source: examples/python_tests/balltime_rt2/README @ 2485307

mei_rt2mei_rt2_fix_1
Last change on this file since 2485307 was f824a9e, checked in by Mei <mei@…>, 12 years ago

1) add more doc to python_tests

  • Property mode set to 100755
File size: 2.3 KB
RevLine 
[7211a95]1#####################################################################
2# This example demonstrates using an oset (object set) to control access
3# to files based on the attributes of the principals.  The script creates
4# three principals League, John and Mark and sets out the access policy.
5#
6# files are named by URNs and are not principals.
7#
8# A principal's access rights are controlled by the League principal.  If a
9# principal has the role role::stadium(string:'access',boolean:true,time:now)
10# that  principal can go into stadium if principal's team has a scheduled
11# gametime.  A principal is in team's roster if it is in
12# the oset of players(team) defined by League, written
13# [keyid:League].oset:players(string:'north'))
14#
[f824a9e]15# The file, attr.py, lays out the policy that players of a given team can
[7211a95]16# go to the stadium when it is their team's gametime -- credential 1.
17# or any player of a team that is controlled by the League principal can
18# go to the stadium during stadium's free for all time -- credential 2.
19#
20# Credentials 3 & 4 establish the afernoon gametimes for team(north)
21# and for team(south)
22# Credentials 5 & 6 establish John as player of team(north) and Mark as
23# a player for team(south)
24#
[f824a9e]25# The query.py file runs 3 queries.  First it confirms that John can
[7211a95]26# go to stadium at his team's gametime, then it confirms that Mark cannot
27# go because it is not his gametime, but Mark can go to the stadium during
28# stadium's free-for-all early morning time
29
[f824a9e]30# balltime_rt2
[7211a95]31
[f824a9e]32# Credential 1
[7211a95]33#[keyid:league].role:stadium([string:'access'],[boolean:true],
34#          [time:?F:[keyid:league].oset.gametime([string:?T])])
35#                <-[keyid:league].role:players([string:?T])
36
[f824a9e]37# Credential 2
[7211a95]38#[keyid:league].role:stadium([string:'access'],[boolean:?B:[true],
39#              [time:?F:[20120228T080000..20120228T090000]])
40#               <- [keyid:league].role:players(string:?T)
41
[f824a9e]42# Credential 3
[7211a95]43# [keyid:league].oset:gametime([time:20120228T130000])
44#                    <- [keyid:league].oset:players([string:'north')
45
[f824a9e]46# Credential 4
[7211a95]47# [keyid:league].oset:gametime([time:20120228T140000])
48#                    <- [keyid:league].oset:players([string:'south')
49
[f824a9e]50# Credential 5
[7211a95]51# [keyid:league].role:players([string:'north'])<-[keyid:John]
52
[f824a9e]53# Credential 6
[7211a95]54# [keyid:league].role:players([string:'south'])<-[keyid:Mark]
55
Note: See TracBrowser for help on using the repository browser.