| // Copyright 2022 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| // Realm for the rights_integration_test that verifies offer filtering and rights inference is |
| // correctly working and that rights that are filtered are correctly being opened with lower |
| // privileges in the use_dir_rights child. |
| { |
| children: [ |
| { |
| name: "use_dir_rights", |
| url: "fuchsia-pkg://fuchsia.com/rights_integration_test#meta/invalid_use_dir_rights.cm", |
| }, |
| { |
| name: "expose_dir_rights", |
| url: "fuchsia-pkg://fuchsia.com/rights_integration_test#meta/expose_dir_rights.cm", |
| }, |
| ], |
| offer: [ |
| { |
| directory: "read_only", |
| from: "#expose_dir_rights", |
| to: "#use_dir_rights", |
| }, |
| { |
| directory: "read_write", |
| from: "#expose_dir_rights", |
| to: "#use_dir_rights", |
| }, |
| { |
| directory: "read_write", |
| from: "#expose_dir_rights", |
| as: "read_write_dup", |
| to: "#use_dir_rights", |
| }, |
| |
| // This just re-declares the rights which is optional but valid. |
| { |
| directory: "read_exec", |
| from: "#expose_dir_rights", |
| to: "#use_dir_rights", |
| rights: [ "rx*" ], |
| }, |
| |
| // This permission is scoped from rw to r when offered to the child. |
| { |
| directory: "read_only_after_scoped", |
| from: "#expose_dir_rights", |
| to: "#use_dir_rights", |
| rights: [ "r*" ], |
| }, |
| ], |
| expose: [ |
| { |
| protocol: "fidl.test.components.Trigger", |
| from: "#use_dir_rights", |
| }, |
| ], |
| } |