Changeset 6750
- Timestamp:
- 18/03/10 13:57:03 (11 years ago)
- Location:
- TI12-security/trunk/NDG_XACML/ndg/xacml
- Files:
-
- 1 added
- 13 edited
Legend:
- Unmodified
- Added
- Removed
-
TI12-security/trunk/NDG_XACML/ndg/xacml/core/attributedesignator.py
r6747 r6750 8 8 9 9 class AttributeDesignator(Expression): 10 '''XACML Attribute Designator type 10 11 ''' 11 classdocs 12 ''' 12 ATTRIBUTE_ID_ATTRIB_NAME = 'AttributeId' 13 ISSUER_ATTRIB_NAME = 'Issuer' 14 MUST_BE_PRESENT_ATTRIB_NAME = 'MustBePresent' 15 16 __slots__ = ('__attributeId', '__issuer', '__mustBePresent') 17 18 def __init__(self): 19 super(AttributeDesignator, self).__init__() 20 self.__attributeId = None 21 self.__issuer = None 22 self.__mustBePresent = False 13 23 24 @property 25 def attributeId(self): 26 """Get Attribute Id""" 27 return self.__attributeId 14 28 15 def __init__(self): 16 ''' 17 Constructor 18 ''' 29 @attributeId.setter 30 def attributeId(self, value): 31 """Set Attribute Id""" 32 if not isinstance(value, basestring): 33 raise TypeError('Expecting %r type for "attributeId" ' 34 'attribute; got %r' % (basestring, type(value))) 35 36 self.__attributeId = value 37 38 @property 39 def issuer(self): 40 """Get Issuer""" 41 return self.__issuer 42 43 @issuer.setter 44 def issuer(self, value): 45 """Set Issuer""" 46 if not isinstance(value, basestring): 47 raise TypeError('Expecting %r type for "issuer" ' 48 'attribute; got %r' % (basestring, type(value))) 49 50 self.__issuer = value 51 52 @property 53 def mustBePresent(self): 54 """Get Must Be Present flag""" 55 return self.__mustBePresent 56 57 @mustBePresent.setter 58 def mustBePresent(self, value): 59 """Set Must Be Present flag""" 60 if not isinstance(value, bool): 61 raise TypeError('Expecting %r type for "mustBePresent" ' 62 'attribute; got %r' % (bool, type(value))) 63 64 self.__mustBePresent = value 65 66 67 class SubjectAttributeDesignator(AttributeDesignator): 68 """XACML Subject Attribute Designator type""" 69 ELEMENT_LOCAL_NAME = 'SubjectAttributeDesignator' -
TI12-security/trunk/NDG_XACML/ndg/xacml/core/expression.py
r6747 r6750 11 11 ELEMENT_LOCAL_NAME = None 12 12 DATA_TYPE_ATTRIB_NAME = 'DataType' 13 ATTRIB_NAMES = (DATA_TYPE_ATTRIB_NAME,)14 13 15 14 __slots__ = ('__dataType', ) … … 30 29 dataType = property(_get_dataType, _set_dataType, None, 31 30 "expression value data type") 32 33 31 -
TI12-security/trunk/NDG_XACML/ndg/xacml/core/match.py
r6747 r6750 13 13 from ndg.xacml.core.attributedesignator import AttributeDesignator 14 14 from ndg.xacml.core.attributeselector import AttributeSelector 15 from ndg.xacml.core.attribute import AttributeValue15 from ndg.xacml.core.attributevalue import AttributeValue 16 16 17 17 -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/attributedesignatorreader.py
r6747 r6750 10 10 __contact__ = "Philip.Kershaw@stfc.ac.uk" 11 11 __revision__ = "$Id: $" 12 from ndg.xacml.core.attributedesignator import AttributeDesignator 12 from ndg.xacml.utils import str2Bool 13 from ndg.xacml.core.attributedesignator import SubjectAttributeDesignator 13 14 from ndg.xacml.parsers import XMLParseError 14 15 from ndg.xacml.parsers.etree import QName 15 from ndg.xacml.parsers.etree. reader import ETreeAbstractReader16 from ndg.xacml.parsers.etree.expressionreader import ExpressionReader 16 17 17 18 18 class AttributeDesignatorReader (ETreeAbstractReader):19 '''ElementTree based XACML Attribute Designator type parser19 class AttributeDesignatorReaderBase(ExpressionReader): 20 '''ElementTree based XACML Attribute Designator base class type parser 20 21 ''' 21 22 def __call__(self, obj): 22 def _parseExtension(self, elem, attributeDesignator): 23 23 """Parse AttributeDesignator object""" 24 elem = super(AttributeDesignatorReader, self)._parse(obj)24 cls = self.__class__.TYPE 25 25 26 cls = AttributeDesignator 27 attributeDesignator = cls() 28 29 localName = QName.getLocalPart(elem.tag) 30 if localName != cls.ELEMENT_LOCAL_NAME: 31 raise XMLParseError("No \"%s\" element found" % 32 cls.ELEMENT_LOCAL_NAME) 33 34 dataType = elem.attrib.get(cls.DATA_TYPE_ATTRIB_NAME) 35 if dataType is None: 36 raise XMLParseError('No "%s" attribute found in "%s" element' % 37 (cls.DATA_TYPE_ATTRIB_NAME, 38 cls.ELEMENT_LOCAL_NAME)) 26 # Unpack additional *required* attributes from top-level element 27 attributeValues = [] 28 for attributeName in (cls.ATTRIBUTE_ID_ATTRIB_NAME,): 29 attributeValue = elem.attrib.get(attributeName) 30 if attributeValue is None: 31 raise XMLParseError('No "%s" attribute found in "%s" element' % 32 (attributeName, cls.ELEMENT_LOCAL_NAME)) 39 33 40 attributeDesignator.dataType = dataType 41 34 attributeValues.append(attributeValue) 35 36 attributeDesignator.attributeId, = attributeValues 37 38 # Optional attributes 39 issuer = elem.attrib.get(cls.DATA_TYPE_ATTRIB_NAME) 40 if issuer is not None: 41 attributeDesignator.issuer = issuer 42 43 mustBePresent = elem.attrib.get(cls.DATA_TYPE_ATTRIB_NAME) 44 if mustBePresent is not None: 45 attributeDesignator.mustBePresent = str2Bool(mustBePresent) 46 42 47 return attributeDesignator 43 48 44 49 50 class SubjectAttributeDesignatorReader(AttributeDesignatorReaderBase): 51 '''ElementTree based XACML Subject Attribute Designator type parser 52 ''' 53 TYPE = SubjectAttributeDesignator -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/attributevaluereader.py
r6748 r6750 10 10 __contact__ = "Philip.Kershaw@stfc.ac.uk" 11 11 __revision__ = "$Id: $" 12 from abc import abstractmethod 13 14 from ndg.xacml.core.attribute import Expression, AttributeValue 12 from ndg.xacml.core.attributevalue import Expression, AttributeValue 15 13 from ndg.xacml.parsers import XMLParseError 16 from ndg.xacml.parsers.etree import QName 17 from ndg.xacml.parsers.etree.reader import ETreeAbstractReader 18 19 20 class ExpressionReader(ETreeAbstractReader): 21 '''ElementTree based XACML Expression type parser 22 ''' 23 TYPE = Expression 24 25 def __call__(self, obj): 26 """Parse AttributeValue object""" 27 elem = super(ExpressionReader, self)._parse(obj) 28 29 cls = self.__class__.TYPE 30 expression = cls() 31 32 localName = QName.getLocalPart(elem.tag) 33 if localName != cls.ELEMENT_LOCAL_NAME: 34 raise XMLParseError("No \"%s\" element found" % 35 cls.ELEMENT_LOCAL_NAME) 36 37 dataType = elem.attrib.get(cls.DATA_TYPE_ATTRIB_NAME) 38 if dataType is None: 39 raise XMLParseError('No "%s" attribute found in "%s" element' % 40 (cls.DATA_TYPE_ATTRIB_NAME, 41 cls.ELEMENT_LOCAL_NAME)) 42 43 expression.dataType = dataType 44 45 self._parseExtension(elem, expression) 46 47 return expression 48 49 @abstractmethod 50 def _parseExtension(self, elem, expression): 51 """Derived classes should implement this method to read any remaining 52 attributes and elements specific to their type""" 53 raise NotImplementedError() 54 55 # Set up new class as an abstract base itself 56 ETreeAbstractReader.register(ExpressionReader) 14 from ndg.xacml.parsers.etree.expressionreader import ExpressionReader 57 15 58 16 59 17 class AttributeValueReader(ExpressionReader): 60 '''ElementTree based XACML AttributeValuetype parser18 '''ElementTree based XACML Expression type parser 61 19 ''' 62 20 TYPE = AttributeValue -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/expressionreader.py
r6748 r6750 1 ''' 2 Created on 18 Mar 2010 1 """NDG XACML ElementTree based reader for Expression type 3 2 4 @author: pjkersha 5 ''' 3 NERC DataGrid Project 4 """ 5 __author__ = "P J Kershaw" 6 __date__ = "18/03/10" 7 __copyright__ = "(C) 2010 Science and Technology Facilities Council" 8 __contact__ = "Philip.Kershaw@stfc.ac.uk" 9 __license__ = "BSD - see LICENSE file in top-level directory" 10 __contact__ = "Philip.Kershaw@stfc.ac.uk" 11 __revision__ = "$Id: $" 12 from abc import abstractmethod 13 14 from ndg.xacml.core.expression import Expression 15 from ndg.xacml.parsers import XMLParseError 16 from ndg.xacml.parsers.etree import QName 17 from ndg.xacml.parsers.etree.reader import ETreeAbstractReader 18 19 20 class ExpressionReader(ETreeAbstractReader): 21 '''ElementTree based XACML Expression type parser 22 ''' 23 TYPE = Expression 24 25 def __call__(self, obj): 26 """Parse AttributeValue object""" 27 elem = super(ExpressionReader, self)._parse(obj) 28 29 cls = self.__class__.TYPE 30 expression = cls() 31 32 localName = QName.getLocalPart(elem.tag) 33 if localName != cls.ELEMENT_LOCAL_NAME: 34 raise XMLParseError("No \"%s\" element found" % 35 cls.ELEMENT_LOCAL_NAME) 36 37 # Unpack *required* attributes from top-level element 38 attributeValues = [] 39 for attributeName in (cls.DATA_TYPE_ATTRIB_NAME,): 40 attributeValue = elem.attrib.get(attributeName) 41 if attributeValue is None: 42 raise XMLParseError('No "%s" attribute found in "%s" element' % 43 (attributeName, cls.ELEMENT_LOCAL_NAME)) 44 45 attributeValues.append(attributeValue) 46 47 expression.dataType, = attributeValues 48 49 self._parseExtension(elem, expression) 50 51 return expression 52 53 @abstractmethod 54 def _parseExtension(self, elem, expression): 55 """Derived classes should implement this method to read any remaining 56 attributes and elements specific to their type""" 57 raise NotImplementedError() 58 59 # Set up new class as an abstract base itself 60 ETreeAbstractReader.register(ExpressionReader) -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/matchreader.py
r6747 r6750 12 12 __revision__ = "$Id: $" 13 13 from ndg.xacml.core.match import SubjectMatch 14 from ndg.xacml.core.attributedesignator import AttributeDesignator15 14 from ndg.xacml.core.attributeselector import AttributeSelector 16 15 from ndg.xacml.parsers import XMLParseError 17 16 from ndg.xacml.parsers.etree import QName 18 17 from ndg.xacml.parsers.etree.reader import ETreeAbstractReader 19 from ndg.xacml.parsers.etree.attributereader import AttributeValueReader 18 from ndg.xacml.parsers.etree.attributevaluereader import AttributeValueReader 19 from ndg.xacml.parsers.etree.attributedesignatorreader import ( 20 SubjectAttributeDesignatorReader) 21 from ndg.xacml.parsers.etree.attributeselectorreader import \ 22 AttributeSelectorReader 20 23 21 24 … … 24 27 action and environment match types 25 28 ''' 26 MATCH_TYPE = None29 ATTRIBUTE_DESIGNATOR_READER_TYPE = None 27 30 28 31 def __init__(self): 29 if None in (self.__class__.MATCH_TYPE,): 30 raise NotImplementedError('Extend this class setting the "' 31 '"MATCH_TYPE" class variable') 32 if self.__class__.ATTRIBUTE_DESIGNATOR_READER_TYPE is None: 33 raise NotImplementedError('Extend this class setting the ' 34 '"ATTRIBUTE_DESIGNATOR_READER_TYPE" ' 35 'class variable') 32 36 33 37 super(MatchReaderBase, self).__init__() … … 37 41 elem = super(MatchReaderBase, self)._parse(obj) 38 42 39 match = self.__class__.MATCH_TYPE()40 cls = self.__class__.MATCH_TYPE43 cls = self.__class__.TYPE 44 match = cls() 41 45 42 46 localName = QName.getLocalPart(elem.tag) … … 57 61 58 62 match.matchId, = attributeValues 59 63 64 # Assign specific attribute designator type from derived class 65 attributeDesignatorReaderType = \ 66 self.__class__.ATTRIBUTE_DESIGNATOR_READER_TYPE 67 attributeDesignatorType = attributeDesignatorReaderType.TYPE 68 60 69 # Parse match elements 61 70 for childElem in elem: … … 65 74 match.attributeValue = AttributeValueReader.parse(childElem) 66 75 67 elif localName == cls.ATTRIBUTE_DESIGNATOR_ELEMENT_LOCAL_NAME:76 elif localName == attributeDesignatorType.ELEMENT_LOCAL_NAME: 68 77 if match.attributeSelector is not None: 69 78 raise XMLParseError("XACML %r child element may only be " 70 79 "either a %r or %r element NOT both" % 71 80 (cls.ELEMENT_LOCAL_NAME, 72 cls.ATTRIBUTE_DESIGNATOR_ELEMENT_LOCAL_NAME,81 attributeDesignatorType.ELEMENT_LOCAL_NAME, 73 82 AttributeSelector.ELEMENT_LOCAL_NAME)) 74 83 75 match.attributeDesignator = AttributeDesignatorReader.parse(84 match.attributeDesignator = attributeDesignatorReaderType.parse( 76 85 childElem) 77 86 … … 81 90 "either a %r or %r element NOT both" % 82 91 (cls.ELEMENT_LOCAL_NAME, 83 cls.ATTRIBUTE_DESIGNATOR_ELEMENT_LOCAL_NAME,92 attributeDesignatorType.ELEMENT_LOCAL_NAME, 84 93 AttributeSelector.ELEMENT_LOCAL_NAME)) 85 94 … … 96 105 97 106 class SubjectMatchReader(MatchReaderBase): 98 MATCH_TYPE = SubjectMatch 107 """ElementTree based parser for XACML SubjectMatch""" 108 TYPE = SubjectMatch 109 ATTRIBUTE_DESIGNATOR_READER_TYPE = SubjectAttributeDesignatorReader -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/policyreader.py
r6746 r6750 23 23 class PolicyReader(ETreeAbstractReader): 24 24 """Parse a Policy Document using ElementTree 25 """ 25 @cvar TYPE: XACML type to instantiate from parsed object 26 @type string: type""" 27 TYPE = Policy 28 26 29 def __call__(self, obj): 27 30 """Parse policy object""" 28 31 elem = super(PolicyReader, self)._parse(obj) 29 32 30 policy = Policy() 31 cls = Policy 33 # XACML type to instantiate 34 cls = PolicyReader.TYPE 35 policy = cls() 32 36 33 37 localName = QName.getLocalPart(elem.tag) -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/reader.py
r6746 r6750 24 24 25 25 class ETreeAbstractReader(AbstractReader): 26 """Base class for ElementTree implementation of XACML reader""" 27 26 """Base class for ElementTree implementation of XACML reader 27 28 @cvar TYPE: XACML type to instantiate from parsed object 29 @type string: type""" 30 TYPE = None 31 28 32 def __init__(self): 33 if self.__class__.TYPE is None: 34 raise NotImplementedError('No "TYPE" class variable set to specify ' 35 'the XACML type to instantiate') 36 29 37 self.__namespace_map_backup = ElementTree._namespace_map.copy() 30 38 ElementTree._namespace_map[''] = PolicyComponent.XACML_2_0_XMLNS … … 53 61 AbstractReader.register(ETreeAbstractReader) 54 62 55 56 class VariableDefinitionReader(object):57 def __call__(self, obj):58 pass -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/rulereader.py
r6747 r6750 22 22 class RuleReader(ETreeAbstractReader): 23 23 '''ElementTree based XACML Rule parser 24 25 @cvar TYPE: XACML type to instantiate from parsed object 26 @type string: type 24 27 ''' 28 TYPE = Rule 29 25 30 def __call__(self, obj): 26 31 """Parse rule object""" 27 32 elem = super(RuleReader, self)._parse(obj) 28 33 29 rule = Rule()30 cls = Rule34 cls = RuleReader.TYPE 35 rule = cls() 31 36 32 37 localName = QName.getLocalPart(elem.tag) -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/subjectreader.py
r6747 r6750 19 19 class SubjectReader(ETreeAbstractReader): 20 20 '''ElementTree based XACML Rule parser 21 @cvar TYPE: XACML type to instantiate from parsed object 22 @type string: type 21 23 ''' 24 TYPE = Subject 25 22 26 def __call__(self, obj): 23 27 """Parse subject object""" 24 28 elem = super(SubjectReader, self)._parse(obj) 25 29 26 subject = Subject()27 cls = Subject30 cls = SubjectReader.TYPE 31 subject = cls() 28 32 29 33 localName = QName.getLocalPart(elem.tag) -
TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/targetreader.py
r6747 r6750 21 21 22 22 class TargetReader(ETreeAbstractReader): 23 """ElementTree based parser for XACML Target elements""" 23 """ElementTree based parser for XACML Target elements 24 25 @cvar TYPE: XACML type to instantiate from parsed object 26 @type string: type""" 27 TYPE = Target 24 28 25 29 def __call__(self, obj): 26 30 elem = super(TargetReader, self)._parse(obj) 27 31 28 target = Target()29 cls = Target32 cls = TargetReader.TYPE 33 target = cls() 30 34 31 35 localName = QName.getLocalPart(elem.tag) -
TI12-security/trunk/NDG_XACML/ndg/xacml/test/test_xacml.py
r6744 r6750 21 21 XACML_FILEPATH = path.join(THIS_DIR, XACML_FILENAME) 22 22 23 def test01ETreeParse Policy(self):23 def test01ETreeParseRule1Policy(self): 24 24 policy = PolicyReader.parse(XACMLTestCase.XACML_FILEPATH) 25 25 self.assert_(policy) 26 27 self.assert_( 28 policy.policyId == "urn:oasis:names:tc:example:SimplePolicy1") 29 30 self.assert_(policy.ruleCombiningAlgId == \ 31 "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides") 32 33 self.assert_( 34 "Med Example Corp access control policy" in policy.description) 35 36 self.assert_(len(policy.target.subjects) == 0) 37 38 self.assert_(policy.rules[0].id == \ 39 "urn:oasis:names:tc:xacml:2.0:example:SimpleRule1") 40 41 self.assert_(policy.rules[0].effect == 'Permit') 42 43 self.assert_( 44 'Any subject with an e-mail name in the med.example.com domain' in \ 45 policy.rules[0].description) 46 47 self.assert_(len(policy.rules[0].subjects) == 1) 48 self.assert_(len(policy.rules[0].actions) == 0) 49 self.assert_(len(policy.rules[0].resources) == 0) 50 self.assert_(len(policy.rules[0].environments) == 0) 51 52 self.assert_(len(policy.rules[0].subjects[0].subjectMatches) == 1) 53 54 self.assert_(policy.rules[0].subjects[0].subjectMatches[0].id == \ 55 "urn:oasis:names:tc:xacml:1.0:function:rfc822Name-match") 56 57 self.assert_(policy.rules[0].subjects[0].subjectMatches[0 58 ].attributeValue.dataType == \ 59 "urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name") 60 61 self.assert_(policy.rules[0].subjects[0].subjectMatches[0 62 ].attributeDesignator.dataType == \ 63 "urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name") 64 65 # Attribute ID 66 self.assert_(policy.rules[0].subjects[0].subjectMatches[0 67 ].attributeDesignator.attributeId == \ 68 "urn:oasis:names:tc:xacml:1.0:subject:subject-id") 69 26 70 27 71
Note: See TracChangeset
for help on using the changeset viewer.