Context Navigation

source: examples/python_tests/acme_friend_rt1/attr.py @ 08c8a53

mei_rt2mei_rt2_fix_1

Last change on this file since 08c8a53 was f824a9e, checked in by Mei <mei@…>, 12 years ago
1) add more doc to python_tests
Property mode set to `100755`
File size: 3.1 KB

Line
1	#!/usr/bin/env python
2
3	"""
4	See README in this directory for the semantics of the example. This file
5	constructs the credentials described and puts copies into this directory
6
7	cmd1:env keystore=`pwd` ./attr.py
8	"""
9
10	import os
11	import ABAC
12
13	ctxt = ABAC.Context()
14	print "ABAC version %s" % ctxt.version()
15
16	# Keystore is the directory containing the principal credentials.
17	# Load existing principals and/or policy credentials
18	if (os.environ.has_key("keystore")) :
19	keystore=os.environ["keystore"]
20	ctxt.load_directory(keystore)
21
22	out = ctxt.context_principals()
23	print "...initial principal set..."
24	for x in out[1]:
25	print "%s " % x.string()
26	print "\n"
27
28	out = ctxt.context_credentials()
29	print "...initial policy attribute set..."
30	for c in out[1]:
31	print "%s <- %s" % (c.head_string(), c.tail_string())
32	print "\n"
33
34	# retrieve principals' keyid value from local credential files
35	acmeID=ABAC.ID("Acme_ID.pem")
36	acmeID.id_load_privkey_file("Acme_private.pem");
37	acme=acmeID.id_keyid()
38
39	coyoteID=ABAC.ID("Coyote_ID.pem")
40	coyoteID.id_load_privkey_file("Coyote_private.pem");
41	coyote=coyoteID.id_keyid()
42
43	roadrunnerID=ABAC.ID("Roadrunner_ID.pem")
44	roadrunnerID.id_load_privkey_file("Roadrunner_private.pem");
45	roadrunner=roadrunnerID.id_keyid()
46
47	jackrabbitID=ABAC.ID("Jackrabbit_ID.pem")
48	jackrabbitID.id_load_privkey_file("Jackrabbit_private.pem");
49	jackrabbit=jackrabbitID.id_keyid()
50
51	################################################
52	# Credential 1
53	# [keyid:Acme].role:preferred_customer <- [keyid:Acme].role:friendof([keyid:Roadrunner])
54	head = ABAC.Role(acme,"preferred_customer")
55	param=ABAC.DataTerm(roadrunnerID)
56	tail = ABAC.Role(acme,"friendof")
57
58	# adding parameter to friendOf role
59	tail.role_add_data_term(param)
60
61	# link the head and tail parts of attribute together
62	attr=ABAC.Attribute(head, 1800)
63	attr.attribute_add_tail(tail)
64
65	# finalize the attribute
66	attr.attribute_bake()
67
68	# write to file system to be accessible later on
69	attr.attribute_write_cert("Acme_preferred_customer__Acme_friendof_Roadrunner_attr.der")
70
71	# load the credential just made into the context directly
72	# (bypass the external credential file)
73	ctxt.load_attribute(attr)
74	print attr.string()
75	print attr.typed_string()
76	print "\n"
77
78	#################################################
79	# Credential 2
80	# [keyid:Acme].role:prefered_customer <- [keyid:Coyote]
81	head = ABAC.Role(acme,"preferred_customer")
82	tail = ABAC.Role(coyote)
83	attr=ABAC.Attribute(head, 1800)
84	attr.attribute_add_tail(tail)
85	attr.attribute_bake()
86	attr.attribute_write_cert("Acme_preferred_customer__Coyote_attr.der")
87	ctxt.load_attribute(attr)
88	print attr.string()
89	print attr.typed_string()
90	print "\n"
91
92	#################################################
93	# Credential 3
94	# [keyid:Acme].role:friendof([keyid:Roadrunner]) <- [keyid:Jackrabbit]
95	param=ABAC.DataTerm(roadrunnerID)
96	head = ABAC.Role(acme,"friendof")
97	head.role_add_data_term(param)
98	tail = ABAC.Role(jackrabbit)
99	attr=ABAC.Attribute(head, 1800)
100	attr.attribute_add_tail(tail)
101	attr.attribute_bake()
102	attr.attribute_write_cert("Acme_friendof_Roadrunner__Jackrabbit_attr.der")
103	ctxt.load_attribute(attr)
104	print attr.string()
105	print attr.typed_string()
106	print "\n"
107

Note: See TracBrowser for help on using the repository browser.

Download in other formats: