Context Navigation

source: libabac/rt2.y @ 440ba20

mei_rt2mei_rt2_fix_1

Last change on this file since 440ba20 was 440ba20, checked in by Mei <mei@…>, 12 years ago

1) wrap up refactoring to move all the code gen to abac structure
2) all original testsuite passed
3) add couple more ui calls in abac.hh ie. manage constraint's

creation, hook to dump yap db.

Property mode set to 100644

File size: 13.1 KB

Line
1
2	/* bison grammar rules for process new rt2 statements */
3
4	%{
5	// include the GNU extension of asprintf
6	#define _GNU_SOURCE
7
8	/* C declarations */
9	#include <stdio.h>
10	#include <string.h>
11
12	#include "abac_pl_yy.h"
13	#include "abac_list.h"
14
15	/* lex tie-ins flag */
16	int yyerror (char *s);
17	static int debug=0;
18
19	FILE *abac_yyout = NULL;
20	char *abac_yyfptr = NULL;
21	char *abac_yyfptr_encoded = NULL;
22
23	#define USE(evalue) ((getenv(evalue)!=NULL)?1:0)
24
25	void panic(char *msg);
26
27	%}
28	/* Bison declarations */
29	%union {
30	struct _abac_yy_principal_t *pstruct;
31	struct _abac_yy_term_principal_t *ppstruct;
32	struct _abac_yy_term_data_t *pdstruct;
33	struct _abac_yy_roleoset_t *rostruct;
34	struct _abac_yy_term_t *dstruct;
35	struct _abac_yy_expression_t *estruct;
36	struct _abac_list_t *lstruct;
37	char string; / For returning char strings */
38	int intval; /* for returning some value */
39	}
40
41	%start input
42
43	%type <lstruct> stmt
44	%type <rostruct> rolepart
45	%type <estruct> roleleft
46	%type <estruct> roleright
47	%type <estruct> roleterm
48	%type <rostruct> osetpart
49	%type <estruct> osetleft
50	%type <estruct> osetright
51	%type <estruct> osetterm
52	%type <pstruct> keypart
53	%type <dstruct> terms
54	%type <dstruct> term
55	%type <pdstruct> typedpart
56	%type <pdstruct> otypetail
57	%type <ppstruct> principalpart
58	%type <lstruct> rangetype
59	%type <lstruct> values
60
61	%token <string> IDEN /* keyname or rolename or osetname */
62	%token <string> CAPIDEN /* variable name */
63	%token <string> ROLE /* the word, role */
64	%token <string> OSET /* the word, oset */
65	%token <string> PRINCIPAL /* the word, principal */
66	%token <string> OTYPE /* integer,boolean,urn,time,string,float */
67	%token <string> OTYPE_CONSTANT
68	%token <string> VARIABLE_CONSTANT /* constant for ?AAA */
69	%token <string> KEYTYPE /* keyid \| or something else */
70	%token <string> KEYID_CONSTANT /* keyid \| or something else */
71	%token <string> VALUE /* range value in static constraint */
72
73	%token <operator> DERIVE "<-"
74	%token <operator> DOT "."
75	%token <operator> AND "&"
76	%token <operator> LPAREN "("
77	%token <operator> RPAREN ")"
78	%token <operator> LSQUARE "["
79	%token <operator> RSQUARE "]"
80	%token <operator> LANGLE "<"
81	%token <operator> RANGLE ">"
82	%token <operator> COLON ":"
83	%token <operator> COMMA ","
84	%token <operator> QMARK "?"
85	%token <operator> DOTDOT ".."
86
87	%%
88	/* Grammar rules */
89
90	input: /* empty */
91	{ }
92	\| stmt
93	{
94	abac_yy_set_rule_clauses($1);
95	}
96	;
97
98	/* generate/concate prolog credentials clauses */
99	stmt : roleleft DERIVE roleright
100	{
101	abac_yy_expression_t *headexpr=$1;
102	abac_yy_expression_t *tailexpr=$3;
103	abac_list_t *ret=make_role_statement(headexpr, tailexpr);
104	if(ret == NULL) {
105	panic("unable to parse the role rule statment");
106	YYERROR;
107	} else {
108	$$=ret;
109	}
110	}
111	\| osetleft DERIVE osetright
112	{
113	abac_yy_expression_t *headexpr=$1;
114	abac_yy_expression_t *tailexpr=$3;
115	abac_list_t *ret=make_oset_statement(headexpr, tailexpr);
116	if(ret == NULL) {
117	panic("unable to parse the oset rule statment");
118	YYERROR;
119	} else {
120	$$=ret;
121	}
122	}
123	;
124	/*
125	[keyid:isi].role:modifyBy([keyid:mike])
126	[keyid:acme].role:preferred
127	*/
128	roleleft : keypart DOT rolepart
129	{
130	abac_yy_principal_t *keypart=$1;
131	abac_yy_roleoset_t *rolepart=$3;
132	abac_yy_expression_t *expr=
133	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
134	$$=expr;
135	}
136	;
137
138	/* [keyid:mike] */
139	keypart : LSQUARE KEYTYPE COLON
140	{ abac_push_keyid_yystate(); }
141	KEYID_CONSTANT
142	{ abac_pop_yystate(); }
143	RSQUARE
144	{
145	int idtype=abac_verify_idtype_type($2);
146	char *tmp=NULL;
147	/* XXX
148	asprintf(&tmp,"p%s",$5);
149	*/
150	asprintf(&tmp,"%s",$5);
151	char *cn=abac_cn_with_sha(tmp);
152	if(cn && idtype) {
153	$$=make_yy_principal(tmp, cn, idtype);
154	} else {
155	if((USE("ABAC_CN")) && cn==NULL) {
156	asprintf(&tmp,"encountered an invalid SHA id");
157	panic(tmp);
158	free(tmp);
159	YYERROR;
160	}
161	$$=make_yy_principal(tmp, NULL, idtype);
162	}
163	}
164	;
165	/*
166	role:modifyBy([keyid:mike],[keyid:ted])
167	role:modifyBy([keyid:mike])
168	role:preferred
169	*/
170	rolepart : ROLE COLON IDEN LPAREN terms RPAREN
171	{
172	$$=make_yy_roleoset_role($3,$5);
173	}
174	\| ROLE COLON IDEN
175	{
176	$$=make_yy_roleoset_role($3,NULL);
177	}
178	;
179
180	/*
181	[keyid:mike],[keyid:ted]
182	[keyid:mike]
183	[principal:?Z]
184	[principal:?this]
185	[int:99]
186	[int:?Z]
187	[?]
188	*/
189	terms : term COMMA terms
190	{
191	abac_yy_term_t *nterm=$1;
192	abac_yy_term_t *terms=$3;
193	$$=add_yy_term(nterm, terms);
194	}
195	\| term
196	{
197	$$=$1;
198	}
199	;
200
201	term : LSQUARE QMARK RSQUARE
202	{ $$= make_yy_term_dterm_anonymous(); }
203	\| keypart
204	{ $$= make_yy_term_dterm_named($1); }
205	\| principalpart
206	{ $$= make_yy_term_dterm_principal($1); }
207	\| typedpart
208	{ $$= make_yy_term_dterm_data($1); }
209	;
210
211	values : VALUE COMMA values
212	{ $$=add_yy_val_range($3, $1); }
213	\| VALUE
214	{ $$=make_yy_val_range($1); }
215	;
216
217
218	rangetype : LSQUARE VALUE DOTDOT VALUE RSQUARE
219	{ $$=make_yy_minmax_range($2,$4); }
220	\| LSQUARE DOTDOT VALUE RSQUARE
221	{ $$=make_yy_max_range($3); }
222	\| LSQUARE VALUE DOTDOT RSQUARE
223	{ $$=make_yy_min_range($2); }
224	\| LSQUARE values RSQUARE
225	{ $$=$2; }
226	;
227
228	/* [otype:?Z:{oset-constraint}] */
229	/* [int:?I:[10 .. 20] */
230	/* [float:?F:[0.5 .. 2.5] */
231	/* [string:?S:["abc",'efg',"hij"] -only listed range */
232	/* urn same as string */
233	/* time like int but with quoted string values */
234	otypetail : VARIABLE_CONSTANT COLON
235	{
236	abac_pop_yystate();
237	abac_push_range_yystate();
238	}
239	rangetype
240	{
241	abac_pop_yystate();
242	abac_yy_term_data_t *ptr=make_yy_term_data();
243	set_yy_term_data_name(ptr,$1);
244	set_yy_term_data_is_variable(ptr);
245	set_yy_term_data_cond_range(ptr,$4);
246	$$=ptr;
247	}
248	\| VARIABLE_CONSTANT
249	{ abac_pop_yystate(); }
250	osetleft
251	{
252	abac_yy_term_data_t *ptr=make_yy_term_data();
253	set_yy_term_data_name(ptr,$1);
254	set_yy_term_data_is_variable(ptr);
255	set_yy_term_data_cond_head_expr(ptr,$3);
256	$$=ptr;
257	}
258	\| VARIABLE_CONSTANT
259	{
260	abac_pop_yystate();
261	abac_yy_term_data_t *ptr=make_yy_term_data();
262	set_yy_term_data_name(ptr,$1);
263	set_yy_term_data_is_variable(ptr);
264	$$=ptr;
265	}
266	\| OTYPE_CONSTANT
267	{
268	abac_pop_yystate();
269	abac_yy_term_data_t *ptr=make_yy_term_data();
270	set_yy_term_data_name(ptr,$1);
271	$$=ptr;
272	}
273	\| QMARK
274	{
275	abac_pop_yystate();
276	abac_yy_term_data_t *ptr=make_yy_term_data();
277	set_yy_term_data_is_anonymous(ptr);
278	$$= ptr;
279	}
280	;
281
282	typedpart : LSQUARE OTYPE COLON
283	{ abac_push_yystate($2); }
284	otypetail RSQUARE
285	{
286	abac_yy_term_data_t *ptr=$5;
287	set_yy_term_data_type(ptr,$2);
288	if(is_yy_term_data_has_constraint(ptr)) {
289	char *tail_string=get_yy_term_data_name(ptr);
290	make_yy_range_constraint(ptr);
291	make_yy_oset_constraint(ptr,tail_string);
292	}
293	$$=$5;
294	}
295	;
296
297
298	/* [principal:?] */
299	/* [principal:?Z] */
300	/* [principal:?This] */
301	/* [principal:?Z{role-constraint}] */
302	principalpart : LSQUARE PRINCIPAL COLON QMARK IDEN roleleft RSQUARE
303	{
304	abac_yy_expression_t *expr=$6;
305	char *tail_string=$5;
306	abac_yy_term_principal_t *ptr=make_yy_term_principal();
307	set_yy_term_principal_name(ptr,tail_string);
308	set_yy_term_principal_cond_head_expr(ptr,expr);
309	make_yy_role_constraint(ptr,tail_string);
310	$$=ptr;
311	}
312	\| LSQUARE PRINCIPAL COLON QMARK IDEN RSQUARE
313	{
314	abac_yy_term_principal_t *ptr=make_yy_term_principal();
315	set_yy_term_principal_name(ptr,$5);
316	$$ = ptr;
317	}
318	\| LSQUARE PRINCIPAL COLON QMARK RSQUARE
319	{
320	abac_yy_term_principal_t *ptr=make_yy_term_principal();
321	set_yy_term_principal_is_anonymous(ptr);
322	$$ = ptr;
323	}
324	;
325
326	roleright : roleterm AND roleright
327	{
328	abac_yy_expression_t *nexpr=$1;
329	abac_yy_expression_t *exprs=$3;
330	$$=add_yy_expression(nexpr,exprs);
331	}
332	\| roleterm
333	{ $$=$1; }
334	;
335
336	/* role at tail/right side
337	[keyid:usc].role:employee.role:friend
338	[keyid:usc].role:worker
339	[keyid:mike]
340	*/
341	roleterm : keypart DOT rolepart DOT rolepart
342	{
343	abac_yy_principal_t *keypart=$1;
344	abac_yy_roleoset_t *linked_rolepart=$3;
345	abac_yy_roleoset_t *rolepart=$5;
346	abac_yy_expression_t *expr=
347	make_yy_expression(e_yy_EXPR_LINKED,keypart,rolepart,linked_rolepart);
348	$$=expr;
349	}
350	\| keypart DOT rolepart
351	{
352	abac_yy_principal_t *keypart=$1;
353	abac_yy_roleoset_t *rolepart=$3;
354	abac_yy_expression_t *expr=
355	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
356	$$=expr;
357	}
358	\| keypart
359	{
360	abac_yy_principal_t *keypart=$1;
361	abac_yy_expression_t *expr=
362	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
363	$$=expr;
364	}
365	;
366
367	osetterm : keypart DOT rolepart DOT osetpart
368	{
369	abac_yy_principal_t *keypart=$1;
370	abac_yy_roleoset_t *linked_rolepart=$3;
371	abac_yy_roleoset_t *osetpart=$5;
372	abac_yy_expression_t *expr=
373	make_yy_expression(e_yy_EXPR_LINKED,keypart,osetpart,linked_rolepart);
374	$$=expr;
375	}
376	\| keypart DOT osetpart
377	{
378	abac_yy_principal_t *keypart=$1;
379	abac_yy_roleoset_t *osetpart=$3;
380	abac_yy_expression_t *expr=
381	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
382	$$=expr;
383	}
384	\| keypart
385	{
386	abac_yy_principal_t *keypart=$1;
387	abac_yy_expression_t *expr=
388	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
389	$$=expr;
390	}
391	\| typedpart
392	{
393	abac_yy_term_data_t *objpart=$1;
394	abac_yy_expression_t *expr=
395	make_yy_expression(e_yy_EXPR_OBJECT,objpart,NULL,NULL);
396	$$=expr;
397	}
398	;
399
400	/*
401	oset:access([urn:'fileA'])
402	*/
403	osetpart : OSET COLON IDEN LPAREN terms RPAREN
404	{
405	$$=make_yy_roleoset_oset($3,$5);
406	}
407	\| OSET COLON IDEN
408	{
409	$$=make_yy_roleoset_oset($3,NULL);
410	}
411	;
412
413
414	osetleft : keypart DOT osetpart
415	{
416	abac_yy_principal_t *keypart=$1;
417	abac_yy_roleoset_t *osetpart=$3;
418	abac_yy_expression_t *expr=
419	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
420	$$=expr;
421	}
422	;
423
424	osetright : osetterm AND osetright
425	{
426	abac_yy_expression_t *nexpr=$1;
427	abac_yy_expression_t *exprs=$3;
428	$$=add_yy_expression(nexpr,exprs);
429	}
430	\| osetterm
431	{ $$=$1; }
432	;
433	%%
434
435
436	/* Additional C code */
437	int yywrap()
438	{
439	/* exit when done lexing the current input */
440	return 1;
441	}
442
443	int yyerror (char *s)
444	{
445	fprintf (abac_yyout,"yyerror: %s\n", s);
446	}
447
448	/* setting defaults */
449	void abac_yyinit()
450	{
451	abac_yyout=abac_get_yyout();
452	abac_yyfptr = abac_get_yyfptr();
453	abac_yyfptr_encoded = abac_get_yyfptr_encoded();
454	if(debug)
455	fprintf (abac_yyout,"\n=======================================\n");
456	}
457
458	void panic(char *msg)
459	{
460	yyerror(msg);
461	}
462

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format