# Copyright 2014-2015, Tresys Technology, LLC # # This file is part of SETools. # # SETools is free software: you can redistribute it and/or modify # it under the terms of the GNU Lesser General Public License as # published by the Free Software Foundation, either version 2.1 of # the License, or (at your option) any later version. # # SETools is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with SETools. If not, see # <http://www.gnu.org/licenses/>. # from . import exception from . import symbol from . import qpol def common_factory(policy, name): """Factory function for creating common permission set objects.""" if isinstance(name, Common): assert name.policy == policy return name elif isinstance(name, qpol.qpol_common_t): return Common(policy, name) try: return Common(policy, qpol.qpol_common_t(policy, str(name))) except ValueError: raise exception.InvalidCommon("{0} is not a valid common".format(name)) def class_factory(policy, name): """Factory function for creating object class objects.""" if isinstance(name, ObjClass): assert name.policy == policy return name elif isinstance(name, qpol.qpol_class_t): return ObjClass(policy, name) try: return ObjClass(policy, qpol.qpol_class_t(policy, str(name))) except ValueError: raise exception.InvalidClass("{0} is not a valid object class".format(name)) class Common(symbol.PolicySymbol): """A common permission set.""" def __contains__(self, other): return other in self.perms @property def perms(self): """The list of the common's permissions.""" return set(self.qpol_symbol.perm_iter(self.policy)) def statement(self): return "common {0}\n{{\n\t{1}\n}}".format(self, '\n\t'.join(self.perms)) class ObjClass(Common): """An object class.""" def __contains__(self, other): try: if other in self.common.perms: return True except exception.NoCommon: pass return other in self.perms @property def common(self): """ The common that the object class inherits. Exceptions: NoCommon The object class does not inherit a common. """ try: return common_factory(self.policy, self.qpol_symbol.common(self.policy)) except ValueError: raise exception.NoCommon("{0} does not inherit a common.".format(self)) def statement(self): stmt = "class {0}\n".format(self) try: stmt += "inherits {0}\n".format(self.common) except exception.NoCommon: pass # a class that inherits may not have additional permissions perms = self.perms if len(perms) > 0: stmt += "{{\n\t{0}\n}}".format('\n\t'.join(perms)) return stmt