Context Navigation

source: examples/python_tests/alumni_rt1/attr.py @ e3462b4

mei_rt2mei_rt2_fix_1

Last change on this file since e3462b4 was f824a9e, checked in by Mei <mei@…>, 12 years ago
1) add more doc to python_tests
Property mode set to `100755`
File size: 4.5 KB

Rev	Line
[669b481]	1	#!/usr/bin/env python
	2
	3	"""
[f824a9e]	4	See README in this directory for the semantics of the example. This file
	5	constructs the credentials described and puts copies into this directory
[669b481]	6
	7	cmd1:env keystore=`pwd` ./attr.py
	8	"""
	9
	10	import os
	11	import ABAC
	12
	13	ctxt = ABAC.Context()
	14	print "ABAC version %s" % ctxt.version()
	15
[f824a9e]	16	# Keystore is the directory containing the principal credentials.
	17	# Load existing principals and/or policy credentials
	18	if (os.environ.has_key("keystore")) :
	19	keystore=os.environ["keystore"]
	20	ctxt.load_directory(keystore)
[669b481]	21
	22	out = ctxt.context_principals()
	23	print "...initial principal set..."
	24	for x in out[1]:
	25	print "%s " % x.string()
	26	print "\n"
	27
	28	out = ctxt.context_credentials()
	29	print "...initial policy attribute set..."
	30	for c in out[1]:
	31	print "%s <- %s" % (c.head_string(), c.tail_string())
	32	print "\n"
	33
[f824a9e]	34	# retrieve principals' keyid value from local credential files
[669b481]	35	stateUID=ABAC.ID("StateU_ID.pem")
	36	stateUID.id_load_privkey_file("StateU_private.pem")
	37	stateU=stateUID.id_keyid()
	38
	39	bobID=ABAC.ID("Bob_ID.pem")
	40	bobID.id_load_privkey_file("Bob_private.pem")
	41	bob=bobID.id_keyid()
	42
	43	joeID=ABAC.ID("Joe_ID.pem")
	44	joeID.id_load_privkey_file("Joe_private.pem")
	45	joe=joeID.id_keyid()
	46
	47	maryannID=ABAC.ID("Maryann_ID.pem")
	48	maryannID.id_load_privkey_file("Maryann_private.pem")
	49	maryann=maryannID.id_keyid()
	50
	51
	52	################################################
[f824a9e]	53	# Credential 1, the year is constrainted by a range constraint with min and max
	54	# values
[669b481]	55	# [keyid:stateU].role:foundingAlumni
[f824a9e]	56	# <- [keyid:stateU].role:diploma([?], [integer:?Year:[1955 .. 1958]])
[669b481]	57	head = ABAC.Role(stateU,"foundingAlumni")
[f824a9e]	58
	59	# create an anonymous parameter that will take any type of major
[669b481]	60	param1=ABAC.DataTerm("anonymous", "_")
[f824a9e]	61
	62	# initialize a constraint with integer type
[669b481]	63	cond=ABAC.Constraint("integer")
[f824a9e]	64
	65	# set the bounding min and max value for this constraint
[669b481]	66	cond.constraint_add_integer_min(1955)
	67	cond.constraint_add_integer_max(1958)
[f824a9e]	68
	69	# make the parameter with this integer constraint
[669b481]	70	param2=ABAC.DataTerm("integer", "Year", cond)
	71	tail = ABAC.Role(stateU,"diploma")
	72	tail.role_add_data_term(param1)
	73	tail.role_add_data_term(param2)
	74	attr=ABAC.Attribute(head, 1800)
[f824a9e]	75
	76	# build up the policy
[669b481]	77	attr.attribute_add_tail(tail)
[f824a9e]	78
	79	# finalize the policy
[669b481]	80	attr.attribute_bake()
[f824a9e]	81
	82	# write the policy out into the file system
[669b481]	83	attr.attribute_write_cert("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
[f824a9e]	84
	85	# load this policy into the context using this external credential file
[669b481]	86	ctxt.load_attribute_file("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
	87	print attr.string()
	88	print attr.typed_string()
	89	print "\n"
	90
	91	#################################################
[f824a9e]	92	# Credential 2
	93	# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1960])
	94	# <- [keyid:bob]
[669b481]	95	param1=ABAC.DataTerm("string", "'mathmatics'")
	96	param2=ABAC.DataTerm("integer", "1960")
	97	head = ABAC.Role(stateU,"diploma")
	98	head.role_add_data_term(param1)
	99	head.role_add_data_term(param2)
	100	tail = ABAC.Role(bob)
	101	attr=ABAC.Attribute(head, 1800)
	102	attr.attribute_add_tail(tail)
	103	attr.attribute_bake()
	104	attr.attribute_write_cert("StateU_diploma_m__Bob_attr.der")
	105	ctxt.load_attribute_file("StateU_diploma_m__Bob_attr.der")
	106	print attr.string()
	107	print attr.typed_string()
	108	print "\n"
	109
	110	#################################################
[f824a9e]	111	# Credential 3
	112	# [keyid:stateU].role:diploma([string:'zoology'],[integer:1955])
	113	# <- [keyid:joe]
[669b481]	114	param1=ABAC.DataTerm("string", "'zoology'")
	115	param2=ABAC.DataTerm("integer", "1955")
	116	head = ABAC.Role(stateU,"diploma")
	117	head.role_add_data_term(param1)
	118	head.role_add_data_term(param2)
	119	tail = ABAC.Role(joe)
	120	attr=ABAC.Attribute(head, 1800)
	121	attr.attribute_add_tail(tail)
	122	attr.attribute_bake()
	123	attr.attribute_write_cert("StateU_diploma_z__Joe_attr.der")
	124	ctxt.load_attribute_file("StateU_diploma_z__Joe_attr.der")
	125	print attr.string()
	126	print attr.typed_string()
	127	print "\n"
	128
	129	#################################################
[f824a9e]	130	# Credential 4
	131	# [keyid:stateU].role:diploma([string:'psychology'],[integer:1956])
	132	# <- [keyid:maryann]
[669b481]	133	param1=ABAC.DataTerm("string", "'psychology'")
	134	param2=ABAC.DataTerm("integer", "1956")
	135	head = ABAC.Role(stateU,"diploma")
	136	head.role_add_data_term(param1)
	137	head.role_add_data_term(param2)
	138	tail = ABAC.Role(maryann)
	139	attr=ABAC.Attribute(head, 1800)
	140	attr.attribute_add_tail(tail)
	141	attr.attribute_bake()
	142	attr.attribute_write_cert("StateU_diploma_p__Maryann_attr.der")
	143	ctxt.load_attribute_file("StateU_diploma_p__Maryann_attr.der")
	144	print attr.string()
	145	print attr.typed_string()
	146	print "\n"
	147

Note: See TracBrowser for help on using the repository browser.

Download in other formats: