def add_new_document(request, user_profile): JeevesLib.set_viewer(user_profile) document_name = request.POST.get('document_name') description = request.POST.get('description') classification = request.POST.get('classification') project_id = request.POST.get('project_id') filedata = request.FILES.get('docfile') department = user_profile.department project = Project.objects.get(jeeves_id=project_id) #If we don't concretize the filedata, DRS will store the file twice. filedata = JeevesLib.concretize(user_profile, filedata) Document.objects.create( document_name = document_name, description = description, last_accessed_by = user_profile, department = department, classification = getattr(Levels, classification), project = project, filedata = filedata) return ("add_document.html", {'project_id': project_id})
def __get__(self, instance, instance_type): """?? """ if instance is None: return self cache = self.get_cache(instance) def get_obj(jeeves_id): """?? """ if jeeves_id is None: return None if jeeves_id not in cache: cache[jeeves_id] = self.field.to.objects.get(**{self.field.join_field.name: jeeves_id}) return cache[jeeves_id] # TODO: Why do we need to facetMap this guy? If we know the viewer, # can we get rid of it? r = getattr(instance, self.field.get_attname()) if not isinstance(JeevesLib.get_viewer(), FNull): robj = get_obj(r) if isinstance(robj, FObject): return robj.v else: return r else: return JeevesLib.facetMapper(fexpr_cast(r), get_obj)
def real_view_fn(request): try: profile = UserProfile.objects.get(username=request.user.username) ans = view_fn(request, profile, *args, **kwargs) template_name = ans[0] context_dict = ans[1] if template_name == "redirect": path = context_dict return HttpResponseRedirect(JeevesLib.concretize(profile, path)) concretizeState = JeevesLib.jeevesState.policyenv.getNewSolverState(profile) def concretize(val): return concretizeState.concretizeExp(val, JeevesLib.jeevesState.pathenv.getEnv()) add_to_context(context_dict, request, template_name, profile, concretize) return render_to_response(template_name, RequestContext(request, context_dict)) except Exception: import traceback traceback.print_exc() raise finally: # Clear concretization cache. JeevesLib.clear_cache()
def testCountUsersInLocation(self): # Only Alice and Bob can see Alice's "high" location of S locNetwork = LocationNetwork([self.alice, self.bob, self.carol]) usersInStata = locNetwork.countUsersInLocation(self.gpsMIT) self.assertEqual(JeevesLib.concretize(self.alice, usersInStata), 1) self.assertEqual(JeevesLib.concretize(self.bob, usersInStata), 1) self.assertEqual(JeevesLib.concretize(self.carol, usersInStata), 0)
def register_account(request): JeevesLib.clear_viewer() if request.user.is_authenticated(): return HttpResponseRedirect("index") if request.method == 'POST': form = UserCreationForm(request.POST) if form.is_valid(): user = form.save() user.save() UserProfile.objects.create( username=user.username, name=request.POST.get('name',''), affiliation=request.POST.get('affiliation',''), level='normal', email=request.POST.get('email', ''), ) user = authenticate(username=request.POST['username'], password=request.POST['password1']) login(request, user) return HttpResponseRedirect("index") else: form = UserCreationForm() return render(request, 'registration/account.html', { 'form' : form, 'which_page' : 'register' })
def testLogin(self): self.assertEqual( JeevesLib.concretize(self.aliceUser , Authentication.login(self.aliceUser, self.alicePwd)) , self.aliceUser) self.assertEqual( JeevesLib.concretize(self.aliceUser , Authentication.login(self.aliceUser, "otherPwd")) , Principal.NullUser())
def test_permitted_writer_overwrite(self): x = ProtectedRef(0, None, self.allowUserWrite(self.bobUser)) assert x.update(self.aliceUser, self.aliceUser, 42) == UpdateResult.Unknown assert x.update(self.bobUser, self.bobUser, 43) == UpdateResult.Unknown self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 43) self.assertEqual(JeevesLib.concretize(self.bobUser, x.v), 43) self.assertEqual(JeevesLib.concretize(self.carolUser, x.v), 43)
def test_not_tracking_implicit_flows(self): x = ProtectedRef(0, None, self.allowUserWrite(self.aliceUser), False) x.update(self.aliceUser, self.aliceUser, 42) y = ProtectedRef(1, None, self.allowUserWrite(self.bobUser), False) y.update(self.bobUser, self.bobUser, 2 if x.v == 42 else 3) self.assertEqual(JeevesLib.concretize(self.aliceUser, y.v), 2) self.assertEqual(JeevesLib.concretize(self.bobUser, y.v), 2)
def setUp(self): # reset the Jeeves state JeevesLib.init() self.nobodyUser = DummyUser(-1) self.aliceUser = DummyUser(0) self.bobUser = DummyUser(1) self.carolUser = DummyUser(2)
def test_determine_writer_trust_later(self): x = ProtectedRef(0, None , lambda _this: lambda ictxt: lambda octxt: JeevesLib.jhas(octxt, ictxt)) x.update(self.aliceUser, self.aliceUser, 42) self.assertEqual(JeevesLib.concretize([self.aliceUser], x.v), 42) self.assertEqual(JeevesLib.concretize([], x.v), 0)
def test_prevent_untrusted_writes_through_implicit_flows(self): x = ProtectedRef(0, None, self.allowUserWrite(self.aliceUser)) x.update(self.aliceUser, self.aliceUser, 42) y = ProtectedRef(1, None, self.allowUserWrite(self.bobUser)) y.update(self.bobUser, self.bobUser, 2 if x.v == 42 else 3) self.assertEqual(JeevesLib.concretize(self.aliceUser, y.v), 3) self.assertEqual(JeevesLib.concretize(self.bobUser, y.v), 3)
def test_view_email(self): self.assertEqual( JeevesLib.concretize(self.aliceUser, self.aliceUser.email) , "*****@*****.**") self.assertEqual( JeevesLib.concretize(self.aliceUser, self.eveUser.email) , "[redacted]")
def setUp(self): JeevesLib.init() self.aliceUser = UserProfile.objects.create( username="******" , email="*****@*****.**") self.bobUser = UserProfile.objects.create( username="******" , email="*****@*****.**") self.carolUser = UserProfile.objects.create( username="******" , email="*****@*****.**") self.eveUser = UserProfile.objects.create( username="******" , email="*****@*****.**") self.eveParty = Event.objects.create( name="Eve's surprise party" , location="Chuck E. Cheese's" , time=datetime(2014, 10, 24, 20, 0, tzinfo=pytz.utc) , description="Don't tell Eve!" , visibility='G' ) self.otherParty = Event.objects.create( name="Other party" , location="Other location" , time=datetime(2014, 10, 24, 20, 0, tzinfo=pytz.utc) , description="Nothing of note." ) EventHost.objects.create(event=self.eveParty, host=self.aliceUser) EventHost.objects.create(event=self.eveParty, host=self.bobUser) EventGuest.objects.create(event=self.eveParty, guest=self.carolUser)
def setUp(self): JeevesLib.init() self.alice = UserProfile.objects.create( username="******", email="*****@*****.**") self.bob = UserProfile.objects.create( username="******", email="*****@*****.**")
def test_output_varies_depending_on_viewer(self): x = ProtectedRef(0, None , lambda _this: lambda ictxt: lambda octxt: ictxt == self.aliceUser and octxt == self.bobUser) x.update(self.aliceUser, self.aliceUser, 42) self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 0) self.assertEqual(JeevesLib.concretize(self.bobUser, x.v), 42) self.assertEqual(JeevesLib.concretize(self.carolUser, x.v), 0)
def test_write_selectively_allowed(self): x = ProtectedRef(0, None , lambda _this: lambda ictxt: lambda octxt: ictxt == self.aliceUser and octxt == self.bobUser) assert x.update(self.aliceUser, self.aliceUser, 42) == UpdateResult.Unknown self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 0) self.assertEqual(JeevesLib.concretize(self.bobUser, x.v), 42) self.assertEqual(JeevesLib.concretize(self.carolUser, x.v), 0)
def test_jlist_loop(self): x = JeevesLib.mkLabel("x") JeevesLib.restrict(x, lambda ctxt: ctxt) l = JeevesLib.mkSensitive(x, [0, 1, 2], [3, 4, 5, 6]) count = 0 for elt in l: count += 1
def test_output_write_policies_involving_this_can_update(self): x = ProtectedRef(0, None , lambda v: lambda ictxt: lambda _: v == 0 and ictxt == self.aliceUser) x.update(self.aliceUser, self.aliceUser, 1) self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 1) x.update(self.aliceUser, self.aliceUser, 3) self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 1)
def test_view_email(self): self.assertEqual(JeevesLib.concretize(self.benUser, self.benUser.email) , "*****@*****.**") self.assertEqual(JeevesLib.concretize(self.janeUser, self.benUser.email) , "[redacted]") self.assertEqual( JeevesLib.concretize(self.rishabhUser, self.benUser.email) , "[redacted]")
def submit_view(request): JeevesLib.clear_viewer() user = UserProfile.objects.get(username=request.user.username) if request.method == 'POST': # Clear viewer because we're doing a write to the DB. JeevesLib.clear_viewer() coauthors = request.POST.getlist('coauthors[]') title = request.POST.get('title', None) abstract = request.POST.get('abstract', None) contents = request.FILES.get('contents', None) if title == None or abstract == None or contents == None: return ("submit.html", { 'coauthors' : coauthors, 'title' : title, 'abstract' : abstract, 'contents' : contents.name, 'error' : 'Please fill out all fields', 'which_page' : "submit", }) print "creating paper" paper = Paper.objects.create(author=user, accepted=False) print "iterating over coauthors" for coauthor in coauthors: if coauthor != "": PaperCoauthor.objects.create(paper=paper, author=coauthor) set_random_name(contents) print "creating paper" PaperVersion.objects.create( paper=paper, title=title, abstract=abstract, contents=contents ) for conf in request.POST.getlist('pc_conflicts[]'): new_pc_conflict = UserProfile.objects.get(username=conf) PaperPCConflict.objects.create(paper=paper, pc=new_pc_conflict) return ("redirect", "paper?id=" + paper.jeeves_id) pcs = UserProfile.objects.filter(level='pc').all() pc_conflicts = [uppc.pc for uppc in UserPCConflict.objects.filter(user=user).all()] return ("submit.html", { 'coauthors' : [], 'title' : '', 'abstract' : '', 'contents' : '', 'error' : '', "pcs": [{'pc':pc, 'conflict':pc in pc_conflicts} for pc in pcs], 'pc_conflicts' : pc_conflicts, 'which_page': "submit", })
def test_prevent_flow_of_untrusted_writes(self): x = ProtectedRef(0, None, self.allowUserWrite(self.aliceUser)) assert x.update(self.aliceUser, self.aliceUser, 42) == UpdateResult.Unknown y = ProtectedRef(1, None, self.allowUserWrite(self.bobUser)) assert y.update(self.bobUser, self.bobUser, x.v) == UpdateResult.Unknown self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 42) self.assertEqual(JeevesLib.concretize(self.bobUser, x.v), 42) self.assertEqual(JeevesLib.concretize(self.aliceUser, y.v), 0) self.assertEqual(JeevesLib.concretize(self.bobUser, y.v), 0)
def acquire_label(self, field_name): label_name = "%s__%s__%s" % (self.__class__.__name__, field_name, self.jeeves_id) if JeevesLib.doesLabelExist(label_name): return JeevesLib.getLabel(label_name) else: label = JeevesLib.mkLabel(label_name, uniquify=False) restrictor = getattr(self, "jeeves_restrict_" + field_name) JeevesLib.restrict(label, lambda ctxt: restrictor(self, ctxt), True) return label
def test_restrict_with_context(self): x = JeevesLib.mkLabel('x') JeevesLib.restrict(x, lambda y: y == 2) xConcrete = JeevesLib.concretize(2, x) self.assertTrue(xConcrete) xConcrete = JeevesLib.concretize(3, x) self.assertFalse(xConcrete)
def test_view_submission_grade(self): self.assertEqual(JeevesLib.concretize(self.benUser, self.ben813_1.grade) , 'A') self.assertEqual( JeevesLib.concretize(self.janeUser, self.ben813_1.grade) , 'U') self.assertEqual( JeevesLib.concretize(self.rishabhUser, self.ben813_1.grade) , 'A')
def test_view_grade(self): course_info = StudentCourse.objects.get(student=self.benUser) self.assertEqual(JeevesLib.concretize(self.benUser, course_info.grade) , 'B') self.assertEqual(JeevesLib.concretize(self.janeUser, course_info.grade) , 'U') self.assertEqual( JeevesLib.concretize(self.rishabhUser, course_info.grade) , 'B')
def setUp(self): JeevesLib.init() self.f = open('log.txt', 'w') JeevesLib.set_log_policies(self.f) Animal.objects.create(name='lion', sound='roar') # Animal.objects.create(name='cat', sound='meow') '''
def __init__(self, value, owner, policy): lab = JeevesLib.mkLabel () # TODO: Add policy that the output channel has to be either the owner or # satisfy the policy on it (policy(oc)). JeevesLib.restrict(lab , lambda oc: JeevesLib.jor( lambda: oc.user == owner, lambda: policy(oc))) self.value = JeevesLib.mkSensitive(lab, value, -1) self.owner = owner
def testViewLocation(self): # Alice and Bob can see the high-confidentiality version of Alice's # location, but Carol cannot. self.assertEqual(JeevesLib.concretize(self.alice, self.alice.location) , self.gpsMIT) self.assertEqual(JeevesLib.concretize(self.bob, self.alice.location) , self.gpsMIT) self.assertEqual(JeevesLib.concretize(self.carol, self.alice.location) , self.cityCambridge)
def testIsFriends(self): self.assertTrue( JeevesLib.concretize(self.alice, self.alice.isFriends(self.bob))) self.assertTrue( JeevesLib.concretize(self.alice, self.bob.isFriends(self.alice))) self.assertFalse( JeevesLib.concretize(self.alice, self.alice.isFriends(self.carol))) self.assertFalse( JeevesLib.concretize(self.alice, self.carol.isFriends(self.alice)))
def testBehavioralGood(self): touchedBadData = False def f(x): return x+1 x = ProtectedRef(lambda x: x, None , lambda _this: lambda ic: lambda touchedBad: not touchedBad) self.assertEqual(JeevesLib.concretize(None, (x.v)(1)), 1) assert x.update(None, None, f) == UpdateResult.Unknown self.assertEqual(JeevesLib.concretize(None, (x.v)(1)), 2)
def save(self, *args, **kw): """Saves elements with the appropriate faceted labels. """ def full_eval(val, env): """Evaluating a value in the context of an environment. """ eval_expr = val.partialEval(env) return eval_expr.v # TODO: OMG why is this so long. if not self.jeeves_id: self.jeeves_id = JeevesModelUtils.get_random_jeeves_id() if kw.get("update_field", None) is not None: raise NotImplementedError("Partial saves not supported.") # Go through fields and do something. TODO: Figure out what. field_names = set() for field in self._meta.concrete_fields: if not field.primary_key and not hasattr(field, 'through'): field_names.add(field.attname) # Go through labels and create facets. for label_name, field_name_list in self._jeeves_labels.iteritems(): label = self.acquire_label(label_name) for field_name in field_name_list: public_field_value = getattr(self, field_name) private_field_value = getattr(self , 'jeeves_get_private_' + \ field_name)(self) faceted_field_value = JeevesLib.mkSensitive(label , public_field_value , private_field_value).partialEval( JeevesLib.jeevesState.pathenv. \ getEnv()) setattr(self, field_name, faceted_field_value) all_vars = [] field_dict = {} env = JeevesLib.jeevesState.pathenv.getEnv() for field_name in field_names: value = getattr(self, field_name) field_val = fexpr_cast(value).partialEval(env) all_vars.extend(v.name for v in field_val.vars()) field_dict[field_name] = field_val all_vars = list(set(all_vars)) for cur_vars in JeevesModelUtils.powerset(all_vars): true_vars = list(cur_vars) false_vars = list(set(all_vars).difference(cur_vars)) env_dict = dict(env) env_dict.update({tv: True for tv in true_vars}) env_dict.update({fv: False for fv in false_vars}) self.do_delete(env_dict) klass = self.__class__ obj_to_save = klass( **{ field_name: full_eval(field_value, env_dict) for field_name, field_value in field_dict.iteritems() }) all_jid_objs = list( klass._objects_ordinary.filter( jeeves_id=obj_to_save.jeeves_id).all()) all_relevant_objs = [ obj for obj in all_jid_objs if all(field_name == 'jeeves_vars' or getattr( obj_to_save, field_name) == getattr(obj, field_name) for field_name in field_dict) ] # Optimization. # TODO: See how we can refactor this to shorten the function. while True: # check if we can collapse # if we can, repeat; otherwise, exit for i in xrange(len(all_relevant_objs)): other_obj = all_relevant_objs[i] diff_var = get_one_differing_var( env_dict, JeevesModelUtils.unserialize_vars( other_obj.jeeves_vars)) if diff_var is not None: super(JeevesModel, other_obj).delete() del env_dict[diff_var] break else: break obj_to_save.jeeves_vars = JeevesModelUtils.serialize_vars(env_dict) super(JeevesModel, obj_to_save).save(*args, **kw)
def setUp(self): JeevesLib.init() # x = Auth.Test() # self.auth = Authentication() self.alicePrin = Auth.U("Alice") self.adminPrin = Auth.Admin()