1 | #!?usr/local/bin/python |
---|
2 | |
---|
3 | import gtk |
---|
4 | import ConfigParser |
---|
5 | import os.path |
---|
6 | import re |
---|
7 | import Creddy |
---|
8 | |
---|
9 | from principal_tree import principal_issued_tree, \ |
---|
10 | principal_assigned_tree, principal_attribute_tree |
---|
11 | |
---|
12 | from new_credential import add_credential_dialog |
---|
13 | |
---|
14 | class window(gtk.Window): |
---|
15 | |
---|
16 | ui_def = ''' |
---|
17 | <ui> |
---|
18 | <menubar> |
---|
19 | <menu action="FileMenu"> |
---|
20 | <menuitem name="Quit" action="FileQuit"/> |
---|
21 | </menu> |
---|
22 | <menu action="EditMenu"> |
---|
23 | <menuitem action="EditAddCred"/> |
---|
24 | </menu> |
---|
25 | <menu action="ViewMenu"> |
---|
26 | <menu action="Translation"> |
---|
27 | <menuitem name="ViewSet" action="ViewSet"/> |
---|
28 | <menuitem name="ViewRole description" action="ViewRole"/> |
---|
29 | <menuitem name="ViewNames" action="ViewName"/> |
---|
30 | <menuitem name="ViewRaw" action="ViewRaw"/> |
---|
31 | </menu> |
---|
32 | </menu> |
---|
33 | </menubar> |
---|
34 | </ui> |
---|
35 | ''' |
---|
36 | cfg_path = os.path.join(os.path.expanduser('~'), '.abac_policy_tool.cfg') |
---|
37 | |
---|
38 | @staticmethod |
---|
39 | def wrapit(widget): |
---|
40 | sw = gtk.ScrolledWindow() |
---|
41 | sw.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC) |
---|
42 | sw.add(widget) |
---|
43 | return sw |
---|
44 | |
---|
45 | def __init__(self, policy): |
---|
46 | gtk.Window.__init__(self, gtk.WINDOW_TOPLEVEL) |
---|
47 | self.policy = policy |
---|
48 | self.set_title('test') |
---|
49 | self.connect('destroy', self.quit) |
---|
50 | self.connect('show', self.shown) |
---|
51 | self.connect('configure-event', self.changed) |
---|
52 | self.pos = (0,0) |
---|
53 | self.size = (500, 500) |
---|
54 | self.pages = [ ] |
---|
55 | self.translated = [ ] |
---|
56 | |
---|
57 | self.read_config() |
---|
58 | |
---|
59 | nb = gtk.Notebook() |
---|
60 | p = principal_issued_tree(policy) |
---|
61 | nb.append_page(self.wrapit(p), gtk.Label("Credentials Issued")) |
---|
62 | self.pages.append(p) |
---|
63 | |
---|
64 | p = principal_assigned_tree(policy) |
---|
65 | nb.append_page(self.wrapit(p), gtk.Label("Attributes Assigned")) |
---|
66 | self.pages.append(p) |
---|
67 | |
---|
68 | p = principal_attribute_tree(policy) |
---|
69 | nb.append_page(self.wrapit(p), gtk.Label("All Attributes")) |
---|
70 | self.pages.append(p) |
---|
71 | self.translated.append(p) |
---|
72 | |
---|
73 | ui = gtk.UIManager() |
---|
74 | ag = gtk.ActionGroup('action') |
---|
75 | ag.add_actions(( |
---|
76 | ('FileMenu', None, 'File'), |
---|
77 | ('FileQuit', gtk.STOCK_QUIT, None, None, None, self.quit), |
---|
78 | ('EditMenu', None, 'Edit'), |
---|
79 | ('EditAddCred', None, "Add Credential", None, None, self.add_cred), |
---|
80 | ('ViewMenu', None, 'View'), |
---|
81 | ('Translation', None, 'Translate Credentials'), |
---|
82 | )) |
---|
83 | ag.add_radio_actions([ |
---|
84 | ('ViewSet', None, 'Set based descriptions', None, None, 0), |
---|
85 | ('ViewRole', None, 'Role based descriptions', None, None, 1), |
---|
86 | ('ViewName', None, 'ABAC with symbolic names', None, None, 2), |
---|
87 | ('ViewRaw', None, 'Raw ABAC', None, None, 3),], |
---|
88 | 2, self.translation_change) |
---|
89 | |
---|
90 | ui.insert_action_group(ag, -1) |
---|
91 | ui.add_ui_from_string(window.ui_def) |
---|
92 | |
---|
93 | mb = ui.get_widget('ui/menubar') |
---|
94 | vb = gtk.VBox() |
---|
95 | vb.pack_start(mb, False, False, 0) |
---|
96 | vb.pack_start(nb, True, True, 0) |
---|
97 | |
---|
98 | self.add(vb) |
---|
99 | self.show_all() |
---|
100 | |
---|
101 | def quit(self, widget=None, data=None): |
---|
102 | self.save_config() |
---|
103 | gtk.main_quit() |
---|
104 | |
---|
105 | def add_cred(self, widget=None, data=None): |
---|
106 | |
---|
107 | def report_error(message): |
---|
108 | md = gtk.MessageDialog(self, gtk.DIALOG_MODAL, |
---|
109 | gtk.MESSAGE_ERROR, gtk.BUTTONS_CLOSE, |
---|
110 | message) |
---|
111 | md.run() |
---|
112 | md.destroy() |
---|
113 | |
---|
114 | d = add_credential_dialog(self, self.policy) |
---|
115 | rv = d.run() |
---|
116 | d.hide() |
---|
117 | if rv == gtk.RESPONSE_OK: |
---|
118 | iname = d.issuer.get_active_text() |
---|
119 | issuer = self.policy.issuers[self.policy.name_to_keyid(iname)] |
---|
120 | role = re.sub('\.', '_', d.role.get_text()) |
---|
121 | cred = None |
---|
122 | try: |
---|
123 | cred = Creddy.Attribute(issuer, role, 5 * 365 * 3600 * 24) |
---|
124 | except RuntimeError, e: |
---|
125 | print e |
---|
126 | pass |
---|
127 | |
---|
128 | if cred is None: |
---|
129 | report_error("Missing or invalid role") |
---|
130 | d.destroy() |
---|
131 | return |
---|
132 | |
---|
133 | mode = d.mechanism.get_active_text() |
---|
134 | p = d.subject_principal.get_text() |
---|
135 | p = self.policy.name_to_keyid(p) |
---|
136 | if p is None: |
---|
137 | report_error("Missing or invalid subject principal") |
---|
138 | d.destroy() |
---|
139 | return |
---|
140 | if mode == 'Direct delegation' or mode == 'Delegation to role': |
---|
141 | r = d.subject_role.get_text() |
---|
142 | if r is None or r == '': |
---|
143 | report_error("Missing or invalid subject role") |
---|
144 | d.destroy() |
---|
145 | return |
---|
146 | if mode == 'Delegation to role': |
---|
147 | l = d.subject_link.get_text() |
---|
148 | if l is None or l == '': |
---|
149 | report_error("Missing or invalid subject linking role") |
---|
150 | d.destroy() |
---|
151 | return |
---|
152 | |
---|
153 | if mode == 'Direct assignment': cred.principal(p) |
---|
154 | elif mode == 'Direct delegation': cred.role(p, r) |
---|
155 | else: cred.linking_role(p, l, r) |
---|
156 | |
---|
157 | try: |
---|
158 | cred.bake() |
---|
159 | except: |
---|
160 | report_error("Could not create credential?!") |
---|
161 | d.destroy() |
---|
162 | return |
---|
163 | self.policy.add_credential(cred) |
---|
164 | for p in self.pages: |
---|
165 | p.recalc() |
---|
166 | d.destroy() |
---|
167 | |
---|
168 | |
---|
169 | |
---|
170 | |
---|
171 | def shown(self, w): |
---|
172 | self.move(*self.pos) |
---|
173 | self.resize(*self.size) |
---|
174 | |
---|
175 | def changed(self, w, e): |
---|
176 | self.pos = self.get_position() |
---|
177 | self.size = self.get_size() |
---|
178 | |
---|
179 | def translation_change(self, ra, c, user=None): |
---|
180 | cv = c.get_current_value() |
---|
181 | if cv == 0: self.policy.translate = 'sets' |
---|
182 | elif cv == 1: self.policy.translate = 'roles' |
---|
183 | elif cv == 2: self.policy.translate = 'keyids' |
---|
184 | elif cv == 3: self.policy.translate = 'none' |
---|
185 | else: print >>sys.stderr, 'Unknown translation type!?' |
---|
186 | |
---|
187 | for p in self.translated: |
---|
188 | p.recalc() |
---|
189 | |
---|
190 | def get_intpair(self, sect, opt): |
---|
191 | if not self.cfg.has_section(sect): |
---|
192 | self.cfg.add_section(sect) |
---|
193 | |
---|
194 | if self.cfg.has_option(sect, opt): |
---|
195 | try: |
---|
196 | return [int(x) for x in self.cfg.get(sect, opt).split(',', 1)] |
---|
197 | except ValueError: |
---|
198 | return None |
---|
199 | else: |
---|
200 | return None |
---|
201 | |
---|
202 | def read_config(self): |
---|
203 | self.cfg = ConfigParser.SafeConfigParser() |
---|
204 | self.cfg.read(window.cfg_path) |
---|
205 | |
---|
206 | self.pos = self.get_intpair('geom', 'pos') or ( 0, 0) |
---|
207 | self.size = self.get_intpair('geom', 'size') or ( 500, 500) |
---|
208 | |
---|
209 | |
---|
210 | def save_config(self): |
---|
211 | self.cfg.set('geom', 'pos', '%d,%d' % self.pos) |
---|
212 | self.cfg.set('geom', 'size', '%d,%d' % self.size) |
---|
213 | try: |
---|
214 | f = open(window.cfg_path, 'w') |
---|
215 | self.cfg.write(f) |
---|
216 | f.close() |
---|
217 | except EnvironmentError, e: |
---|
218 | pass |
---|