source: examples/python_tests/access_rt2/query.py @ 47d5cf9

mei_rt2mei_rt2_fix_1
Last change on this file since 47d5cf9 was 47d5cf9, checked in by Ted Faber <faber@…>, 12 years ago

Sample documentation
  • Property mode set to 100755
File size: 2.9 KB
Line 
1#!/usr/bin/env python
2
3"""
4  to test with python
5
6cmd1:env keystore=`pwd` ./query.py
7cmd2: env ABAC_CN=1 keystore=`pwd` ./query.py
8
9"""
10
11import os
12import ABAC
13
14# Run the queries described in README
15
16ctxt = ABAC.Context()
17
18# print "ABAC version %s" % ctxt.version()
19
20# If a keystore is given in the environment, pre-load those credentials
21keystore=os.environ["keystore"]
22
23ctxt.load_directory(keystore)
24
25# Load the principals created in ./attr.py and ./setup.py.  Each has an
26# identity and private key.
27alphaID=ABAC.ID("Alpha_ID.pem");
28alphaID.id_load_privkey_file("Alpha_private.pem");
29#ctxt.load_id(alphaID)
30alpha=alphaID.id_keyid()
31
32bobID=ABAC.ID("Bob_ID.pem");
33bobID.id_load_privkey_file("Bob_private.pem");
34#ctxt.load_id(bobID)
35bob=bobID.id_keyid()
36
37joeID=ABAC.ID("Joe_ID.pem");
38joeID.id_load_privkey_file("Joe_private.pem");
39joe=joeID.id_keyid()
40
41# Construct and run the queries.  In each case we create a role object and a
42# principal and call the query method on the context.  The contents of the
43# proof are printed for successful queries.
44# role is the role to look for
45# p is the principal to check.
46##########################################################################
47# role =[keyid:alpha].role:access([string:'Read'],[urn:'file//fileA'])
48# p = "[keyid:bob]"
49param1=ABAC.DataTerm("string", "'Read'")
50param2=ABAC.DataTerm("urn","'file//fileA'")
51role = ABAC.Role(alpha,"access")
52role.role_add_data_term(param1)
53role.role_add_data_term(param2)
54
55p = ABAC.Role(bob)
56print "\n===good============ Alpha.access(Read,fileA)<-?-Bob"
57out = ctxt.query(role, p)
58
59for c in out[1]:
60    print "%s <- %s" % (c.head_string(), c.tail_string())
61
62##########################################################################
63# role =[keyid:alpha].role:access([string:'Read'],[urn:'file//fileA'])
64# p = "[keyid:joe]"
65param1=ABAC.DataTerm("string", "'Read'")
66param2=ABAC.DataTerm("urn","'file//fileA'")
67role = ABAC.Role(alpha,"access")
68role.role_add_data_term(param1)
69role.role_add_data_term(param2)
70p = ABAC.Role(joe)
71
72print "\n===bad============ Alpha.access(Read,fileA)<-?-Joe"
73out = ctxt.query(role,p)
74
75for c in out[1]:
76    print "%s <- %s" % (c.head_string(), c.tail_string())
77
78
79##########################################################################
80# role =[keyid:alpha].role:team([string:'proj2'])
81# p = "[keyid:joe]"
82param=ABAC.DataTerm("string", "'proj2'")
83role = ABAC.Role(alpha,"team")
84role.role_add_data_term(param)
85p = ABAC.Role(joe)
86print "\n===good============ Alpha.team(proj2)<-?-Joe"
87out = ctxt.query(role,p)
88
89for c in out[1]:
90    print "%s <- %s" % (c.head_string(), c.tail_string())
91
92
93##########################################################################
94# dump the loaded principals/policies
95#
96out = ctxt.context_principals()
97print "\n...final principal set..."
98for x in out[1]:
99    print "%s " % x.string()
100print "\n"
101out = ctxt.context_credentials()
102print "\n...final policy attribute set..."
103for c in out[1]:
104    print "%s <- %s" % (c.head_string(), c.tail_string())
105print "\n"
106
Note: See TracBrowser for help on using the repository browser.