Context Navigation

query.py @ 20eaefe

mei_rt2mei_rt2_fix_1

Last change on this file since 20eaefe was ba6027a, checked in by Mei <mei@…>, 12 years ago

1) modified code all around to add support for encrypted private key for

ID credential

2) add new abac_key_t structure (abac_key.c)
3) add new keycheck option to creddy
4) add 2 new test suites

Property mode set to 100755

File size: 2.7 KB

Line
1	#!/usr/bin/env python
2
3	"""
4	Run the queries described in README
5
6	cmd1:env keystore=`pwd` ./query.py
7	cmd2: env ABAC_CN=1 keystore=`pwd` ./query.py
8
9	"""
10
11	import os
12	import ABAC
13
14	ctxt = ABAC.Context()
15
16	# Keystore is the directory containing the principal credentials.
17	# Load existing principals and/or policy credentials
18	if (os.environ.has_key("keystore")) :
19	keystore=os.environ["keystore"]
20	ctxt.load_directory(keystore)
21	else:
22	print("keystore is not set...")
23	exit(1)
24
25	# retrieve principals' keyid value from local credential files
26	acmeID=ABAC.ID("Acme_ID.pem");
27	acmeID.id_load_privkey_file("Acme_private.pem");
28	acme=acmeID.id_keyid()
29
30	coyoteID=ABAC.ID("Coyote_ID.pem");
31	coyoteID.id_load_privkey_file("Coyote_private.pem");
32	coyote=coyoteID.id_keyid()
33
34	##########################################################################
35	# dump the loaded principals/policies
36	#
37	out = ctxt.context_principals()
38	print "\n...final principal set..."
39	for x in out[1]:
40	print "%s " % x.string()
41	out = ctxt.context_credentials()
42	print "\n...final policy attribute set..."
43	for c in out[1]:
44	print "%s <- %s" % (c.head_string(), c.tail_string())
45
46	##########################################################################
47	# is coyote a preferred_customer of Acme ?
48	# role=[keyid:Acme].role:preferred_customer
49	# p =[keyid:coyote]
50	role = ABAC.Role(acme,"preferred_customer")
51	p = ABAC.Role(coyote)
52	print "\n===good============ Acme.preferred_customer <- Coyote"
53	out = ctxt.query(role, p)
54	for c in out[1]:
55	print "%s <- %s" % (c.head_string(), c.tail_string())
56
57	##########################################################################
58	# can coyote buy rockets from Acme ?
59	# role=[keyid:Acme].role:buy_rockets
60	# p =[keyid:coyote]
61	role = ABAC.Role(acme,"buy_rockets")
62	p = ABAC.Role(coyote)
63	print "\n===good============ Acme.buy_rockets <- Coyote"
64	out = ctxt.query(role, p)
65	for c in out[1]:
66	print "%s <- %s" % (c.head_string(), c.tail_string())
67
68
69	##########################################################################
70	# is Acme a friend of coyote ?
71	# role=[keyid:Coyote].role:friend
72	# p=[keyid:Acme]
73	role = ABAC.Role(coyote,"friend")
74	p = ABAC.Role(acme)
75	print "\n===bad=============== Coyote.friend <- Acme"
76	out = ctxt.query(role, p)
77	for c in out[1]:
78	print "%s <- %s" % (c.head_string(), c.tail_string())
79
80	##########################################################################
81	# using complex role to ask a question.. expecting to fail
82	# role=[keyid:Acme].role:buy_rockets
83	# p=[keyid:Acme].role:preferred_customer
84	role = ABAC.Role(acme,"buy_rockets")
85	p = ABAC.Role(acme,"preferred_customer")
86	print "\n===bad=============== Acme.buy_rockets <- Acme.preferred_customer"
87	out = ctxt.query(role, p)
88	for c in out[1]:
89	print "%s <- %s" % (c.head_string(), c.tail_string())
90
91
92

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: examples/passphrase_tests/python/acme_rockets_rt0/query.py @ 20eaefe

Download in other formats: