Context Navigation

query.py @ ec550f7

abac0-leakabac0-meimei-idtvf-new-xml

Last change on this file since ec550f7 was ec550f7, checked in by Mei <mei@…>, 11 years ago

1) reworked how API doc is generated
2) tweak top level Makefile.am
3) loading issuer principal as side-effect of loading

an attribute credentials

4) add examples of GENI specific attribute credentials

and principal certificates into the regression testing

5) rename examples to tests

Property mode set to 100755

File size: 2.7 KB

Line
1	#!/usr/bin/env python
2
3	"""
4	Run the queries described in README
5
6	cmd: env keystore=`pwd` ./query.py
7	"""
8
9	import os
10	import ABAC
11
12	ctxt = ABAC.Context()
13
14	# Keystore is the directory containing the principal credentials.
15	# Load existing principals and/or policy credentials
16	if (os.environ.has_key("keystore")) :
17	keystore=os.environ["keystore"]
18	ctxt.load_directory(keystore)
19	else:
20	print("keystore is not set...")
21	exit(1)
22
23	# retrieve principals' keyid value from local credential files
24	acmeID=ABAC.ID("Acme_ID.pem");
25	acmeID.load_privkey("Acme_private.pem");
26	ctxt.load_id_chunk(acmeID.cert_chunk())
27	acme=acmeID.keyid()
28
29	bobID=ABAC.ID("Bob_ID.pem");
30	bobID.load_privkey("Bob_private.pem");
31	ctxt.load_id_chunk(bobID.cert_chunk())
32	bob=bobID.keyid()
33
34	aliceID=ABAC.ID("Alice_ID.pem");
35	aliceID.load_privkey("Alice_private.pem");
36	ctxt.load_id_chunk(aliceID.cert_chunk())
37	alice=aliceID.keyid()
38
39	globotronID=ABAC.ID("Globotron_ID.pem");
40	globotronID.load_privkey("Globotron_private.pem");
41	ctxt.load_id_chunk(globotronID.cert_chunk())
42	globotron=globotronID.keyid()
43
44	##########################################################################
45	# dump the loaded attribute policies
46	#
47	print "\n...policy attribute set..."
48	credentials = ctxt.credentials()
49	for credential in credentials:
50	print "context: %s <- %s" % (credential.head().string(), credential.tail().string())
51
52	##########################################################################
53	# is alice a admin at Globotron ?
54	# role=[keyid:Globotron].role:admin
55	# p=[keyid:Alice]
56
57	print "\n===good=============== Globotron.admin <- Alice"
58	(success, credentials) = ctxt.query("%s.admin" % globotron, alice)
59
60	if success:
61	print "success!"
62	else:
63	print "failure!"
64	for credential in credentials:
65	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
66
67	##########################################################################
68	# is bob a admin at Globotron ?
69	# role=[keyid:Globotron].role:admin
70	# p=[keyid:Bob]
71
72	print "\n===bad=============== Globotron.admin <- Bob"
73	(success, credentials) = ctxt.query("%s.admin" % globotron, bob)
74	if success:
75	print "success!"
76	else:
77	print "failure!"
78	for credential in credentials:
79	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
80
81	##########################################################################
82	# can bob create experiment at Acme ?
83	# role=[keyid:Acme].role:experiment_create
84	# p=[keyid:Bob]
85
86	print "\n===good=============== Acme.experiment_create <- Bob"
87	(success, credentials) = ctxt.query("%s.experiment_create" % acme, bob)
88	if success:
89	print "success!"
90	else:
91	print "failure!"
92	for credential in credentials:
93	print "credential %s <- %s" % (credential.head().string(), credential.tail().string())

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: tests/python_tests/experiment_create_rt0/query.py @ ec550f7

Download in other formats: