source: examples/python_tests/basic_attribute/attr.py @ 20eaefe

mei_rt2mei_rt2_fix_1
Last change on this file since 20eaefe was 09531ca, checked in by Mei <mei@…>, 12 years ago

1) add config check for perl thread, and optional jni.h
2) tweak for freebsd8

  • Property mode set to 100755
File size: 2.8 KB
Line 
1#!/usr/bin/env python
2
3"""
4  to test with python
5
6cmd1:env keystore=`pwd` ./attr.py
7
8"""
9
10import os
11import ABAC
12
13ctxt = ABAC.Context()
14
15def print_p(ctxt, tt, msg):
16    os.environ["ABAC_CN"]="1"
17    out = ctxt.context_principals()
18    print "%s principal set..." % tt
19    for x in out[1]:
20        print "%s%s " % (msg,x.string())
21    del os.environ["ABAC_CN"]
22
23def print_a(ctxt, tt, msg):
24    os.environ["ABAC_CN"]="1"
25    print "%s rule set..." % tt
26    out = ctxt.context_credentials()
27    for x in out[1]:
28        print "%s%s " % (msg,x.string())
29    del os.environ["ABAC_CN"]
30
31##wrint db with ABAC_CN enabled
32def print_db(ctxt):
33    ctxt.dump_yap_db()
34
35# Keystore is the directory containing the principal credentials.
36# Load existing principals and/or policy credentials
37if (os.environ.has_key("keystore")) :
38    keystore=os.environ["keystore"]
39else:
40    print("keystore is not set...")
41    exit(1) 
42
43superKID=ABAC.ID("SuperK_ID.pem");
44superKID.id_load_privkey_file("SuperK_private.pem");
45ctxt.load_id(superKID)
46superK=superKID.id_keyid()
47
48jackID=ABAC.ID("Jack_ID.pem");
49jackID.id_load_privkey_file("Jack_private.pem");
50ctxt.load_id(jackID)
51jack=jackID.id_keyid()
52
53bobID=ABAC.ID("Bob_ID.pem");
54bobID.id_load_privkey_file("Bob_private.pem");
55ctxt.load_id(bobID)
56bob=bobID.id_keyid()
57
58maryID=ABAC.ID("Mary_ID.pem");
59maryID.id_load_privkey_file("Mary_private.pem");
60ctxt.load_id(maryID)
61mary=maryID.id_keyid()
62
63#case 1:
64#Only employee of SuperK can park
65#[keyid:SuperK].role:park <- [keyid:SuperK].role:employee
66head = ABAC.Role(superK,"park")
67tail = ABAC.Role(superK,"employee")
68attr=ABAC.Attribute(head, 1800)
69attr.attribute_add_tail(tail)
70attr.attribute_bake()
71attr.attribute_write_cert("SuperK_park__SuperK_employee_attr.der")
72ctxt.load_attribute_file("SuperK_park__SuperK_employee_attr.der")
73print_a(ctxt,"case1", "..")
74
75#case 2:
76#Jack is an employee of SuperK
77#[keyid:SuperK].role:employee <- [keyid:Jack]
78head = ABAC.Role(superK,"employee")
79tail = ABAC.Role(jack)
80attr=ABAC.Attribute(head, 1800)
81attr.attribute_add_tail(tail)
82attr.attribute_bake()
83# create a policy file at the file system
84attr.attribute_write_cert("SuperK_employee__Jack_attr.der")
85ctxt.load_attribute(attr);
86print_a(ctxt,"case2", "....")
87
88#case 3:
89#Bob is an employee of SuperK
90#[keyid:SuperK].role:employee <- [keyid:Jack]
91head = ABAC.Role(superK,"employee")
92tail = ABAC.Role(bob)
93attr=ABAC.Attribute(head, 1800)
94attr.attribute_add_tail(tail)
95attr.attribute_bake()
96chunk=attr.cert_chunk()
97nattr=ABAC.Attribute_chunk(chunk)
98ctxt.load_attribute(nattr);
99print_a(ctxt,"case3", "....")
100
101#case 4:
102#Mary is an employee of SuperK
103#[keyid:SuperK].role:employee <- [keyid:Mary]
104head = ABAC.Role(superK,"employee")
105tail = ABAC.Role(mary)
106attr=ABAC.Attribute(head, 1800)
107attr.attribute_add_tail(tail)
108attr.attribute_bake()
109chunk=attr.cert_chunk()
110ctxt.load_attribute_chunk(chunk);
111print_a(ctxt,"case4", "......")
Note: See TracBrowser for help on using the repository browser.