source: examples/python_tests/acme_friend_rt1/attr.py @ 2efdff5

mei_rt2mei_rt2_fix_1
Last change on this file since 2efdff5 was f824a9e, checked in by Mei <mei@…>, 12 years ago

1) add more doc to python_tests
  • Property mode set to 100755
File size: 3.1 KB
RevLine 
[7211a95]1#!/usr/bin/env python
2
3"""
[f824a9e]4See README in this directory for the semantics of the example.  This file
5constructs the credentials described and puts copies into this directory
[7211a95]6
7cmd1:env keystore=`pwd` ./attr.py
8"""
9
10import os
11import ABAC
12
13ctxt = ABAC.Context()
14print "ABAC version %s" % ctxt.version()
15
[f824a9e]16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
[7211a95]21
22out = ctxt.context_principals()
23print "...initial principal set..."
24for x in out[1]:
25    print "%s " % x.string()
26print "\n" 
27
28out = ctxt.context_credentials()
29print "...initial policy attribute set..."
30for c in out[1]:
31    print "%s <- %s" % (c.head_string(), c.tail_string())
32print "\n"
33
[f824a9e]34# retrieve principals' keyid value from local credential files
[7211a95]35acmeID=ABAC.ID("Acme_ID.pem")
36acmeID.id_load_privkey_file("Acme_private.pem");
37acme=acmeID.id_keyid()
38
39coyoteID=ABAC.ID("Coyote_ID.pem")
40coyoteID.id_load_privkey_file("Coyote_private.pem");
41coyote=coyoteID.id_keyid()
42
43roadrunnerID=ABAC.ID("Roadrunner_ID.pem")
44roadrunnerID.id_load_privkey_file("Roadrunner_private.pem");
45roadrunner=roadrunnerID.id_keyid()
46
47jackrabbitID=ABAC.ID("Jackrabbit_ID.pem")
48jackrabbitID.id_load_privkey_file("Jackrabbit_private.pem");
49jackrabbit=jackrabbitID.id_keyid()
50
51################################################
[f824a9e]52# Credential 1
[7211a95]53# [keyid:Acme].role:preferred_customer <- [keyid:Acme].role:friendof([keyid:Roadrunner])
54head = ABAC.Role(acme,"preferred_customer")
55param=ABAC.DataTerm(roadrunnerID)
56tail = ABAC.Role(acme,"friendof")
[f824a9e]57
58# adding parameter to friendOf role
[7211a95]59tail.role_add_data_term(param)
[f824a9e]60
61# link the head and tail parts of attribute together
[7211a95]62attr=ABAC.Attribute(head, 1800)
63attr.attribute_add_tail(tail)
[f824a9e]64
65# finalize the attribute
[7211a95]66attr.attribute_bake()
[f824a9e]67
68# write to file system to be accessible later on
[7211a95]69attr.attribute_write_cert("Acme_preferred_customer__Acme_friendof_Roadrunner_attr.der")
[f824a9e]70
71# load the credential just made into the context directly
72# (bypass the external credential file)
[669b481]73ctxt.load_attribute(attr)
[7211a95]74print attr.string() 
75print attr.typed_string()
76print "\n"
77
78#################################################
[f824a9e]79# Credential 2
[7211a95]80# [keyid:Acme].role:prefered_customer <- [keyid:Coyote]
81head = ABAC.Role(acme,"preferred_customer")
82tail = ABAC.Role(coyote)
83attr=ABAC.Attribute(head, 1800)
84attr.attribute_add_tail(tail)
85attr.attribute_bake()
86attr.attribute_write_cert("Acme_preferred_customer__Coyote_attr.der")
[669b481]87ctxt.load_attribute(attr)
[7211a95]88print attr.string() 
89print attr.typed_string()
90print "\n"
91
92#################################################
[f824a9e]93# Credential 3
[7211a95]94# [keyid:Acme].role:friendof([keyid:Roadrunner]) <- [keyid:Jackrabbit]
95param=ABAC.DataTerm(roadrunnerID)
96head = ABAC.Role(acme,"friendof")
97head.role_add_data_term(param)
98tail = ABAC.Role(jackrabbit)
99attr=ABAC.Attribute(head, 1800)
100attr.attribute_add_tail(tail)
101attr.attribute_bake()
102attr.attribute_write_cert("Acme_friendof_Roadrunner__Jackrabbit_attr.der")
[669b481]103ctxt.load_attribute(attr)
[7211a95]104print attr.string() 
105print attr.typed_string()
106print "\n"
107
Note: See TracBrowser for help on using the repository browser.