From 3e592f2eb65209bd147fe5e97b2a0a05eebf5997 Mon Sep 17 00:00:00 2001
From: Jooyung Han <jooyung@google.com>
Date: Mon, 5 Jun 2023 10:47:20 +0900
Subject: [PATCH] Fix apex_sepolicy_tests_test

check_rule() should collect errors and return them. The previous fix was
early returing when there's a successful case.

Bug: 285225556
Test: atest apex_sepolicy_tests_test
Change-Id: I71c207210c565ab280f8794d201c074812b49acb
---
 tests/apex_sepolicy_tests.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tests/apex_sepolicy_tests.py b/tests/apex_sepolicy_tests.py
index c8ecc608f..518ebbc10 100644
--- a/tests/apex_sepolicy_tests.py
+++ b/tests/apex_sepolicy_tests.py
@@ -81,6 +81,7 @@ def match_path(path: str, matcher: Matcher) -> bool:
 
 def check_rule(pol, path: str, tcontext: str, rule: Rule) -> List[str]:
     """Returns error message if scontext can't read the target"""
+    errors = []
     match rule:
         case AllowRead(tclass, scontext):
             # Test every source in scontext(set)
@@ -90,9 +91,10 @@ def check_rule(pol, path: str, tcontext: str, rule: Rule) -> List[str]:
                                                 tclass={tclass},
                                                 perms={'read'}))
                 if len(te_rules) > 0:
-                    return []  # no errors
+                    continue  # no errors
 
-                return [f"Error: {path}: {s} can't read. (tcontext={tcontext})"]
+                errors.append(f"Error: {path}: {s} can't read. (tcontext={tcontext})")
+    return errors
 
 
 rules = [