Context Navigation

source: libabac/rt2.y @ 923b4dd

mei_rt2mei_rt2_fix_1meiyap-rt1rt2

Last change on this file since 923b4dd was 9806e76, checked in by Mei <mei@…>, 12 years ago
1) add handling for typed anonymous term, [int:?] 2) make a pass through abac/doc 3) fix up creddy to take oset option at different calls
Property mode set to `100644`
File size: 12.6 KB

Line
1
2	/* bison grammar rules for process new rt2 statements */
3
4	%{
5	// include the GNU extension of asprintf
6	#define _GNU_SOURCE
7
8	/* C declarations */
9	#include <stdio.h>
10	#include <string.h>
11
12	#include "abac_pl_yy.h"
13	#include "abac_list.h"
14
15	/* lex tie-ins flag */
16	int yyerror (char *s);
17
18	FILE *abac_yyout = NULL;
19	char *abac_yyfptr = NULL;
20	char *abac_yyfptr_encoded = NULL;
21
22	void panic(char *msg);
23
24	%}
25	/* Bison declarations */
26	%union {
27	struct _abac_yy_principal_t *pstruct;
28	struct _abac_yy_term_principal_t *ppstruct;
29	struct _abac_yy_term_data_t *pdstruct;
30	struct _abac_yy_role_t *rstruct;
31	struct _abac_yy_oset_t *ostruct;
32	struct _abac_yy_term_t *dstruct;
33	struct _abac_yy_expression_t *estruct;
34	struct _abac_list_t *lstruct;
35	char string; / For returning char strings */
36	int intval; /* for returning some value */
37	}
38
39	%start input
40
41	%type <lstruct> stmt
42	%type <rstruct> rolepart
43	%type <estruct> roleleft
44	%type <estruct> roleright
45	%type <estruct> roleterm
46	%type <ostruct> osetpart
47	%type <estruct> osetleft
48	%type <estruct> osetright
49	%type <estruct> osetterm
50	%type <pstruct> keypart
51	%type <dstruct> terms
52	%type <dstruct> term
53	%type <pdstruct> typedpart
54	%type <pdstruct> otypetail
55	%type <ppstruct> principalpart
56	%type <lstruct> rangetype
57	%type <lstruct> values
58
59	%token <string> IDEN /* keyname or rolename or osetname */
60	%token <string> CAPIDEN /* variable name */
61	%token <string> ROLE /* the word, role */
62	%token <string> OSET /* the word, oset */
63	%token <string> PRINCIPAL /* the word, principal */
64	%token <string> OTYPE /* integer,boolean,urn,time,string,float */
65	%token <string> OTYPE_CONSTANT
66	%token <string> VARIABLE_CONSTANT /* constant for ?AAA */
67	%token <string> KEYTYPE /* keyid \| or something else */
68	%token <string> KEYID_CONSTANT /* keyid \| or something else */
69	%token <string> VALUE /* range value in static constraint */
70
71	%token <operator> DERIVE "<-"
72	%token <operator> DOT "."
73	%token <operator> AND "&"
74	%token <operator> LPAREN "("
75	%token <operator> RPAREN ")"
76	%token <operator> LSQUARE "["
77	%token <operator> RSQUARE "]"
78	%token <operator> LANGLE "<"
79	%token <operator> RANGLE ">"
80	%token <operator> COLON ":"
81	%token <operator> COMMA ","
82	%token <operator> QMARK "?"
83	%token <operator> DOTDOT ".."
84
85	%%
86	/* Grammar rules */
87
88	input: /* empty */
89	{ }
90	\| stmt
91	{
92	abac_yy_set_rule_clauses($1);
93	}
94	;
95
96	/* generate/concate prolog credentials clauses */
97	stmt : roleleft DERIVE roleright
98	{
99	abac_yy_expression_t *headexpr=$1;
100	abac_yy_expression_t *tailexpr=$3;
101	abac_list_t *ret=make_role_statement(headexpr, tailexpr);
102	if(ret == NULL) {
103	panic("unable to parse the role rule statment");
104	YYERROR;
105	} else {
106	$$=ret;
107	}
108	}
109	\| osetleft DERIVE osetright
110	{
111	abac_yy_expression_t *headexpr=$1;
112	abac_yy_expression_t *tailexpr=$3;
113	abac_list_t *ret=make_oset_statement(headexpr, tailexpr);
114	if(ret == NULL) {
115	panic("unable to parse the oset rule statment");
116	YYERROR;
117	} else {
118	$$=ret;
119	}
120	}
121	;
122	/*
123	[keyid:isi].role:modifyBy([keyid:mike])
124	[keyid:acme].role:preferred
125	*/
126	roleleft : keypart DOT rolepart
127	{
128	abac_yy_principal_t *keypart=$1;
129	abac_yy_role_t *rolepart=$3;
130	abac_yy_expression_t *expr=
131	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
132	$$=expr;
133	}
134	;
135
136	/* [keyid:mike] */
137	keypart : LSQUARE KEYTYPE COLON
138	{ abac_push_keyid_yystate(); }
139	KEYID_CONSTANT
140	{ abac_pop_yystate(); }
141	RSQUARE
142	{
143	char *cn=abac_cn_with_sha($5);
144	int idtype=abac_verify_keyid_type($2);
145	if(cn && idtype) {
146	$$=make_yy_principal($5, cn, idtype);
147	} else {
148	panic("encountered an invalid SHA id");
149	YYERROR;
150	}
151	}
152	;
153	/*
154	role:modifyBy([keyid:mike],[keyid:ted])
155	role:modifyBy([keyid:mike])
156	role:preferred
157	*/
158	rolepart : ROLE COLON IDEN LPAREN terms RPAREN
159	{
160	$$=make_yy_role($3,$5);
161	}
162	\| ROLE COLON IDEN
163	{
164	$$=make_yy_role($3,NULL);
165	}
166	;
167
168	/*
169	[keyid:mike],[keyid:ted]
170	[keyid:mike]
171	[principal:?Z]
172	?? [principal:?this]
173	[int:99]
174	[int:?Z]
175	[?]
176	*/
177	terms : term COMMA terms
178	{
179	abac_yy_term_t *nterm=$1;
180	abac_yy_term_t *terms=$3;
181	$$=add_yy_term(nterm, terms);
182	}
183	\| term
184	{
185	$$=$1;
186	}
187	;
188
189	term : LSQUARE QMARK RSQUARE
190	{ $$= make_yy_term_dterm_anonymous(); }
191	\| keypart
192	{ $$= make_yy_term_dterm_named($1); }
193	\| principalpart
194	{ $$= make_yy_term_dterm_principal($1); }
195	\| typedpart
196	{ $$= make_yy_term_dterm_data($1); }
197	;
198
199	values : VALUE COMMA values
200	{ $$=add_yy_val_range($3, $1); }
201	\| VALUE
202	{ $$=make_yy_val_range($1); }
203	;
204
205
206	rangetype : LSQUARE VALUE DOTDOT VALUE RSQUARE
207	{ $$=make_yy_minmax_range($2,$4); }
208	\| LSQUARE DOTDOT VALUE RSQUARE
209	{ $$=make_yy_max_range($3); }
210	\| LSQUARE VALUE DOTDOT RSQUARE
211	{ $$=make_yy_min_range($2); }
212	\| LSQUARE values RSQUARE
213	{ $$=$2; }
214	;
215
216	/* [otype:?Z:{oset-constraint}] */
217	/* [int:?I:[10 .. 20] */
218	/* [float:?F:[0.5 .. 2.5] */
219	/* [string:?S:["abc",'efg',"hij"] -only listed range */
220	/* urn same as string */
221	/* time like int but with quoted string values */
222	otypetail : VARIABLE_CONSTANT COLON
223	{
224	abac_pop_yystate();
225	abac_push_range_yystate();
226	}
227	rangetype
228	{
229	abac_pop_yystate();
230	abac_yy_term_data_t *ptr=make_yy_term_data();
231	set_yy_term_data_name(ptr,$1);
232	set_yy_term_data_is_variable(ptr);
233	set_yy_term_data_cond_range(ptr,$4);
234	$$=ptr;
235	}
236	\| VARIABLE_CONSTANT
237	{ abac_pop_yystate(); }
238	osetleft
239	{
240	abac_yy_term_data_t *ptr=make_yy_term_data();
241	set_yy_term_data_name(ptr,$1);
242	set_yy_term_data_is_variable(ptr);
243	set_yy_term_data_cond_head_expr(ptr,$3);
244	$$=ptr;
245	}
246	\| VARIABLE_CONSTANT
247	{
248	abac_pop_yystate();
249	abac_yy_term_data_t *ptr=make_yy_term_data();
250	set_yy_term_data_name(ptr,$1);
251	set_yy_term_data_is_variable(ptr);
252	$$=ptr;
253	}
254	\| OTYPE_CONSTANT
255	{
256	abac_pop_yystate();
257	abac_yy_term_data_t *ptr=make_yy_term_data();
258	set_yy_term_data_name(ptr,$1);
259	$$=ptr;
260	}
261	\| QMARK
262	{
263	abac_pop_yystate();
264	abac_yy_term_data_t *ptr=make_yy_term_data();
265	set_yy_term_data_is_anonymous(ptr);
266	$$= ptr;
267	}
268	;
269
270	typedpart : LSQUARE OTYPE COLON
271	{ abac_push_yystate($2); }
272	otypetail RSQUARE
273	{
274	abac_yy_term_data_t *ptr=$5;
275	set_yy_term_data_type(ptr,$2);
276	if(is_yy_term_data_has_constraint(ptr)) {
277	char *tail_string=get_yy_term_data_name(ptr);
278	make_yy_range_constraint(ptr,tail_string);
279	make_yy_oset_constraint(ptr,tail_string);
280	}
281	$$=$5;
282	}
283	;
284
285
286	/* [principal:?] */
287	/* [principal:?Z] */
288	/* [principal:?Z{role-constraint}] */
289	principalpart : LSQUARE PRINCIPAL COLON QMARK IDEN roleleft RSQUARE
290	{
291	abac_yy_expression_t *expr=$6;
292	char *tail_string=$5;
293	abac_yy_term_principal_t *ptr=make_yy_term_principal();
294	set_yy_term_principal_name(ptr,tail_string);
295	set_yy_term_principal_cond_head_expr(ptr,expr);
296	char *string=make_yy_role_constraint(ptr,tail_string);
297	$$=ptr;
298	}
299	\| LSQUARE PRINCIPAL COLON QMARK IDEN RSQUARE
300	{
301	abac_yy_term_principal_t *ptr=make_yy_term_principal();
302	set_yy_term_principal_name(ptr,$5);
303	$$ = ptr;
304	}
305	\| LSQUARE PRINCIPAL COLON QMARK RSQUARE
306	{
307	abac_yy_term_principal_t *ptr=make_yy_term_principal();
308	set_yy_term_principal_is_anonymous(ptr);
309	$$ = ptr;
310	}
311	;
312
313	roleright : roleterm AND roleright
314	{
315	abac_yy_expression_t *nexpr=$1;
316	abac_yy_expression_t *exprs=$3;
317	$$=add_yy_expression(nexpr,exprs);
318	}
319	\| roleterm
320	{ $$=$1; }
321	;
322
323	/* role at tail/right side
324	[keyid:usc].role:employee.role:friend
325	[keyid:usc].role:worker
326	[keyid:mike]
327	*/
328	roleterm : keypart DOT rolepart DOT rolepart
329	{
330	abac_yy_principal_t *keypart=$1;
331	abac_yy_role_t *linked_rolepart=$3;
332	abac_yy_role_t *rolepart=$5;
333	abac_yy_expression_t *expr=
334	make_yy_expression(e_yy_EXPR_LINKED,keypart,rolepart,linked_rolepart);
335	$$=expr;
336	}
337	\| keypart DOT rolepart
338	{
339	abac_yy_principal_t *keypart=$1;
340	abac_yy_role_t *rolepart=$3;
341	abac_yy_expression_t *expr=
342	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
343	$$=expr;
344	}
345	\| keypart
346	{
347	abac_yy_principal_t *keypart=$1;
348	abac_yy_expression_t *expr=
349	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
350	$$=expr;
351	}
352	;
353
354	osetterm : keypart DOT rolepart DOT osetpart
355	{
356	abac_yy_principal_t *keypart=$1;
357	abac_yy_role_t *linked_rolepart=$3;
358	abac_yy_oset_t *osetpart=$5;
359	abac_yy_expression_t *expr=
360	make_yy_expression(e_yy_EXPR_LINKED,keypart,osetpart,linked_rolepart);
361	$$=expr;
362	}
363	\| keypart DOT osetpart
364	{
365	abac_yy_principal_t *keypart=$1;
366	abac_yy_oset_t *osetpart=$3;
367	abac_yy_expression_t *expr=
368	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
369	$$=expr;
370	}
371	\| keypart
372	{
373	abac_yy_principal_t *keypart=$1;
374	abac_yy_expression_t *expr=
375	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
376	$$=expr;
377	}
378	\| typedpart
379	{
380	abac_yy_term_data_t *objpart=$1;
381	abac_yy_expression_t *expr=
382	make_yy_expression(e_yy_EXPR_OBJECT,objpart,NULL,NULL);
383	$$=expr;
384	}
385	;
386
387	/*
388	oset:access([urn:'fileA'])
389	*/
390	osetpart : OSET COLON IDEN LPAREN terms RPAREN
391	{
392	$$=make_yy_oset($3,$5);
393	}
394	\| OSET COLON IDEN
395	{
396	$$=make_yy_oset($3,NULL);
397	}
398	;
399
400
401	osetleft : keypart DOT osetpart
402	{
403	abac_yy_principal_t *keypart=$1;
404	abac_yy_oset_t *osetpart=$3;
405	abac_yy_expression_t *expr=
406	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
407	$$=expr;
408	}
409	;
410
411	osetright : osetterm AND osetright
412	{
413	abac_yy_expression_t *nexpr=$1;
414	abac_yy_expression_t *exprs=$3;
415	$$=add_yy_expression(nexpr,exprs);
416	}
417	\| osetterm
418	{ $$=$1; }
419	;
420	%%
421
422
423	/* Additional C code */
424	int yywrap()
425	{
426	/* exit when done lexing the current input */
427	return 1;
428	}
429
430	int yyerror (char *s)
431	{
432	fprintf (abac_yyout,"yyerror: %s\n", s);
433	}
434
435	/* setting defaults */
436	void abac_yyinit()
437	{
438	abac_yyout=abac_get_yyout();
439	abac_yyfptr = abac_get_yyfptr();
440	abac_yyfptr_encoded = abac_get_yyfptr_encoded();
441	}
442
443	void panic(char *msg)
444	{
445	yyerror(msg);
446	}
447

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format