Add option to filter rules by label when listing

Redefine listRules IPC method to only return vector<Rule> and not
a RuleSet. The query parameter is reused for matching against the
label of the rule.

src/CLI/usbguard-list-rules.cpp

@@ -29,11 +29,12 @@
 
 namespace usbguard
 {
-  static const char* options_short = "hd";
+  static const char* options_short = "hdl:";
 
   static const struct ::option options_long[] = {
     { "help", no_argument, nullptr, 'h' },
     { "show-devices", no_argument, nullptr, 'd'},
+    { "label", required_argument, nullptr, 'l' },
     { nullptr, 0, nullptr, 0 }
   };
 
@@ -44,13 +45,15 @@ namespace usbguard
     stream << " Options:" << std::endl;
     stream << "  -d, --show-devices  Show all devices which are affected by the specific rule." << std::endl;
     stream << "  -h, --help          Show this help." << std::endl;
+    stream << "  -l, --label <label> Only show rules having a specific label." << std::endl;
     stream << std::endl;
   }
 
   int usbguard_list_rules(int argc, char* argv[])
   {
     bool show_devices = false;
     int opt = 0;
+    std::string label;
 
     while ((opt = getopt_long(argc, argv, options_short, options_long, nullptr)) != -1) {
       switch (opt) {
@@ -62,6 +65,10 @@ namespace usbguard
         show_devices = true;
         break;
 
+      case 'l':
+        label = optarg;
+        break;
+
       case '?':
         showHelp(std::cerr);
 
@@ -71,19 +78,13 @@ namespace usbguard
     }
 
     usbguard::IPCClient ipc(/*connected=*/true);
-    auto ruleset = ipc.listRules();
+    auto rules = ipc.listRules(label);
 
-    // if true, devices which are affected by rule are printed on stdout.
-    if (!show_devices) {
-      for (auto rule : ruleset->getRules()) {
-        std::cout << rule->getRuleID() << ": " << rule->toString() << std::endl;
-      }
-    }
-    else {
-      for (auto rule : ruleset->getRules()) {
-        std::cout << rule->getRuleID() << ": " << rule->toString() << std::endl;
+    for (auto rule : rules) {
+      std::cout << rule.getRuleID() << ": " << rule.toString() << std::endl;
 
-        for (auto device_rule : ipc.listDevices(rule->toString())) {
+      if (show_devices) {
+        for (auto device_rule : ipc.listDevices(rule.toString())) {
           std::cout << "\t"<< device_rule.getRuleID() << ": " << device_rule.toString() << std::endl;
         }
       }

src/DBus/DBusBridge.cpp

@@ -108,17 +108,16 @@ namespace usbguard
       const char* query_cstr = nullptr;
       g_variant_get(parameters, "(&s)", &query_cstr);
       std::string query(query_cstr);
-      auto rule_set = listRules(query);
-      auto rules = rule_set->getRules();
+      auto rules = listRules(query);
 
       if (rules.size() > 0) {
         auto gvbuilder = g_variant_builder_new(G_VARIANT_TYPE_ARRAY);
 
         try {
           for (auto rule : rules) {
             g_variant_builder_add(gvbuilder, "(us)",
-              rule->getRuleID(),
-              rule->toString().c_str());
+              rule.getRuleID(),
+              rule.toString().c_str());
           }
 
           g_dbus_method_invocation_return_value(invocation, g_variant_new("(a(us))", gvbuilder));

src/Daemon/Daemon.cpp

@@ -718,10 +718,19 @@ namespace usbguard
     }
   }
 
-  const std::shared_ptr<RuleSet> Daemon::listRules(const std::string& query)
+  const std::vector<Rule> Daemon::listRules(const std::string& query)
   {
     USBGUARD_LOG(Trace) << "entry: query=" << query;
-    return _policy.getRuleSet();
+    std::vector<Rule> rules;
+
+    for(auto const& rule : _policy.getRuleSet()->getRules()) {
+      if (query.empty() || rule->getLabel() == query) {
+        rules.push_back(*rule);
+      }
+    }
+
+    USBGUARD_LOG(Trace) << "return:" << " count(rules)=" << rules.size();
+    return rules;
   }
 
   uint32_t Daemon::applyDevicePolicy(uint32_t id, Rule::Target target, bool permanent)

src/Daemon/Daemon.hpp

@@ -90,7 +90,7 @@ namespace usbguard
 
     uint32_t appendRule(const std::string& rule_spec, uint32_t parent_id, bool permanent) override;
     void removeRule(uint32_t id) override;
-    const std::shared_ptr<RuleSet> listRules(const std::string& query) override;
+    const std::vector<Rule> listRules(const std::string& query) override;
 
     uint32_t applyDevicePolicy(uint32_t id, Rule::Target target, bool permanent) override;
     const std::vector<Rule> listDevices(const std::string& query) override;

src/Library/IPC/Policy.proto

@@ -8,8 +8,7 @@ message listRulesRequest {
 }
 
 message listRulesResponse {
-  required uint32 default_target = 1;
-  repeated Rule rules = 2;
+  repeated Rule rules = 1;
 }
 
 message listRules {

src/Library/IPCClientPrivate.cpp

@@ -397,23 +397,20 @@ namespace usbguard
     auto message_in = qbIPCSendRecvMessage(message_out);
   }
 
-  const std::shared_ptr<RuleSet> IPCClientPrivate::listRules(const std::string& query)
+  const std::vector<Rule> IPCClientPrivate::listRules(const std::string& query)
   {
     IPC::listRules message_out;
+    std::vector<Rule> rules;
     message_out.mutable_request()->set_query(query);
     auto message_in = qbIPCSendRecvMessage(message_out);
-    const Rule::Target default_target = \
-      Rule::targetFromInteger(message_in->response().default_target());
-    auto rule_set = std::make_shared<MEMRuleSet>(&_p_instance);
-    rule_set->setDefaultTarget(default_target);
 
     for (auto rule_message : message_in->response().rules()) {
       Rule rule = Rule::fromString(rule_message.rule());
       rule.setRuleID(rule_message.id());
-      rule_set->appendRule(rule);
+      rules.push_back(rule);
     }
 
-    return std::dynamic_pointer_cast<RuleSet>(rule_set);
+    return rules;
   }
 
   uint32_t IPCClientPrivate::applyDevicePolicy(uint32_t id, Rule::Target target, bool permanent)
@@ -445,15 +442,8 @@ namespace usbguard
   void IPCClientPrivate::handleMethodResponse(IPC::MessagePointer& message_in, IPC::MessagePointer& message_out)
   {
     (void)message_out;
-    const auto response_field = message_in->GetDescriptor()->FindFieldByName("response");
-    const auto reflection = message_in->GetReflection();
-    const bool has_response = reflection->HasField(*message_in, response_field);
     const uint64_t id = IPC::getMessageHeaderID(*message_in);
 
-    if (!has_response) {
-      throw IPCException("IPC method response", "message", "Missing response field", id);
-    }
-
     try {
       auto& return_promise = _return_map.at(id);
       return_promise.set_value(std::move(message_in));

src/Library/IPCClientPrivate.hpp

@@ -60,7 +60,7 @@ namespace usbguard
 
     uint32_t appendRule(const std::string& rule_spec, uint32_t parent_id, bool permanent);
     void removeRule(uint32_t id);
-    const std::shared_ptr<RuleSet> listRules(const std::string& query);
+    const std::vector<Rule> listRules(const std::string& query);
 
     uint32_t applyDevicePolicy(uint32_t id, Rule::Target target, bool permanent);
     const std::vector<Rule> listDevices(const std::string& query);

src/Library/IPCServerPrivate.cpp

@@ -892,19 +892,17 @@ namespace usbguard
     /*
      * Execute the method.
      */
-    auto rule_set = _p_instance.listRules(query);
-    const uint32_t default_target = Rule::targetToInteger(rule_set->getDefaultTarget());
+    auto rules = _p_instance.listRules(query);
     /*
      * Construct the response.
      */
     IPC::listRules* const message_out = message_in->New();
     message_out->MergeFrom(*message_in);
-    message_out->mutable_response()->set_default_target(default_target);
 
-    for (const auto& rule : rule_set->getRules()) {
+    for (const auto& rule : rules) {
       auto message_rule = message_out->mutable_response()->add_rules();
-      message_rule->set_id(rule->getRuleID());
-      message_rule->set_rule(rule->toString());
+      message_rule->set_id(rule.getRuleID());
+      message_rule->set_rule(rule.toString());
     }
 
     response.reset(message_out);

src/Library/public/usbguard/IPCClient.cpp

@@ -72,7 +72,7 @@ namespace usbguard
     d_pointer->removeRule(id);
   }
 
-  const std::shared_ptr<RuleSet> IPCClient::listRules(const std::string& query)
+  const std::vector<Rule> IPCClient::listRules(const std::string& query)
   {
     return d_pointer->listRules(query);
   }

src/Library/public/usbguard/IPCClient.hpp

@@ -48,8 +48,8 @@ namespace usbguard
 
     uint32_t appendRule(const std::string& rule_spec, uint32_t parent_id, bool permanent) override;
     void removeRule(uint32_t id) override;
-    const std::shared_ptr<RuleSet> listRules(const std::string& query) override;
-    const std::shared_ptr<RuleSet> listRules()
+    const std::vector<Rule> listRules(const std::string& query) override;
+    const std::vector<Rule> listRules()
     {
       return listRules("match");
     }

src/Library/public/usbguard/Interface.hpp

@@ -45,7 +45,7 @@ namespace usbguard
 
     virtual void removeRule(uint32_t id) = 0;
 
-    virtual const std::shared_ptr<RuleSet> listRules(const std::string& query) = 0;
+    virtual const std::vector<Rule> listRules(const std::string& query) = 0;
 
     virtual uint32_t applyDevicePolicy(uint32_t id,
       Rule::Target target,