source: examples/python_tests/experiment_create_rt0/query.py @ af8e9b9

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
Last change on this file since af8e9b9 was c0fd8bc, checked in by Mei <mei@…>, 12 years ago

1) add some strcpy for keyid assignments in abac_id

  • Property mode set to 100755
File size: 2.7 KB
Line 
1#!/usr/bin/env python
2
3"""
4Run the queries described in README
5
6cmd: env keystore=`pwd` ./query.py
7"""
8
9import os
10import ABAC
11
12ctxt = ABAC.Context()
13
14# Keystore is the directory containing the principal credentials.
15# Load existing principals and/or policy credentials
16if (os.environ.has_key("keystore")) :
17    keystore=os.environ["keystore"]
18    ctxt.load_directory(keystore)
19else:
20    print("keystore is not set...")
21    exit(1)
22
23# retrieve principals' keyid value from local credential files
24acmeID=ABAC.ID("Acme_ID.pem");
25acmeID.load_privkey("Acme_private.pem");
26ctxt.load_id_chunk(acmeID.cert_chunk())
27acme=acmeID.keyid()
28
29bobID=ABAC.ID("Bob_ID.pem");
30bobID.load_privkey("Bob_private.pem");
31ctxt.load_id_chunk(bobID.cert_chunk())
32bob=bobID.keyid()
33
34aliceID=ABAC.ID("Alice_ID.pem");
35aliceID.load_privkey("Alice_private.pem");
36ctxt.load_id_chunk(aliceID.cert_chunk())
37alice=aliceID.keyid()
38
39globotronID=ABAC.ID("Globotron_ID.pem");
40globotronID.load_privkey("Globotron_private.pem");
41ctxt.load_id_chunk(globotronID.cert_chunk())
42globotron=globotronID.keyid()
43
44##########################################################################
45# dump the loaded attribute policies
46#
47print "\n...policy attribute set..."
48credentials = ctxt.credentials()
49for credential in credentials:
50    print "context: %s <- %s" % (credential.head().string(), credential.tail().string())
51
52##########################################################################
53# is alice a admin at Globotron ?
54# role=[keyid:Globotron].role:admin
55# p=[keyid:Alice]
56
57print "\n===good=============== Globotron.admin <- Alice"
58(success, credentials) = ctxt.query("%s.admin" % globotron, alice)
59
60if success:
61    print "success!"
62else:
63    print "failure!"
64for credential in credentials:
65    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
66
67##########################################################################
68# is bob a admin at Globotron ?
69# role=[keyid:Globotron].role:admin
70# p=[keyid:Bob]
71
72print "\n===bad=============== Globotron.admin <- Bob"
73(success, credentials) = ctxt.query("%s.admin" % globotron, bob)
74if success:
75    print "success!"
76else:
77    print "failure!"
78for credential in credentials:
79    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
80
81##########################################################################
82# can bob create experiment at Acme ?
83# role=[keyid:Acme].role:experiment_create
84# p=[keyid:Bob]
85
86print "\n===good=============== Acme.experiment_create <- Bob"
87(success, credentials) = ctxt.query("%s.experiment_create" % acme, bob)
88if success:
89    print "success!"
90else:
91    print "failure!"
92for credential in credentials:
93    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
Note: See TracBrowser for help on using the repository browser.