Context Navigation

source: libabac/rt2.y @ 5110d42

mei_rt2mei_rt2_fix_1

Last change on this file since 5110d42 was 5110d42, checked in by Mei <mei@…>, 12 years ago

1) reorganized the test directory to include python tests
2) attribute via api and principal via api from python scripts is

working (although there is a annoying seg fault at the very end
that must be related to something not been dup()ed.. need to wait
for c example to debug it)

3) able to query via api
4) replicated access_rt2 example in python and the query result matches
5) expanded api to make it easier to generate rt2 structure

Property mode set to 100644

File size: 13.1 KB

Rev	Line
[718ad924]	1
[b5a3da4]	2	/* bison grammar rules for process new rt2 statements */
[718ad924]	3
	4	%{
	5	// include the GNU extension of asprintf
	6	#define _GNU_SOURCE
	7
	8	/* C declarations */
	9	#include <stdio.h>
	10	#include <string.h>
	11
	12	#include "abac_pl_yy.h"
[0d0c3a9]	13	#include "abac_list.h"
[718ad924]	14
[da5afdf]	15	/* lex tie-ins flag */
[718ad924]	16	int yyerror (char *s);
[9335cfa]	17	static int debug=0;
[718ad924]	18
	19	FILE *abac_yyout = NULL;
	20	char *abac_yyfptr = NULL;
[da5afdf]	21	char *abac_yyfptr_encoded = NULL;
[718ad924]	22
[7727f26]	23	#define USE(evalue) ((getenv(evalue)!=NULL)?1:0)
	24
[718ad924]	25	void panic(char *msg);
	26
	27	%}
	28	/* Bison declarations */
	29	%union {
	30	struct _abac_yy_principal_t *pstruct;
[da5afdf]	31	struct _abac_yy_term_principal_t *ppstruct;
	32	struct _abac_yy_term_data_t *pdstruct;
[8bd77b5]	33	struct _abac_yy_roleoset_t *rostruct;
[da5afdf]	34	struct _abac_yy_term_t *dstruct;
	35	struct _abac_yy_expression_t *estruct;
[0d0c3a9]	36	struct _abac_list_t *lstruct;
[718ad924]	37	char string; / For returning char strings */
[da5afdf]	38	int intval; /* for returning some value */
[718ad924]	39	}
[da5afdf]	40
	41	%start input
	42
[718ad924]	43	%type <lstruct> stmt
[8bd77b5]	44	%type <rostruct> rolepart
[da5afdf]	45	%type <estruct> roleleft
	46	%type <estruct> roleright
[718ad924]	47	%type <estruct> roleterm
[8bd77b5]	48	%type <rostruct> osetpart
[da5afdf]	49	%type <estruct> osetleft
	50	%type <estruct> osetright
	51	%type <estruct> osetterm
[718ad924]	52	%type <pstruct> keypart
[da5afdf]	53	%type <dstruct> terms
	54	%type <dstruct> term
[718ad924]	55	%type <pdstruct> typedpart
[da5afdf]	56	%type <pdstruct> otypetail
[718ad924]	57	%type <ppstruct> principalpart
[da5afdf]	58	%type <lstruct> rangetype
	59	%type <lstruct> values
[718ad924]	60
[36b100a]	61	%token <string> IDEN /* keyname or rolename or osetname */
[da5afdf]	62	%token <string> CAPIDEN /* variable name */
	63	%token <string> ROLE /* the word, role */
	64	%token <string> OSET /* the word, oset */
	65	%token <string> PRINCIPAL /* the word, principal */
	66	%token <string> OTYPE /* integer,boolean,urn,time,string,float */
	67	%token <string> OTYPE_CONSTANT
	68	%token <string> VARIABLE_CONSTANT /* constant for ?AAA */
	69	%token <string> KEYTYPE /* keyid \| or something else */
	70	%token <string> KEYID_CONSTANT /* keyid \| or something else */
	71	%token <string> VALUE /* range value in static constraint */
[718ad924]	72
	73	%token <operator> DERIVE "<-"
	74	%token <operator> DOT "."
	75	%token <operator> AND "&"
	76	%token <operator> LPAREN "("
	77	%token <operator> RPAREN ")"
	78	%token <operator> LSQUARE "["
	79	%token <operator> RSQUARE "]"
	80	%token <operator> LANGLE "<"
	81	%token <operator> RANGLE ">"
	82	%token <operator> COLON ":"
	83	%token <operator> COMMA ","
	84	%token <operator> QMARK "?"
[da5afdf]	85	%token <operator> DOTDOT ".."
[718ad924]	86
	87	%%
	88	/* Grammar rules */
	89
	90	input: /* empty */
	91	{ }
[da5afdf]	92	\| stmt
[718ad924]	93	{
[b5a3da4]	94	abac_yy_set_rule_clauses($1);
[718ad924]	95	}
[da5afdf]	96	;
[718ad924]	97
	98	/* generate/concate prolog credentials clauses */
[da5afdf]	99	stmt : roleleft DERIVE roleright
	100	{
	101	abac_yy_expression_t *headexpr=$1;
	102	abac_yy_expression_t *tailexpr=$3;
	103	abac_list_t *ret=make_role_statement(headexpr, tailexpr);
	104	if(ret == NULL) {
	105	panic("unable to parse the role rule statment");
	106	YYERROR;
	107	} else {
	108	$$=ret;
	109	}
	110	}
	111	\| osetleft DERIVE osetright
[718ad924]	112	{
[da5afdf]	113	abac_yy_expression_t *headexpr=$1;
	114	abac_yy_expression_t *tailexpr=$3;
	115	abac_list_t *ret=make_oset_statement(headexpr, tailexpr);
[718ad924]	116	if(ret == NULL) {
[da5afdf]	117	panic("unable to parse the oset rule statment");
[718ad924]	118	YYERROR;
	119	} else {
	120	$$=ret;
	121	}
	122	}
[da5afdf]	123	;
[718ad924]	124	/*
	125	[keyid:isi].role:modifyBy([keyid:mike])
	126	[keyid:acme].role:preferred
	127	*/
[da5afdf]	128	roleleft : keypart DOT rolepart
[718ad924]	129	{
	130	abac_yy_principal_t *keypart=$1;
[8bd77b5]	131	abac_yy_roleoset_t *rolepart=$3;
[da5afdf]	132	abac_yy_expression_t *expr=
	133	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
[718ad924]	134	$$=expr;
	135	}
[da5afdf]	136	;
[718ad924]	137
	138	/* [keyid:mike] */
[da5afdf]	139	keypart : LSQUARE KEYTYPE COLON
[b5a3da4]	140	{ abac_push_keyid_yystate(); }
[da5afdf]	141	KEYID_CONSTANT
[b5a3da4]	142	{ abac_pop_yystate(); }
[da5afdf]	143	RSQUARE
[718ad924]	144	{
[8bd77b5]	145	int idtype=abac_verify_idtype_type($2);
[7727f26]	146	char *tmp=NULL;
[d037f54]	147	asprintf(&tmp,"%s",$5);
[7727f26]	148	char *cn=abac_cn_with_sha(tmp);
[718ad924]	149	if(cn && idtype) {
[7727f26]	150	$$=make_yy_principal(tmp, cn, idtype);
[718ad924]	151	} else {
[9335cfa]	152	if((USE("ABAC_CN")) && cn==NULL) {
[5110d42]	153	asprintf(&tmp,"encountered an invalid SHA id(%s)",$5);
[9335cfa]	154	panic(tmp);
	155	free(tmp);
[7727f26]	156	YYERROR;
	157	}
	158	$$=make_yy_principal(tmp, NULL, idtype);
[718ad924]	159	}
	160	}
[da5afdf]	161	;
[718ad924]	162	/*
	163	role:modifyBy([keyid:mike],[keyid:ted])
	164	role:modifyBy([keyid:mike])
	165	role:preferred
	166	*/
[da5afdf]	167	rolepart : ROLE COLON IDEN LPAREN terms RPAREN
[718ad924]	168	{
[8bd77b5]	169	$$=make_yy_roleoset_role($3,$5);
[718ad924]	170	}
[da5afdf]	171	\| ROLE COLON IDEN
[718ad924]	172	{
[8bd77b5]	173	$$=make_yy_roleoset_role($3,NULL);
[718ad924]	174	}
[da5afdf]	175	;
[718ad924]	176
	177	/*
	178	[keyid:mike],[keyid:ted]
	179	[keyid:mike]
	180	[principal:?Z]
[9335cfa]	181	[principal:?this]
[718ad924]	182	[int:99]
	183	[int:?Z]
	184	[?]
	185	*/
[da5afdf]	186	terms : term COMMA terms
[718ad924]	187	{
[da5afdf]	188	abac_yy_term_t *nterm=$1;
	189	abac_yy_term_t *terms=$3;
	190	$$=add_yy_term(nterm, terms);
[718ad924]	191	}
[da5afdf]	192	\| term
[718ad924]	193	{
	194	$$=$1;
	195	}
[da5afdf]	196	;
[718ad924]	197
[da5afdf]	198	term : LSQUARE QMARK RSQUARE
	199	{ $$= make_yy_term_dterm_anonymous(); }
	200	\| keypart
	201	{ $$= make_yy_term_dterm_named($1); }
	202	\| principalpart
	203	{ $$= make_yy_term_dterm_principal($1); }
	204	\| typedpart
	205	{ $$= make_yy_term_dterm_data($1); }
	206	;
	207
	208	values : VALUE COMMA values
[b5a3da4]	209	{ $$=add_yy_val_range($3, $1); }
[da5afdf]	210	\| VALUE
	211	{ $$=make_yy_val_range($1); }
	212	;
	213
	214
	215	rangetype : LSQUARE VALUE DOTDOT VALUE RSQUARE
	216	{ $$=make_yy_minmax_range($2,$4); }
	217	\| LSQUARE DOTDOT VALUE RSQUARE
	218	{ $$=make_yy_max_range($3); }
	219	\| LSQUARE VALUE DOTDOT RSQUARE
	220	{ $$=make_yy_min_range($2); }
	221	\| LSQUARE values RSQUARE
	222	{ $$=$2; }
	223	;
	224
	225	/* [otype:?Z:{oset-constraint}] */
	226	/* [int:?I:[10 .. 20] */
[c586a3c]	227	/* [float:?F:[0.5 .. 2.5] */
	228	/* [string:?S:["abc",'efg',"hij"] -only listed range */
	229	/* urn same as string */
	230	/* time like int but with quoted string values */
[0d0c3a9]	231	otypetail : VARIABLE_CONSTANT COLON
[da5afdf]	232	{
[b5a3da4]	233	abac_pop_yystate();
	234	abac_push_range_yystate();
[718ad924]	235	}
[da5afdf]	236	rangetype
	237	{
[b5a3da4]	238	abac_pop_yystate();
[9806e76]	239	abac_yy_term_data_t *ptr=make_yy_term_data();
	240	set_yy_term_data_name(ptr,$1);
[da5afdf]	241	set_yy_term_data_is_variable(ptr);
	242	set_yy_term_data_cond_range(ptr,$4);
	243	$$=ptr;
	244	}
	245	\| VARIABLE_CONSTANT
[b5a3da4]	246	{ abac_pop_yystate(); }
[da5afdf]	247	osetleft
	248	{
[9806e76]	249	abac_yy_term_data_t *ptr=make_yy_term_data();
	250	set_yy_term_data_name(ptr,$1);
[da5afdf]	251	set_yy_term_data_is_variable(ptr);
[d845403]	252	set_yy_term_data_cond_head_expr(ptr,$3);
[da5afdf]	253	$$=ptr;
	254	}
	255	\| VARIABLE_CONSTANT
	256	{
[b5a3da4]	257	abac_pop_yystate();
[9806e76]	258	abac_yy_term_data_t *ptr=make_yy_term_data();
	259	set_yy_term_data_name(ptr,$1);
[da5afdf]	260	set_yy_term_data_is_variable(ptr);
	261	$$=ptr;
	262	}
	263	\| OTYPE_CONSTANT
	264	{
[b5a3da4]	265	abac_pop_yystate();
[9806e76]	266	abac_yy_term_data_t *ptr=make_yy_term_data();
	267	set_yy_term_data_name(ptr,$1);
[da5afdf]	268	$$=ptr;
	269	}
[9806e76]	270	\| QMARK
	271	{
	272	abac_pop_yystate();
	273	abac_yy_term_data_t *ptr=make_yy_term_data();
	274	set_yy_term_data_is_anonymous(ptr);
	275	$$= ptr;
	276	}
[da5afdf]	277	;
	278
	279	typedpart : LSQUARE OTYPE COLON
[b5a3da4]	280	{ abac_push_yystate($2); }
[da5afdf]	281	otypetail RSQUARE
	282	{
	283	abac_yy_term_data_t *ptr=$5;
	284	set_yy_term_data_type(ptr,$2);
	285	if(is_yy_term_data_has_constraint(ptr)) {
[9806e76]	286	char *tail_string=get_yy_term_data_name(ptr);
[440ba20]	287	make_yy_range_constraint(ptr);
[e88c95b]	288	make_yy_oset_constraint(ptr,tail_string);
[718ad924]	289	}
[da5afdf]	290	$$=$5;
[718ad924]	291	}
[da5afdf]	292	;
	293
[718ad924]	294
[9806e76]	295	/* [principal:?] */
[718ad924]	296	/* [principal:?Z] */
[9335cfa]	297	/* [principal:?This] */
[da5afdf]	298	/* [principal:?Z{role-constraint}] */
	299	principalpart : LSQUARE PRINCIPAL COLON QMARK IDEN roleleft RSQUARE
	300	{
	301	abac_yy_expression_t *expr=$6;
	302	char *tail_string=$5;
[9806e76]	303	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	304	set_yy_term_principal_name(ptr,tail_string);
[da5afdf]	305	set_yy_term_principal_cond_head_expr(ptr,expr);
[440ba20]	306	make_yy_role_constraint(ptr,tail_string);
[da5afdf]	307	$$=ptr;
	308	}
	309	\| LSQUARE PRINCIPAL COLON QMARK IDEN RSQUARE
[9806e76]	310	{
	311	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	312	set_yy_term_principal_name(ptr,$5);
	313	$$ = ptr;
	314	}
	315	\| LSQUARE PRINCIPAL COLON QMARK RSQUARE
	316	{
	317	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	318	set_yy_term_principal_is_anonymous(ptr);
	319	$$ = ptr;
	320	}
[da5afdf]	321	;
[718ad924]	322
[da5afdf]	323	roleright : roleterm AND roleright
[718ad924]	324	{
[da5afdf]	325	abac_yy_expression_t *nexpr=$1;
	326	abac_yy_expression_t *exprs=$3;
	327	$$=add_yy_expression(nexpr,exprs);
[718ad924]	328	}
[da5afdf]	329	\| roleterm
[718ad924]	330	{ $$=$1; }
[da5afdf]	331	;
[718ad924]	332
	333	/* role at tail/right side
	334	[keyid:usc].role:employee.role:friend
	335	[keyid:usc].role:worker
	336	[keyid:mike]
	337	*/
	338	roleterm : keypart DOT rolepart DOT rolepart
	339	{
	340	abac_yy_principal_t *keypart=$1;
[8bd77b5]	341	abac_yy_roleoset_t *linked_rolepart=$3;
	342	abac_yy_roleoset_t *rolepart=$5;
[da5afdf]	343	abac_yy_expression_t *expr=
	344	make_yy_expression(e_yy_EXPR_LINKED,keypart,rolepart,linked_rolepart);
[718ad924]	345	$$=expr;
	346	}
[da5afdf]	347	\| keypart DOT rolepart
[718ad924]	348	{
	349	abac_yy_principal_t *keypart=$1;
[8bd77b5]	350	abac_yy_roleoset_t *rolepart=$3;
[da5afdf]	351	abac_yy_expression_t *expr=
	352	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
[718ad924]	353	$$=expr;
	354	}
[da5afdf]	355	\| keypart
[718ad924]	356	{
	357	abac_yy_principal_t *keypart=$1;
[da5afdf]	358	abac_yy_expression_t *expr=
	359	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
[718ad924]	360	$$=expr;
	361	}
[da5afdf]	362	;
	363
	364	osetterm : keypart DOT rolepart DOT osetpart
	365	{
	366	abac_yy_principal_t *keypart=$1;
[8bd77b5]	367	abac_yy_roleoset_t *linked_rolepart=$3;
	368	abac_yy_roleoset_t *osetpart=$5;
[da5afdf]	369	abac_yy_expression_t *expr=
	370	make_yy_expression(e_yy_EXPR_LINKED,keypart,osetpart,linked_rolepart);
	371	$$=expr;
	372	}
	373	\| keypart DOT osetpart
	374	{
	375	abac_yy_principal_t *keypart=$1;
[8bd77b5]	376	abac_yy_roleoset_t *osetpart=$3;
[da5afdf]	377	abac_yy_expression_t *expr=
	378	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
	379	$$=expr;
	380	}
	381	\| keypart
	382	{
	383	abac_yy_principal_t *keypart=$1;
	384	abac_yy_expression_t *expr=
	385	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
	386	$$=expr;
	387	}
	388	\| typedpart
	389	{
	390	abac_yy_term_data_t *objpart=$1;
	391	abac_yy_expression_t *expr=
	392	make_yy_expression(e_yy_EXPR_OBJECT,objpart,NULL,NULL);
	393	$$=expr;
	394	}
	395	;
	396
	397	/*
	398	oset:access([urn:'fileA'])
	399	*/
	400	osetpart : OSET COLON IDEN LPAREN terms RPAREN
	401	{
[8bd77b5]	402	$$=make_yy_roleoset_oset($3,$5);
[da5afdf]	403	}
	404	\| OSET COLON IDEN
	405	{
[8bd77b5]	406	$$=make_yy_roleoset_oset($3,NULL);
[da5afdf]	407	}
	408	;
	409
	410
	411	osetleft : keypart DOT osetpart
	412	{
	413	abac_yy_principal_t *keypart=$1;
[8bd77b5]	414	abac_yy_roleoset_t *osetpart=$3;
[da5afdf]	415	abac_yy_expression_t *expr=
	416	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
	417	$$=expr;
	418	}
	419	;
	420
	421	osetright : osetterm AND osetright
	422	{
	423	abac_yy_expression_t *nexpr=$1;
	424	abac_yy_expression_t *exprs=$3;
	425	$$=add_yy_expression(nexpr,exprs);
	426	}
	427	\| osetterm
	428	{ $$=$1; }
	429	;
[718ad924]	430	%%
	431
[da5afdf]	432
[718ad924]	433	/* Additional C code */
	434	int yywrap()
	435	{
	436	/* exit when done lexing the current input */
	437	return 1;
	438	}
	439
	440	int yyerror (char *s)
	441	{
	442	fprintf (abac_yyout,"yyerror: %s\n", s);
	443	}
	444
	445	/* setting defaults */
	446	void abac_yyinit()
	447	{
	448	abac_yyout=abac_get_yyout();
	449	abac_yyfptr = abac_get_yyfptr();
[da5afdf]	450	abac_yyfptr_encoded = abac_get_yyfptr_encoded();
[9335cfa]	451	if(debug)
	452	fprintf (abac_yyout,"\n=======================================\n");
[b5a3da4]	453	}
[718ad924]	454
	455	void panic(char *msg)
	456	{
	457	yyerror(msg);
	458	}
	459

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format