source: examples/python_tests/balltime_rt2/query.py @ 20eaefe

mei_rt2mei_rt2_fix_1
Last change on this file since 20eaefe was 646e57e, checked in by Mei <mei@…>, 12 years ago

1) add partial proof

  • Property mode set to 100755
File size: 3.2 KB
Line 
1#!/usr/bin/env python
2
3"""
4Run the queries described in README
5
6cmd1:env keystore=`pwd` ./query.py
7cmd2: env ABAC_CN=1 keystore=`pwd` ./query.py
8
9"""
10
11import os
12import ABAC
13
14ctxt = ABAC.Context()
15ctxt.set_no_partial_proof()
16
17# Keystore is the directory containing the principal credentials.
18# Load existing principals and/or policy credentials
19if (os.environ.has_key("keystore")) :
20    keystore=os.environ["keystore"]
21    ctxt.load_directory(keystore)
22else:
23    print("keystore is not set...")
24    exit(1)
25
26# retrieve principals' keyid value from local credential files
27leagueID=ABAC.ID("League_ID.pem");
28leagueID.id_load_privkey_file("League_private.pem");
29league=leagueID.id_keyid()
30
31johnID=ABAC.ID("John_ID.pem");
32johnID.id_load_privkey_file("John_private.pem");
33john=johnID.id_keyid()
34
35markID=ABAC.ID("Mark_ID.pem");
36markID.id_load_privkey_file("Mark_private.pem");
37mark=markID.id_keyid()
38
39##########################################################################
40# dump the loaded principals/policies
41#
42out = ctxt.context_principals()
43print "\n...final principal set..."
44for x in out[1]:
45    print "%s " % x.string()
46out = ctxt.context_credentials()
47print "\n...final policy attribute set..."
48for c in out[1]:
49    print "%s <- %s" % (c.head_string(), c.tail_string())
50
51##########################################################################
52# can john go to stadium at 1pm?
53# role=[keyid:league].role:stadium([string:'access'],[boolean:true],[time:20120228T130000])
54# p=[keyid:john]
55param1=ABAC.DataTerm("string", "'access'")
56param2=ABAC.DataTerm("boolean", "true")
57param3=ABAC.DataTerm("time", "20120228T130000")
58role = ABAC.Role(league,"stadium")
59role.role_add_data_term(param1)
60role.role_add_data_term(param2)
61role.role_add_data_term(param3)
62p=ABAC.Role(john)
63print "\n===good============ league.stadium(access,true,20120128T130000)<-?-john"
64out = ctxt.query(role, p)
65for c in out[1]:
66    print "%s <- %s" % (c.head_string(), c.tail_string())
67
68##########################################################################
69# can mark go to stadium at 11am?
70# role=[keyid:league].role:stadium([string:'access'],[boolean:true],[time:20120228T110000])
71# p=[keyid:mark]
72param1=ABAC.DataTerm("string", "'access'")
73param2=ABAC.DataTerm("boolean", "true")
74param3=ABAC.DataTerm("time", "20120228T110000")
75role = ABAC.Role(league,"stadium")
76role.role_add_data_term(param1)
77role.role_add_data_term(param2)
78role.role_add_data_term(param3)
79p=ABAC.Role(mark)
80print "\n===bad============ league.stadium(access,true,20120128T110000)<-?-mark"
81out = ctxt.query(role, p)
82for c in out[1]:
83    print "%s <- %s" % (c.head_string(), c.tail_string())
84
85##########################################################################
86# can mark go to stadium at 8am then?
87# role=[keyid:league].role:stadium([string:'access'],[boolean:true],[time:20120228T080000])
88# p=[keyid:mark]
89param1=ABAC.DataTerm("string", "'access'")
90param2=ABAC.DataTerm("boolean", "true")
91param3=ABAC.DataTerm("time", "20120228T080000")
92role = ABAC.Role(league,"stadium")
93role.role_add_data_term(param1)
94role.role_add_data_term(param2)
95role.role_add_data_term(param3)
96p=ABAC.Role(mark)
97print "\n===good============ league.stadium(access,true,20120128T080000)<-?-mark"
98out = ctxt.query(role, p)
99for c in out[1]:
100    print "%s <- %s" % (c.head_string(), c.tail_string())
Note: See TracBrowser for help on using the repository browser.