1 # Copyright 2014-2015, Tresys Technology, LLC 2 # 3 # This file is part of SETools. 4 # 5 # SETools is free software: you can redistribute it and/or modify 6 # it under the terms of the GNU Lesser General Public License as 7 # published by the Free Software Foundation, either version 2.1 of 8 # the License, or (at your option) any later version. 9 # 10 # SETools is distributed in the hope that it will be useful, 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 # GNU Lesser General Public License for more details. 14 # 15 # You should have received a copy of the GNU Lesser General Public 16 # License along with SETools. If not, see 17 # <http://www.gnu.org/licenses/>. 18 # 19 from . import exception 20 from . import symbol 21 from . import qpol 22 23 24 def common_factory(policy, name): 25 """Factory function for creating common permission set objects.""" 26 27 if isinstance(name, Common): 28 assert name.policy == policy 29 return name 30 elif isinstance(name, qpol.qpol_common_t): 31 return Common(policy, name) 32 33 try: 34 return Common(policy, qpol.qpol_common_t(policy, str(name))) 35 except ValueError: 36 raise exception.InvalidCommon("{0} is not a valid common".format(name)) 37 38 39 def class_factory(policy, name): 40 """Factory function for creating object class objects.""" 41 42 if isinstance(name, ObjClass): 43 assert name.policy == policy 44 return name 45 elif isinstance(name, qpol.qpol_class_t): 46 return ObjClass(policy, name) 47 48 try: 49 return ObjClass(policy, qpol.qpol_class_t(policy, str(name))) 50 except ValueError: 51 raise exception.InvalidClass("{0} is not a valid object class".format(name)) 52 53 54 class Common(symbol.PolicySymbol): 55 56 """A common permission set.""" 57 58 def __contains__(self, other): 59 return other in self.perms 60 61 @property 62 def perms(self): 63 """The list of the common's permissions.""" 64 return set(self.qpol_symbol.perm_iter(self.policy)) 65 66 def statement(self): 67 return "common {0}\n{{\n\t{1}\n}}".format(self, '\n\t'.join(self.perms)) 68 69 70 class ObjClass(Common): 71 72 """An object class.""" 73 74 def __contains__(self, other): 75 try: 76 if other in self.common.perms: 77 return True 78 except exception.NoCommon: 79 pass 80 81 return other in self.perms 82 83 @property 84 def common(self): 85 """ 86 The common that the object class inherits. 87 88 Exceptions: 89 NoCommon The object class does not inherit a common. 90 """ 91 92 try: 93 return common_factory(self.policy, self.qpol_symbol.common(self.policy)) 94 except ValueError: 95 raise exception.NoCommon("{0} does not inherit a common.".format(self)) 96 97 def statement(self): 98 stmt = "class {0}\n".format(self) 99 100 try: 101 stmt += "inherits {0}\n".format(self.common) 102 except exception.NoCommon: 103 pass 104 105 # a class that inherits may not have additional permissions 106 perms = self.perms 107 if len(perms) > 0: 108 stmt += "{{\n\t{0}\n}}".format('\n\t'.join(perms)) 109 110 return stmt 111
