Context Navigation

source: libabac/rt2.y @ 7727f26

mei_rt2mei_rt2_fix_1meiyap-rt1rt2

Last change on this file since 7727f26 was 7727f26, checked in by Mei <mei@…>, 13 years ago

1) add environment variables DUMP_DB, ABAC_CN.

ABAC_CN will switch to using CNs for keyid insead of SHAs

2) add/modified couple of doc files.

Property mode set to 100644

File size: 12.8 KB

Rev	Line
[718ad924]	1
[b5a3da4]	2	/* bison grammar rules for process new rt2 statements */
[718ad924]	3
	4	%{
	5	// include the GNU extension of asprintf
	6	#define _GNU_SOURCE
	7
	8	/* C declarations */
	9	#include <stdio.h>
	10	#include <string.h>
	11
	12	#include "abac_pl_yy.h"
[0d0c3a9]	13	#include "abac_list.h"
[718ad924]	14
[da5afdf]	15	/* lex tie-ins flag */
[718ad924]	16	int yyerror (char *s);
	17
	18	FILE *abac_yyout = NULL;
	19	char *abac_yyfptr = NULL;
[da5afdf]	20	char *abac_yyfptr_encoded = NULL;
[718ad924]	21
[7727f26]	22	#define USE(evalue) ((getenv(evalue)!=NULL)?1:0)
	23
[718ad924]	24	void panic(char *msg);
	25
	26	%}
	27	/* Bison declarations */
	28	%union {
	29	struct _abac_yy_principal_t *pstruct;
[da5afdf]	30	struct _abac_yy_term_principal_t *ppstruct;
	31	struct _abac_yy_term_data_t *pdstruct;
[718ad924]	32	struct _abac_yy_role_t *rstruct;
[da5afdf]	33	struct _abac_yy_oset_t *ostruct;
	34	struct _abac_yy_term_t *dstruct;
	35	struct _abac_yy_expression_t *estruct;
[0d0c3a9]	36	struct _abac_list_t *lstruct;
[718ad924]	37	char string; / For returning char strings */
[da5afdf]	38	int intval; /* for returning some value */
[718ad924]	39	}
[da5afdf]	40
	41	%start input
	42
[718ad924]	43	%type <lstruct> stmt
	44	%type <rstruct> rolepart
[da5afdf]	45	%type <estruct> roleleft
	46	%type <estruct> roleright
[718ad924]	47	%type <estruct> roleterm
[da5afdf]	48	%type <ostruct> osetpart
	49	%type <estruct> osetleft
	50	%type <estruct> osetright
	51	%type <estruct> osetterm
[718ad924]	52	%type <pstruct> keypart
[da5afdf]	53	%type <dstruct> terms
	54	%type <dstruct> term
[718ad924]	55	%type <pdstruct> typedpart
[da5afdf]	56	%type <pdstruct> otypetail
[718ad924]	57	%type <ppstruct> principalpart
[da5afdf]	58	%type <lstruct> rangetype
	59	%type <lstruct> values
[718ad924]	60
[36b100a]	61	%token <string> IDEN /* keyname or rolename or osetname */
[da5afdf]	62	%token <string> CAPIDEN /* variable name */
	63	%token <string> ROLE /* the word, role */
	64	%token <string> OSET /* the word, oset */
	65	%token <string> PRINCIPAL /* the word, principal */
	66	%token <string> OTYPE /* integer,boolean,urn,time,string,float */
	67	%token <string> OTYPE_CONSTANT
	68	%token <string> VARIABLE_CONSTANT /* constant for ?AAA */
	69	%token <string> KEYTYPE /* keyid \| or something else */
	70	%token <string> KEYID_CONSTANT /* keyid \| or something else */
	71	%token <string> VALUE /* range value in static constraint */
[718ad924]	72
	73	%token <operator> DERIVE "<-"
	74	%token <operator> DOT "."
	75	%token <operator> AND "&"
	76	%token <operator> LPAREN "("
	77	%token <operator> RPAREN ")"
	78	%token <operator> LSQUARE "["
	79	%token <operator> RSQUARE "]"
	80	%token <operator> LANGLE "<"
	81	%token <operator> RANGLE ">"
	82	%token <operator> COLON ":"
	83	%token <operator> COMMA ","
	84	%token <operator> QMARK "?"
[da5afdf]	85	%token <operator> DOTDOT ".."
[718ad924]	86
	87	%%
	88	/* Grammar rules */
	89
	90	input: /* empty */
	91	{ }
[da5afdf]	92	\| stmt
[718ad924]	93	{
[b5a3da4]	94	abac_yy_set_rule_clauses($1);
[718ad924]	95	}
[da5afdf]	96	;
[718ad924]	97
	98	/* generate/concate prolog credentials clauses */
[da5afdf]	99	stmt : roleleft DERIVE roleright
	100	{
	101	abac_yy_expression_t *headexpr=$1;
	102	abac_yy_expression_t *tailexpr=$3;
	103	abac_list_t *ret=make_role_statement(headexpr, tailexpr);
	104	if(ret == NULL) {
	105	panic("unable to parse the role rule statment");
	106	YYERROR;
	107	} else {
	108	$$=ret;
	109	}
	110	}
	111	\| osetleft DERIVE osetright
[718ad924]	112	{
[da5afdf]	113	abac_yy_expression_t *headexpr=$1;
	114	abac_yy_expression_t *tailexpr=$3;
	115	abac_list_t *ret=make_oset_statement(headexpr, tailexpr);
[718ad924]	116	if(ret == NULL) {
[da5afdf]	117	panic("unable to parse the oset rule statment");
[718ad924]	118	YYERROR;
	119	} else {
	120	$$=ret;
	121	}
	122	}
[da5afdf]	123	;
[718ad924]	124	/*
	125	[keyid:isi].role:modifyBy([keyid:mike])
	126	[keyid:acme].role:preferred
	127	*/
[da5afdf]	128	roleleft : keypart DOT rolepart
[718ad924]	129	{
	130	abac_yy_principal_t *keypart=$1;
	131	abac_yy_role_t *rolepart=$3;
[da5afdf]	132	abac_yy_expression_t *expr=
	133	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
[718ad924]	134	$$=expr;
	135	}
[da5afdf]	136	;
[718ad924]	137
	138	/* [keyid:mike] */
[da5afdf]	139	keypart : LSQUARE KEYTYPE COLON
[b5a3da4]	140	{ abac_push_keyid_yystate(); }
[da5afdf]	141	KEYID_CONSTANT
[b5a3da4]	142	{ abac_pop_yystate(); }
[da5afdf]	143	RSQUARE
[718ad924]	144	{
	145	int idtype=abac_verify_keyid_type($2);
[7727f26]	146	char *tmp=NULL;
	147	asprintf(&tmp,"p%s",$5);
	148	char *cn=abac_cn_with_sha(tmp);
[718ad924]	149	if(cn && idtype) {
[7727f26]	150	$$=make_yy_principal(tmp, cn, idtype);
[718ad924]	151	} else {
[7727f26]	152	if((USE("ABAC_CN"))) {
	153	panic("encountered an invalid SHA id");
	154	YYERROR;
	155	}
	156	$$=make_yy_principal(tmp, NULL, idtype);
[718ad924]	157	}
	158	}
[da5afdf]	159	;
[718ad924]	160	/*
	161	role:modifyBy([keyid:mike],[keyid:ted])
	162	role:modifyBy([keyid:mike])
	163	role:preferred
	164	*/
[da5afdf]	165	rolepart : ROLE COLON IDEN LPAREN terms RPAREN
[718ad924]	166	{
	167	$$=make_yy_role($3,$5);
	168	}
[da5afdf]	169	\| ROLE COLON IDEN
[718ad924]	170	{
	171	$$=make_yy_role($3,NULL);
	172	}
[da5afdf]	173	;
[718ad924]	174
	175	/*
	176	[keyid:mike],[keyid:ted]
	177	[keyid:mike]
	178	[principal:?Z]
	179	?? [principal:?this]
	180	[int:99]
	181	[int:?Z]
	182	[?]
	183	*/
[da5afdf]	184	terms : term COMMA terms
[718ad924]	185	{
[da5afdf]	186	abac_yy_term_t *nterm=$1;
	187	abac_yy_term_t *terms=$3;
	188	$$=add_yy_term(nterm, terms);
[718ad924]	189	}
[da5afdf]	190	\| term
[718ad924]	191	{
	192	$$=$1;
	193	}
[da5afdf]	194	;
[718ad924]	195
[da5afdf]	196	term : LSQUARE QMARK RSQUARE
	197	{ $$= make_yy_term_dterm_anonymous(); }
	198	\| keypart
	199	{ $$= make_yy_term_dterm_named($1); }
	200	\| principalpart
	201	{ $$= make_yy_term_dterm_principal($1); }
	202	\| typedpart
	203	{ $$= make_yy_term_dterm_data($1); }
	204	;
	205
	206	values : VALUE COMMA values
[b5a3da4]	207	{ $$=add_yy_val_range($3, $1); }
[da5afdf]	208	\| VALUE
	209	{ $$=make_yy_val_range($1); }
	210	;
	211
	212
	213	rangetype : LSQUARE VALUE DOTDOT VALUE RSQUARE
	214	{ $$=make_yy_minmax_range($2,$4); }
	215	\| LSQUARE DOTDOT VALUE RSQUARE
	216	{ $$=make_yy_max_range($3); }
	217	\| LSQUARE VALUE DOTDOT RSQUARE
	218	{ $$=make_yy_min_range($2); }
	219	\| LSQUARE values RSQUARE
	220	{ $$=$2; }
	221	;
	222
	223	/* [otype:?Z:{oset-constraint}] */
	224	/* [int:?I:[10 .. 20] */
[c586a3c]	225	/* [float:?F:[0.5 .. 2.5] */
	226	/* [string:?S:["abc",'efg',"hij"] -only listed range */
	227	/* urn same as string */
	228	/* time like int but with quoted string values */
[0d0c3a9]	229	otypetail : VARIABLE_CONSTANT COLON
[da5afdf]	230	{
[b5a3da4]	231	abac_pop_yystate();
	232	abac_push_range_yystate();
[718ad924]	233	}
[da5afdf]	234	rangetype
	235	{
[b5a3da4]	236	abac_pop_yystate();
[9806e76]	237	abac_yy_term_data_t *ptr=make_yy_term_data();
	238	set_yy_term_data_name(ptr,$1);
[da5afdf]	239	set_yy_term_data_is_variable(ptr);
	240	set_yy_term_data_cond_range(ptr,$4);
	241	$$=ptr;
	242	}
	243	\| VARIABLE_CONSTANT
[b5a3da4]	244	{ abac_pop_yystate(); }
[da5afdf]	245	osetleft
	246	{
[9806e76]	247	abac_yy_term_data_t *ptr=make_yy_term_data();
	248	set_yy_term_data_name(ptr,$1);
[da5afdf]	249	set_yy_term_data_is_variable(ptr);
[d845403]	250	set_yy_term_data_cond_head_expr(ptr,$3);
[da5afdf]	251	$$=ptr;
	252	}
	253	\| VARIABLE_CONSTANT
	254	{
[b5a3da4]	255	abac_pop_yystate();
[9806e76]	256	abac_yy_term_data_t *ptr=make_yy_term_data();
	257	set_yy_term_data_name(ptr,$1);
[da5afdf]	258	set_yy_term_data_is_variable(ptr);
	259	$$=ptr;
	260	}
	261	\| OTYPE_CONSTANT
	262	{
[b5a3da4]	263	abac_pop_yystate();
[9806e76]	264	abac_yy_term_data_t *ptr=make_yy_term_data();
	265	set_yy_term_data_name(ptr,$1);
[da5afdf]	266	$$=ptr;
	267	}
[9806e76]	268	\| QMARK
	269	{
	270	abac_pop_yystate();
	271	abac_yy_term_data_t *ptr=make_yy_term_data();
	272	set_yy_term_data_is_anonymous(ptr);
	273	$$= ptr;
	274	}
[da5afdf]	275	;
	276
	277	typedpart : LSQUARE OTYPE COLON
[b5a3da4]	278	{ abac_push_yystate($2); }
[da5afdf]	279	otypetail RSQUARE
	280	{
	281	abac_yy_term_data_t *ptr=$5;
	282	set_yy_term_data_type(ptr,$2);
	283	if(is_yy_term_data_has_constraint(ptr)) {
[9806e76]	284	char *tail_string=get_yy_term_data_name(ptr);
[da5afdf]	285	make_yy_range_constraint(ptr,tail_string);
[e88c95b]	286	make_yy_oset_constraint(ptr,tail_string);
[718ad924]	287	}
[da5afdf]	288	$$=$5;
[718ad924]	289	}
[da5afdf]	290	;
	291
[718ad924]	292
[9806e76]	293	/* [principal:?] */
[718ad924]	294	/* [principal:?Z] */
[da5afdf]	295	/* [principal:?Z{role-constraint}] */
	296	principalpart : LSQUARE PRINCIPAL COLON QMARK IDEN roleleft RSQUARE
	297	{
	298	abac_yy_expression_t *expr=$6;
	299	char *tail_string=$5;
[9806e76]	300	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	301	set_yy_term_principal_name(ptr,tail_string);
[da5afdf]	302	set_yy_term_principal_cond_head_expr(ptr,expr);
	303	char *string=make_yy_role_constraint(ptr,tail_string);
	304	$$=ptr;
	305	}
	306	\| LSQUARE PRINCIPAL COLON QMARK IDEN RSQUARE
[9806e76]	307	{
	308	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	309	set_yy_term_principal_name(ptr,$5);
	310	$$ = ptr;
	311	}
	312	\| LSQUARE PRINCIPAL COLON QMARK RSQUARE
	313	{
	314	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	315	set_yy_term_principal_is_anonymous(ptr);
	316	$$ = ptr;
	317	}
[da5afdf]	318	;
[718ad924]	319
[da5afdf]	320	roleright : roleterm AND roleright
[718ad924]	321	{
[da5afdf]	322	abac_yy_expression_t *nexpr=$1;
	323	abac_yy_expression_t *exprs=$3;
	324	$$=add_yy_expression(nexpr,exprs);
[718ad924]	325	}
[da5afdf]	326	\| roleterm
[718ad924]	327	{ $$=$1; }
[da5afdf]	328	;
[718ad924]	329
	330	/* role at tail/right side
	331	[keyid:usc].role:employee.role:friend
	332	[keyid:usc].role:worker
	333	[keyid:mike]
	334	*/
	335	roleterm : keypart DOT rolepart DOT rolepart
	336	{
	337	abac_yy_principal_t *keypart=$1;
	338	abac_yy_role_t *linked_rolepart=$3;
	339	abac_yy_role_t *rolepart=$5;
[da5afdf]	340	abac_yy_expression_t *expr=
	341	make_yy_expression(e_yy_EXPR_LINKED,keypart,rolepart,linked_rolepart);
[718ad924]	342	$$=expr;
	343	}
[da5afdf]	344	\| keypart DOT rolepart
[718ad924]	345	{
	346	abac_yy_principal_t *keypart=$1;
	347	abac_yy_role_t *rolepart=$3;
[da5afdf]	348	abac_yy_expression_t *expr=
	349	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
[718ad924]	350	$$=expr;
	351	}
[da5afdf]	352	\| keypart
[718ad924]	353	{
	354	abac_yy_principal_t *keypart=$1;
[da5afdf]	355	abac_yy_expression_t *expr=
	356	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
[718ad924]	357	$$=expr;
	358	}
[da5afdf]	359	;
	360
	361	osetterm : keypart DOT rolepart DOT osetpart
	362	{
	363	abac_yy_principal_t *keypart=$1;
	364	abac_yy_role_t *linked_rolepart=$3;
	365	abac_yy_oset_t *osetpart=$5;
	366	abac_yy_expression_t *expr=
	367	make_yy_expression(e_yy_EXPR_LINKED,keypart,osetpart,linked_rolepart);
	368	$$=expr;
	369	}
	370	\| keypart DOT osetpart
	371	{
	372	abac_yy_principal_t *keypart=$1;
	373	abac_yy_oset_t *osetpart=$3;
	374	abac_yy_expression_t *expr=
	375	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
	376	$$=expr;
	377	}
	378	\| keypart
	379	{
	380	abac_yy_principal_t *keypart=$1;
	381	abac_yy_expression_t *expr=
	382	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
	383	$$=expr;
	384	}
	385	\| typedpart
	386	{
	387	abac_yy_term_data_t *objpart=$1;
	388	abac_yy_expression_t *expr=
	389	make_yy_expression(e_yy_EXPR_OBJECT,objpart,NULL,NULL);
	390	$$=expr;
	391	}
	392	;
	393
	394	/*
	395	oset:access([urn:'fileA'])
	396	*/
	397	osetpart : OSET COLON IDEN LPAREN terms RPAREN
	398	{
	399	$$=make_yy_oset($3,$5);
	400	}
	401	\| OSET COLON IDEN
	402	{
	403	$$=make_yy_oset($3,NULL);
	404	}
	405	;
	406
	407
	408	osetleft : keypart DOT osetpart
	409	{
	410	abac_yy_principal_t *keypart=$1;
	411	abac_yy_oset_t *osetpart=$3;
	412	abac_yy_expression_t *expr=
	413	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
	414	$$=expr;
	415	}
	416	;
	417
	418	osetright : osetterm AND osetright
	419	{
	420	abac_yy_expression_t *nexpr=$1;
	421	abac_yy_expression_t *exprs=$3;
	422	$$=add_yy_expression(nexpr,exprs);
	423	}
	424	\| osetterm
	425	{ $$=$1; }
	426	;
[718ad924]	427	%%
	428
[da5afdf]	429
[718ad924]	430	/* Additional C code */
	431	int yywrap()
	432	{
	433	/* exit when done lexing the current input */
	434	return 1;
	435	}
	436
	437	int yyerror (char *s)
	438	{
	439	fprintf (abac_yyout,"yyerror: %s\n", s);
	440	}
	441
	442	/* setting defaults */
	443	void abac_yyinit()
	444	{
	445	abac_yyout=abac_get_yyout();
	446	abac_yyfptr = abac_get_yyfptr();
[da5afdf]	447	abac_yyfptr_encoded = abac_get_yyfptr_encoded();
[b5a3da4]	448	}
[718ad924]	449
	450	void panic(char *msg)
	451	{
	452	yyerror(msg);
	453	}
	454

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format