source: examples/python_tests/access_rt2/query.py @ 5d06689

mei_rt2mei_rt2_fix_1
Last change on this file since 5d06689 was 5d06689, checked in by Mei <mei@…>, 12 years ago

1) modify abac.hh and added abac_c.c to unify the c and c++ api

interface (almost)

2) add new API
3) tweak the tests
4) filling missing code for abac_verifier_load_attribute_cert_attribute
  • Property mode set to 100755
File size: 2.6 KB
Line 
1#!/usr/bin/env python
2
3"""
4  to test with python
5
6cmd1:env keystore=`pwd` ./query.py
7cmd2: env ABAC_CN=1 keystore=`pwd` ./query.py
8
9"""
10
11import os
12import ABAC
13
14ctxt = ABAC.Context()
15
16# print "ABAC version %s" % ctxt.version()
17
18keystore=os.environ["keystore"]
19
20ctxt.load_directory(keystore)
21
22alphaID=ABAC.ID("Alpha_ID.pem");
23alphaID.id_load_privkey_file("Alpha_private.pem");
24#ctxt.load_id(alphaID)
25alpha=alphaID.id_keyid()
26
27bobID=ABAC.ID("Bob_ID.pem");
28bobID.id_load_privkey_file("Bob_private.pem");
29#ctxt.load_id(bobID)
30bob=bobID.id_keyid()
31
32joeID=ABAC.ID("Joe_ID.pem");
33joeID.id_load_privkey_file("Joe_private.pem");
34joe=joeID.id_keyid()
35
36##########################################################################
37# role =[keyid:alpha].role:access([string:'Read'],[urn:'file//fileA'])
38# p = "[keyid:bob]"
39param1=ABAC.DataTerm("string", "'Read'")
40param2=ABAC.DataTerm("urn","'file//fileA'")
41role = ABAC.Role(alpha,"access")
42role.role_add_data_term(param1)
43role.role_add_data_term(param2)
44p = ABAC.Role(bob)
45
46print "\n===good============ Alpha.access(Read,fileA)<-?-Bob"
47out = ctxt.query(role, p)
48
49for c in out[1]:
50    print "%s <- %s" % (c.head_string(), c.tail_string())
51
52##########################################################################
53# role =[keyid:alpha].role:access([string:'Read'],[urn:'file//fileA'])
54# p = "[keyid:joe]"
55param1=ABAC.DataTerm("string", "'Read'")
56param2=ABAC.DataTerm("urn","'file//fileA'")
57role = ABAC.Role(alpha,"access")
58role.role_add_data_term(param1)
59role.role_add_data_term(param2)
60p = ABAC.Role(joe)
61
62print "\n===bad============ Alpha.access(Read,fileA)<-?-Joe"
63out = ctxt.query(role,p)
64
65for c in out[1]:
66    print "%s <- %s" % (c.head_string(), c.tail_string())
67
68
69##########################################################################
70# role =[keyid:alpha].role:team([string:'proj2'])
71# p = "[keyid:joe]"
72param=ABAC.DataTerm("string", "'proj2'")
73role = ABAC.Role(alpha,"team")
74role.role_add_data_term(param)
75p = ABAC.Role(joe)
76print "\n===good============ Alpha.team(proj2)<-?-Joe"
77out = ctxt.query(role,p)
78
79for c in out[1]:
80    print "%s <- %s" % (c.head_string(), c.tail_string())
81
82
83##########################################################################
84# dump the yap dB
85#
86#ctxt.dump_yap_db()
87
88##########################################################################
89# dump the loaded principals/policies
90#
91out = ctxt.context_principals()
92print "...initial principal set..."
93for x in out[1]:
94    print "%s " % x.string()
95print "\n"
96out = ctxt.context_credentials()
97print "...initial policy attribute set..."
98for c in out[1]:
99    print "%s <- %s" % (c.head_string(), c.tail_string())
100print "\n"
101
Note: See TracBrowser for help on using the repository browser.