source: libabac/abac_pl_pre.c @ e97d2e2

mei_rt2_fix_1
Last change on this file since e97d2e2 was abf8d5d, checked in by Mei <mei@…>, 12 years ago

1) add backtrack/multiple solutions proof code changes and new

examples.
  • Property mode set to 100644
File size: 8.9 KB
Line 
1
2/***********************************************************************/
3/* abac_pl_pre.c                                                       */
4/* clause preprocesing called to make partial prolog clause generations*/
5/*  -> process named cred id, and constraint range/role/oset           */
6/***********************************************************************/
7#include <stdio.h>
8#include <assert.h>
9#include <stdlib.h>
10
11#include "abac_internal.h"
12#include "abac_util.h"
13#include "abac_list.h"
14
15#include "uthash.h"
16
17static int debug=0;
18
19extern char *abac_pl_add_range_constraint_clause(char *var, char *tmplist);
20extern char *generate_pl_range_constraint(char *,char *,char *,char *);
21extern char *generate_pl_range_time_constraint(char *,char *,char *);
22extern char* generate_pl_constraint_clause(abac_aspect_t *, char *);
23
24void preprocess_pl_head(abac_aspect_t *ptr);
25
26/****************************************************************/
27/* add the range condition to constraint list */
28/* this is for integer and float only */
29static void _preprocess_range_numeric_constraint(abac_term_t *ptr)
30{
31   assert(abac_term_constraint(ptr));
32   char *var=abac_term_name(ptr);
33   char *typestr=abac_term_type_name(ptr);
34   abac_condition_t *cond=abac_term_constraint(ptr);
35
36   char *tmplist=NULL;
37   char *tmp=NULL;
38   int as_range=1; /* either , or ; */
39
40   abac_condition_set_range_string(cond);
41
42   abac_list_t *rlist=abac_condition_range_list(cond);
43   abac_item_t *cur;
44   abac_list_foreach(rlist, cur,
45      int type=abac_item_type(cur);
46      char *val=abac_item_val(cur);
47      switch(type) {
48        case e_ITEM_MIN:
49          tmp=generate_pl_range_constraint(typestr,var,val,">=");
50          break;
51        case e_ITEM_MAX:
52          tmp=generate_pl_range_constraint(typestr,var,val,"=<");
53          break;
54        case e_ITEM_TARGET:
55          tmp=generate_pl_range_constraint(NULL,var,val,"=");
56          as_range=0;
57          break;
58      }
59      /* ; is prolog's disjunction built in predicate */
60      if(tmplist) {
61          if(as_range)
62              asprintf(&tmplist,"%s,%s",tmplist,tmp);
63              else
64                  asprintf(&tmplist,"%s;%s",tmplist,tmp);
65          } else {
66              tmplist=tmp;
67      }
68      tmp=NULL;
69      );
70   asprintf(&tmplist,"(%s)",tmplist);
71   abac_pl_add_constraints(tmplist);
72}
73
74/****************************************************************/
75/* this is for time only */
76static void _preprocess_range_time_constraint(abac_term_t *ptr)
77{
78   assert(abac_term_constraint(ptr));
79   char *var=abac_term_name(ptr);
80   char *typestr=abac_term_type_name(ptr);
81   abac_condition_t *cond=abac_term_constraint(ptr);
82   abac_list_t *rlist=abac_condition_range_list(cond);
83   assert(rlist);
84
85   char *tmplist=NULL;
86   char *tmp=NULL;
87   char *ttmp=NULL;
88   char *tlist=NULL;
89   int as_range=1; /* either , or ; */
90
91   abac_condition_set_range_string(cond);
92
93   abac_item_t *cur;
94   /* a list of values -- in chars */
95   abac_list_foreach(rlist, cur,
96      int type=abac_item_type(cur);
97      char *tval=abac_item_val(cur);
98      char *val=abac_term_to_time(tval);
99      switch(type) {
100        case e_ITEM_MIN:
101          ttmp=generate_pl_range_time_constraint(var,val,">");
102          tmp=generate_pl_range_time_constraint(var,val,"=");
103          asprintf(&tlist,"(%s;%s)",ttmp,tmp);
104          tmp=tlist;
105          break;
106        case e_ITEM_MAX:
107          ttmp=generate_pl_range_time_constraint(var,val,"=");
108          tmp=generate_pl_range_time_constraint(var,val,"<");
109          asprintf(&tlist,"(%s;%s)",ttmp,tmp);
110          tmp=tlist;
111          break;
112        case e_ITEM_TARGET:
113          tmp=generate_pl_range_time_constraint(var,val,"=");
114          as_range=0;
115          break;
116      }
117      free(val);
118      /* ; is prolog's disjunction built in predicate */
119      if(tmplist) {
120          if(as_range)
121              asprintf(&tmplist,"%s,%s",tmplist,tmp);
122              else
123                  asprintf(&tmplist,"%s;%s",tmplist,tmp);
124          } else {
125              tmplist=tmp;
126      }
127      tmp=NULL;
128   );
129
130   asprintf(&tmplist,"(%s)",tmplist);
131
132   /* generate a clause with above and add into db */
133   tmp=abac_pl_add_range_constraint_clause(var,tmplist);
134   abac_pl_add_constraints(tmp);
135}
136
137/****************************************************************/
138/* this is for string and urn only */
139static void _preprocess_range_string_constraint(abac_term_t *ptr)
140{
141   assert(abac_term_constraint(ptr));
142   char *var=abac_term_name(ptr);
143   char *typestr=abac_term_type_name(ptr);
144   abac_condition_t *cond=abac_term_constraint(ptr);
145   abac_list_t *rlist=abac_condition_range_list(cond);
146   assert(rlist);
147
148   char *tmplist=NULL;
149   char *tmp=NULL;
150
151   abac_condition_set_range_string(cond);
152   abac_item_t *cur;
153   
154   /* a list of values -- in chars */
155   abac_list_foreach(rlist, cur,
156      int type=abac_item_type(cur);
157      char *val=abac_item_val(cur);
158      switch(type) {
159        case e_ITEM_MIN:
160          panic("_preprocess_range_string_constraint, invalid range type - min"); 
161          break;
162        case e_ITEM_MAX:
163          /* invalid range type */
164          panic("_preprocess_range_string_constraint, invalid range type - max"); 
165          break;
166        case e_ITEM_TARGET:
167          tmp=generate_pl_range_constraint(NULL,var,val,"=");
168          break;
169      }
170      /* ; is prolog's disjunction built in predicate */
171      if(tmplist)
172          asprintf(&tmplist,"%s;%s",tmplist,tmp);
173          else tmplist=tmp;
174      tmp=NULL;
175   );
176   asprintf(&tmplist,"(%s)",tmplist);
177   /* generate a clause with above and add into db */
178   tmp=abac_pl_add_range_constraint_clause(var,tmplist);
179   abac_pl_add_constraints(tmp);
180}
181
182
183/***********************************************************************/
184void preprocess_pl_term(abac_term_t *ptr)
185{
186        /* add id */
187    char *name=abac_term_name(ptr);
188    char *type=abac_term_type_name(ptr);
189   
190    if(abac_term_type(ptr) == e_TERM_PRINCIPAL && abac_term_isnamed(ptr)) {
191        int type=e_KEYID;
192        abac_pl_add_id_certs(name,type);
193        if(debug) fprintf(stderr,"preprocess_pl_term: adding %s to id_certs\n",name);
194    }
195
196    abac_condition_t *cond=abac_term_constraint(ptr);
197    if(cond != NULL) {
198       if(abac_condition_is_range(cond)) {
199           if(abac_term_is_numeric(ptr)) {
200               _preprocess_range_numeric_constraint(ptr);
201               } else if (abac_term_is_alpha(ptr)) {
202                   _preprocess_range_string_constraint(ptr);
203                   } else if (abac_term_is_time(ptr)) {
204                       _preprocess_range_time_constraint(ptr);
205          } 
206          } else {
207             if(debug) fprintf(stderr,"expecting either oset/role constraint with %s\n",name); 
208             abac_aspect_t *cptr=abac_condition_of_aspect(cond);
209             preprocess_pl_head(cptr);
210             /* generate the prolog clause */
211             char *tmp=generate_pl_constraint_clause(cptr,name);
212             abac_condition_set_aspect_string(cond,tmp);
213             abac_pl_add_constraints(tmp);
214       }
215    }
216}
217
218void preprocess_pl_params(abac_param_list_t *ptr)
219{
220   abac_list_t *list=abac_param_list(ptr);
221   assert(list);
222   abac_term_t *cur;
223   abac_list_foreach(list, cur,
224       preprocess_pl_term(cur);
225   );
226}
227
228void preprocess_pl_head(abac_aspect_t *ptr)
229{
230    char *principalname;
231    PROLOG(principalname=abac_aspect_principal_name(ptr););
232    int idtype=abac_aspect_get_issuer_idtype(ptr);
233    abac_pl_add_id_certs(principalname,idtype); 
234    if(debug) 
235        fprintf(stderr,"preprocess_pl_head: adding %s to id_certs\n",principalname);
236
237    abac_param_list_t *aspect_params=abac_aspect_aspect_params(ptr);
238    if(aspect_params) {
239       preprocess_pl_params(aspect_params);
240    }
241
242}
243
244void preprocess_pl_tail(abac_aspect_t *ptr)
245{
246    /* if it is an intersection, preprocess each one */
247
248    abac_list_t *list=abac_aspect_prereqs(ptr);
249    if(list != 0) {
250        abac_aspect_t *cur;
251        abac_list_foreach(list, cur,
252            if(cur)
253               preprocess_pl_tail(cur);
254        );
255        return;
256    }
257
258/* for oset case,
259   A.oset <- B
260   A.oset <- Obj
261   A.oset <- B.oset
262   A.oset <- B.role.oset
263*/
264    /* if it is an oset and object */
265    if(abac_aspect_is_object(ptr)) {
266        abac_term_t *tptr=abac_aspect_object_term(ptr);
267        if(tptr)
268            preprocess_pl_term(tptr);
269        } else {
270            char *principalname;
271            PROLOG(principalname=abac_aspect_principal_name(ptr););
272            int idtype=abac_aspect_get_issuer_idtype(ptr);
273            abac_pl_add_id_certs(principalname,idtype);
274           if(debug) 
275               fprintf(stderr,"preprocess_pl_tail: adding %s to id_certs\n",principalname);
276            abac_param_list_t *aspect_params=abac_aspect_aspect_params(ptr);
277            if(aspect_params) {
278               preprocess_pl_params(aspect_params);
279            }
280   
281            abac_param_list_t *linked_role_params=abac_aspect_linked_role_params(ptr);
282            if(linked_role_params) {
283               preprocess_pl_params(linked_role_params);
284            }
285    }
286}
287   
288
289
Note: See TracBrowser for help on using the repository browser.