source: examples/python_tests/alumni3_rt1/attr.py @ 928b1b7

mei_rt2mei_rt2_fix_1
Last change on this file since 928b1b7 was f824a9e, checked in by Mei <mei@…>, 13 years ago

1) add more doc to python_tests

  • Property mode set to 100755
File size: 6.1 KB
RevLine 
[7211a95]1#!/usr/bin/env python
2
3"""
[f824a9e]4See README in this directory for the semantics of the example.  This file
5constructs the credentials described and puts copies into this directory
[7211a95]6
7cmd1:env keystore=`pwd` ./attr.py
8"""
9
10import os
11import ABAC
12
13ctxt = ABAC.Context()
14print "ABAC version %s" % ctxt.version()
15
[f824a9e]16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
[7211a95]21
22out = ctxt.context_principals()
23print "...initial principal set..."
24for x in out[1]:
25    print "%s " % x.string()
26print "\n" 
27
28out = ctxt.context_credentials()
29print "...initial policy attribute set..."
30for c in out[1]:
31    print "%s <- %s" % (c.head_string(), c.tail_string())
32print "\n"
33
[f824a9e]34# retrieve principals' keyid value from local credential files
[7211a95]35stateUID=ABAC.ID("StateU_ID.pem")
36stateUID.id_load_privkey_file("StateU_private.pem")
37stateU=stateUID.id_keyid()
38
39bobID=ABAC.ID("Bob_ID.pem")
40bobID.id_load_privkey_file("Bob_private.pem")
41bob=bobID.id_keyid()
42
43markID=ABAC.ID("Mark_ID.pem")
44markID.id_load_privkey_file("Mark_private.pem")
45mark=markID.id_keyid()
46
47joeID=ABAC.ID("Joe_ID.pem")
48joeID.id_load_privkey_file("Joe_private.pem")
49joe=joeID.id_keyid()
50
51maryannID=ABAC.ID("Maryann_ID.pem")
52maryannID.id_load_privkey_file("Maryann_private.pem")
53maryann=maryannID.id_keyid()
54
55janID=ABAC.ID("Jan_ID.pem")
56janID.id_load_privkey_file("Jan_private.pem")
57jan=janID.id_keyid()
58
59
60################################################
[f824a9e]61# Credential 1, this policy has two range constraints on different parameters
[7211a95]62# [keyid:stateU].role:foundingAlumni
63#              <- [keyid:stateU].role:diploma([string:?D:['mathmatics','psychology']],
64#                                             [integer:?Year:[1960,1961,1963]])
65head = ABAC.Role(stateU,"foundingAlumni")
[f824a9e]66
67# initialize a string range constraint
[7211a95]68cond=ABAC.Constraint("string")
[f824a9e]69
70# add specific string values to the constraint
[7211a95]71cond.constraint_add_string_target("'mathmatics'")
72cond.constraint_add_string_target("'psychology'")
[f824a9e]73
74# create the parameter with the string range constraint
[7211a95]75param1=ABAC.DataTerm("string", "D", cond)
[f824a9e]76
77# initialize another constratnt that is of integer type
[7211a95]78cond=ABAC.Constraint("integer")
[f824a9e]79
80# add specific integer values to the constraint
[7211a95]81cond.constraint_add_integer_target(1960)
82cond.constraint_add_integer_target(1961)
83cond.constraint_add_integer_target(1963)
[f824a9e]84
85# create the parameter with the integer range constraint
[7211a95]86param2=ABAC.DataTerm("integer", "Year", cond)
87tail = ABAC.Role(stateU,"diploma")
[f824a9e]88
89# add the parameter with conditions to a role
[7211a95]90tail.role_add_data_term(param1)
91tail.role_add_data_term(param2)
[f824a9e]92
93# build up the policy rule
[7211a95]94attr=ABAC.Attribute(head, 1800)
95attr.attribute_add_tail(tail)
[f824a9e]96
97# finalize the policy rule
[7211a95]98attr.attribute_bake()
[f824a9e]99
100# save it to a credential file
[7211a95]101attr.attribute_write_cert("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
102ctxt.load_attribute_file("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
103print attr.string() 
104print attr.typed_string()
105print "\n"
106
107#################################################
[f824a9e]108# Credential 2
[7211a95]109# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1961]) <- [keyid:bob]
110param1=ABAC.DataTerm("string", "'mathmatics'")
111param2=ABAC.DataTerm("integer", "1961")
112head = ABAC.Role(stateU,"diploma")
113head.role_add_data_term(param1)
114head.role_add_data_term(param2)
115tail = ABAC.Role(bob)
116attr=ABAC.Attribute(head, 1800)
117attr.attribute_add_tail(tail)
118attr.attribute_bake()
119attr.attribute_write_cert("StateU_diploma_m__Bob_attr.der")
120ctxt.load_attribute_file("StateU_diploma_m__Bob_attr.der")
121print attr.string() 
122print attr.typed_string()
123print "\n"
124
125#################################################
[f824a9e]126# Credential 3
[7211a95]127# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1965]) <- [keyid:mark]
128param1=ABAC.DataTerm("string", "'mathmatics'")
129param2=ABAC.DataTerm("integer", "1965")
130head = ABAC.Role(stateU,"diploma")
131head.role_add_data_term(param1)
132head.role_add_data_term(param2)
133tail = ABAC.Role(mark)
134attr=ABAC.Attribute(head, 1800)
135attr.attribute_add_tail(tail)
136attr.attribute_bake()
137attr.attribute_write_cert("StateU_diploma_m__Mark_attr.der")
138ctxt.load_attribute_file("StateU_diploma_m__Mark_attr.der")
139print attr.string() 
140print attr.typed_string()
141print "\n"
142
143#################################################
[f824a9e]144# Credential 4
[7211a95]145# [keyid:stateU].role:diploma([string:'zoology'],[integer:1961]) <- [keyid:joe]
146param1=ABAC.DataTerm("string", "'zoology'")
147param2=ABAC.DataTerm("integer", "1961")
148head = ABAC.Role(stateU,"diploma")
149head.role_add_data_term(param1)
150head.role_add_data_term(param2)
151tail = ABAC.Role(joe)
152attr=ABAC.Attribute(head, 1800)
153attr.attribute_add_tail(tail)
154attr.attribute_bake()
155attr.attribute_write_cert("StateU_diploma_z__Joe_attr.der")
156ctxt.load_attribute_file("StateU_diploma_z__Joe_attr.der")
157print attr.string() 
158print attr.typed_string()
159print "\n"
160
161#################################################
[f824a9e]162# Credential 5
163# [keyid:stateU].role:diploma([string:'psychology'],[integer:1962])
164#                             <- [keyid:maryann]
[7211a95]165param1=ABAC.DataTerm("string", "'psychology'")
166param2=ABAC.DataTerm("integer", "1962")
167head = ABAC.Role(stateU,"diploma")
168head.role_add_data_term(param1)
169head.role_add_data_term(param2)
170tail = ABAC.Role(maryann)
171attr=ABAC.Attribute(head, 1800)
172attr.attribute_add_tail(tail)
173attr.attribute_bake()
174attr.attribute_write_cert("StateU_diploma_p__Maryann_attr.der")
175ctxt.load_attribute_file("StateU_diploma_p__Maryann_attr.der")
176print attr.string() 
177print attr.typed_string()
178print "\n"
179
180
181#################################################
[f824a9e]182# Credential 6
183# [keyid:stateU].role:diploma([string:'psychology'],[integer:1960])
184#                              <- [keyid:jan]
[7211a95]185param1=ABAC.DataTerm("string", "'psychology'")
186param2=ABAC.DataTerm("integer", "1960")
187head = ABAC.Role(stateU,"diploma")
188head.role_add_data_term(param1)
189head.role_add_data_term(param2)
190tail = ABAC.Role(jan)
191attr=ABAC.Attribute(head, 1800)
192attr.attribute_add_tail(tail)
193attr.attribute_bake()
194attr.attribute_write_cert("StateU_diploma_p__Jan_attr.der")
195ctxt.load_attribute_file("StateU_diploma_p__Maryann_attr.der")
196print attr.string() 
197print attr.typed_string()
198print "\n"
199
Note: See TracBrowser for help on using the repository browser.