source: examples/python_tests/alumni_rt1/attr.py @ 47d5cf9

#!/usr/bin/env python

"""
  Setup access policy attribute rules

cmd1:env keystore=`pwd` ./attr.py 

"""

import os
import ABAC

keystore=os.environ["keystore"]

ctxt = ABAC.Context()
print "ABAC version %s" % ctxt.version()

ctxt.load_directory(keystore)

out = ctxt.context_principals()
print "...initial principal set..."
for x in out[1]:
    print "%s " % x.string()
print "\n" 

out = ctxt.context_credentials()
print "...initial policy attribute set..."
for c in out[1]:
    print "%s <- %s" % (c.head_string(), c.tail_string())
print "\n"

stateUID=ABAC.ID("StateU_ID.pem")
stateUID.id_load_privkey_file("StateU_private.pem")
stateU=stateUID.id_keyid()

bobID=ABAC.ID("Bob_ID.pem")
bobID.id_load_privkey_file("Bob_private.pem")
bob=bobID.id_keyid()

joeID=ABAC.ID("Joe_ID.pem")
joeID.id_load_privkey_file("Joe_private.pem")
joe=joeID.id_keyid()

maryannID=ABAC.ID("Maryann_ID.pem")
maryannID.id_load_privkey_file("Maryann_private.pem")
maryann=maryannID.id_keyid()


################################################
# [keyid:stateU].role:foundingAlumni
#                   <- [keyid:stateU].role:diploma([?], [integer:?Year:[1955 .. 1958]])
head = ABAC.Role(stateU,"foundingAlumni")
param1=ABAC.DataTerm("anonymous", "_")
cond=ABAC.Constraint("integer")
cond.constraint_add_integer_min(1955)
cond.constraint_add_integer_max(1958)
param2=ABAC.DataTerm("integer", "Year", cond)
tail = ABAC.Role(stateU,"diploma")
tail.role_add_data_term(param1)
tail.role_add_data_term(param2)
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
ctxt.load_attribute_file("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

#################################################
# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1960]) <- [keyid:bob]
param1=ABAC.DataTerm("string", "'mathmatics'")
param2=ABAC.DataTerm("integer", "1960")
head = ABAC.Role(stateU,"diploma")
head.role_add_data_term(param1)
head.role_add_data_term(param2)
tail = ABAC.Role(bob)
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("StateU_diploma_m__Bob_attr.der")
ctxt.load_attribute_file("StateU_diploma_m__Bob_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

#################################################
# [keyid:stateU].role:diploma([string:'zoology'],[integer:1955]) <- [keyid:joe]
param1=ABAC.DataTerm("string", "'zoology'")
param2=ABAC.DataTerm("integer", "1955")
head = ABAC.Role(stateU,"diploma")
head.role_add_data_term(param1)
head.role_add_data_term(param2)
tail = ABAC.Role(joe)
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("StateU_diploma_z__Joe_attr.der")
ctxt.load_attribute_file("StateU_diploma_z__Joe_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

#################################################
# [keyid:stateU].role:diploma([string:'psychology'],[integer:1956]) <- [keyid:maryann]
param1=ABAC.DataTerm("string", "'psychology'")
param2=ABAC.DataTerm("integer", "1956")
head = ABAC.Role(stateU,"diploma")
head.role_add_data_term(param1)
head.role_add_data_term(param2)
tail = ABAC.Role(maryann)
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("StateU_diploma_p__Maryann_attr.der")
ctxt.load_attribute_file("StateU_diploma_p__Maryann_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

ctxt.dump_yap_db()
##