| // Intermediate offer with one child that performs the read_only_after_scoped restriction. This |
| // verifies that realm traversal with scoping of rights is working while walking the offer chain. |
| { |
| children: [ |
| { |
| name: "use_dir_rights", |
| url: "fuchsia-pkg://fuchsia.com/rights_integration_test#meta/use_dir_rights.cm", |
| }, |
| ], |
| offer: [ |
| { |
| directory: "read_only", |
| from: "parent", |
| to: "#use_dir_rights", |
| }, |
| { |
| directory: "read_write", |
| from: "parent", |
| to: "#use_dir_rights", |
| }, |
| { |
| directory: "read_write", |
| from: "parent", |
| as: "read_write_dup", |
| to: "#use_dir_rights", |
| }, |
| |
| // This just re-declares the rights which is optional but valid. |
| { |
| directory: "read_exec", |
| from: "parent", |
| to: "#use_dir_rights", |
| rights: [ "rx*" ], |
| }, |
| { |
| directory: "read_admin", |
| from: "parent", |
| to: "#use_dir_rights", |
| }, |
| |
| // This permission is scoped from rw to r when offered to the child. |
| { |
| directory: "read_only_after_scoped", |
| from: "parent", |
| to: "#use_dir_rights", |
| rights: [ "r*" ], |
| }, |
| ], |
| expose: [ |
| { |
| protocol: "fidl.test.components.Trigger", |
| from: "#use_dir_rights", |
| }, |
| ], |
| } |
