len(rule_compile_state->all_hit_conditions), expr_match, MAX_HIT_RULE_NUM); + utarray_len(rule_compile_state->all_hit_conditions), expr_match, MAX_HIT_RULE_NUM);//TODO: maat_state_compile for (int idx = 0; idx < bool_match_ret; idx++) { rule = (struct maat_rule *)expr_match[idx].user_tag; assert(rule->magic_num == MAAT_RULE_MAGIC); assert(uuid_compare(rule->rule_uuid, expr_match[idx].expr_uuid) == 0); - if (0 == rule->condition_num || NULL == rule->user_data) { + if (0 == rule->condition_num) { continue; } @@ -1263,14 +1216,13 @@ int rule_runtime_update_rule_exdata(struct rule_runtime *rule_rt, if (NULL == json) { log_debug(rule_rt->logger, MODULE_RULE, "[%s:%d]parse row failed when updating rule exdata, row:%s", __FUNCTION__, __LINE__, row); - return -1; + goto ERROR; } cJSON *uuid_obj = cJSON_GetObjectItem(json, "uuid"); if (NULL == uuid_obj) { log_debug(rule_rt->logger, MODULE_RULE, "[%s:%d]get uuid failed when updating rule exdata, row:%s", __FUNCTION__, __LINE__, row); - cJSON_Delete(json); - return -1; + goto ERROR; } uuid_t key; @@ -1283,7 +1235,7 @@ int rule_runtime_update_rule_exdata(struct rule_runtime *rule_rt, // delete ret = ex_data_runtime_del_ex_container(rule_rt->ex_data_rt, (char*)&key, key_len); if (ret < 0) { - return -1; + goto ERROR; } } else { // add @@ -1298,7 +1250,8 @@ int rule_runtime_update_rule_exdata(struct rule_runtime *rule_rt, "key:%s", __FUNCTION__, __LINE__, table_name, key); ex_container_free(rule_rt->ex_data_rt, ex_container); //don't return failed, ignore the case of adding duplicate keys - return 0; + ret = 0; + goto ERROR; } } } @@ -1308,7 +1261,14 @@ int rule_runtime_update_rule_exdata(struct rule_runtime *rule_rt, rule_rt->exdata_num = ex_data_runtime_cached_row_count(rule_rt->ex_data_rt); } + cJSON_Delete(json); + return 0; +ERROR: + if (json != NULL) { + cJSON_Delete(json); + } + return ret; } int rule_runtime_commit_exdata(void *rule_runtime, const char *table_name, @@ -1371,11 +1331,6 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt, const char *line, struct log_handle *logger) { struct maat_rule *rule = NULL; - struct rule_item *rule_item = rule_item_new(line, schema, table_name, - rule_rt->logger); - if (NULL == rule_item) { - goto ERROR; - } int table_id = table_manager_get_table_id(schema->ref_tbl_mgr, table_name); if (table_id < 0) { @@ -1402,7 +1357,7 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt, goto ERROR; } - rule = maat_rule_new(rule_rt, schema, table_name, *rule_uuid, line, rule_item); + rule = maat_rule_new(rule_rt, schema, table_name, *rule_uuid, line); if (NULL == rule) { log_fatal(logger, MODULE_RULE, "[%s:%d]maat_rule_new failed, drop line:%s", @@ -1415,10 +1370,6 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt, return 0; ERROR: - if (rule_item != NULL) { - rule_item_free(rule_item); - } - return -1; } @@ -1643,41 +1594,25 @@ long long rule_runtime_update_err_count(void *rule_runtime) return rule_rt->update_err_cnt; } -static int rule_sort_para_compare(const struct rule_sort_para *a, - const struct rule_sort_para *b) +static int compare_rule(const void *a, const void *b) { - //If rule rule's execute sequences are not specified or equal. - if (a->condition_num != b->condition_num) { - return (a->condition_num - b->condition_num); + const struct maat_rule *ra = *(const struct maat_rule **)a; + const struct maat_rule *rb = *(const struct maat_rule **)b; + + if (ra->ptiority != rb->ptiority) { + return (ra->ptiority - rb->ptiority); + } else if (ra->condition_num != rb->condition_num) { + return (rb->condition_num - ra->condition_num); } else { - return uuid_compare(b->rule_uuid, a->rule_uuid); + return uuid_compare(rb->rule_uuid, ra->rule_uuid); } } -static void rule_sort_para_set(struct rule_sort_para *para, - const struct rule_item *item) -{ - uuid_copy(para->rule_uuid, item->rule_uuid); - para->condition_num = item->condition_num; -} - -static int compare_rule_item(const void *a, const void *b) -{ - const struct rule_item *ra = *(const struct rule_item **)a; - const struct rule_item *rb = *(const struct rule_item **)b; - - struct rule_sort_para sa, sb; - rule_sort_para_set(&sa, ra); - rule_sort_para_set(&sb, rb); - - return rule_sort_para_compare(&sa, &sb); -} - int rule_runtime_match(int table_id, struct rule_runtime *rule_rt, uuid_t *rule_uuids, size_t rule_ids_size, struct maat_state *state) { struct rule_compile_state *rule_compile_state = state->rule_compile_state; - struct rule_item *rule_items[rule_ids_size]; + struct maat_rule *rules[rule_ids_size]; int clear_scan_not_obj_flag = 0; utarray_clear(rule_compile_state->all_hit_conditions); @@ -1765,15 +1700,15 @@ int rule_runtime_match(int table_id, struct rule_runtime *rule_rt, uuid_t *rule_ size_t bool_match_ret = maat_rule_bool_matcher_match(rule_rt, rule_compile_state, state->thread_id, - (void **)rule_items, + (void **)rules, rule_ids_size); if (bool_match_ret > 0) { - qsort(rule_items, bool_match_ret, sizeof(struct rule_item *), - compare_rule_item); + qsort(rules, bool_match_ret, sizeof(struct maat_rule *), + compare_rule); } for (size_t i = 0; i < bool_match_ret; i++) { - uuid_copy(rule_uuids[i], rule_items[i]->rule_uuid); + uuid_copy(rule_uuids[i], rules[i]->rule_uuid); } return MIN(bool_match_ret, rule_ids_size); diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 20789b5..9b01196 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -18,6 +18,7 @@ #define ARRAY_SIZE 10 #define HIT_PATH_SIZE 128 #define WAIT_FOR_EFFECTIVE_S 2 +#define RULE_PRIORITY_DEFAULT 1000 const char *g_table_info_path = "./table_info.json"; const char *g_json_filename = "maat_json.json"; @@ -51,7 +52,8 @@ static int test_add_expr_command(struct maat *maat_inst, const char *expr_table, and_condition->or_conditions[0].object_uuids_str[0] = object_uuid_str; and_condition->or_conditions[0].object_num = 1; ret = rule_table_set_line(maat_inst, "RULE_DEFAULT", MAAT_OP_ADD, - rule_uuid_str, and_condition, 1, NULL, timeout); + rule_uuid_str, and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, timeout); EXPECT_EQ(ret, 1); return ret; @@ -755,7 +757,8 @@ TEST_P(StringScan, BackslashR_N_Escape_IncUpdate) { and_condition.or_conditions[0].object_uuids_str[0] = object_uuid_str; and_condition.or_conditions[0].object_num = 1; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule_uuid_str, &and_condition, 1, NULL, 0); + rule_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 3); @@ -1008,9 +1011,9 @@ TEST_P(StringScan, PrefixAndSuffix) { EXPECT_EQ(n_hit_result, 2); char uuid_str[UUID_STR_LEN] = {0}; uuid_unparse(results[0], uuid_str); - EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000151"); - uuid_unparse(results[1], uuid_str); EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000152"); + uuid_unparse(results[1], uuid_str); + EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000151"); maat_state_reset(state); ret = maat_scan_string(maat_inst, mail_addr_table_name, mail_addr_field_name, hit_suffix, @@ -1040,9 +1043,9 @@ TEST_P(StringScan, PrefixAndSuffix) { n_hit_result = maat_state_compile(state, default_rule_table_name, results, exdata_array, ARRAY_SIZE); EXPECT_EQ(n_hit_result, 2); uuid_unparse(results[0], uuid_str); - EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000151"); - uuid_unparse(results[1], uuid_str); EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000152"); + uuid_unparse(results[1], uuid_str); + EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000151"); maat_state_free(state); state = NULL; @@ -1696,7 +1699,8 @@ TEST_P(StringScan, dynamic_config) { and_condition.or_conditions[0].object_num = 1; and_condition.or_conditions[0].object_uuids_str[0] = object_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule_uuid_str, &and_condition, 1, NULL, 0); + rule_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 3); @@ -1721,7 +1725,8 @@ TEST_P(StringScan, dynamic_config) { /* rule table del line */ ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, - rule_uuid_str, &and_condition, 1, NULL, 0); + rule_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -2332,7 +2337,8 @@ TEST_F(IPScan, RuleUpdates) { and_condition.or_conditions[0].object_uuids_str[0] = object_uuid_str; and_condition.or_conditions[0].field_name = field_name; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule_uuid_str, &and_condition, 1, NULL, 0); + rule_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -2357,7 +2363,8 @@ TEST_F(IPScan, RuleUpdates) { /* rule table del line */ ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, - rule_uuid_str, &and_condition, 1, NULL, 0); + rule_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -5537,14 +5544,14 @@ TEST_F(Policy, EvaluationOrder) { EXPECT_EQ(n_hit_result, 3); char uuid_str[UUID_STR_LEN] = {0}; uuid_unparse(results[0], uuid_str); - EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000166"); - - uuid_unparse(results[1], uuid_str); EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000168"); - uuid_unparse(results[2], uuid_str); + uuid_unparse(results[1], uuid_str); EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000167"); + uuid_unparse(results[2], uuid_str); + EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000166"); + struct maat_hit_path hit_path[128]; memset(hit_path, 0, sizeof(hit_path)); size_t n_hit_path = maat_state_get_hit_paths(state, hit_path, 128); @@ -5620,8 +5627,8 @@ TEST_F(Policy, EvaluationOrder) { n_hit_result = maat_state_compile(state, default_rule_table_name, results, exdata_array, ARRAY_SIZE); EXPECT_EQ(n_hit_result, 4); - uuid_unparse(results[3], uuid_str); - EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000165"); + uuid_unparse(results[0], uuid_str); + EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000165");//higher priority maat_state_free(state); } @@ -6262,7 +6269,8 @@ TEST_F(MaatCmd, SetIP) { and_condition.or_conditions[0].object_num = 1; and_condition.or_conditions[0].object_uuids_str[0] = object_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule_uuid_str, &and_condition, 1, NULL, 0); + rule_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6339,10 +6347,10 @@ TEST_F(MaatCmd, SetExpr) { maat_state_reset(state); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, rule_uuid_str1, - &and_condition1, 1, NULL, 0); + &and_condition1, 1, NULL, RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, rule_uuid_str2, - &and_condition2, 1, NULL, 0); + &and_condition2, 1, NULL, RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6417,7 +6425,8 @@ TEST_F(MaatCmd, SetExpr8) { and_condition.or_conditions[0].object_num = 1; and_condition.or_conditions[0].object_uuids_str[0] = object_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule_uuid_str, &and_condition, 1, NULL, 0); + rule_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6486,7 +6495,8 @@ TEST_F(MaatCmd, ObjectScan) { and_condition.or_conditions[0].object_num = 1; and_condition.or_conditions[0].object_uuids_str[0] = object_uuid_str; int ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule_uuid_str, &and_condition, 1, NULL, 0); + rule_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6553,7 +6563,8 @@ TEST_F(MaatCmd, SameFilterRefByOneRule) { and_condition[1].or_conditions[0].object_num = 1; and_condition[1].or_conditions[0].object_uuids_str[0] = object_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule_uuid_str, and_condition, 2, NULL, 0); // rule has two condition + rule_uuid_str, and_condition, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); // rule has two condition EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6608,7 +6619,7 @@ TEST_F(MaatCmd, RuleIDRecycle) { maat_state_reset(state); - rule_table_set_line(maat_inst, "RULE_DEFAULT", MAAT_OP_DEL, rule_uuid_str, &and_condition, 1, NULL, 0); + rule_table_set_line(maat_inst, "RULE_DEFAULT", MAAT_OP_DEL, rule_uuid_str, &and_condition, 1, NULL, RULE_PRIORITY_DEFAULT, 0); sleep(WAIT_FOR_EFFECTIVE_S); ret = maat_scan_string(maat_inst, table_name, field_name, scan_data, strlen(scan_data), state); @@ -6736,7 +6747,8 @@ TEST_F(MaatCmd, SubObject) { and_condition.or_conditions[0].object_num = 1; and_condition.or_conditions[0].object_uuids_str[0] = object1_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, &and_condition, 1, NULL, 0); + rule1_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); //rule2 @@ -6745,7 +6757,8 @@ TEST_F(MaatCmd, SubObject) { char rule2_uuid_str[UUID_STR_LEN] = {0}; snprintf(rule2_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", rule2_id); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule2_uuid_str, &and_condition, 1, NULL, 0); + rule2_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -6774,7 +6787,8 @@ TEST_F(MaatCmd, SubObject) { \_ X -> rule2 */ ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, - rule2_uuid_str, &and_condition, 1, NULL, 0); + rule2_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6796,12 +6810,14 @@ TEST_F(MaatCmd, SubObject) { \_ -> rule2 */ ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, - rule1_uuid_str, &and_condition, 1, NULL, 0); + rule1_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); and_condition.or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule2_uuid_str, &and_condition, 1, NULL, 0); + rule2_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6854,11 +6870,13 @@ TEST_F(MaatCmd, SubObject) { */ and_condition.or_conditions[0].object_uuids_str[0] = object1_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, &and_condition, 1, NULL, 0); + rule1_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, - rule1_uuid_str, &and_condition, 1, NULL, 0); + rule1_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6911,7 +6929,8 @@ TEST_F(MaatCmd, RefObject) { and_condition.or_conditions[0].object_num = 1; and_condition.or_conditions[0].object_uuids_str[0] = object1_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, &and_condition, 1, NULL, 0); + rule1_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -6919,14 +6938,15 @@ TEST_F(MaatCmd, RefObject) { /* item1 -> object1 -> X item2 -> object2 -> rule1 */ - rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, rule1_uuid_str, &and_condition, 1, NULL, 0); + rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, rule1_uuid_str, &and_condition, 1, NULL, RULE_PRIORITY_DEFAULT, 0); long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); char object2_uuid_str[UUID_STR_LEN] = {0}; snprintf(object2_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", object2_id); and_condition.or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, &and_condition, 1, NULL, 0); + rule1_uuid_str, &and_condition, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); @@ -7008,7 +7028,8 @@ TEST_F(MaatCmd, Field) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -7044,14 +7065,16 @@ TEST_F(MaatCmd, Field) { //delete object1 ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); and_conditions[0].negate_option = 0; and_conditions[0].or_condition_num = 1; and_conditions[0].or_conditions[0].field_name = field_resp_name; and_conditions[0].or_conditions[0].object_num = 1; and_conditions[0].or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 1, NULL, 0); + rule1_uuid_str, and_conditions, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -7353,14 +7376,16 @@ TEST_F(MaatCmd, RuleEXData) { and_condition.or_conditions[0].object_num = 1; and_condition.or_conditions[0].object_uuids_str[0] = object_uuid_str; int ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, &and_condition, 1, "test:rule1,1111", 0); + rule1_uuid_str, &and_condition, 1, "test:rule1,1111", + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); long long rule2_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); char rule2_uuid_str[UUID_STR_LEN] = {0}; snprintf(rule2_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", rule2_id); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule2_uuid_str, &and_condition, 1, "test:rule2,2222", 0); + rule2_uuid_str, &and_condition, 1, "test:rule2,2222", + RULE_PRIORITY_DEFAULT, 0); sleep(WAIT_FOR_EFFECTIVE_S); *ex_data_counter = 0; @@ -7389,6 +7414,7 @@ TEST_F(MaatCmd, RuleEXData) { uuid_unparse(results[1], uuid_str); EXPECT_STREQ(uuid_str, rule1_uuid_str); + maat_state_free(state); ASSERT_TRUE(exdata_array[0] != NULL); struct rule_ex_param *param = (struct rule_ex_param *)exdata_array[0]; @@ -7399,7 +7425,8 @@ TEST_F(MaatCmd, RuleEXData) { EXPECT_EQ(param->id, 1111); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, - rule2_uuid_str, &and_condition, 1, "test:rule2,2222", 0); + rule2_uuid_str, &and_condition, 1, "test:rule2,2222", + RULE_PRIORITY_DEFAULT, 0); sleep(WAIT_FOR_EFFECTIVE_S); EXPECT_EQ(param->id, 1111); sleep(2); @@ -7837,7 +7864,8 @@ TEST_F(MaatCmd, ObjectInMassRules) { rule_id[i] = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); snprintf(rule_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", rule_id[i]); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule_uuid_str, and_conditions, 2, "mass_rule", 0); + rule_uuid_str, and_conditions, 2, "mass_rule", + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); } @@ -7860,7 +7888,8 @@ TEST_F(MaatCmd, ObjectInMassRules) { target_and_conditions[1].or_conditions[0].object_num = 1; target_and_conditions[1].or_conditions[0].object_uuids_str[0] = object3_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - target_rule_uuid_str, target_and_conditions, 2, "null", 0); + target_rule_uuid_str, target_and_conditions, 2, "null", + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -7965,7 +7994,8 @@ TEST_F(MaatCmd, HitObject) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object21_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); /* item1 -> object1 -> rule1 @@ -8230,7 +8260,8 @@ TEST_F(MaatCmd, HitPathBasic) { and_conditions[1].or_conditions[0].object_uuids_str[0] = object21_uuid_str; snprintf(rule1_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", rule1_id); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); /* item1 -> object1 -> rule1 @@ -8570,7 +8601,8 @@ TEST_F(MaatCmd, HitPathAdvanced) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object21_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); /* item1 -> object1 -> rule1 @@ -8629,7 +8661,8 @@ TEST_F(MaatCmd, HitPathAdvanced) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object3_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule2_uuid_str, and_conditions, 2, NULL, 0); + rule2_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); @@ -8674,7 +8707,8 @@ TEST_F(MaatCmd, HitPathAdvanced) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object4_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule3_uuid_str, and_conditions, 2, NULL, 0); + rule3_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -9009,7 +9043,8 @@ TEST_F(MaatCmd, HitPathHasNotObject) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object21_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); /* !(item1 -> object1) -> rule1 @@ -9331,14 +9366,16 @@ TEST_F(MaatCmd, SameSuperObjectRefByMultiRule) { and_condition.or_conditions[0].object_num = 1; and_condition.or_conditions[0].object_uuids_str[0] = object52_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule2_uuid_str, &and_condition, 1, "HTTP_RESPONSE_HEADER", 0); + rule2_uuid_str, &and_condition, 1, "HTTP_RESPONSE_HEADER", + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); long long rule3_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); char rule3_uuid_str[UUID_STR_LEN] = {0}; snprintf(rule3_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", rule3_id); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule3_uuid_str, &and_condition, 1, "HTTP_RESPONSE_HEADER", 0); + rule3_uuid_str, &and_condition, 1, "HTTP_RESPONSE_HEADER", + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -9455,7 +9492,8 @@ TEST_F(MaatCmd, ObjectEdit) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object21_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -9582,7 +9620,8 @@ TEST_F(MaatCmd, RuleDelete_TSG6548) { and_conditions[0].or_conditions[0].object_num = 1; and_conditions[0].or_conditions[0].object_uuids_str[0] = object11_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 1, NULL, 0); + rule1_uuid_str, and_conditions, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -9610,7 +9649,8 @@ TEST_F(MaatCmd, RuleDelete_TSG6548) { EXPECT_STREQ(uuid_str, rule1_uuid_str); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, - rule1_uuid_str, and_conditions, 1, NULL, 0); + rule1_uuid_str, and_conditions, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); int hit_cnt = 0; @@ -9668,7 +9708,8 @@ TEST_F(MaatCmd, UpdateDeadLockDetection) { and_conditions[0].or_conditions[0].object_num = 1; and_conditions[0].or_conditions[0].object_uuids_str[0] = object1_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 1, NULL, 0); + rule1_uuid_str, and_conditions, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -9710,7 +9751,8 @@ TEST_F(MaatCmd, UpdateDeadLockDetection) { snprintf(rule2_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", rule2_id); and_conditions[0].or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule2_uuid_str, and_conditions, 1, NULL, 0); + rule2_uuid_str, and_conditions, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); //DON'T DO THIS!!! @@ -9763,7 +9805,8 @@ TEST_F(MaatCmd, StreamScanWhenExprTableIncUpdate) { and_conditions[0].or_conditions[0].object_num = 1; and_conditions[0].or_conditions[0].object_uuids_str[0] = object1_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 1, NULL, 0); + rule1_uuid_str, and_conditions, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -9851,7 +9894,8 @@ TEST_F(MaatCmd, StreamScanSegfaultWhenVersionRollBack_TSG6324) { and_conditions[0].or_conditions[0].object_num = 1; and_conditions[0].or_conditions[0].object_uuids_str[0] = object1_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 1, NULL, 0); + rule1_uuid_str, and_conditions, 1, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -9946,7 +9990,8 @@ TEST_F(MaatCmd, IPAndStreamScanWhenIncUpdate) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -9976,7 +10021,8 @@ TEST_F(MaatCmd, IPAndStreamScanWhenIncUpdate) { char rule2_uuid_str[UUID_STR_LEN] = {0}; snprintf(rule2_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", rule2_id); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule2_uuid_str, and_conditions, 2, NULL, 0); + rule2_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -10056,7 +10102,8 @@ TEST_F(MaatCmd, IPAndStreamScanWhenFullUpdate) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -10164,7 +10211,8 @@ TEST_F(MaatCmd, IPAndStringScanWhenIncUpdate) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -10191,7 +10239,8 @@ TEST_F(MaatCmd, IPAndStringScanWhenIncUpdate) { char rule2_uuid_str[UUID_STR_LEN] = {0}; snprintf(rule2_uuid_str, UUID_STR_LEN, "00000000-0000-0000-0000-%012lld", rule2_id); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule2_uuid_str, and_conditions, 2, NULL, 0); + rule2_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -10269,7 +10318,8 @@ TEST_F(MaatCmd, IPAndStringScanWhenFullupdate) { and_conditions[1].or_conditions[0].object_num = 1; and_conditions[1].or_conditions[0].object_uuids_str[0] = object2_uuid_str; ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, - rule1_uuid_str, and_conditions, 2, NULL, 0); + rule1_uuid_str, and_conditions, 2, NULL, + RULE_PRIORITY_DEFAULT, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); diff --git a/test/maat_json.json b/test/maat_json.json index 9206392..8e95ec1 100644 --- a/test/maat_json.json +++ b/test/maat_json.json @@ -1970,7 +1970,7 @@ "do_log": 1, "action_parameter": "EvaluationOrder", "is_valid": "yes", - "evaluation_order": "2.111", + "priority": 1, "and_conditions": [ { "field_name": "HTTP_URL", diff --git a/test/test_utils.cpp b/test/test_utils.cpp index 63cbb87..cc20618 100644 --- a/test/test_utils.cpp +++ b/test/test_utils.cpp @@ -138,7 +138,8 @@ int write_json_to_redis(const char *json_filename, char *redis_ip, int redis_por int rule_table_set_line(struct maat *maat_inst, const char *table_name, enum maat_operation op, const char *rule_uuid_str, struct maat_cmd_and_condition and_conditions[], - int condition_num, const char *action_para_str, int expire_after) + int condition_num, const char *action_para_str, + int priority, int expire_after) { cJSON *json_root = cJSON_CreateObject(); @@ -177,6 +178,8 @@ int rule_table_set_line(struct maat *maat_inst, const char *table_name, cJSON_AddStringToObject(json_root, "action_parameter", action_para_str); } + cJSON_AddNumberToObject(json_root, "priority", priority); + char *json_str = cJSON_PrintUnformatted(json_root); struct maat_cmd_line line_rule; diff --git a/test/test_utils.h b/test/test_utils.h index 1711fe5..3a94895 100644 --- a/test/test_utils.h +++ b/test/test_utils.h @@ -23,7 +23,8 @@ int write_json_to_redis(const char *json_filename, char *redis_ip, int redis_por int rule_table_set_line(struct maat *maat_inst, const char *table_name, enum maat_operation op, const char *rule_uuid_str, struct maat_cmd_and_condition and_conditions[], - int condition_num, const char *action_para_str, int expire_after); + int condition_num, const char *action_para_str, + int priority, int expire_after); int object_group_table_set_line(struct maat *maat_inst, const char *table_name, enum maat_operation op, const char *object_uuid_str,