Context Navigation

source: examples/python_tests/evaluator_rt1/attr.py @ da78b95

mei_rt2mei_rt2_fix_1

Last change on this file since da78b95 was f824a9e, checked in by Mei <mei@…>, 12 years ago
1) add more doc to python_tests
Property mode set to `100755`
File size: 4.4 KB

Rev	Line
[5f551d3]	1	#!/usr/bin/env python
	2
	3	"""
[f824a9e]	4	See README in this directory for the semantics of the example. This file
	5	constructs the credentials described and puts copies into this directory
[5f551d3]	6
	7	cmd1:env keystore=`pwd` ./attr.py
	8	"""
	9
	10	import os
	11	import ABAC
	12
	13	ctxt = ABAC.Context()
	14	print "ABAC version %s" % ctxt.version()
	15
[f824a9e]	16	# Keystore is the directory containing the principal credentials.
	17	# Load existing principals and/or policy credentials
	18	if (os.environ.has_key("keystore")) :
	19	keystore=os.environ["keystore"]
	20	ctxt.load_directory(keystore)
[5f551d3]	21
	22	out = ctxt.context_principals()
	23	print "...initial principal set..."
	24	for x in out[1]:
	25	print "%s " % x.string()
	26	print "\n"
	27
	28	out = ctxt.context_credentials()
	29	print "...initial policy attribute set..."
	30	for c in out[1]:
	31	print "%s <- %s" % (c.head_string(), c.tail_string())
	32	print "\n"
	33
[f824a9e]	34	# retrieve principals' keyid value from local credential files
[5f551d3]	35	isiID=ABAC.ID("ISI_ID.pem")
	36	isiID.id_load_privkey_file("ISI_private.pem");
	37	isi=isiID.id_keyid()
	38
	39	uscID=ABAC.ID("USC_ID.pem")
	40	uscID.id_load_privkey_file("USC_private.pem");
	41	usc=uscID.id_keyid()
	42
	43	maryannID=ABAC.ID("Maryann_ID.pem")
	44	maryannID.id_load_privkey_file("Maryann_private.pem");
	45	maryann=maryannID.id_keyid()
	46
	47	johnID=ABAC.ID("John_ID.pem")
	48	johnID.id_load_privkey_file("John_private.pem");
	49	john=johnID.id_keyid()
	50
	51	################################################
	52	#[keyid:USC].role:evaluatorOf([principal:?K])
	53	# <-[keyid:USC].role:managerOf([principal:?K])
	54	param=ABAC.DataTerm("principal", "K")
	55	head = ABAC.Role(usc,"evaluatorOf")
	56	head.role_add_data_term(param)
	57	param=ABAC.DataTerm("principal","K")
	58	tail = ABAC.Role(usc,"managerOf")
	59	tail.role_add_data_term(param)
	60	attr=ABAC.Attribute(head, 1800)
	61	attr.attribute_add_tail(tail)
	62	attr.attribute_bake()
	63	attr.attribute_write_cert("USC_evaluatorof_qK__USC_managerof_qK_attr.der")
	64	ctxt.load_attribute_file("USC_evaluatorof_qK__USC_managerof_qK_attr.der")
	65	print attr.string()
	66	print attr.typed_string()
	67	print "\n"
	68
	69	#################################################
[f824a9e]	70	# Credential 1, double uninstantiated parameters
[5f551d3]	71	# [keyid:USC].role:managerOf([principal:?K])
	72	# <-[keyid:ISI].role:managerOf([principal:?K])
	73	#
	74	param=ABAC.DataTerm("principal", "K")
	75	head = ABAC.Role(usc,"managerOf")
	76	head.role_add_data_term(param)
[f824a9e]	77
	78	# create variable princpal parameter
[5f551d3]	79	param=ABAC.DataTerm("principal", "K")
	80	tail = ABAC.Role(isi,"managerOf")
	81	tail.role_add_data_term(param)
	82	attr=ABAC.Attribute(head, 1800)
[f824a9e]	83
	84	# compose the attribute for the policy
[5f551d3]	85	attr.attribute_add_tail(tail)
[f824a9e]	86
	87	# finalize the policy
[5f551d3]	88	attr.attribute_bake()
[f824a9e]	89
	90	# write the policy to a file
[5f551d3]	91	attr.attribute_write_cert("USC_managerof_qK__USC_employee_attr.der")
	92	ctxt.load_attribute_file("USC_managerof_qK__USC_employee_attr.der")
	93	print attr.string()
	94	print attr.typed_string()
	95	print "\n"
	96
	97	#################################################
[f824a9e]	98	# Credential 2
[5f551d3]	99	# [keyid:ISI].role:managerOf([keyid:Maryann])
	100	# <- [keyid:John]
	101	param=ABAC.DataTerm(maryannID)
	102	head = ABAC.Role(isi,"managerOf")
	103	head.role_add_data_term(param)
	104	tail = ABAC.Role(john)
	105	attr=ABAC.Attribute(head, 1800)
	106	attr.attribute_add_tail(tail)
	107	attr.attribute_bake()
	108	attr.attribute_write_cert("ISI_manageof_Maryann__John_attr.der")
	109	ctxt.load_attribute_file("ISI_manageof_Maryann__John_attr.der")
	110	print attr.string()
	111	print attr.typed_string()
	112	print "\n"
	113
	114	################################################
[f824a9e]	115	# Credential 3
[5f551d3]	116	# [keyid:USC].role:employee <- [keyid:ISI].role:employee
	117	head=ABAC.Role(usc,"employee")
	118	tail = ABAC.Role(isi,"employee")
	119	attr=ABAC.Attribute(head, 1800)
	120	attr.attribute_add_tail(tail)
	121	attr.attribute_bake()
	122	attr.attribute_write_cert("USC_employee__ISI_employee_attr.der")
	123	ctxt.load_attribute(attr)
[f824a9e]	124	print attr.string()
	125	print attr.typed_string()
	126	print "\n"
[5f551d3]	127
	128
	129	#################################################
[f824a9e]	130	# Credential 4
[5f551d3]	131	# [keyid:ISI].role:employee <- [keyid:Maryann]
	132	head = ABAC.Role(isi,"employee")
	133	tail= ABAC.Role(maryann)
	134	attr=ABAC.Attribute(head, 1800)
	135	attr.attribute_add_tail(tail)
	136	attr.attribute_bake()
	137	attr.attribute_write_cert("ISI_employee__Maryann_attr.der")
	138	ctxt.load_attribute(attr)
	139	print attr.string()
	140	print attr.typed_string()
	141	print "\n"
	142
	143	#################################################
[f824a9e]	144	# Credential 4
[5f551d3]	145	# [keyid:ISI].role:employee <- [keyid:John]
	146	head = ABAC.Role(isi,"employee")
	147	tail= ABAC.Role(john)
	148	attr=ABAC.Attribute(head, 1800)
	149	attr.attribute_add_tail(tail)
	150	attr.attribute_bake()
	151	attr.attribute_write_cert("ISI_employee__John_attr.der")
	152	ctxt.load_attribute(attr)
	153	print attr.string()
	154	print attr.typed_string()
	155	print "\n"
	156

Note: See TracBrowser for help on using the repository browser.

Download in other formats: