PNG  IHDR* pHYs+ IDATx]n#; cdLb Ǚ[at¤_:uP}>!Usă cag޿ ֵNu`ݼTâabO7uL&y^wFٝA"l[|ŲHLN밪4*sG3|Dv}?+y߉{OuOAt4Jj.u]Gz*҉sP'VQKbA1u\`& Af;HWj hsO;ogTu uj7S3/QzUr&wS`M$X_L7r2;aE+ώ%vikDA:dR+%KzƉo>eOth$z%: :{WwaQ:wz%4foɹE[9<]#ERINƻv溂E%P1i01 |Jvҗ&{b?9g=^wζXn/lK::90KwrюO\!ջ3uzuGv^;騢wq<Iatv09:tt~hEG`v;3@MNZD.1]L:{ծI3`L(÷ba")Y.iljCɄae#I"1 `3*Bdz>j<fU40⨬%O$3cGt]j%Fߠ_twJ;ABU8vP3uEԑwQ V:h%))LfraqX-ۿX]v-\9I gl8tzX ]ecm)-cgʒ#Uw=Wlێn(0hPP/ӨtQ“&J35 $=]r1{tLuǮ*i0_;NƝ8;-vݏr8+U-kruȕYr0RnC]*ެ(M:]gE;{]tg(#ZJ9y>utRDRMdr9㪩̞zֹb<ģ&wzJM"iI( .ꮅX)Qw:9,i좜\Ԛi7&N0:asϓc];=ΗOӣ APqz93 y $)A*kVHZwBƺnWNaby>XMN*45~ղM6Nvm;A=jֲ.~1}(9`KJ/V F9[=`~[;sRuk]rєT!)iQO)Y$V ی ۤmzWz5IM Zb )ˆC`6 rRa}qNmUfDsWuˤV{ Pݝ'=Kֳbg,UҘVz2ﴻnjNgBb{? ߮tcsͻQuxVCIY۠:(V뺕 ٥2;t`@Fo{Z9`;]wMzU~%UA蛚dI vGq\r82iu +St`cR.6U/M9IENDB` REDROOM
REDROOM
PHP 5.6.40
Preview: rbacrulequery.py Size: 5.61 KB
/lib64/python3.6/site-packages/setools/rbacrulequery.py
# Copyright 2014-2015, Tresys Technology, LLC
#
# This file is part of SETools.
#
# SETools is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation, either version 2.1 of
# the License, or (at your option) any later version.
#
# SETools is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with SETools.  If not, see
# <http://www.gnu.org/licenses/>.
#
import logging
import re

from . import mixins, query
from .descriptors import CriteriaDescriptor, CriteriaSetDescriptor
from .exception import InvalidType, RuleUseError
from .policyrep import RBACRuletype
from .util import match_indirect_regex


class RBACRuleQuery(mixins.MatchObjClass, query.PolicyQuery):

    """
    Query the RBAC rules.

    Parameter:
    policy            The policy to query.

    Keyword Parameters/Class attributes:
    ruletype        The list of rule type(s) to match.
    source          The name of the source role/attribute to match.
    source_indirect If true, members of an attribute will be
                    matched rather than the attribute itself.
    source_regex    If true, regular expression matching will
                    be used on the source role/attribute.
                    Obeys the source_indirect option.
    target          The name of the target role/attribute to match.
    target_indirect If true, members of an attribute will be
                    matched rather than the attribute itself.
    target_regex    If true, regular expression matching will
                    be used on the target role/attribute.
                    Obeys target_indirect option.
    tclass          The object class(es) to match.
    tclass_regex    If true, use a regular expression for
                    matching the rule's object class.
    default         The name of the default role to match.
    default_regex   If true, regular expression matching will
                    be used on the default role.
    """

    ruletype = CriteriaSetDescriptor(enum_class=RBACRuletype)
    source = CriteriaDescriptor("source_regex", "lookup_role")
    source_regex = False
    source_indirect = True
    _target = None
    target_regex = False
    target_indirect = True
    tclass = CriteriaSetDescriptor("tclass_regex", "lookup_class")
    tclass_regex = False
    default = CriteriaDescriptor("default_regex", "lookup_role")
    default_regex = False

    @property
    def target(self):
        return self._target

    @target.setter
    def target(self, value):
        if not value:
            self._target = None
        elif self.target_regex:
            self._target = re.compile(value)
        else:
            try:
                self._target = self.policy.lookup_type_or_attr(value)
            except InvalidType:
                self._target = self.policy.lookup_role(value)

    def __init__(self, policy, **kwargs):
        super(RBACRuleQuery, self).__init__(policy, **kwargs)
        self.log = logging.getLogger(__name__)

    def results(self):
        """Generator which yields all matching RBAC rules."""
        self.log.info("Generating RBAC rule results from {0.policy}".format(self))
        self.log.debug("Ruletypes: {0.ruletype}".format(self))
        self.log.debug("Source: {0.source!r}, indirect: {0.source_indirect}, "
                       "regex: {0.source_regex}".format(self))
        self.log.debug("Target: {0.target!r}, indirect: {0.target_indirect}, "
                       "regex: {0.target_regex}".format(self))
        self._match_object_class_debug(self.log)
        self.log.debug("Default: {0.default!r}, regex: {0.default_regex}".format(self))

        for rule in self.policy.rbacrules():
            #
            # Matching on rule type
            #
            if self.ruletype:
                if rule.ruletype not in self.ruletype:
                    continue

            #
            # Matching on source role
            #
            if self.source and not match_indirect_regex(
                    rule.source,
                    self.source,
                    self.source_indirect,
                    self.source_regex):
                continue

            #
            # Matching on target type (role_transition)/role(allow)
            #
            if self.target and not match_indirect_regex(
                    rule.target,
                    self.target,
                    self.target_indirect,
                    self.target_regex):
                continue

            #
            # Matching on object class
            #
            try:
                if not self._match_object_class(rule):
                    continue
            except RuleUseError:
                continue

            #
            # Matching on default role
            #
            if self.default:
                try:
                    # because default role is always a single
                    # role, hard-code indirect to True
                    # so the criteria can be an attribute
                    if not match_indirect_regex(
                            rule.default,
                            self.default,
                            True,
                            self.default_regex):
                        continue
                except RuleUseError:
                    continue

            # if we get here, we have matched all available criteria
            yield rule

Directory Contents

Dirs: 2 × Files: 40
Name Size Perms Modified Actions
diff DIR
- drwxr-xr-x 2025-03-30 04:21:30
Edit Download
__pycache__ DIR
- drwxr-xr-x 2025-03-30 04:21:30
Edit Download
boolquery.py
2.19 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
boundsquery.py
2.35 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
categoryquery.py
1.88 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
commonquery.py
2.11 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
constraintquery.py
5.50 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
defaultquery.py
2.80 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
descriptors.py
7.47 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
devicetreeconquery.py
2.72 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
dta.py
21.40 KB lrw-r--r-- 2023-10-15 02:31:39
Edit Download
exception.py
5.97 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
fsusequery.py
3.36 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
genfsconquery.py
3.68 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
ibendportconquery.py
3.52 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
ibpkeyconquery.py
5.22 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
infoflow.py
14.59 KB lrw-r--r-- 2023-10-15 02:31:39
Edit Download
initsidquery.py
2.79 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
iomemconquery.py
4.44 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
ioportconquery.py
4.46 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
mixins.py
7.14 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
mlsrulequery.py
4.59 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
netifconquery.py
2.93 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
nodeconquery.py
4.16 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
objclassquery.py
3.78 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
pcideviceconquery.py
3.04 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
permmap.py
16.10 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
perm_map
87.16 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
pirqconquery.py
2.95 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
polcapquery.py
1.64 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
policyrep.cpython-36m-x86_64-linux-gnu.so
1.87 MB lrwxr-xr-x 2023-10-15 02:32:32
Edit Download
portconquery.py
5.04 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
query.py
1.69 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
rbacrulequery.py
5.61 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
rolequery.py
2.48 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
sensitivityquery.py
2.65 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
terulequery.py
9.11 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
typeattrquery.py
2.62 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
typequery.py
3.43 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
userquery.py
4.68 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
util.py
5.32 KB lrw-r--r-- 2020-04-01 14:57:49
Edit Download
__init__.py
2.79 KB lrw-r--r-- 2023-10-15 02:31:39
Edit Download
If ZipArchive is unavailable, a .tar will be created (no compression).
© 2026 REDROOM — Secure File Manager. All rights reserved. Built with ❤️ & Red Dark UI