Context Navigation

source: libabac/abac_pl_gen.c @ d037f54

mei_rt2mei_rt2_fix_1

Last change on this file since d037f54 was d037f54, checked in by Mei <mei@…>, 12 years ago

1) able to programmatially build structure, bake attribute credential

write it out to a .der file and use prover to bring it back and
process just like other .der files.
-- tested with rt1 like policy without constraint.

2) changed abac_term structure alittle to ready it for 2 pass code

gen.

Property mode set to 100644

File size: 19.3 KB

Rev	Line
[718ad924]	1
	2	/***********************************************************************/
[d037f54]	3	/* clause generation called to generate credential clauses with a */
	4	/* given credential syntax structure (made from parser or from a */
	5	/* pre-existing structure */
	6	/* There are 2 passes, */
	7	/* first pass, process named cred id, and constraint range/role/oset */
	8	/* 2nd pass, process rule left / right */
[718ad924]	9	/***********************************************************************/
	10	#include <stdio.h>
	11	#include <assert.h>
	12	#include <stdlib.h>
	13
[8bd77b5]	14	#include "abac_internal.h"
[718ad924]	15	#include "abac_set.h"
	16	#include "abac_util.h"
	17
	18	#include "uthash.h"
	19
	20	// index to generate C1,C2..
	21	static int cred_count=0;
	22
[7727f26]	23	static int debug=0;
[d037f54]	24	int ABAC_IN_PROLOG=0;
[7727f26]	25
[9335cfa]	26	extern int using_this;
	27
[d037f54]	28
[b5a3da4]	29	extern char* abac_yyfptr_encoded;
	30	extern int abac_yy_cnt_yy_id_certs();
	31	extern void abac_yy_free_yy_id_certs();
	32	extern char *abac_yy_string_yy_id_certs();
	33	extern void abac_yy_free_yy_constraints();
[0d0c3a9]	34	extern char *abac_yy_string_yy_constraints();
[b5a3da4]	35
[718ad924]	36	/***********************************************************************/
[d037f54]	37	char prologIt(char str)
	38	{
	39	char *tmp=NULL;
	40	asprintf(&tmp,"p%s",str);
	41	return tmp;
	42	}
	43
[9335cfa]	44	static char* isX()
	45	{
	46	static char x_string[2]="X";
	47	static char this_string[5]="This";
	48	if(using_this)
	49	return this_string;
	50	else
	51	return x_string;
	52	}
	53
[718ad924]	54	static int _get_next_cred_idx()
	55	{
	56	cred_count++;
	57	return cred_count;
	58	}
	59
	60	/* remember to free the returned string */
	61	static char *_compose_cred_list()
	62	{
[da5afdf]	63	int i=cred_count;
[718ad924]	64	if(cred_count==0) return "";
	65
	66	char clist=(char )abac_xmalloc(sizeof(char)(cred_count)3);
	67	strcpy(clist,"C1");
	68	if (cred_count==1) return clist;
	69
	70	i=1;
	71	while(i!=cred_count) {
	72	i++;
	73	sprintf(clist,"%s,C%d",clist,i);
	74	}
	75	return clist;
	76	}
	77
[7b548fa]	78	/***********************************************************************/
[8bd77b5]	79	/* generate role(p_name, r_name, param..) */
	80	/* or oset(p_name, r_name, param..) */
	81	static char* generate_pl_head_string(abac_aspect_t *ptr)
[718ad924]	82	{
	83	char *tmp=NULL;
[d037f54]	84	char *principalname;
	85	PROLOG(principalname=abac_aspect_principal_name(ptr););
[8bd77b5]	86	char *aspectname=abac_aspect_aspect_name(ptr);
	87	char *typestring=abac_aspect_type_string(ptr);
[718ad924]	88	char *param_string=NULL;
	89	int cnt=0;
	90
	91	/* can not be a linked role */
[8bd77b5]	92	abac_param_list_t *aspect_params=abac_aspect_aspect_params(ptr);
	93	if(aspect_params) {
[d037f54]	94	PROLOG(param_string=abac_param_list_string(aspect_params););
[718ad924]	95	}
	96
	97	if (param_string != NULL) {
[8bd77b5]	98	cnt=asprintf(&tmp,"%s(%s,%s,%s)",
	99	typestring, principalname, aspectname, param_string);
[718ad924]	100	free(param_string);
	101	} else {
[8bd77b5]	102	cnt=asprintf(&tmp,"%s(%s,%s)",
	103	typestring, principalname, aspectname);
[718ad924]	104	}
[7727f26]	105
[8bd77b5]	106	if(debug && tmp) printf("head_string: (%s)\n",tmp);
[718ad924]	107	if(cnt>0)
	108	return tmp;
	109	else
	110	return NULL;
	111	}
	112
	113	/* generate role(p_name, r_name, param..) with isMember call ?? */
[8bd77b5]	114	/* generate oset(p_name, r_name, param..) with isMember call ?? */
	115	static char* generate_pl_tail_string(abac_aspect_t *ptr)
[718ad924]	116	{
	117
[da5afdf]	118	char *tmp=NULL;
	119
[8bd77b5]	120	/* for oset case,
[da5afdf]	121	A.oset <- B
	122	A.oset <- Obj
	123	A.oset <- B.oset
	124	A.oset <- B.role.oset
	125	*/
[8bd77b5]	126	/* o only if it is an oset and object */
	127	if(abac_aspect_is_object(ptr)) {
	128	char *objectname=abac_aspect_object_name(ptr);
[da5afdf]	129	tmp=abac_xstrdup(objectname);
[8bd77b5]	130	if(debug && tmp) printf("tail_string1: (%s)\n",tmp);
[da5afdf]	131	return tmp;
	132	} else {
[d037f54]	133	char *principalname;
	134	PROLOG(principalname=abac_aspect_principal_name(ptr););
[8bd77b5]	135	char *aspectname=abac_aspect_aspect_name(ptr);
	136	char *linkedname=abac_aspect_linked_role_name(ptr);
	137	char *typestring=abac_aspect_type_string(ptr);
[da5afdf]	138
	139	char *param_string=NULL;
	140	char *linked_param_string=NULL;
	141	int cnt=0;
[8bd77b5]	142
	143	abac_param_list_t *aspect_params=abac_aspect_aspect_params(ptr);
	144	if(aspect_params) {
[d037f54]	145	PROLOG(param_string=abac_param_list_string(aspect_params););
[da5afdf]	146	}
[8bd77b5]	147
	148	abac_param_list_t *linked_role_params=abac_aspect_linked_role_params(ptr);
[da5afdf]	149	if(linked_role_params) {
[d037f54]	150	PROLOG(linked_param_string=abac_param_list_string(linked_role_params););
[da5afdf]	151	}
[8bd77b5]	152
[da5afdf]	153	/* b.r.r */
[8bd77b5]	154	if(linkedname!=NULL && aspectname!=NULL && principalname!=NULL ) {
[da5afdf]	155	int fst=_get_next_cred_idx();
	156	int snd=_get_next_cred_idx();
	157	if(linked_param_string !=NULL) {
	158	if (param_string != NULL) {
[8bd77b5]	159	cnt=asprintf(&tmp,"isMember(Y,role(%s,%s,%s),C%d),isMember(%s,%s(Y,%s,%s),C%d)",
	160	principalname,
	161	linkedname,linked_param_string,fst,
	162	isX(), typestring,
	163	aspectname,param_string,snd);
[da5afdf]	164	free(param_string);
	165	} else {
[8bd77b5]	166	cnt=asprintf(&tmp,"isMember(Y,role(%s,%s,%s),C%d),isMember(%s,%s(Y,%s),C%d)",
	167	principalname,
	168	linkedname,linked_param_string,fst,
	169	isX(), typestring,
	170	aspectname,snd);
[da5afdf]	171	}
	172	free(linked_param_string);
	173	} else {
[8bd77b5]	174	if (aspect_params != NULL) {
	175	cnt=asprintf(&tmp,"isMember(Y,role(%s,%s),C%d),isMember(%s,%s(Y,%s,%s),C%d)",
	176	principalname,
	177	linkedname,fst,
	178	isX(),typestring,
	179	aspectname,param_string,snd);
[da5afdf]	180	free(param_string);
	181	} else {
[8bd77b5]	182	cnt=asprintf(&tmp,"isMember(Y,role(%s,%s),C%d),isMember(%s,%s(Y,%s),C%d)",
[da5afdf]	183	principalname,
	184	linkedname,fst,
[8bd77b5]	185	isX(),typestring,
	186	aspectname,snd);
[da5afdf]	187	}
	188	}
[8bd77b5]	189	if(debug && tmp) printf("tail_string1: (%s)\n",tmp);
[da5afdf]	190	if(cnt>0)
	191	return tmp;
	192	else
	193	return NULL;
	194	}
	195	/* b.r */
[8bd77b5]	196	if(linkedname==NULL && aspectname!=NULL && principalname!=NULL ) {
[da5afdf]	197	int fst=_get_next_cred_idx();
	198	if(param_string != NULL) {
[8bd77b5]	199	cnt=asprintf(&tmp,"isMember(%s,%s(%s,%s,%s),C%d)",
	200	isX(),typestring,
	201	principalname, aspectname, param_string, fst);
[da5afdf]	202	free(param_string);
	203	} else {
[8bd77b5]	204	cnt=asprintf(&tmp,"isMember(%s,%s(%s,%s),C%d)",
	205	isX(), typestring,
	206	principalname, aspectname, fst);
[da5afdf]	207	}
[8bd77b5]	208	if(debug && tmp) printf("tail_string2: (%s)\n",tmp);
[da5afdf]	209	if(cnt>0)
	210	return tmp;
	211	else
	212	return NULL;
	213	}
	214	/* b */
[8bd77b5]	215	if(linkedname==NULL && aspectname==NULL && principalname!=NULL ) {
[da5afdf]	216	tmp=abac_xstrdup(principalname);
[8bd77b5]	217	if(debug && tmp) printf("tail_string3: (%s)\n",tmp);
[da5afdf]	218	return tmp;
	219	}
[8bd77b5]	220
	221	if(debug && tmp) printf("tail_string4: (%s)\n",tmp);
	222	return tmp;
	223	}
[da5afdf]	224	return tmp;
	225	}
[8bd77b5]	226
[da5afdf]	227
	228	/********************************************************************************/
	229
	230	static char _build_constraint_rule_clause(char head_string, char *tail_string)
	231	{
	232	/only, A.R <- B /
	233	char *tmp;
	234	int idx=_get_next_cred_idx();
	235	asprintf(&tmp, "isMember(%s,%s,C%d)", tail_string,head_string,idx);
	236	return tmp;
	237	}
	238
[8bd77b5]	239	static char _build_rule_clause(char aspectname, char *head_string,
[d5bbd3e]	240	char tail_string, char id_string, char *constraint_string)
[718ad924]	241	{
	242	char *tmp=NULL;
	243
[8bd77b5]	244	if(aspectname == NULL) {
[718ad924]	245	/* A.R <- B */
[d5bbd3e]	246	if(id_string == NULL && constraint_string == NULL) {
[da5afdf]	247	asprintf(&tmp, "isMember(%s,%s,['%s'])",
	248	tail_string,head_string,abac_yyfptr_encoded);
	249	} else {
[d5bbd3e]	250	if(id_string == NULL) {
	251	asprintf(&tmp, "isMember(%s,%s,['%s']) :- %s",
	252	tail_string,head_string,abac_yyfptr_encoded,
	253	constraint_string);
	254	} else if(constraint_string == NULL) {
	255	asprintf(&tmp, "isMember(%s,%s,['%s']) :- %s",
	256	tail_string,head_string,abac_yyfptr_encoded,
	257	id_string);
	258	} else { asprintf(&tmp, "isMember(%s,%s,['%s']) :- %s,%s",
	259	tail_string,head_string,abac_yyfptr_encoded,
	260	id_string, constraint_string);
	261	}
[718ad924]	262	}
	263	} else {
	264	/* A.R <- B.R */
	265	/* A.R <- B.R.R */
	266	if (cred_count==0) {
[d5bbd3e]	267	if(id_string == NULL && constraint_string == NULL) {
[9335cfa]	268	asprintf(&tmp,"isMember(%s,%s,['%s']):-%s",
	269	isX(),
[da5afdf]	270	head_string, abac_yyfptr_encoded, tail_string);
[718ad924]	271	} else {
[d5bbd3e]	272	if(id_string == NULL) {
[9335cfa]	273	asprintf(&tmp,"isMember(%s,%s,['%s']):-%s,%s",
	274	isX(),
[d5bbd3e]	275	head_string, abac_yyfptr_encoded, tail_string,
	276	constraint_string);
	277	} else if(constraint_string == NULL) {
[9335cfa]	278	asprintf(&tmp,"isMember(%s,%s,['%s']):-%s,%s",
	279	isX(),
[d5bbd3e]	280	head_string, abac_yyfptr_encoded, id_string,
	281	tail_string);
	282	} else {
[9335cfa]	283	asprintf(&tmp,"isMember(%s,%s,['%s']):-%s,%s,%s",
	284	isX(),
[d5bbd3e]	285	head_string, abac_yyfptr_encoded, id_string,
	286	tail_string, constraint_string);
	287	}
[718ad924]	288	}
	289	} else {
	290	char *tmp_cred_list=_compose_cred_list();
[d5bbd3e]	291	if(id_string == NULL && constraint_string == NULL) {
[9335cfa]	292	asprintf(&tmp,"isMember(%s,%s,L):-%s, appendL([['%s'],%s],L)",
	293	isX(),
[da5afdf]	294	head_string, tail_string,
	295	abac_yyfptr_encoded, tmp_cred_list);
[718ad924]	296	} else {
[d5bbd3e]	297	if(id_string == NULL) {
[9335cfa]	298	asprintf(&tmp,"isMember(%s,%s,L):-%s, %s, appendL([['%s'],%s],L)",
	299	isX(),
[d5bbd3e]	300	head_string, tail_string, constraint_string,
[da5afdf]	301	abac_yyfptr_encoded, tmp_cred_list);
[d5bbd3e]	302	} else if(constraint_string == NULL) {
[9335cfa]	303	asprintf(&tmp,"isMember(%s,%s,L):-%s, %s, appendL([['%s'],%s],L)",
	304	isX(),
[d5bbd3e]	305	head_string, id_string, tail_string,
	306	abac_yyfptr_encoded, tmp_cred_list);
	307	} else {
[9335cfa]	308	asprintf(&tmp,"isMember(%s,%s,L):-%s, %s, %s, appendL([['%s'],%s],L)",
	309	isX(),
[d5bbd3e]	310	head_string, id_string, tail_string,
	311	constraint_string,
	312	abac_yyfptr_encoded, tmp_cred_list);
	313	}
[718ad924]	314	}
	315	free(tmp_cred_list);
	316	cred_count=0;
	317	}
	318	}
[da5afdf]	319	return tmp;
	320	}
	321
	322
[8bd77b5]	323	static char generate_pl_rule_clause(char head_rule_string,
	324	abac_aspect_t tail_rule, char id_string, char *constraint_string)
[da5afdf]	325	{
[8bd77b5]	326	char *aspectname=abac_aspect_aspect_name(tail_rule);
	327	char *tail_rule_string=generate_pl_tail_string(tail_rule);
	328	if(aspectname == NULL && tail_rule_string == NULL)
[da5afdf]	329	goto error;
[8bd77b5]	330	char *tmp=_build_rule_clause(aspectname,head_rule_string, tail_rule_string,
[d5bbd3e]	331	id_string, constraint_string);
[8bd77b5]	332	if(tail_rule_string) free(tail_rule_string);
[da5afdf]	333	return tmp;
	334
	335	error:
[8bd77b5]	336	if(tail_rule_string) free(tail_rule_string);
[da5afdf]	337	return NULL;
	338	}
	339
[718ad924]	340	static char _add_string(char dstr, char *nstr)
	341	{
	342	if(strlen(dstr)==0) {
	343	dstr=abac_xstrdup(nstr);
	344	return dstr;
	345	} else {
	346	int len = strlen(dstr)+strlen(nstr)+2;
	347	char tmp=abac_xmalloc(lensizeof(char));
	348	sprintf(tmp,"%s,%s", dstr,nstr);
	349	free(dstr);
	350	return tmp;
	351	}
	352	return NULL;
	353	}
	354
[d5bbd3e]	355	static char _build_intersecting_clause(char head_role_string,
	356	char tail_role_string, char id_string, char* constraint_string)
[da5afdf]	357	{
	358	char *tmp;
	359
	360	if (cred_count==0) {
[d5bbd3e]	361	if(id_string == NULL && constraint_string == NULL) {
[9335cfa]	362	asprintf(&tmp,"isMember(%s,%s,['%s']):-%s",
	363	isX(),
[da5afdf]	364	head_role_string, abac_yyfptr_encoded, tail_role_string);
	365	} else {
[d5bbd3e]	366	if(id_string == NULL) {
[9335cfa]	367	asprintf(&tmp,"isMember(%s,%s,['%s']):-%s, %s",
	368	isX(),
[d5bbd3e]	369	head_role_string, abac_yyfptr_encoded,
	370	tail_role_string, constraint_string);
	371	} else if(constraint_string == NULL) {
[9335cfa]	372	asprintf(&tmp,"isMember(%s,%s,['%s']):-%s, %s",
	373	isX(),
[e88c95b]	374	head_role_string, abac_yyfptr_encoded,
[d5bbd3e]	375	id_string, tail_role_string);
	376	} else {
[9335cfa]	377	asprintf(&tmp,"isMember(%s,%s,['%s']):-%s, %s, %s",
	378	isX(),
[d5bbd3e]	379	head_role_string, abac_yyfptr_encoded,
	380	id_string, tail_role_string, constraint_string);
	381	}
[da5afdf]	382	}
	383	} else {
	384	char *tmp_cred_list=_compose_cred_list();
[d5bbd3e]	385	if(id_string == NULL && constraint_string == NULL) {
[9335cfa]	386	asprintf(&tmp,"isMember(%s,%s,L):-%s, appendL([['%s'],%s],L)",
	387	isX(),
[da5afdf]	388	head_role_string, tail_role_string,
	389	abac_yyfptr_encoded, tmp_cred_list);
	390	} else {
[d5bbd3e]	391	if(id_string == NULL) {
[9335cfa]	392	asprintf(&tmp,"isMember(%s,%s,L):-%s, %s, appendL([['%s'],%s],L)",
	393	isX(),
[d5bbd3e]	394	head_role_string, tail_role_string, constraint_string,
	395	abac_yyfptr_encoded, tmp_cred_list);
	396	} else if(constraint_string == NULL) {
[9335cfa]	397	asprintf(&tmp,"isMember(%s,%s,L):-%s, %s, appendL([['%s'],%s],L)",
	398	isX(),
[d5bbd3e]	399	head_role_string, id_string, tail_role_string,
	400	abac_yyfptr_encoded, tmp_cred_list);
	401	} else {
[9335cfa]	402	asprintf(&tmp,"isMember(%s,%s,L):-%s, %s, %s, appendL([['%s'],%s],L)",
	403	isX(),
[d5bbd3e]	404	head_role_string, id_string, tail_role_string, constraint_string,
	405	abac_yyfptr_encoded, tmp_cred_list);
	406	}
[da5afdf]	407	}
	408	free(tmp_cred_list);
	409	cred_count=0;
	410	}
	411	return tmp;
	412	}
	413
[8bd77b5]	414	static char generate_pl_intersecting_clause(char head_role_string,
	415	abac_aspect_t tail_role, char id_string, char* constraint_string)
[718ad924]	416	{
	417	char *tmp=NULL;
	418	char* tail_role_string=NULL;
[8bd77b5]	419	abac_list_t *list=abac_aspect_prereqs(tail_role);
[718ad924]	420	/* A.R <- B.R & C.R.R */
[8bd77b5]	421	/* A.O <- B.O & C.R.O */
[718ad924]	422
	423	if (list != NULL) {
[8bd77b5]	424	abac_aspect_t *cur;
[718ad924]	425	abac_list_foreach(list, cur,
[8bd77b5]	426	char *ntmp=generate_pl_tail_string(cur);
	427	if(debug) printf(" intersecting tail: (%s)\n",ntmp);
	428	if(tail_role_string==NULL) {
	429	tail_role_string=abac_xstrdup(ntmp);
	430	} else {
	431	tmp=tail_role_string;
	432	tail_role_string=NULL;
	433	asprintf(&tail_role_string,"%s, %s",tmp,ntmp);
	434	free(tmp);
	435	}
[718ad924]	436	free(ntmp);
	437	);
	438	}
	439
[8bd77b5]	440	if(debug) printf(" final intersecting tail: (%s)\n",tail_role_string);
[d5bbd3e]	441	tmp=_build_intersecting_clause(head_role_string, tail_role_string, id_string,constraint_string);
[718ad924]	442	if(tail_role_string) free(tail_role_string);
	443	return tmp;
	444	}
	445
	446	/* generate the yap isMember rule clause for the credential stmt */
[8bd77b5]	447	abac_list_t generate_pl_clauses(abac_aspect_t head_aspect, abac_aspect_t *tail_aspect)
[718ad924]	448	{
	449	char *tmp=NULL;
[d5bbd3e]	450	char *id_clauses_string=NULL;
	451	char *constraint_clauses_string=NULL;
[718ad924]	452	abac_list_t *clauses=abac_list_new();
[da5afdf]	453
[b5a3da4]	454	int cnt=abac_yy_cnt_yy_id_certs();
[718ad924]	455	if(cnt > 0) { /* string it up */
[d5bbd3e]	456	id_clauses_string=abac_yy_string_yy_id_certs();
[b5a3da4]	457	abac_yy_free_yy_id_certs();
[718ad924]	458	}
	459
[8bd77b5]	460	/* make a loop here */
[b5a3da4]	461	cnt=abac_yy_cnt_yy_constraints();
[da5afdf]	462	if(cnt > 0) {
[d5bbd3e]	463	constraint_clauses_string=abac_yy_string_yy_constraints();
[b5a3da4]	464	abac_yy_free_yy_constraints();
[da5afdf]	465	}
	466
[8bd77b5]	467	/* generate head's string */
	468	char *head_string=generate_pl_head_string(head_aspect);
	469	if(head_string == NULL)
[718ad924]	470	goto error;
	471
	472	/* tail side */
[8bd77b5]	473	if(abac_aspect_is_intersection(tail_aspect)) {
	474	tmp=generate_pl_intersecting_clause(head_string, tail_aspect,
[d5bbd3e]	475	id_clauses_string, constraint_clauses_string);
[718ad924]	476	} else {
[8bd77b5]	477	tmp=generate_pl_rule_clause(head_string, tail_aspect,
[d5bbd3e]	478	id_clauses_string, constraint_clauses_string);
[718ad924]	479	}
	480	if(tmp==NULL)
	481	goto error;
[da5afdf]	482
[718ad924]	483	abac_list_add(clauses,tmp);
	484	return clauses;
	485
	486	error:
[8bd77b5]	487	if(head_string) free(head_string);
[d5bbd3e]	488	if(id_clauses_string) free(id_clauses_string);
	489	if(constraint_clauses_string) free(constraint_clauses_string);
[da5afdf]	490	return clauses;
	491	}
	492
	493	/* should be just 1 */
[8bd77b5]	494	char generate_pl_constraint_clause(abac_aspect_t head_aspect, char *tail_string)
[da5afdf]	495	{
[8bd77b5]	496	/* generate head's role or oset string */
	497	char *head_string=generate_pl_head_string(head_aspect);
	498	if(head_string == NULL)
[da5afdf]	499	goto error;
	500
	501	/* tail side */
[8bd77b5]	502	char *tmp=_build_constraint_rule_clause(head_string, tail_string);
[da5afdf]	503	if(tmp==NULL)
	504	goto error;
	505
	506	return tmp;
	507
	508	error:
[8bd77b5]	509	if(head_string) free(head_string);
[da5afdf]	510	return NULL;
	511	}
	512
[d5bbd3e]	513	/* integer(X)<10 */
	514	/* X='abc' */
	515	char generate_pl_range_constraint(char typestr,char var,char val,char *op)
[da5afdf]	516	{
	517	char *tmp=NULL;
[d5bbd3e]	518	if(typestr)
	519	asprintf(&tmp,"%s(%s)%s%s",typestr,var,op,val);
	520	else
	521	asprintf(&tmp,"%s%s%s",var,op,val);
[da5afdf]	522	return tmp;
	523	}
	524
[7b548fa]	525	/* compare(op,var,val) */
	526	char generate_pl_range_time_constraint(char var,char val,char op)
	527	{
	528	char *tmp=NULL;
	529	asprintf(&tmp,"compare(%s,%s,%s)",op,var,val);
	530	return tmp;
	531	}
	532
[718ad924]	533	/* generate the yap isType rule clause for the type,
	534	isType(Acme, keyid); */
	535	char generate_pl_type_clause(char principalname, int type)
	536	{
	537	char *tmp=NULL;
[8bd77b5]	538	char *typeid= abac_idtype_string(type);
[7b548fa]	539	if(typeid==NULL \|\| strcmp(typeid,"NULL")==0)
[d5bbd3e]	540	panic("generate_pl_type_clause: can not have null typeid");
[718ad924]	541	int cnt=asprintf(&tmp,"isType(%s,%s)",
	542	principalname, typeid);
	543	return tmp;
	544	}
	545

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: libabac/abac_pl_gen.c @ d037f54

Download in other formats: