source: examples/python_tests/acme_rockets_intersection_rt0/query.py @ c0fd8bc

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
Last change on this file since c0fd8bc was be6cb41, checked in by Mei <mei@…>, 12 years ago

1) forgot to add the new files

  • Property mode set to 100755
File size: 2.2 KB
RevLine 
[be6cb41]1#!/usr/bin/env python
2
3"""
4Run the queries described in README
5
6cmd:env keystore=`pwd` ./query.py
7"""
8
9import os
10import ABAC
11
12ctxt = ABAC.Context()
13
14# Keystore is the directory containing the principal credentials.
15# Load existing principals and/or policy credentials
16if (os.environ.has_key("keystore")) :
17    keystore=os.environ["keystore"]
18    ctxt.load_directory(keystore)
19else:
20    print("keystore is not set...")
21    exit(1)
22
23# retrieve principals' keyid value from local credential files
24acmeID=ABAC.ID("Acme_ID.pem");
25acmeID.load_privkey("Acme_private.pem");
26acme=acmeID.keyid()
27
28coyoteID=ABAC.ID("Coyote_ID.pem");
29coyoteID.load_privkey("Coyote_private.pem");
30coyote=coyoteID.keyid()
31
32warnerbrosID=ABAC.ID("WarnerBros_ID.pem");
33warnerbrosID.load_privkey("WarnerBros_private.pem");
34warnerbros=warnerbrosID.keyid()
35
36batmanID=ABAC.ID("Batman_ID.pem");
37batmanID.load_privkey("Batman_private.pem");
38batman=batmanID.keyid()
39
40##########################################################################
41# dump the loaded principals/policies
42#
43print "\n...policy attribute set..."
44credentials = ctxt.credentials()
45for credential in credentials:
46    print "context: %s <- %s" % (credential.head().string(), credential.tail().string())
47
48##########################################################################
49# can coyote buy rockets from Acme ?
50# role = "[keyid:Acme].role:buy_rockets"
51# p = "[keyid:coyote]"
52
53print "\n===good============ Acme.buy_rockets <- Coyote"
54(success, credentials) = ctxt.query("%s.buy_rockets" % acme, coyote)
55if success:
56    print "success!"
57else:
58    print "failure!"
59for credential in credentials:
60    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
61
62##########################################################################
63# can batman buy rockets from Acme ?
64# role = "[keyid:Acme].role:buy_rockets"
65# p = "[keyid:batman]"
66
67print "\n===bad============ Acme.buy_rockets <- Batman"
68(success, credentials) = ctxt.query("%s.buy_rockets" % acme, batman)
69if success:
70    print "success!"
71else:
72    print "failure!"
73for credential in credentials:
74    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
Note: See TracBrowser for help on using the repository browser.