1 | #!?usr/local/bin/python |
---|
2 | |
---|
3 | import gtk |
---|
4 | import ConfigParser |
---|
5 | import os.path |
---|
6 | import re |
---|
7 | import Creddy |
---|
8 | |
---|
9 | from principal_tree import principal_issued_tree, \ |
---|
10 | principal_assigned_tree, principal_attribute_tree |
---|
11 | |
---|
12 | from new_credential import add_credential_dialog |
---|
13 | |
---|
14 | class window(gtk.Window): |
---|
15 | |
---|
16 | ui_def = ''' |
---|
17 | <ui> |
---|
18 | <menubar> |
---|
19 | <menu action="FileMenu"> |
---|
20 | <menuitem name="Save" action="FileSave"/> |
---|
21 | <menuitem name="Quit" action="FileQuit"/> |
---|
22 | </menu> |
---|
23 | <menu action="EditMenu"> |
---|
24 | <menuitem action="EditAddCred"/> |
---|
25 | </menu> |
---|
26 | <menu action="ViewMenu"> |
---|
27 | <menu action="Translation"> |
---|
28 | <menuitem name="ViewSet" action="ViewSet"/> |
---|
29 | <menuitem name="ViewRole description" action="ViewRole"/> |
---|
30 | <menuitem name="ViewNames" action="ViewName"/> |
---|
31 | <menuitem name="ViewRaw" action="ViewRaw"/> |
---|
32 | </menu> |
---|
33 | </menu> |
---|
34 | </menubar> |
---|
35 | </ui> |
---|
36 | ''' |
---|
37 | cfg_path = os.path.join(os.path.expanduser('~'), '.abac_policy_tool.cfg') |
---|
38 | |
---|
39 | @staticmethod |
---|
40 | def wrapit(widget): |
---|
41 | sw = gtk.ScrolledWindow() |
---|
42 | sw.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC) |
---|
43 | sw.add(widget) |
---|
44 | return sw |
---|
45 | |
---|
46 | def __init__(self, policy): |
---|
47 | gtk.Window.__init__(self, gtk.WINDOW_TOPLEVEL) |
---|
48 | self.policy = policy |
---|
49 | self.set_title('test') |
---|
50 | self.connect('destroy', self.quit) |
---|
51 | self.connect('show', self.shown) |
---|
52 | self.connect('configure-event', self.changed) |
---|
53 | self.pos = (0,0) |
---|
54 | self.size = (500, 500) |
---|
55 | self.pages = [ ] |
---|
56 | self.translated = [ ] |
---|
57 | |
---|
58 | self.read_config() |
---|
59 | |
---|
60 | nb = gtk.Notebook() |
---|
61 | p = principal_issued_tree(policy) |
---|
62 | nb.append_page(self.wrapit(p), gtk.Label("Credentials Issued")) |
---|
63 | self.pages.append(p) |
---|
64 | |
---|
65 | p = principal_assigned_tree(policy) |
---|
66 | nb.append_page(self.wrapit(p), gtk.Label("Attributes Assigned")) |
---|
67 | self.pages.append(p) |
---|
68 | |
---|
69 | p = principal_attribute_tree(policy) |
---|
70 | nb.append_page(self.wrapit(p), gtk.Label("All Attributes")) |
---|
71 | self.pages.append(p) |
---|
72 | self.translated.append(p) |
---|
73 | |
---|
74 | ui = gtk.UIManager() |
---|
75 | ag = gtk.ActionGroup('action') |
---|
76 | ag.add_actions(( |
---|
77 | ('FileMenu', None, 'File'), |
---|
78 | ('FileSave', gtk.STOCK_SAVE, None, None, None, self.save), |
---|
79 | ('FileQuit', gtk.STOCK_QUIT, None, None, None, self.quit), |
---|
80 | ('EditMenu', None, 'Edit'), |
---|
81 | ('EditAddCred', None, "Add Credential", None, None, self.add_cred), |
---|
82 | ('ViewMenu', None, 'View'), |
---|
83 | ('Translation', None, 'Translate Credentials'), |
---|
84 | )) |
---|
85 | ag.add_radio_actions([ |
---|
86 | ('ViewSet', None, 'Set based descriptions', None, None, 0), |
---|
87 | ('ViewRole', None, 'Role based descriptions', None, None, 1), |
---|
88 | ('ViewName', None, 'ABAC with symbolic names', None, None, 2), |
---|
89 | ('ViewRaw', None, 'Raw ABAC', None, None, 3),], |
---|
90 | 2, self.translation_change) |
---|
91 | |
---|
92 | ui.insert_action_group(ag, -1) |
---|
93 | ui.add_ui_from_string(window.ui_def) |
---|
94 | |
---|
95 | mb = ui.get_widget('ui/menubar') |
---|
96 | vb = gtk.VBox() |
---|
97 | vb.pack_start(mb, False, False, 0) |
---|
98 | vb.pack_start(nb, True, True, 0) |
---|
99 | |
---|
100 | self.add(vb) |
---|
101 | self.show_all() |
---|
102 | |
---|
103 | def quit(self, widget=None, data=None): |
---|
104 | self.save_config() |
---|
105 | gtk.main_quit() |
---|
106 | |
---|
107 | def save(self, widget=None, data=None): |
---|
108 | d = gtk.FileChooserDialog('Save file as', self, |
---|
109 | gtk.FILE_CHOOSER_ACTION_SAVE, ( |
---|
110 | gtk.STOCK_OK, gtk.RESPONSE_OK, |
---|
111 | gtk.STOCK_CANCEL, gtk.RESPONSE_CANCEL)) |
---|
112 | fil = gtk.FileFilter() |
---|
113 | fil.set_name('Zip files') |
---|
114 | fil.add_pattern('*.zip') |
---|
115 | d.set_select_multiple(False) |
---|
116 | d.set_current_folder('.') |
---|
117 | d.set_do_overwrite_confirmation(True) |
---|
118 | d.add_filter(fil) |
---|
119 | if self.policy.filename is not None: |
---|
120 | d.set_filename(self.policy.filename) |
---|
121 | rv = d.run() |
---|
122 | d.hide() |
---|
123 | if rv == gtk.RESPONSE_OK: |
---|
124 | self.policy.write_zip(d.get_filename()) |
---|
125 | d.destroy() |
---|
126 | |
---|
127 | def add_cred(self, widget=None, data=None): |
---|
128 | |
---|
129 | def report_error(message): |
---|
130 | md = gtk.MessageDialog(self, gtk.DIALOG_MODAL, |
---|
131 | gtk.MESSAGE_ERROR, gtk.BUTTONS_CLOSE, |
---|
132 | message) |
---|
133 | md.run() |
---|
134 | md.destroy() |
---|
135 | |
---|
136 | d = add_credential_dialog(self, self.policy) |
---|
137 | rv = d.run() |
---|
138 | d.hide() |
---|
139 | if rv == gtk.RESPONSE_OK: |
---|
140 | iname = d.issuer.get_active_text() |
---|
141 | issuer = self.policy.issuers[self.policy.name_to_keyid(iname)] |
---|
142 | role = re.sub('\.', '_', d.role.get_text()) |
---|
143 | cred = None |
---|
144 | try: |
---|
145 | cred = Creddy.Attribute(issuer, role, 5 * 365 * 3600 * 24) |
---|
146 | except RuntimeError, e: |
---|
147 | print e |
---|
148 | pass |
---|
149 | |
---|
150 | if cred is None: |
---|
151 | report_error("Missing or invalid role") |
---|
152 | d.destroy() |
---|
153 | return |
---|
154 | |
---|
155 | mode = d.mechanism.get_active_text() |
---|
156 | p = d.subject_principal.get_text() |
---|
157 | p = self.policy.name_to_keyid(p) |
---|
158 | if p is None: |
---|
159 | report_error("Missing or invalid subject principal") |
---|
160 | d.destroy() |
---|
161 | return |
---|
162 | if mode == 'Direct delegation' or mode == 'Delegation to role': |
---|
163 | r = d.subject_role.get_text() |
---|
164 | if r is None or r == '': |
---|
165 | report_error("Missing or invalid subject role") |
---|
166 | d.destroy() |
---|
167 | return |
---|
168 | if mode == 'Delegation to role': |
---|
169 | l = d.subject_link.get_text() |
---|
170 | if l is None or l == '': |
---|
171 | report_error("Missing or invalid subject linking role") |
---|
172 | d.destroy() |
---|
173 | return |
---|
174 | |
---|
175 | if mode == 'Direct assignment': cred.principal(p) |
---|
176 | elif mode == 'Direct delegation': cred.role(p, r) |
---|
177 | else: cred.linking_role(p, l, r) |
---|
178 | |
---|
179 | try: |
---|
180 | cred.bake() |
---|
181 | except: |
---|
182 | report_error("Could not create credential?!") |
---|
183 | d.destroy() |
---|
184 | return |
---|
185 | self.policy.add_credential(cred) |
---|
186 | for p in self.pages: |
---|
187 | p.recalc() |
---|
188 | d.destroy() |
---|
189 | |
---|
190 | |
---|
191 | |
---|
192 | |
---|
193 | def shown(self, w): |
---|
194 | self.move(*self.pos) |
---|
195 | self.resize(*self.size) |
---|
196 | |
---|
197 | def changed(self, w, e): |
---|
198 | self.pos = self.get_position() |
---|
199 | self.size = self.get_size() |
---|
200 | |
---|
201 | def translation_change(self, ra, c, user=None): |
---|
202 | cv = c.get_current_value() |
---|
203 | if cv == 0: self.policy.translate = 'sets' |
---|
204 | elif cv == 1: self.policy.translate = 'roles' |
---|
205 | elif cv == 2: self.policy.translate = 'keyids' |
---|
206 | elif cv == 3: self.policy.translate = 'none' |
---|
207 | else: print >>sys.stderr, 'Unknown translation type!?' |
---|
208 | |
---|
209 | for p in self.translated: |
---|
210 | p.recalc() |
---|
211 | |
---|
212 | def get_intpair(self, sect, opt): |
---|
213 | if not self.cfg.has_section(sect): |
---|
214 | self.cfg.add_section(sect) |
---|
215 | |
---|
216 | if self.cfg.has_option(sect, opt): |
---|
217 | try: |
---|
218 | return [int(x) for x in self.cfg.get(sect, opt).split(',', 1)] |
---|
219 | except ValueError: |
---|
220 | return None |
---|
221 | else: |
---|
222 | return None |
---|
223 | |
---|
224 | def read_config(self): |
---|
225 | self.cfg = ConfigParser.SafeConfigParser() |
---|
226 | self.cfg.read(window.cfg_path) |
---|
227 | |
---|
228 | self.pos = self.get_intpair('geom', 'pos') or ( 0, 0) |
---|
229 | self.size = self.get_intpair('geom', 'size') or ( 500, 500) |
---|
230 | |
---|
231 | |
---|
232 | def save_config(self): |
---|
233 | self.cfg.set('geom', 'pos', '%d,%d' % self.pos) |
---|
234 | self.cfg.set('geom', 'size', '%d,%d' % self.size) |
---|
235 | try: |
---|
236 | f = open(window.cfg_path, 'w') |
---|
237 | self.cfg.write(f) |
---|
238 | f.close() |
---|
239 | except EnvironmentError, e: |
---|
240 | pass |
---|