Context Navigation

source: examples/python_tests/experiment_create_rt0/query.py @ c00fcc3

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml

Last change on this file since c00fcc3 was c0fd8bc, checked in by Mei <mei@…>, 12 years ago
1) add some strcpy for keyid assignments in abac_id
Property mode set to `100755`
File size: 2.7 KB

Line
1	#!/usr/bin/env python
2
3	"""
4	Run the queries described in README
5
6	cmd: env keystore=`pwd` ./query.py
7	"""
8
9	import os
10	import ABAC
11
12	ctxt = ABAC.Context()
13
14	# Keystore is the directory containing the principal credentials.
15	# Load existing principals and/or policy credentials
16	if (os.environ.has_key("keystore")) :
17	keystore=os.environ["keystore"]
18	ctxt.load_directory(keystore)
19	else:
20	print("keystore is not set...")
21	exit(1)
22
23	# retrieve principals' keyid value from local credential files
24	acmeID=ABAC.ID("Acme_ID.pem");
25	acmeID.load_privkey("Acme_private.pem");
26	ctxt.load_id_chunk(acmeID.cert_chunk())
27	acme=acmeID.keyid()
28
29	bobID=ABAC.ID("Bob_ID.pem");
30	bobID.load_privkey("Bob_private.pem");
31	ctxt.load_id_chunk(bobID.cert_chunk())
32	bob=bobID.keyid()
33
34	aliceID=ABAC.ID("Alice_ID.pem");
35	aliceID.load_privkey("Alice_private.pem");
36	ctxt.load_id_chunk(aliceID.cert_chunk())
37	alice=aliceID.keyid()
38
39	globotronID=ABAC.ID("Globotron_ID.pem");
40	globotronID.load_privkey("Globotron_private.pem");
41	ctxt.load_id_chunk(globotronID.cert_chunk())
42	globotron=globotronID.keyid()
43
44	##########################################################################
45	# dump the loaded attribute policies
46	#
47	print "\n...policy attribute set..."
48	credentials = ctxt.credentials()
49	for credential in credentials:
50	print "context: %s <- %s" % (credential.head().string(), credential.tail().string())
51
52	##########################################################################
53	# is alice a admin at Globotron ?
54	# role=[keyid:Globotron].role:admin
55	# p=[keyid:Alice]
56
57	print "\n===good=============== Globotron.admin <- Alice"
58	(success, credentials) = ctxt.query("%s.admin" % globotron, alice)
59
60	if success:
61	print "success!"
62	else:
63	print "failure!"
64	for credential in credentials:
65	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
66
67	##########################################################################
68	# is bob a admin at Globotron ?
69	# role=[keyid:Globotron].role:admin
70	# p=[keyid:Bob]
71
72	print "\n===bad=============== Globotron.admin <- Bob"
73	(success, credentials) = ctxt.query("%s.admin" % globotron, bob)
74	if success:
75	print "success!"
76	else:
77	print "failure!"
78	for credential in credentials:
79	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
80
81	##########################################################################
82	# can bob create experiment at Acme ?
83	# role=[keyid:Acme].role:experiment_create
84	# p=[keyid:Bob]
85
86	print "\n===good=============== Acme.experiment_create <- Bob"
87	(success, credentials) = ctxt.query("%s.experiment_create" % acme, bob)
88	if success:
89	print "success!"
90	else:
91	print "failure!"
92	for credential in credentials:
93	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())

Note: See TracBrowser for help on using the repository browser.

Download in other formats: