Context Navigation

source: examples/python_tests/experiment_create_rt0/query.py @ d6439d4

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml

Last change on this file since d6439d4 was be6cb41, checked in by Mei <mei@…>, 12 years ago
1) forgot to add the new files
Property mode set to `100755`
File size: 2.7 KB

Line
1	#!/usr/bin/env python
2
3	"""
4	Run the queries described in README
5
6	cmd: env keystore=`pwd` ./query.py
7	"""
8
9	import os
10	import ABAC
11
12	ctxt = ABAC.Context()
13
14	# Keystore is the directory containing the principal credentials.
15	# Load existing principals and/or policy credentials
16	if (os.environ.has_key("keystore")) :
17	keystore=os.environ["keystore"]
18	ctxt.load_directory(keystore)
19	else:
20	print("keystore is not set...")
21	exit(1)
22
23	# retrieve principals' keyid value from local credential files
24	acmeID=ABAC.ID("Acme_ID.pem");
25	acmeID.load_privkey("Acme_private.pem");
26	ctxt.load_id_chunk(acmeID.cert_chunk())
27	acme=acmeID.keyid()
28
29	bobID=ABAC.ID("Bob_ID.pem");
30	bobID.load_privkey("Bob_private.pem");
31	ctxt.load_id_chunk(bobID.cert_chunk())
32	bob=bobID.keyid()
33
34	aliceID=ABAC.ID("Alice_ID.pem");
35	aliceID.load_privkey("Alice_private.pem");
36	ctxt.load_id_chunk(aliceID.cert_chunk())
37	alice=aliceID.keyid()
38
39	globotronID=ABAC.ID("Globotron_ID.pem");
40	globotronID.load_privkey("Globotron_private.pem");
41	ctxt.load_id_chunk(globotronID.cert_chunk())
42	globotron=globotronID.keyid()
43
44	##########################################################################
45	# dump the loaded attribute policies
46	#
47	print "\n...policy attribute set..."
48	credentials = ctxt.credentials()
49	for credential in credentials:
50	print "context: %s <- %s" % (credential.head().string(), credential.tail().string())
51
52	##########################################################################
53	# is alice a admin at Globotron ?
54	# role=[keyid:Globotron].role:admin
55	# p=[keyid:Alice]
56
57	print "\n===good=============== Globotron.admin <- Alice"
58	(success, credentials) = ctxt.query("%s.admin" % globotron, alice)
59	if success:
60	print "success!"
61	else:
62	print "failure!"
63	for credential in credentials:
64	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
65
66	##########################################################################
67	# is bob a admin at Globotron ?
68	# role=[keyid:Globotron].role:admin
69	# p=[keyid:Bob]
70
71	print "\n===bad=============== Globotron.admin <- Bob"
72	(success, credentials) = ctxt.query("%s.admin" % globotron, bob)
73	if success:
74	print "success!"
75	else:
76	print "failure!"
77	for credential in credentials:
78	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
79
80	##########################################################################
81	# can bob create experiment at Acme ?
82	# role=[keyid:Acme].role:experiment_create
83	# p=[keyid:Bob]
84
85	print "\n===good=============== Acme.experiment_create <- Bob"
86	(success, credentials) = ctxt.query("%s.experiment_create" % acme, bob)
87	if success:
88	print "success!"
89	else:
90	print "failure!"
91	for credential in credentials:
92	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())

Note: See TracBrowser for help on using the repository browser.

Download in other formats: