source: examples/python_tests/acme_rockets_rt0/query.py @ 928b1b7

mei_rt2mei_rt2_fix_1
Last change on this file since 928b1b7 was f824a9e, checked in by Mei <mei@…>, 13 years ago

1) add more doc to python_tests

  • Property mode set to 100755
File size: 2.7 KB
RevLine 
[5f551d3]1#!/usr/bin/env python
2
3"""
[f824a9e]4Run the queries described in README
[5f551d3]5
6cmd1:env keystore=`pwd` ./query.py
7cmd2: env ABAC_CN=1 keystore=`pwd` ./query.py
8
9"""
10
11import os
12import ABAC
13
14ctxt = ABAC.Context()
15
[f824a9e]16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
21else:
22    print("keystore is not set...")
23    exit(1)
[5f551d3]24
[f824a9e]25# retrieve principals' keyid value from local credential files
[5f551d3]26acmeID=ABAC.ID("Acme_ID.pem");
27acmeID.id_load_privkey_file("Acme_private.pem");
28acme=acmeID.id_keyid()
29
30coyoteID=ABAC.ID("Coyote_ID.pem");
31coyoteID.id_load_privkey_file("Coyote_private.pem");
32coyote=coyoteID.id_keyid()
33
34##########################################################################
[f824a9e]35# dump the loaded principals/policies
36#
37out = ctxt.context_principals()
38print "\n...final principal set..."
39for x in out[1]:
40    print "%s " % x.string()
41out = ctxt.context_credentials()
42print "\n...final policy attribute set..."
43for c in out[1]:
44    print "%s <- %s" % (c.head_string(), c.tail_string())
45
46##########################################################################
47# is coyote a preferred_customer of Acme ?
[5f551d3]48# role=[keyid:Acme].role:preferred_customer
49# p =[keyid:coyote]
50role = ABAC.Role(acme,"preferred_customer")
51p = ABAC.Role(coyote)
52print "\n===good============ Acme.preferred_customer <- Coyote"
53out = ctxt.query(role, p)
54for c in out[1]:
55    print "%s <- %s" % (c.head_string(), c.tail_string())
56
57##########################################################################
[f824a9e]58# can coyote buy rockets from Acme ?
[5f551d3]59# role=[keyid:Acme].role:buy_rockets
60# p =[keyid:coyote]
61role = ABAC.Role(acme,"buy_rockets")
62p = ABAC.Role(coyote)
63print "\n===good============ Acme.buy_rockets <- Coyote"
64out = ctxt.query(role, p)
65for c in out[1]:
66    print "%s <- %s" % (c.head_string(), c.tail_string())
67
68
69##########################################################################
[f824a9e]70# is Acme a friend of coyote ?
[5f551d3]71# role=[keyid:Coyote].role:friend
72# p=[keyid:Acme]
73role = ABAC.Role(coyote,"friend")
74p = ABAC.Role(acme)
75print "\n===bad=============== Coyote.friend <- Acme"
76out = ctxt.query(role, p)
77for c in out[1]:
78    print "%s <- %s" % (c.head_string(), c.tail_string())
79
80##########################################################################
[f824a9e]81# using complex role to ask a question.. expecting to fail
82# role=[keyid:Acme].role:buy_rockets
83# p=[keyid:Acme].role:preferred_customer
84role = ABAC.Role(acme,"buy_rockets")
85p = ABAC.Role(acme,"preferred_customer")
86print "\n===bad=============== Acme.buy_rockets <- Acme.preferred_customer"
87out = ctxt.query(role, p)
[5f551d3]88for c in out[1]:
89    print "%s <- %s" % (c.head_string(), c.tail_string())
90
91
92
Note: See TracBrowser for help on using the repository browser.