Home | History | Annotate | Download | only in policyrep 
      1 # Copyright 2014, Tresys Technology, LLC
      2 #
      3 # This file is part of SETools.
      4 #
      5 # SETools is free software: you can redistribute it and/or modify
      6 # it under the terms of the GNU Lesser General Public License as
      7 # published by the Free Software Foundation, either version 2.1 of
      8 # the License, or (at your option) any later version.
      9 #
     10 # SETools is distributed in the hope that it will be useful,
     11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
     12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     13 # GNU Lesser General Public License for more details.
     14 #
     15 # You should have received a copy of the GNU Lesser General Public
     16 # License along with SETools.  If not, see
     17 # <http://www.gnu.org/licenses/>.
     18 #
     19 from . import exception
     20 from . import qpol
     21 from . import rule
     22 from . import typeattr
     23 from . import mls
     24 
     25 
     26 def mls_rule_factory(policy, symbol):
     27     """Factory function for creating MLS rule objects."""
     28     if not isinstance(symbol, qpol.qpol_range_trans_t):
     29         raise TypeError("MLS rules cannot be looked-up.")
     30 
     31     return MLSRule(policy, symbol)
     32 
     33 
     34 def validate_ruletype(types):
     35     """Validate MLS rule types."""
     36     for t in types:
     37         if t not in ["range_transition"]:
     38             raise exception.InvalidMLSRuleType("{0} is not a valid MLS rule type.".format(t))
     39 
     40 
     41 class MLSRule(rule.PolicyRule):
     42 
     43     """An MLS rule."""
     44 
     45     def __str__(self):
     46         # TODO: If we ever get more MLS rules, fix this format.
     47         return "range_transition {0.source} {0.target}:{0.tclass} {0.default};".format(self)
     48 
     49     @property
     50     def source(self):
     51         """The rule's source type/attribute."""
     52         return typeattr.type_or_attr_factory(self.policy, self.qpol_symbol.source_type(self.policy))
     53 
     54     @property
     55     def target(self):
     56         """The rule's target type/attribute."""
     57         return typeattr.type_or_attr_factory(self.policy, self.qpol_symbol.target_type(self.policy))
     58 
     59     @property
     60     def default(self):
     61         """The rule's default range."""
     62         return mls.range_factory(self.policy, self.qpol_symbol.range(self.policy))
     63