source: examples/python_tests/experiment_create_rt0/query.py @ ff71d24

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
Last change on this file since ff71d24 was be6cb41, checked in by Mei <mei@…>, 12 years ago

1) forgot to add the new files

  • Property mode set to 100755
File size: 2.7 KB
RevLine 
[be6cb41]1#!/usr/bin/env python
2
3"""
4Run the queries described in README
5
6cmd: env keystore=`pwd` ./query.py
7"""
8
9import os
10import ABAC
11
12ctxt = ABAC.Context()
13
14# Keystore is the directory containing the principal credentials.
15# Load existing principals and/or policy credentials
16if (os.environ.has_key("keystore")) :
17    keystore=os.environ["keystore"]
18    ctxt.load_directory(keystore)
19else:
20    print("keystore is not set...")
21    exit(1)
22
23# retrieve principals' keyid value from local credential files
24acmeID=ABAC.ID("Acme_ID.pem");
25acmeID.load_privkey("Acme_private.pem");
26ctxt.load_id_chunk(acmeID.cert_chunk())
27acme=acmeID.keyid()
28
29bobID=ABAC.ID("Bob_ID.pem");
30bobID.load_privkey("Bob_private.pem");
31ctxt.load_id_chunk(bobID.cert_chunk())
32bob=bobID.keyid()
33
34aliceID=ABAC.ID("Alice_ID.pem");
35aliceID.load_privkey("Alice_private.pem");
36ctxt.load_id_chunk(aliceID.cert_chunk())
37alice=aliceID.keyid()
38
39globotronID=ABAC.ID("Globotron_ID.pem");
40globotronID.load_privkey("Globotron_private.pem");
41ctxt.load_id_chunk(globotronID.cert_chunk())
42globotron=globotronID.keyid()
43
44##########################################################################
45# dump the loaded attribute policies
46#
47print "\n...policy attribute set..."
48credentials = ctxt.credentials()
49for credential in credentials:
50    print "context: %s <- %s" % (credential.head().string(), credential.tail().string())
51
52##########################################################################
53# is alice a admin at Globotron ?
54# role=[keyid:Globotron].role:admin
55# p=[keyid:Alice]
56
57print "\n===good=============== Globotron.admin <- Alice"
58(success, credentials) = ctxt.query("%s.admin" % globotron, alice)
59if success:
60    print "success!"
61else:
62    print "failure!"
63for credential in credentials:
64    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
65
66##########################################################################
67# is bob a admin at Globotron ?
68# role=[keyid:Globotron].role:admin
69# p=[keyid:Bob]
70
71print "\n===bad=============== Globotron.admin <- Bob"
72(success, credentials) = ctxt.query("%s.admin" % globotron, bob)
73if success:
74    print "success!"
75else:
76    print "failure!"
77for credential in credentials:
78    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
79
80##########################################################################
81# can bob create experiment at Acme ?
82# role=[keyid:Acme].role:experiment_create
83# p=[keyid:Bob]
84
85print "\n===good=============== Acme.experiment_create <- Bob"
86(success, credentials) = ctxt.query("%s.experiment_create" % acme, bob)
87if success:
88    print "success!"
89else:
90    print "failure!"
91for credential in credentials:
92    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
Note: See TracBrowser for help on using the repository browser.