source: examples/access_tests/creddy_prover/s1_query.py @ 7751094

mei_rt2
Last change on this file since 7751094 was 2e9455f, checked in by Mei <mei@…>, 11 years ago

1) added namespace
2) tweak ?This,
3) allowing linking role/oset as constraining conditions
4) adding access_tests regression testing that uses GENI's access policy
5) added couple multi contexts regression tests
6) add compression/uncompression calls to abac_encode_string/abac_decode_string
(libstrongwan only allows 512 char for attribute rule storage)
7) add attribute_now option to creddy that takes a whole char string for attribute
rule
  • Property mode set to 100755
File size: 2.5 KB
Line 
1#!/usr/bin/env python
2
3"""
4  s1_query.py
5using python api
6
7"""
8
9print("=====================s1_query.py==================")
10
11import os
12import ABAC
13
14ctxt = ABAC.Context()
15
16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
21else:
22    print("keystore is not set, using current directory...")
23    ctxt.load_directory(".")
24
25##########################################################################
26def get_next(CTXT) :
27    while( 1 ) :
28        print ("\nnext proof:")
29        (success, out) = CTXT.next_proof()
30        if(success) :
31            for c in out:
32                print "%s <- %s" % (c.head_string(), c.tail_string())
33        else:
34            print("no more..\n")
35            return
36
37# dump the loaded principals/policies
38def dump_all(CTXT,msg) :
39    out = CTXT.context_principals()
40    print "\n...%s principal set..." % msg
41    for x in out[1]:
42        print "#PP# %s " % x.string()
43    out = CTXT.context_credentials()
44    print "\n...%s policy attribute set..." %msg
45    for c in out[1]:
46        print "#CC# %s <- %s" % (c.head_string(), c.tail_string())
47
48##########################################################################
49# retrieve principals' keyid value from local credential files
50gID=ABAC.ID("G_ID.pem");
51g=gID.id_keyid()
52
53paID=ABAC.ID("PA_ID.pem");
54pa=paID.id_keyid()
55
56drdID=ABAC.ID("Drd_ID.pem");
57drd=drdID.id_keyid()
58
59##########################################################################
60#dump_all(ctxt,"initial")
61#ctxt.set_no_partial_proof()
62
63##########################################################################
64# [keyid:G].oset:qualifiedProject <-?- [string:'proj1'] (yes)
65# oset=[keyid:G].oset:qualifiedProject
66# p =[string:'proj1']
67oset = ABAC.Oset(g,"qualifiedProject")
68term=ABAC.DataTerm("string", "'proj1'")
69p = ABAC.Oset(term)
70
71print "\n===good============ G.qualifiedProject <-?- proj1"
72out = ctxt.query(oset, p)
73for c in out[1]:
74    print "%s <- %s" % (c.head_string(), c.tail_string())
75
76##########################################################################
77# [keyid:PA].oset:std_ops <-?- [string:'info']
78oset = ABAC.Oset(pa,"std_ops")
79term=ABAC.DataTerm("string", "'info'")
80p = ABAC.Oset(term)
81
82print "\n===good============ PA.std_ops <-?- info"
83out = ctxt.query(oset, p)
84for c in out[1]:
85    print "%s <- %s" % (c.head_string(), c.tail_string())
86
87#get_next(ctxt)
88
89print("\n\n")
Note: See TracBrowser for help on using the repository browser.