source: examples/python_tests/fruits_rt2/attr.py @ c6d5da3

mei_rt2mei_rt2_fix_1
Last change on this file since c6d5da3 was f824a9e, checked in by Mei <mei@…>, 13 years ago

1) add more doc to python_tests

  • Property mode set to 100755
File size: 5.3 KB
RevLine 
[7211a95]1#!/usr/bin/env python
2
3"""
[f824a9e]4See README in this directory for the semantics of the example.  This file
5constructs the credentials described and puts copies into this directory
6
[7211a95]7cmd1:env keystore=`pwd` ./attr.py
8"""
9
10import os
11import ABAC
12
13ctxt = ABAC.Context()
14print "ABAC version %s" % ctxt.version()
15
[f824a9e]16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
[7211a95]21
22out = ctxt.context_principals()
23print "...initial principal set..."
24for x in out[1]:
25    print "%s " % x.string()
26print "\n" 
27
28out = ctxt.context_credentials()
29print "...initial policy attribute set..."
30for c in out[1]:
31    print "%s <- %s" % (c.head_string(), c.tail_string())
32print "\n"
33
[f824a9e]34# retrieve principals' keyid value from local credential files
[7211a95]35ralphsID=ABAC.ID("Ralphs_ID.pem");
36ralphsID.id_load_privkey_file("Ralphs_private.pem");
37ralphs=ralphsID.id_keyid()
38
39bobID=ABAC.ID("Bob_ID.pem");
40bobID.id_load_privkey_file("Bob_private.pem");
41bob=bobID.id_keyid()
42
43maryID=ABAC.ID("Mary_ID.pem");
44maryID.id_load_privkey_file("Mary_private.pem");
45mary=maryID.id_keyid()
46
47################################################
[f824a9e]48# Credential 1, what kind of fruit Mary would eat. Anything not costing more
49#               than 2 dollars
[7211a95]50# [keyid:mary].oset:what2eat
51#      <- [keyid:ralphs].oset:fruitprice([float:?P:[..2.00]])
52head = ABAC.Oset(mary,"what2eat")
[f824a9e]53
54# initialize a float range constraint
[7211a95]55cond=ABAC.Constraint("float")
[f824a9e]56
57# add the upper max to the range, and only the max
[7211a95]58cond.constraint_add_float_max(2.00)
[f824a9e]59
60# create the data term with the constraint
[7211a95]61param=ABAC.DataTerm("float", "P", cond)
62tail = ABAC.Oset(ralphs,"fruitprice")
63tail.oset_add_data_term(param)
[f824a9e]64
65# compose the attribute policy
[7211a95]66attr=ABAC.Attribute(head, 1800)
67attr.attribute_add_tail(tail)
[f824a9e]68
69#finalize the policy
[7211a95]70attr.attribute_bake()
[f824a9e]71
72#write out the policy to a credential file
[7211a95]73attr.attribute_write_cert("mary_what2eat__ralphs_fruitprice_qP_attr.der")
[f824a9e]74
75# load the rule back into context via credential file
[7211a95]76ctxt.load_attribute_file("mary_what2eat__ralphs_fruitprice_qP_attr.der")
77print attr.string() 
78print attr.typed_string()
79print "\n"
80
81################################################
[f824a9e]82# Credential 2,
[7211a95]83# [keyid:bob].oset:what2eat
84#      <- [keyid:ralphs].oset:fruitprice([float:?P:[1.00..5.00]])
85head = ABAC.Oset(bob,"what2eat")
[f824a9e]86
87# initialze a float range constraint
[7211a95]88cond=ABAC.Constraint("float")
[f824a9e]89
90# add the min and max value to the range
[7211a95]91cond.constraint_add_float_min(1.00)
92cond.constraint_add_float_max(5.00)
93param=ABAC.DataTerm("float", "P", cond)
94tail = ABAC.Oset(ralphs,"fruitprice")
95tail.oset_add_data_term(param)
[f824a9e]96
97#create attribute policy
[7211a95]98attr=ABAC.Attribute(head, 1800)
99attr.attribute_add_tail(tail)
[f824a9e]100
101#finalize the policy
[7211a95]102attr.attribute_bake()
103attr.attribute_write_cert("bob_what2eat__ralphs_fruitprice_qP_attr.der")
104ctxt.load_attribute_file("bob_what2eat__ralphs_fruitprice_qP_attr.der")
105print attr.string() 
106print attr.typed_string()
107print "\n"
108
109#################################################
[f824a9e]110# Credential 3
[7211a95]111# [keyid:ralphs].oset:fruitprice([float:1.50]) <- [string:'apple']
112param=ABAC.DataTerm("float", "1.50")
113head = ABAC.Oset(ralphs,"fruitprice")
114head.oset_add_data_term(param)
115param=ABAC.DataTerm("string", "'apple'")
116tail = ABAC.Oset(param)
117attr=ABAC.Attribute(head, 1800)
118attr.attribute_add_tail(tail)
119attr.attribute_bake()
120attr.attribute_write_cert("Ralphs_fruitprice__apple_attr.der")
121ctxt.load_attribute_file("Ralphs_fruitprice__apple_attr.der")
122print attr.string() 
123print attr.typed_string()
124print "\n"
125
126#################################################
[f824a9e]127# Credential 4
[7211a95]128# [keyid:ralphs].oset:fruitprice([float:1.50]) <- [string:'kiwi']
129param=ABAC.DataTerm("float", "1.50")
130head = ABAC.Oset(ralphs,"fruitprice")
131head.oset_add_data_term(param)
132param=ABAC.DataTerm("string", "'kiwi'")
133tail = ABAC.Oset(param)
134attr=ABAC.Attribute(head, 1800)
135attr.attribute_add_tail(tail)
136attr.attribute_bake()
137attr.attribute_write_cert("Ralphs_fruitprice__kiwi_attr.der")
138ctxt.load_attribute_file("Ralphs_fruitprice__kiwi_attr.der")
139print attr.string() 
140print attr.typed_string()
141print "\n"
142
143#################################################
[f824a9e]144# Credential 5
[7211a95]145# [keyid:ralphs].oset:fruitprice([float:2.50]) <- [string:'black berry']
146param=ABAC.DataTerm("float", "2.50")
147head = ABAC.Oset(ralphs,"fruitprice")
148head.oset_add_data_term(param)
149param=ABAC.DataTerm("string", "'black berry'")
150tail = ABAC.Oset(param)
151attr=ABAC.Attribute(head, 1800)
152attr.attribute_add_tail(tail)
153attr.attribute_bake()
154attr.attribute_write_cert("Ralphs_fruitprice__blackberry_attr.der")
155ctxt.load_attribute_file("Ralphs_fruitprice__blackberry_attr.der")
156print attr.string() 
157print attr.typed_string()
158print "\n"
159
160#################################################
[f824a9e]161# Credential 6
[7211a95]162# [keyid:ralphs].oset:fruitprice([float:0.50]) <- [string:'navel orange']
163param=ABAC.DataTerm("float", "0.50")
164head = ABAC.Oset(ralphs,"fruitprice")
165head.oset_add_data_term(param)
166param=ABAC.DataTerm("string", "'navel orange'")
167tail = ABAC.Oset(param)
168attr=ABAC.Attribute(head, 1800)
169attr.attribute_add_tail(tail)
170attr.attribute_bake()
171attr.attribute_write_cert("Ralphs_fruitprice__navelorange_attr.der")
172ctxt.load_attribute_file("Ralphs_fruitprice__navelorange_attr.der")
173print attr.string() 
174print attr.typed_string()
175print "\n"
176
Note: See TracBrowser for help on using the repository browser.