Context Navigation

source: libabac/rt2.y @ 9335cfa

mei_rt2mei_rt2_fix_1

Last change on this file since 9335cfa was 9335cfa, checked in by Mei <mei@…>, 12 years ago
1) add handling of 'this' data term for the principal type 2) add payraise_rt1_typed example 3) expand more test cases for python/swig/libabac
Property mode set to `100644`
File size: 13.1 KB

Rev	Line
[718ad924]	1
[b5a3da4]	2	/* bison grammar rules for process new rt2 statements */
[718ad924]	3
	4	%{
	5	// include the GNU extension of asprintf
	6	#define _GNU_SOURCE
	7
	8	/* C declarations */
	9	#include <stdio.h>
	10	#include <string.h>
	11
	12	#include "abac_pl_yy.h"
[0d0c3a9]	13	#include "abac_list.h"
[718ad924]	14
[da5afdf]	15	/* lex tie-ins flag */
[718ad924]	16	int yyerror (char *s);
[9335cfa]	17	static int debug=0;
[718ad924]	18
	19	FILE *abac_yyout = NULL;
	20	char *abac_yyfptr = NULL;
[da5afdf]	21	char *abac_yyfptr_encoded = NULL;
[718ad924]	22
[7727f26]	23	#define USE(evalue) ((getenv(evalue)!=NULL)?1:0)
	24
[718ad924]	25	void panic(char *msg);
	26
	27	%}
	28	/* Bison declarations */
	29	%union {
	30	struct _abac_yy_principal_t *pstruct;
[da5afdf]	31	struct _abac_yy_term_principal_t *ppstruct;
	32	struct _abac_yy_term_data_t *pdstruct;
[718ad924]	33	struct _abac_yy_role_t *rstruct;
[da5afdf]	34	struct _abac_yy_oset_t *ostruct;
	35	struct _abac_yy_term_t *dstruct;
	36	struct _abac_yy_expression_t *estruct;
[0d0c3a9]	37	struct _abac_list_t *lstruct;
[718ad924]	38	char string; / For returning char strings */
[da5afdf]	39	int intval; /* for returning some value */
[718ad924]	40	}
[da5afdf]	41
	42	%start input
	43
[718ad924]	44	%type <lstruct> stmt
	45	%type <rstruct> rolepart
[da5afdf]	46	%type <estruct> roleleft
	47	%type <estruct> roleright
[718ad924]	48	%type <estruct> roleterm
[da5afdf]	49	%type <ostruct> osetpart
	50	%type <estruct> osetleft
	51	%type <estruct> osetright
	52	%type <estruct> osetterm
[718ad924]	53	%type <pstruct> keypart
[da5afdf]	54	%type <dstruct> terms
	55	%type <dstruct> term
[718ad924]	56	%type <pdstruct> typedpart
[da5afdf]	57	%type <pdstruct> otypetail
[718ad924]	58	%type <ppstruct> principalpart
[da5afdf]	59	%type <lstruct> rangetype
	60	%type <lstruct> values
[718ad924]	61
[36b100a]	62	%token <string> IDEN /* keyname or rolename or osetname */
[da5afdf]	63	%token <string> CAPIDEN /* variable name */
	64	%token <string> ROLE /* the word, role */
	65	%token <string> OSET /* the word, oset */
	66	%token <string> PRINCIPAL /* the word, principal */
	67	%token <string> OTYPE /* integer,boolean,urn,time,string,float */
	68	%token <string> OTYPE_CONSTANT
	69	%token <string> VARIABLE_CONSTANT /* constant for ?AAA */
	70	%token <string> KEYTYPE /* keyid \| or something else */
	71	%token <string> KEYID_CONSTANT /* keyid \| or something else */
	72	%token <string> VALUE /* range value in static constraint */
[718ad924]	73
	74	%token <operator> DERIVE "<-"
	75	%token <operator> DOT "."
	76	%token <operator> AND "&"
	77	%token <operator> LPAREN "("
	78	%token <operator> RPAREN ")"
	79	%token <operator> LSQUARE "["
	80	%token <operator> RSQUARE "]"
	81	%token <operator> LANGLE "<"
	82	%token <operator> RANGLE ">"
	83	%token <operator> COLON ":"
	84	%token <operator> COMMA ","
	85	%token <operator> QMARK "?"
[da5afdf]	86	%token <operator> DOTDOT ".."
[718ad924]	87
	88	%%
	89	/* Grammar rules */
	90
	91	input: /* empty */
	92	{ }
[da5afdf]	93	\| stmt
[718ad924]	94	{
[b5a3da4]	95	abac_yy_set_rule_clauses($1);
[718ad924]	96	}
[da5afdf]	97	;
[718ad924]	98
	99	/* generate/concate prolog credentials clauses */
[da5afdf]	100	stmt : roleleft DERIVE roleright
	101	{
	102	abac_yy_expression_t *headexpr=$1;
	103	abac_yy_expression_t *tailexpr=$3;
	104	abac_list_t *ret=make_role_statement(headexpr, tailexpr);
	105	if(ret == NULL) {
	106	panic("unable to parse the role rule statment");
	107	YYERROR;
	108	} else {
	109	$$=ret;
	110	}
	111	}
	112	\| osetleft DERIVE osetright
[718ad924]	113	{
[da5afdf]	114	abac_yy_expression_t *headexpr=$1;
	115	abac_yy_expression_t *tailexpr=$3;
	116	abac_list_t *ret=make_oset_statement(headexpr, tailexpr);
[718ad924]	117	if(ret == NULL) {
[da5afdf]	118	panic("unable to parse the oset rule statment");
[718ad924]	119	YYERROR;
	120	} else {
	121	$$=ret;
	122	}
	123	}
[da5afdf]	124	;
[718ad924]	125	/*
	126	[keyid:isi].role:modifyBy([keyid:mike])
	127	[keyid:acme].role:preferred
	128	*/
[da5afdf]	129	roleleft : keypart DOT rolepart
[718ad924]	130	{
	131	abac_yy_principal_t *keypart=$1;
	132	abac_yy_role_t *rolepart=$3;
[da5afdf]	133	abac_yy_expression_t *expr=
	134	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
[718ad924]	135	$$=expr;
	136	}
[da5afdf]	137	;
[718ad924]	138
	139	/* [keyid:mike] */
[da5afdf]	140	keypart : LSQUARE KEYTYPE COLON
[b5a3da4]	141	{ abac_push_keyid_yystate(); }
[da5afdf]	142	KEYID_CONSTANT
[b5a3da4]	143	{ abac_pop_yystate(); }
[da5afdf]	144	RSQUARE
[718ad924]	145	{
	146	int idtype=abac_verify_keyid_type($2);
[7727f26]	147	char *tmp=NULL;
	148	asprintf(&tmp,"p%s",$5);
	149	char *cn=abac_cn_with_sha(tmp);
[718ad924]	150	if(cn && idtype) {
[7727f26]	151	$$=make_yy_principal(tmp, cn, idtype);
[718ad924]	152	} else {
[9335cfa]	153	if((USE("ABAC_CN")) && cn==NULL) {
	154	asprintf(&tmp,"encountered an invalid SHA id");
	155	panic(tmp);
	156	free(tmp);
[7727f26]	157	YYERROR;
	158	}
	159	$$=make_yy_principal(tmp, NULL, idtype);
[718ad924]	160	}
	161	}
[da5afdf]	162	;
[718ad924]	163	/*
	164	role:modifyBy([keyid:mike],[keyid:ted])
	165	role:modifyBy([keyid:mike])
	166	role:preferred
	167	*/
[da5afdf]	168	rolepart : ROLE COLON IDEN LPAREN terms RPAREN
[718ad924]	169	{
	170	$$=make_yy_role($3,$5);
	171	}
[da5afdf]	172	\| ROLE COLON IDEN
[718ad924]	173	{
	174	$$=make_yy_role($3,NULL);
	175	}
[da5afdf]	176	;
[718ad924]	177
	178	/*
	179	[keyid:mike],[keyid:ted]
	180	[keyid:mike]
	181	[principal:?Z]
[9335cfa]	182	[principal:?this]
[718ad924]	183	[int:99]
	184	[int:?Z]
	185	[?]
	186	*/
[da5afdf]	187	terms : term COMMA terms
[718ad924]	188	{
[da5afdf]	189	abac_yy_term_t *nterm=$1;
	190	abac_yy_term_t *terms=$3;
	191	$$=add_yy_term(nterm, terms);
[718ad924]	192	}
[da5afdf]	193	\| term
[718ad924]	194	{
	195	$$=$1;
	196	}
[da5afdf]	197	;
[718ad924]	198
[da5afdf]	199	term : LSQUARE QMARK RSQUARE
	200	{ $$= make_yy_term_dterm_anonymous(); }
	201	\| keypart
	202	{ $$= make_yy_term_dterm_named($1); }
	203	\| principalpart
	204	{ $$= make_yy_term_dterm_principal($1); }
	205	\| typedpart
	206	{ $$= make_yy_term_dterm_data($1); }
	207	;
	208
	209	values : VALUE COMMA values
[b5a3da4]	210	{ $$=add_yy_val_range($3, $1); }
[da5afdf]	211	\| VALUE
	212	{ $$=make_yy_val_range($1); }
	213	;
	214
	215
	216	rangetype : LSQUARE VALUE DOTDOT VALUE RSQUARE
	217	{ $$=make_yy_minmax_range($2,$4); }
	218	\| LSQUARE DOTDOT VALUE RSQUARE
	219	{ $$=make_yy_max_range($3); }
	220	\| LSQUARE VALUE DOTDOT RSQUARE
	221	{ $$=make_yy_min_range($2); }
	222	\| LSQUARE values RSQUARE
	223	{ $$=$2; }
	224	;
	225
	226	/* [otype:?Z:{oset-constraint}] */
	227	/* [int:?I:[10 .. 20] */
[c586a3c]	228	/* [float:?F:[0.5 .. 2.5] */
	229	/* [string:?S:["abc",'efg',"hij"] -only listed range */
	230	/* urn same as string */
	231	/* time like int but with quoted string values */
[0d0c3a9]	232	otypetail : VARIABLE_CONSTANT COLON
[da5afdf]	233	{
[b5a3da4]	234	abac_pop_yystate();
	235	abac_push_range_yystate();
[718ad924]	236	}
[da5afdf]	237	rangetype
	238	{
[b5a3da4]	239	abac_pop_yystate();
[9806e76]	240	abac_yy_term_data_t *ptr=make_yy_term_data();
	241	set_yy_term_data_name(ptr,$1);
[da5afdf]	242	set_yy_term_data_is_variable(ptr);
	243	set_yy_term_data_cond_range(ptr,$4);
	244	$$=ptr;
	245	}
	246	\| VARIABLE_CONSTANT
[b5a3da4]	247	{ abac_pop_yystate(); }
[da5afdf]	248	osetleft
	249	{
[9806e76]	250	abac_yy_term_data_t *ptr=make_yy_term_data();
	251	set_yy_term_data_name(ptr,$1);
[da5afdf]	252	set_yy_term_data_is_variable(ptr);
[d845403]	253	set_yy_term_data_cond_head_expr(ptr,$3);
[da5afdf]	254	$$=ptr;
	255	}
	256	\| VARIABLE_CONSTANT
	257	{
[b5a3da4]	258	abac_pop_yystate();
[9806e76]	259	abac_yy_term_data_t *ptr=make_yy_term_data();
	260	set_yy_term_data_name(ptr,$1);
[da5afdf]	261	set_yy_term_data_is_variable(ptr);
	262	$$=ptr;
	263	}
	264	\| OTYPE_CONSTANT
	265	{
[b5a3da4]	266	abac_pop_yystate();
[9806e76]	267	abac_yy_term_data_t *ptr=make_yy_term_data();
	268	set_yy_term_data_name(ptr,$1);
[da5afdf]	269	$$=ptr;
	270	}
[9806e76]	271	\| QMARK
	272	{
	273	abac_pop_yystate();
	274	abac_yy_term_data_t *ptr=make_yy_term_data();
	275	set_yy_term_data_is_anonymous(ptr);
	276	$$= ptr;
	277	}
[da5afdf]	278	;
	279
	280	typedpart : LSQUARE OTYPE COLON
[b5a3da4]	281	{ abac_push_yystate($2); }
[da5afdf]	282	otypetail RSQUARE
	283	{
	284	abac_yy_term_data_t *ptr=$5;
	285	set_yy_term_data_type(ptr,$2);
	286	if(is_yy_term_data_has_constraint(ptr)) {
[9806e76]	287	char *tail_string=get_yy_term_data_name(ptr);
[da5afdf]	288	make_yy_range_constraint(ptr,tail_string);
[e88c95b]	289	make_yy_oset_constraint(ptr,tail_string);
[718ad924]	290	}
[da5afdf]	291	$$=$5;
[718ad924]	292	}
[da5afdf]	293	;
	294
[718ad924]	295
[9806e76]	296	/* [principal:?] */
[718ad924]	297	/* [principal:?Z] */
[9335cfa]	298	/* [principal:?This] */
[da5afdf]	299	/* [principal:?Z{role-constraint}] */
	300	principalpart : LSQUARE PRINCIPAL COLON QMARK IDEN roleleft RSQUARE
	301	{
	302	abac_yy_expression_t *expr=$6;
	303	char *tail_string=$5;
[9806e76]	304	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	305	set_yy_term_principal_name(ptr,tail_string);
[da5afdf]	306	set_yy_term_principal_cond_head_expr(ptr,expr);
	307	char *string=make_yy_role_constraint(ptr,tail_string);
	308	$$=ptr;
	309	}
	310	\| LSQUARE PRINCIPAL COLON QMARK IDEN RSQUARE
[9806e76]	311	{
	312	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	313	set_yy_term_principal_name(ptr,$5);
	314	$$ = ptr;
	315	}
	316	\| LSQUARE PRINCIPAL COLON QMARK RSQUARE
	317	{
	318	abac_yy_term_principal_t *ptr=make_yy_term_principal();
	319	set_yy_term_principal_is_anonymous(ptr);
	320	$$ = ptr;
	321	}
[da5afdf]	322	;
[718ad924]	323
[da5afdf]	324	roleright : roleterm AND roleright
[718ad924]	325	{
[da5afdf]	326	abac_yy_expression_t *nexpr=$1;
	327	abac_yy_expression_t *exprs=$3;
	328	$$=add_yy_expression(nexpr,exprs);
[718ad924]	329	}
[da5afdf]	330	\| roleterm
[718ad924]	331	{ $$=$1; }
[da5afdf]	332	;
[718ad924]	333
	334	/* role at tail/right side
	335	[keyid:usc].role:employee.role:friend
	336	[keyid:usc].role:worker
	337	[keyid:mike]
	338	*/
	339	roleterm : keypart DOT rolepart DOT rolepart
	340	{
	341	abac_yy_principal_t *keypart=$1;
	342	abac_yy_role_t *linked_rolepart=$3;
	343	abac_yy_role_t *rolepart=$5;
[da5afdf]	344	abac_yy_expression_t *expr=
	345	make_yy_expression(e_yy_EXPR_LINKED,keypart,rolepart,linked_rolepart);
[718ad924]	346	$$=expr;
	347	}
[da5afdf]	348	\| keypart DOT rolepart
[718ad924]	349	{
	350	abac_yy_principal_t *keypart=$1;
	351	abac_yy_role_t *rolepart=$3;
[da5afdf]	352	abac_yy_expression_t *expr=
	353	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
[718ad924]	354	$$=expr;
	355	}
[da5afdf]	356	\| keypart
[718ad924]	357	{
	358	abac_yy_principal_t *keypart=$1;
[da5afdf]	359	abac_yy_expression_t *expr=
	360	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
[718ad924]	361	$$=expr;
	362	}
[da5afdf]	363	;
	364
	365	osetterm : keypart DOT rolepart DOT osetpart
	366	{
	367	abac_yy_principal_t *keypart=$1;
	368	abac_yy_role_t *linked_rolepart=$3;
	369	abac_yy_oset_t *osetpart=$5;
	370	abac_yy_expression_t *expr=
	371	make_yy_expression(e_yy_EXPR_LINKED,keypart,osetpart,linked_rolepart);
	372	$$=expr;
	373	}
	374	\| keypart DOT osetpart
	375	{
	376	abac_yy_principal_t *keypart=$1;
	377	abac_yy_oset_t *osetpart=$3;
	378	abac_yy_expression_t *expr=
	379	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
	380	$$=expr;
	381	}
	382	\| keypart
	383	{
	384	abac_yy_principal_t *keypart=$1;
	385	abac_yy_expression_t *expr=
	386	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
	387	$$=expr;
	388	}
	389	\| typedpart
	390	{
	391	abac_yy_term_data_t *objpart=$1;
	392	abac_yy_expression_t *expr=
	393	make_yy_expression(e_yy_EXPR_OBJECT,objpart,NULL,NULL);
	394	$$=expr;
	395	}
	396	;
	397
	398	/*
	399	oset:access([urn:'fileA'])
	400	*/
	401	osetpart : OSET COLON IDEN LPAREN terms RPAREN
	402	{
	403	$$=make_yy_oset($3,$5);
	404	}
	405	\| OSET COLON IDEN
	406	{
	407	$$=make_yy_oset($3,NULL);
	408	}
	409	;
	410
	411
	412	osetleft : keypart DOT osetpart
	413	{
	414	abac_yy_principal_t *keypart=$1;
	415	abac_yy_oset_t *osetpart=$3;
	416	abac_yy_expression_t *expr=
	417	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
	418	$$=expr;
	419	}
	420	;
	421
	422	osetright : osetterm AND osetright
	423	{
	424	abac_yy_expression_t *nexpr=$1;
	425	abac_yy_expression_t *exprs=$3;
	426	$$=add_yy_expression(nexpr,exprs);
	427	}
	428	\| osetterm
	429	{ $$=$1; }
	430	;
[718ad924]	431	%%
	432
[da5afdf]	433
[718ad924]	434	/* Additional C code */
	435	int yywrap()
	436	{
	437	/* exit when done lexing the current input */
	438	return 1;
	439	}
	440
	441	int yyerror (char *s)
	442	{
	443	fprintf (abac_yyout,"yyerror: %s\n", s);
	444	}
	445
	446	/* setting defaults */
	447	void abac_yyinit()
	448	{
	449	abac_yyout=abac_get_yyout();
	450	abac_yyfptr = abac_get_yyfptr();
[da5afdf]	451	abac_yyfptr_encoded = abac_get_yyfptr_encoded();
[9335cfa]	452	if(debug)
	453	fprintf (abac_yyout,"\n=======================================\n");
[b5a3da4]	454	}
[718ad924]	455
	456	void panic(char *msg)
	457	{
	458	yyerror(msg);
	459	}
	460

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format