source: tests/python_tests/acme_rockets_rt0/query.py @ 6cd69a0

abac0-leakabac0-mei
Last change on this file since 6cd69a0 was 3c30b59, checked in by Mei <mei@…>, 11 years ago

1) add in new refactored regression testing directory
2) undo the abac.hh/ABAC.hh api changes
3) merged with Ted's changes to attribute format/nickname/issuer processing
  • Property mode set to 100755
File size: 2.6 KB
Line 
1#!/usr/bin/env python
2
3"""
4Run the queries described in README
5
6cmd: env keystore=`pwd` ./query.py
7
8"""
9
10import os
11import ABAC
12
13from test_util import runTest
14
15ctxt = ABAC.Context()
16
17# Keystore is the directory containing the principal credentials.
18# Load existing principals and/or policy credentials
19if (os.environ.has_key("keystore")) :
20    keystore=os.environ["keystore"]
21    ctxt.load_directory(keystore)
22else:
23    print("keystore is not set, using current directory...")
24    ctxt.load_directory(".")
25
26# retrieve principals' keyid value from local credential files
27acmeID=ABAC.ID("Acme_ID.pem");
28acmeID.load_privkey("Acme_private.pem");
29acme=acmeID.keyid()
30
31coyoteID=ABAC.ID("Coyote_ID.pem");
32coyoteID.load_privkey("Coyote_private.pem");
33coyote=coyoteID.keyid()
34
35bigbirdID=ABAC.ID("Bigbird_ID.pem");
36bigbirdID.load_privkey("Bigbird_private.pem");
37bigbird=bigbirdID.keyid()
38
39##########################################################################
40# dump the loaded attribute policies
41#
42print "\n...policy attribute set..."
43credentials = ctxt.credentials()
44for credential in credentials:
45    print "context: %s <- %s" % (credential.head().string(), credential.tail().string())
46
47##########################################################################
48# is coyote a preferred_customer of Acme ?
49# role=[keyid:Acme].role:preferred_customer
50# p =[keyid:coyote]
51print "===good============ Acme.preferred_customer <- Coyote"
52runTest("python_tests/acme_rockets_rt0","test1",ctxt,"%s.preferred_customer" % acme, coyote, 1, "simple single rule matchup")
53
54##########################################################################
55# can coyote buy rockets from Acme ?
56# role=[keyid:Acme].role:buy_rockets
57# p =[keyid:coyote]
58print "===good============ Acme.buy_rockets <- Coyote"
59runTest("python_tests/acme_rockets_rt0","test2",ctxt,"%s.buy_rockets" % acme, coyote, 1, "very simplequery")
60
61##########################################################################
62# is Acme a friend of coyote ?
63# role=[keyid:Coyote].role:friend
64# p=[keyid:Acme]
65print "===bad=============== Coyote.friend <- Acme"
66runTest("python_tests/acme_rockets_rt0","test3",ctxt,"%s.friend" % coyote, acme, 0, "none existing relation")
67
68##########################################################################
69# using complex role to ask a question.. expecting to fail
70# role=[keyid:Acme].role:buy_rockets
71# p=[keyid:Acme].role:preferred_customer
72print "===bad?=============== Acme.buy_rockets <- Acme.preferred_customer"
73runTest("python_tests/acme_rockets_rt0","test4",ctxt,"%s.buy_rockets" % acme, "%s.preferred_customer" % acme, 1, "complex role query should fail")
74
Note: See TracBrowser for help on using the repository browser.