-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
enforcer.py
30 lines (21 loc) · 880 Bytes
/
enforcer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
import matcher
import policy_store
class Enforcer:
def __init__(self):
self.rules = policy_store.PolicyStore.init_policy()
def print_policy(self):
for rule in self.rules:
print rule
def enforce(self, subject, resource, action):
for rule in self.rules:
if matcher.NormalMatcher.match(rule.subject, subject) and \
matcher.NormalMatcher.match(rule.resource, resource) and \
matcher.NormalMatcher.match(rule.action, action):
return True
return False
def test_enforce(self, subject, resource, action):
res = self.enforce(subject, resource, action)
print '(%s, %s, %s) -> %s' % (subject, resource, action, res)
enforcer = Enforcer()
enforcer.print_policy()
enforcer.test_enforce('is_admin:True', '', 'os_compute_api:os-used-limits')