Context Navigation

source: libabac/rt2.y @ e97d2e2

mei_rt2_fix_1

Last change on this file since e97d2e2 was 7211a95, checked in by Mei <mei@…>, 12 years ago

1) add more python examples
2) add the missing linking role and linking oset api calls
3) fix the output of time typed data term/oset obj in typed_string format

(transform back from yap time format to our ddddddddTdddddd format

Property mode set to 100644

File size: 13.2 KB

Line
1
2	/* bison grammar rules for process new rt2 statements */
3
4	%{
5	// include the GNU extension of asprintf
6	#define _GNU_SOURCE
7
8	/* C declarations */
9	#include <stdio.h>
10	#include <string.h>
11
12	#include "abac_pl_yy.h"
13	#include "abac_list.h"
14
15	/* lex tie-ins flag */
16	int yyerror (char *s);
17	static int debug=0;
18
19	FILE *abac_yyout = NULL;
20	char *abac_yyfptr = NULL;
21	char *abac_yyfptr_encoded = NULL;
22
23	#define USE(evalue) ((getenv(evalue)!=NULL)?1:0)
24
25	void panic(char *msg);
26
27	%}
28	/* Bison declarations */
29	%union {
30	struct _abac_yy_principal_t *pstruct;
31	struct _abac_yy_term_principal_t *ppstruct;
32	struct _abac_yy_term_data_t *pdstruct;
33	struct _abac_yy_roleoset_t *rostruct;
34	struct _abac_yy_term_t *dstruct;
35	struct _abac_yy_expression_t *estruct;
36	struct _abac_list_t *lstruct;
37	char string; / For returning char strings */
38	int intval; /* for returning some value */
39	}
40
41	%start input
42
43	%type <lstruct> stmt
44	%type <rostruct> rolepart
45	%type <estruct> roleleft
46	%type <estruct> roleright
47	%type <estruct> roleterm
48	%type <rostruct> osetpart
49	%type <estruct> osetleft
50	%type <estruct> osetright
51	%type <estruct> osetterm
52	%type <pstruct> keypart
53	%type <dstruct> terms
54	%type <dstruct> term
55	%type <pdstruct> typedpart
56	%type <pdstruct> otypetail
57	%type <ppstruct> principalpart
58	%type <lstruct> rangetype
59	%type <lstruct> values
60
61	%token <string> IDEN /* keyname or rolename or osetname */
62	%token <string> CAPIDEN /* variable name */
63	%token <string> ROLE /* the word, role */
64	%token <string> OSET /* the word, oset */
65	%token <string> PRINCIPAL /* the word, principal */
66	%token <string> OTYPE /* integer,boolean,urn,time,string,float */
67	%token <string> OTYPE_CONSTANT
68	%token <string> VARIABLE_CONSTANT /* constant for ?AAA */
69	%token <string> KEYTYPE /* keyid \| or something else */
70	%token <string> KEYID_CONSTANT /* keyid \| or something else */
71	%token <string> VALUE /* range value in static constraint */
72
73	%token <operator> DERIVE "<-"
74	%token <operator> DOT "."
75	%token <operator> AND "&"
76	%token <operator> LPAREN "("
77	%token <operator> RPAREN ")"
78	%token <operator> LSQUARE "["
79	%token <operator> RSQUARE "]"
80	%token <operator> LANGLE "<"
81	%token <operator> RANGLE ">"
82	%token <operator> COLON ":"
83	%token <operator> COMMA ","
84	%token <operator> QMARK "?"
85	%token <operator> DOTDOT ".."
86
87	%%
88	/* Grammar rules */
89
90	input: /* empty */
91	{ }
92	\| stmt
93	{
94	abac_yy_set_rule_clauses($1);
95	}
96	;
97
98	/* generate/concate prolog credentials clauses */
99	stmt : roleleft DERIVE roleright
100	{
101	abac_yy_expression_t *headexpr=$1;
102	abac_yy_expression_t *tailexpr=$3;
103	abac_list_t *ret=make_role_statement(headexpr, tailexpr);
104	if(ret == NULL) {
105	panic("unable to parse the role rule statment");
106	YYERROR;
107	} else {
108	$$=ret;
109	}
110	}
111	\| osetleft DERIVE osetright
112	{
113	abac_yy_expression_t *headexpr=$1;
114	abac_yy_expression_t *tailexpr=$3;
115	abac_list_t *ret=make_oset_statement(headexpr, tailexpr);
116	if(ret == NULL) {
117	panic("unable to parse the oset rule statment");
118	YYERROR;
119	} else {
120	$$=ret;
121	}
122	}
123	;
124	/*
125	[keyid:isi].role:modifyBy([keyid:mike])
126	[keyid:acme].role:preferred
127	*/
128	roleleft : keypart DOT rolepart
129	{
130	abac_yy_principal_t *keypart=$1;
131	abac_yy_roleoset_t *rolepart=$3;
132	abac_yy_expression_t *expr=
133	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
134	$$=expr;
135	}
136	;
137
138	/* [keyid:mike] */
139	keypart : LSQUARE KEYTYPE COLON
140	{ abac_push_keyid_yystate(); }
141	KEYID_CONSTANT
142	{ abac_pop_yystate(); }
143	RSQUARE
144	{
145	int idtype=abac_verify_idtype_type($2);
146	char *tmp=NULL;
147	asprintf(&tmp,"%s",$5);
148	char *cn=abac_cn_with_sha(tmp);
149	if(cn && idtype) {
150	$$=make_yy_principal(tmp, cn, idtype);
151	} else {
152	if((USE("ABAC_CN")) && cn==NULL) {
153	if(debug)
154	asprintf(&tmp,"encountered an invalid SHA id(%s)",$5);
155	else asprintf(&tmp,"encountered an invalid SHA id");
156	panic(tmp);
157	free(tmp);
158	YYERROR;
159	}
160	$$=make_yy_principal(tmp, NULL, idtype);
161	}
162	}
163	;
164	/*
165	role:modifyBy([keyid:mike],[keyid:ted])
166	role:modifyBy([keyid:mike])
167	role:preferred
168	*/
169	rolepart : ROLE COLON IDEN LPAREN terms RPAREN
170	{
171	$$=make_yy_roleoset_role($3,$5);
172	}
173	\| ROLE COLON IDEN
174	{
175	$$=make_yy_roleoset_role($3,NULL);
176	}
177	;
178
179	/*
180	[keyid:mike],[keyid:ted]
181	[keyid:mike]
182	[principal:?Z]
183	[principal:?this]
184	[int:99]
185	[int:?Z]
186	[?]
187	*/
188	terms : term COMMA terms
189	{
190	abac_yy_term_t *nterm=$1;
191	abac_yy_term_t *terms=$3;
192	$$=add_yy_term(nterm, terms);
193	}
194	\| term
195	{
196	$$=$1;
197	}
198	;
199
200	term : LSQUARE QMARK RSQUARE
201	{ $$= make_yy_term_dterm_anonymous(); }
202	\| keypart
203	{ $$= make_yy_term_dterm_named($1); }
204	\| principalpart
205	{ $$= make_yy_term_dterm_principal($1); }
206	\| typedpart
207	{ $$= make_yy_term_dterm_data($1); }
208	;
209
210	values : VALUE COMMA values
211	{ $$=add_yy_val_range($3, $1); }
212	\| VALUE
213	{ $$=make_yy_val_range($1); }
214	;
215
216
217	rangetype : LSQUARE VALUE DOTDOT VALUE RSQUARE
218	{ $$=make_yy_minmax_range($2,$4); }
219	\| LSQUARE DOTDOT VALUE RSQUARE
220	{ $$=make_yy_max_range($3); }
221	\| LSQUARE VALUE DOTDOT RSQUARE
222	{ $$=make_yy_min_range($2); }
223	\| LSQUARE values RSQUARE
224	{ $$=$2; }
225	;
226
227	/* [otype:?Z{oset-constraint}] */
228	/* [int:?I:[10 .. 20] */
229	/* [float:?F:[0.5 .. 2.5] */
230	/* [string:?S:["abc",'efg',"hij"] -only listed range */
231	/* urn same as string */
232	/* time like int but with quoted string values */
233	otypetail : VARIABLE_CONSTANT COLON
234	{
235	abac_pop_yystate();
236	abac_push_range_yystate();
237	}
238	rangetype
239	{
240	abac_pop_yystate();
241	abac_yy_term_data_t *ptr=make_yy_term_data();
242	set_yy_term_data_name(ptr,$1);
243	set_yy_term_data_is_variable(ptr);
244	set_yy_term_data_cond_range(ptr,$4);
245	$$=ptr;
246	}
247	\| VARIABLE_CONSTANT
248	{ abac_pop_yystate(); }
249	osetleft
250	{
251	abac_yy_term_data_t *ptr=make_yy_term_data();
252	set_yy_term_data_name(ptr,$1);
253	set_yy_term_data_is_variable(ptr);
254	set_yy_term_data_cond_head_expr(ptr,$3);
255	$$=ptr;
256	}
257	\| VARIABLE_CONSTANT
258	{
259	abac_pop_yystate();
260	abac_yy_term_data_t *ptr=make_yy_term_data();
261	set_yy_term_data_name(ptr,$1);
262	set_yy_term_data_is_variable(ptr);
263	$$=ptr;
264	}
265	\| OTYPE_CONSTANT
266	{
267	abac_pop_yystate();
268	abac_yy_term_data_t *ptr=make_yy_term_data();
269	set_yy_term_data_name(ptr,$1);
270	$$=ptr;
271	}
272	\| QMARK
273	{
274	abac_pop_yystate();
275	abac_yy_term_data_t *ptr=make_yy_term_data();
276	set_yy_term_data_is_anonymous(ptr);
277	$$= ptr;
278	}
279	;
280
281	typedpart : LSQUARE OTYPE COLON
282	{ abac_push_yystate($2); }
283	otypetail RSQUARE
284	{
285	abac_yy_term_data_t *ptr=$5;
286	set_yy_term_data_type(ptr,$2);
287	if(is_yy_term_data_has_constraint(ptr)) {
288	char *tail_string=get_yy_term_data_name(ptr);
289	make_yy_range_constraint(ptr);
290	make_yy_oset_constraint(ptr,tail_string);
291	}
292	$$=$5;
293	}
294	;
295
296
297	/* [principal:?] */
298	/* [principal:?Z] */
299	/* [principal:?This] */
300	/* [principal:?Z:{role-constraint}] */
301	principalpart : LSQUARE PRINCIPAL COLON QMARK IDEN roleleft RSQUARE
302	{
303	abac_yy_expression_t *expr=$6;
304	char *tail_string=$5;
305	abac_yy_term_principal_t *ptr=make_yy_term_principal();
306	set_yy_term_principal_name(ptr,tail_string);
307	set_yy_term_principal_cond_head_expr(ptr,expr);
308	make_yy_role_constraint(ptr,tail_string);
309	$$=ptr;
310	}
311	\| LSQUARE PRINCIPAL COLON QMARK IDEN RSQUARE
312	{
313	abac_yy_term_principal_t *ptr=make_yy_term_principal();
314	set_yy_term_principal_name(ptr,$5);
315	$$ = ptr;
316	}
317	\| LSQUARE PRINCIPAL COLON QMARK RSQUARE
318	{
319	abac_yy_term_principal_t *ptr=make_yy_term_principal();
320	set_yy_term_principal_is_anonymous(ptr);
321	$$ = ptr;
322	}
323	;
324
325	roleright : roleterm AND roleright
326	{
327	abac_yy_expression_t *nexpr=$1;
328	abac_yy_expression_t *exprs=$3;
329	$$=add_yy_expression(nexpr,exprs);
330	}
331	\| roleterm
332	{ $$=$1; }
333	;
334
335	/* role at tail/right side
336	[keyid:usc].role:employee.role:friend
337	[keyid:usc].role:worker
338	[keyid:mike]
339	*/
340	roleterm : keypart DOT rolepart DOT rolepart
341	{
342	abac_yy_principal_t *keypart=$1;
343	abac_yy_roleoset_t *linked_rolepart=$3;
344	abac_yy_roleoset_t *rolepart=$5;
345	abac_yy_expression_t *expr=
346	make_yy_expression(e_yy_EXPR_LINKED,keypart,rolepart,linked_rolepart);
347	$$=expr;
348	}
349	\| keypart DOT rolepart
350	{
351	abac_yy_principal_t *keypart=$1;
352	abac_yy_roleoset_t *rolepart=$3;
353	abac_yy_expression_t *expr=
354	make_yy_expression(e_yy_EXPR_ROLE,keypart,rolepart,NULL);
355	$$=expr;
356	}
357	\| keypart
358	{
359	abac_yy_principal_t *keypart=$1;
360	abac_yy_expression_t *expr=
361	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
362	$$=expr;
363	}
364	;
365
366	osetterm : keypart DOT rolepart DOT osetpart
367	{
368	abac_yy_principal_t *keypart=$1;
369	abac_yy_roleoset_t *linked_rolepart=$3;
370	abac_yy_roleoset_t *osetpart=$5;
371	abac_yy_expression_t *expr=
372	make_yy_expression(e_yy_EXPR_LINKED,keypart,osetpart,linked_rolepart);
373	$$=expr;
374	}
375	\| keypart DOT osetpart
376	{
377	abac_yy_principal_t *keypart=$1;
378	abac_yy_roleoset_t *osetpart=$3;
379	abac_yy_expression_t *expr=
380	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
381	$$=expr;
382	}
383	\| keypart
384	{
385	abac_yy_principal_t *keypart=$1;
386	abac_yy_expression_t *expr=
387	make_yy_expression(e_yy_EXPR_NAMED,keypart,NULL,NULL);
388	$$=expr;
389	}
390	\| typedpart
391	{
392	abac_yy_term_data_t *objpart=$1;
393	abac_yy_expression_t *expr=
394	make_yy_expression(e_yy_EXPR_OBJECT,objpart,NULL,NULL);
395	$$=expr;
396	}
397	;
398
399	/*
400	oset:access([urn:'fileA'])
401	*/
402	osetpart : OSET COLON IDEN LPAREN terms RPAREN
403	{
404	$$=make_yy_roleoset_oset($3,$5);
405	}
406	\| OSET COLON IDEN
407	{
408	$$=make_yy_roleoset_oset($3,NULL);
409	}
410	;
411
412
413	osetleft : keypart DOT osetpart
414	{
415	abac_yy_principal_t *keypart=$1;
416	abac_yy_roleoset_t *osetpart=$3;
417	abac_yy_expression_t *expr=
418	make_yy_expression(e_yy_EXPR_OSET,keypart,osetpart,NULL);
419	$$=expr;
420	}
421	;
422
423	osetright : osetterm AND osetright
424	{
425	abac_yy_expression_t *nexpr=$1;
426	abac_yy_expression_t *exprs=$3;
427	$$=add_yy_expression(nexpr,exprs);
428	}
429	\| osetterm
430	{ $$=$1; }
431	;
432	%%
433
434
435	/* Additional C code */
436	int yywrap()
437	{
438	/* exit when done lexing the current input */
439	return 1;
440	}
441
442	int yyerror (char *s)
443	{
444	fprintf (abac_yyout,"yyerror: %s\n", s);
445	}
446
447	/* setting defaults */
448	void abac_yyinit()
449	{
450	abac_yyout=abac_get_yyout();
451	abac_yyfptr = abac_get_yyfptr();
452	abac_yyfptr_encoded = abac_get_yyfptr_encoded();
453	if(debug)
454	fprintf (abac_yyout,"\n=======================================\n");
455	}
456
457	void panic(char *msg)
458	{
459	yyerror(msg);
460	}
461

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format