entrouvert
/
veridic
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

[abac] AssertionData

This commit is contained in:
Mikaël Ates 2011-09-05 12:14:32 +02:00
parent d072eeb192
commit 1dbc34accf
1 changed files with 27 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
acs/abac/models.py
View File

@ -155,10 +155,6 @@ class IpAddressM(models.Model):
return str(self.value)
class UserAttributeProfile(models.Model):
user = models.ForeignKey(User, null=True, blank=True)
class Certificate(models.Model):
raw_data = models.TextField()
@ -203,10 +199,11 @@ class AssertionData(AssertionAny):
No source when used in a rule for a comparison for instance.
A unique source when used in a profile for instance.
'''
profile = models.ForeignKey(UserAttributeProfile, null=True, blank=True)
attribute_data = models.ForeignKey(AttributeData)
source = models.ForeignKey(Source, null=True, blank=True)
certificate = models.ForeignKey(Certificate, null=True, blank=True)
creation_date = models.DateTimeField(auto_now_add=True)
expiration_date = models.DateTimeField(null=True, blank=True)
def get_values(self):
values = None
@ -233,18 +230,40 @@ class AssertionData(AssertionAny):
def __unicode__(self):
values = self.get_values()
s = "attribute %s with values %s" \
s = "Attribute %s with values %s" \
% (str(self.attribute_data.definition),
[str(x) for x in values])
if self.source:
s += ' (provided by %s)' % str(self.source)
if self.certificate:
s += ' (signed with %s)' % str(self.certificate)
if self.profile:
s += ' (added to profile %s)' % str(self.profile)
if self.expiration_date:
s += ' (expires on %s)' % str(self.expiration_date)
return s
class UserAttributeProfile(models.Model):
user = models.OneToOneField(User, null=True, blank=True,
related_name='profile')
assertions = models.ManyToManyField(AssertionData,
verbose_name=_('data_assertions'), blank=True)
def __unicode__(self):
if not self.user:
s = 'Anonymous profile'
else:
s = 'Profile of user %s' % self.user
if not self.assertions:
return s + ' is empty.'
else:
for ad in self.assertions.all():
attribute_data = ad.attribute_data
s += " - assertion from %s with definition %s and values %s" \
% (ad.source, attribute_data.definition.id,
str([str(x.value) for x in ad.get_values()]))
return s
'''
An ABAC rule is a string containing logical statements (and, or, not) and
the identifiers of predicates.
@ -308,27 +327,6 @@ class PredicateRole(Predicate):
return "Predicate role on %s" % str(self.role)
#MULTIVALUES_OPTION = (
# ('NO_MULTIVALUES', _('Only accept single valued attributes')),
# ('EQUAL_ONE_VALUE', _('At least one value matches')),
# ('EQUAL_OP1_SUBSET_OP2',
# _('The values of operand 1 are a subset of values of operand 2')),
# ('EQUAL_EXACT_MATCH', _('Equal subsets')),
# ('DIFF_ALL_OP1_WITH_BOTTOM_LIMIT_OP2',
# _('All values of operand 1 satisfy the condition with the smallest \
# value of operand 2')),
# ('DIFF_ALL_OP1_WITH_UPPER_LIMIT_OP2',
# _('All values of operand 1 satisfy the condition with the highest \
# value of operand 2')),
# ('DIFF_ONE_OP1_WITH_BOTTOM_LIMIT_OP2',
# _('At least one value of operand 1 satisfy the condition with the \
# smallest value of operand 2')),
# ('DIFF_ONE_OP1_WITH_BOTTOM_LIMIT_OP2',
# _('At least one value of operand 1 satisfy the condition with the \
# highest value of operand 2')),
#)
class PredicateComparison(Predicate):
operand1 = models.ForeignKey(AssertionAny, related_name = 'operand1')
operand2 = models.ForeignKey(AssertionAny, related_name = 'operand2')
@ -339,7 +337,6 @@ class PredicateComparison(Predicate):
verbose_name = 'type of comparison',
default = ACS_XACML_COMPARISON_EQUALITY_STRING)
multivalues = models.CharField(max_length = 100,
# choices = MULTIVALUES_OPTION,
verbose_name = 'How to handle multivalued attributes',
default = 'NO_MULTIVALUES')
multivalues_explanation = models.CharField(max_length = 500, blank=True)