Commit 03df0e3b authored by Jonathan Shahen's avatar Jonathan Shahen

Move common pieces to the Global repo

parent cd32d8b2
/**
* RBAC2SMV - Tool for converting a RBAC specification
* to NuSMV specification
*
* @author Karthick Jayaraman
*/
package mohawk.collections;
import java.util.Map;
import mohawk.pieces.PreCondition;
/**
* @author kjayaram
*
*/
public class PreCondProcessorInt {
PreCondition pcPreCond;
// Map<Integer,String> mRoleIndex;
Map<String, Integer> mRole2Index;
public PreCondProcessorInt(/* Map<Integer,String> inRoleIndex, */Map<String, Integer> inRole2Index) {
// mRoleIndex = inRoleIndex;
mRole2Index = inRole2Index;
pcPreCond = new PreCondition();
}
private int getMapKey(Map<Integer, String> inMap, String inString) {
for (int i = 0; i < inMap.size(); i++) {
if (inMap.get(i).equals(inString)) { return i; }
}
System.out.println("Error - PreCondProcessorInt::getMapIndex - Value not found in map");
return 0;
}
// Add a positive pre condition for a role.
public void add(String strRole) throws Exception {
int iRoleIndex = 0; // mRole2Index.get(strRole); //getMapKey(mRoleIndex,strRole);
// if(iRoleIndex == null)
// System.out.println(strRole);
if (mRole2Index.get(strRole) == null) {
throw new Exception("Precondition is trying to add a role " + strRole + " that does not exist");
} else
iRoleIndex = mRole2Index.get(strRole);
pcPreCond.addConditional(iRoleIndex, 1);
}
// Add a negative precondition for a role
public void addNeg(String strRole) {
int iRoleIndex = mRole2Index.get(strRole); // getMapKey(mRoleIndex,strRole);
pcPreCond.addConditional(iRoleIndex, 2);
}
public PreCondition result() throws Exception {
return pcPreCond;
}
}
......@@ -8,7 +8,7 @@ import java.util.Set;
import java.util.Vector;
import java.util.logging.Logger;
import mohawk.pieces.CAEntry;
import mohawk.global.pieces.mohawk.CAEntry;
import mohawk.rbac.RBACInstance;
/**
......
......@@ -10,9 +10,7 @@ import java.util.Set;
import java.util.Vector;
import java.util.logging.Logger;
import mohawk.pieces.CAEntry;
import mohawk.pieces.CREntry;
import mohawk.pieces.PreCondition;
import mohawk.global.pieces.mohawk.*;
import mohawk.rbac.RBACInstance;
/**
......
......@@ -10,8 +10,8 @@ import java.util.Set;
import java.util.Vector;
import java.util.logging.Logger;
import mohawk.pieces.CAEntry;
import mohawk.pieces.PreCondition;
import mohawk.global.pieces.mohawk.CAEntry;
import mohawk.global.pieces.mohawk.PreCondition;
import mohawk.rbac.RBACInstance;
/**
......
......@@ -31,8 +31,8 @@ import java.util.Vector;
import java.util.logging.Logger;
import mohawk.collections.RoleDepTree;
import mohawk.pieces.CAEntry;
import mohawk.pieces.PreCondition;
import mohawk.global.pieces.mohawk.CAEntry;
import mohawk.global.pieces.mohawk.PreCondition;
import mohawk.rbac.RBACInstance;
/**
......
......@@ -13,7 +13,7 @@ import java.util.logging.Level;
import org.stringtemplate.v4.ST;
import mohawk.pieces.*;
import mohawk.global.pieces.mohawk.*;
import mohawk.rbac.RBACInstance;
/*
......
......@@ -9,7 +9,7 @@ import java.util.Vector;
import org.stringtemplate.v4.ST;
import mohawk.pieces.*;
import mohawk.global.pieces.mohawk.*;
import mohawk.rbac.RBACInstance;
/**
......
/**
* The MIT License
*
* Copyright (c) 2010 Karthick Jayaraman
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package mohawk.pieces;
/**
* This class represents a CAEntry. Each CAEntry has three parts: - Roles that the administrator should have -
* Preconditions, which are essentially set of roles the user should have Preconditions on roles are specified as a
* BitVector - Role - The role that can be assigned
*
* @author Karthick Jayaraman
*/
public class CAEntry {
private String strAdminRole;
private PreCondition pcPreconditions;
private String strRole;
public CAEntry(String inStrAdminRole, PreCondition inPcPreCondition, String inStrRole) {
strAdminRole = inStrAdminRole;
pcPreconditions = inPcPreCondition;
strRole = inStrRole;
}
public String getAdminRole() {
return strAdminRole;
}
public PreCondition getPreConditions() {
return pcPreconditions;
}
public String getRole() {
return strRole;
}
}
/**
* The MIT License
*
* Copyright (c) 2010 Karthick Jayaraman
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package mohawk.pieces;
/**
* Each CREntry represents a rule for revocation. The first entry describes the pre-conditions for the revocation. The
* preconditions essentially describes the roles the administrator should have to do the revocation.
*
* @author Karthick Jayaraman
*/
public class CREntry {
private String strPreCond;
private String strRole;
public CREntry(String inPreCond, String inStr) {
strPreCond = inPreCond;
strRole = inStr;
}
public void setPreCond(String inPreCond) {
strPreCond = inPreCond;
}
public String getPreCond() {
return strPreCond;
}
public void setStrRole(String inStrRole) {
strRole = inStrRole;
}
public String getStrRole() {
return strRole;
}
}
/**
* The MIT License
*
* Copyright (c) 2010 Karthick Jayaraman
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package mohawk.pieces;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
/**
* @author Karthick Jayaraman
*
*/
public class PreCondition {
private Map<Integer, Integer> mBitVector;
public PreCondition() {
mBitVector = new HashMap<Integer, Integer>();
}
/*
* addConditional sets the specified role index to either 1 or 2. 1 - refers to positive condition 2 - refers to
* negative condition.
*/
public void addConditional(int roleindex, int value) {
mBitVector.put(roleindex, value);
}
public void delConditional(int roleindex) {
mBitVector.remove(roleindex);
}
public int getConditional(int roleindex) {
return mBitVector.get(roleindex);
}
public int size() {
return mBitVector.size();
}
public Set<Integer> keySet() {
return mBitVector.keySet();
}
}
......@@ -33,9 +33,9 @@ import java.util.*;
import org.antlr.v4.runtime.*;
import mohawk.global.pieces.mohawk.CAEntry;
import mohawk.global.pieces.mohawk.CREntry;
import mohawk.output.WriteNuSMV;
import mohawk.pieces.CAEntry;
import mohawk.pieces.CREntry;
import mohawk.rbac.generated.MohawkLexer;
import mohawk.rbac.generated.MohawkParser;
......
......@@ -11,8 +11,8 @@ import java.util.Map;
import java.util.Vector;
import java.util.logging.Logger;
import mohawk.pieces.CAEntry;
import mohawk.pieces.CREntry;
import mohawk.global.pieces.mohawk.CAEntry;
import mohawk.global.pieces.mohawk.CREntry;
/**
* This class represents an RBAC instance read from an input file. An object of this class is passed to WriteNuSMV to
......
......@@ -9,9 +9,9 @@ import java.util.*;
import org.antlr.v4.runtime.*;
import org.stringtemplate.v4.ST;
import mohawk.pieces.*;
import mohawk.rbac.generated.MohawkLexer;
import mohawk.rbac.generated.MohawkParser;
import mohawk.global.pieces.mohawk.*;
/**
* @author Karthick Jayaraman
......
grammar Mohawk;
@header {
import java.util.Vector;
import java.util.Stack;
import java.util.HashMap;
import java.util.Map;
import mohawk.collections.PreCondProcessorInt;
import mohawk.pieces.CAEntry;
import mohawk.pieces.CREntry;
import mohawk.pieces.PreCondition;
import mohawk.rbac.RBACInstance;
}
@members {
Vector<String> vRoles;
Vector<String> vUsers;
Vector<String> vAdmin;
Map<Integer, String> mRoleIndex;
Map<String, Integer> mRole2Index;
Map<Integer, String> mUserIndex;
Map<String,Vector<Integer>> mUA;
Map<String,Vector<CREntry>> mCR;
Map<String,Vector<CAEntry>> mCA;
PreCondProcessorInt preCndP;
Stack<Integer> stackOperators;
Vector<String> vSpec; // This vector holds two strings - user and role that will be used in the LTL formulae
// Indices for user and roles while parsing
// Each user has an index corresponding to the order in which the name appears in the list.
int iRoleIndex = 0;
int iUserIndex = 0;
// Counters
int numUA = 0;
int numCARules = 0;
int numCRRules = 0;
public void initRbac() {
vRoles = new Vector<String>();
vUsers = new Vector<String>();
vAdmin = new Vector<String>();
mRoleIndex = new HashMap<Integer, String>();
mRole2Index = new HashMap<String,Integer>();
mUserIndex = new HashMap<Integer, String>();
mUA = new HashMap<String,Vector<Integer>>();
mCR = new HashMap<String,Vector<CREntry>>();
mCA = new HashMap<String,Vector<CAEntry>>();
vSpec = new Vector<String>();
}
public RBACInstance getRBAC() {
return new RBACInstance(vRoles, vUsers, vAdmin, mUA, mCR, mCA,vSpec);
}
public void setUA(String strUser, String strRole) {
Vector<Integer> vUserUA = mUA.get(strUser);
if(vUserUA == null)
{
vUserUA = new Vector<Integer>();
mUA.put(strUser,vUserUA);
}
int iRoleIndex = mRole2Index.get(strRole); //getMapKey(mRoleIndex, strRole);
vUserUA.add(iRoleIndex);
}
public void addCREntry(String inStrPreCond, String inStrRole) {
CREntry crEntry = new CREntry(inStrPreCond, inStrRole);
Vector<CREntry> vCR = mCR.get(inStrRole);
if(vCR == null)
vCR = new Vector<CREntry>();
vCR.add(new CREntry(inStrPreCond, inStrRole));
mCR.put(inStrRole,vCR);
}
public void addCAEntry(String inStrAdminRole, PreCondition pcPreCond, String inStrRole) {
CAEntry caEntry = new CAEntry(inStrAdminRole, pcPreCond, inStrRole);
Vector<CAEntry> vCA = mCA.get(inStrRole);
if(vCA == null)
vCA = new Vector<CAEntry>();
vCA.add(caEntry);
mCA.put(inStrRole,vCA);
}
/*
private int getMapKey(Map<Integer,String> inMap, String inString) {
for(int i=0; i<inMap.size(); i++) {
if(inMap.get(i).equals(inString)) {
return i;
}
}
System.out.println("Error - BTree::getMapIndex - Value not found in map");
return 0;
}
*/
public void addSpec(String inStrUser, String inStrRole) {
vSpec.add(inStrUser);
vSpec.add(inStrRole);
}
}
/* Rules */
init
:
roles users ua cr ca admin spec
;
roles
:
'Roles'
(
r=ID
{
vRoles.add($r.getText());
mRoleIndex.put(iRoleIndex,$r.getText());
mRole2Index.put($r.getText(),iRoleIndex);
iRoleIndex++;
}
)+ SEMI {
System.out.println("[STATS] Mohawk Input Roles: " + iRoleIndex);
}
;
users
:
(
'Users'
)
(
u = ID
{
vUsers.add($u.getText());
mUserIndex.put(iUserIndex,$u.getText());
iUserIndex++;
}
)+ SEMI
;
ua
:
'UA'
(
LANGLE x = ID COMMA y = ID RANGLE
{
setUA($x.getText(),$y.getText());
numUA++;
}
)+ SEMI {
System.out.println("[STATS] Mohawk Input UA: " + numUA);
}
;
ca
:
'CA'
(
caentry
)* SEMI {
System.out.println("[STATS] Mohawk Input CA Rules: " + numCARules);
}
;
caentry
:
LANGLE d = ID COMMA pre = precondition COMMA f = myrole RANGLE
{
try {
PreCondition pcPreCond = $pre.p.result();
addCAEntry($d.getText(), pcPreCond, $f.role);
numCARules++;
}catch(Exception e) {
e.printStackTrace();
}
}
;
precondition returns [PreCondProcessorInt p] @init {
$p = new PreCondProcessorInt(mRole2Index);
}
:
a = rolecondition
{
try {
if($a.not) {
$p.addNeg($a.name);
} else {
$p.add($a.name);
}
} catch (Exception e) {
e.printStackTrace();
}
}
(
COND b = rolecondition
{
try {
if($b.not) {
$p.addNeg($b.name);
} else {
$p.add($b.name);
}
} catch (Exception e) {
e.printStackTrace();
}
}
)*
| 'TRUE'
;
rolecondition returns [Boolean not, String name] @init {
$not = false;
}
:
(
NOT
{$not = true;}
)? r = myrole
{
$name = $r.role;
}
;
cr
:
'CR'
(
crentry
)* SEMI {
System.out.println("[STATS] Mohawk Input CR Rules: " + numCRRules);
}
;
crentry
:
LANGLE mm = ID COMMA nn = myrole RANGLE
{
addCREntry($mm.getText(),$nn.role);
}
| LANGLE 'FALSE' COMMA ID RANGLE
{
System.out.println("[STATS] Skipping CR entry as the admin is 'FALSE'");
}
;
admin
:
'ADMIN'
(
u=ID
{
vAdmin.add($u.getText());
}
)+ SEMI
;
spec
:
'SPEC' su = ID sr = myrole SEMI
{
addSpec($su.getText(),$sr.role);
System.out.println("[STATS] Mohawk Input SPEC: user: '" + $su.getText() + "' with role: '"+ $sr.role +"'");
}
;
myrole returns [String role]
:
a = ID
{
$role = $a.text;
}
;
/* Whitespace and Comments (Must be above tokens) */
Whitespace
:
[ \t]+ -> skip
;
Newline