source: examples/python_tests/partial_proof_rt1/query.py @ 20eaefe

mei_rt2mei_rt2_fix_1
Last change on this file since 20eaefe was da73657, checked in by Mei <mei@…>, 12 years ago

1) example for partial proof
  • Property mode set to 100755
File size: 4.8 KB
RevLine 
[da73657]1#!/usr/bin/env python
2
3"""
4cmd1:env keystore=`pwd` ./query.py
5cmd2: env ABAC_CN=1 keystore=`pwd` ./query.py
6
7"""
8
9import os
10import ABAC
11
12ctxt = ABAC.Context()
13
14# Keystore is the directory containing the principal credentials.
15# Load existing principals and/or policy credentials
16if (os.environ.has_key("keystore")) :
17    keystore=os.environ["keystore"]
18    ctxt.load_directory(keystore)
19else:
20    print("keystore is not set...")
21    exit(1)
22
23def get_next(ctxt) :
24    while( 1 ) :
25        print ("\nnext proof:")
26        (success, out) = ctxt.next_proof()
27        if(success) :
28            for c in out:
29                print "%s <- %s" % (c.head_string(), c.tail_string())
30        else:
31            print("no more..\n")
32            return
33
34# retrieve principals' keyid value from local credential files
35acmeID=ABAC.ID("Acme_ID.pem");
36acme=acmeID.id_keyid()
37
38oshID=ABAC.ID("Osh_ID.pem");
39osh=oshID.id_keyid()
40
41coyoteID=ABAC.ID("Coyote_ID.pem");
42coyote=coyoteID.id_keyid()
43
44ladybugID=ABAC.ID("Ladybug_ID.pem");
45ladybug=ladybugID.id_keyid()
46
47grannyID=ABAC.ID("Granny_ID.pem");
48granny=grannyID.id_keyid()
49
50poohID=ABAC.ID("Pooh_ID.pem");
51pooh=poohID.id_keyid()
52
53burpeeID=ABAC.ID("Burpee_ID.pem");
54burpee=burpeeID.id_keyid()
55
56##########################################################################
57# dump the loaded principals/policies
58#
59out = ctxt.context_principals()
60print "\n...final principal set..."
61for x in out[1]:
62    print "%s " % x.string()
63out = ctxt.context_credentials()
64print "\n...final policy attribute set..."
65for c in out[1]:
66    print "%s <- %s" % (c.head_string(), c.tail_string())
67
68#ctxt.set_no_partial_proof()
69
70##########################################################################
71# can coyote buy rockets from Acme ?
72# role=[keyid:Acme].role:buy_rockets
73# p =[keyid:coyote]
74role = ABAC.Role(acme,"buy_rockets")
75p = ABAC.Role(coyote)
76print "\n===good============ Acme.buy_rockets <- Coyote"
77out = ctxt.query(role, p)
78for c in out[1]:
79    print "%s <- %s" % (c.head_string(), c.tail_string())
80
81##########################################################################
82# can ladybug buy rockets from Acme ?
83# role=[keyid:Acme].role:buy_rockets
84# p =[keyid:ladybug]
85role = ABAC.Role(acme,"buy_rockets")
86p = ABAC.Role(ladybug)
87print "\n===bad============ Acme.buy_rockets <- Ladybug"
88out = ctxt.query(role, p)
89for c in out[1]:
90    print "%s <- %s" % (c.head_string(), c.tail_string())
91get_next(ctxt)
92
93##########################################################################
94# can ladybug buy rockets from Osh ?
95# role=[keyid:Osh].role:buy_rockets
96# p =[keyid:ladybug]
97role = ABAC.Role(osh,"buy_rockets")
98p = ABAC.Role(ladybug)
99print "\n===good============ Osh.buy_rockets <- Ladybug"
100out = ctxt.query(role, p)
101for c in out[1]:
102    print "%s <- %s" % (c.head_string(), c.tail_string())
103
104##########################################################################
105# can ladybug buy lumbers from Acme ?
106# role=[keyid:Acme].role:buy_lumbers
107# p =[keyid:ladybug]
108role = ABAC.Role(acme,"buy_lumbers")
109p = ABAC.Role(ladybug)
110print "\n===bad============ Acme.buy_lumbers <- Ladybug"
111out = ctxt.query(role, p)
112for c in out[1]:
113    print "%s <- %s" % (c.head_string(), c.tail_string())
114get_next(ctxt)
115
116##########################################################################
117# can pooh buy rockets from Osh ?
118# role=[keyid:Osh].role:buy_rockets
119# p =[keyid:pooh]
120role = ABAC.Role(osh,"buy_rockets")
121p = ABAC.Role(pooh)
122print "\n===bad============ Osh.buy_rockets <- Pooh"
123out = ctxt.query(role, p)
124for c in out[1]:
125    print "%s <- %s" % (c.head_string(), c.tail_string())
126
127##########################################################################
128# can pooh buy rockets from Osh ?
129# role=[keyid:Osh].role:buy_rockets
130# p =[keyid:pooh]
131role = ABAC.Role(osh,"buy_rockets")
132p = ABAC.Role(pooh)
133print "\n===bad============ Osh.buy_rockets <- Pooh"
134out = ctxt.query(role, p)
135for c in out[1]:
136    print "%s <- %s" % (c.head_string(), c.tail_string())
137get_next(ctxt)
138
139##########################################################################
140# can ladybug buy flowers from Acme ?
141# role=[keyid:Acme].role:buy_flowers
142# p =[keyid:ladybug]
143role = ABAC.Role(acme,"buy_flowers")
144param=ABAC.DataTerm(burpeeID)
145role.role_add_data_term(param)
146p = ABAC.Role(ladybug)
147print "\n===good============ Acme.buy_flowers(Burpee) <- Ladybug"
148out = ctxt.query(role, p)
149for c in out[1]:
150    print "%s <- %s" % (c.head_string(), c.tail_string())
151
152##########################################################################
153# can pooh buy flowers from Acme ?
154# role=[keyid:Acme].role:buy_flowers
155# p =[keyid:pooh]
156role = ABAC.Role(acme,"buy_flowers")
157param=ABAC.DataTerm(burpeeID)
158role.role_add_data_term(param)
159p = ABAC.Role(pooh)
160print "\n===bad============ Acme.buy_flowers(Burpee) <- Pooh"
161out = ctxt.query(role, p)
162for c in out[1]:
163    print "%s <- %s" % (c.head_string(), c.tail_string())
164get_next(ctxt)
165
166
Note: See TracBrowser for help on using the repository browser.