def test_quickstart_policy_3():
oso = Oso()
oso.register_class(Expense)
oso.load_file("../polar/expenses-03-py.polar")
expense = EXPENSES[1]
assert oso.is_allowed("*****@*****.**", "GET", expense)
assert not oso.is_allowed("*****@*****.**", "GET", expense)
def test_quickstart_policy_4():
oso = Oso()
oso.register_class(Expense)
oso.load_file("../polar/expenses-04.polar")
assert oso.is_allowed("*****@*****.**", "GET", EXPENSES[1])
assert not oso.is_allowed("*****@*****.**", "GET", EXPENSES[3])
assert not oso.is_allowed("*****@*****.**", "GET", EXPENSES[1])
assert oso.is_allowed("*****@*****.**", "GET", EXPENSES[3])
def init_oso(app):
base_oso = Oso()
oso = FlaskOso(base_oso)
register_models(base_oso, Base)
set_get_session(base_oso, lambda: g.session)
base_oso.load_file("app/authorization.polar")
app.oso = oso
def test_oso():
oso = Oso()
oso.register_class(Actor, name="test_oso::Actor")
oso.register_class(Widget, name="test_oso::Widget")
oso.register_class(Company, name="test_oso::Company")
oso.load_file(Path(__file__).parent / "test_oso.polar")
return oso
def test_oso():
oso = Oso()
oso.register_class(Jwt)
oso.register_class(Actor)
oso.register_class(Widget)
oso.register_class(Company)
oso.load_file(Path(__file__).parent / "test_oso.polar")
return oso
def test_quickstart_policy_2():
oso = Oso()
alice = "*****@*****.**"
expense = EXPENSES[1]
assert not oso.is_allowed(alice, "GET", expense)
oso.register_class(Expense)
oso.load_file("../polar/expenses-02.polar")
assert oso.is_allowed(alice, "GET", expense)
assert not oso.is_allowed("*****@*****.**", "GET", expense)
def load_oso():
"""Loads and returns the oso policy"""
oso = Oso()
policy_path = Path(__file__).resolve().parent.parent / "policies"
# Role definitions
oso.load_file(policy_path / "rbac.polar")
# ABAC policy
oso.load_file(policy_path / "abac.polar")
return oso
def init_oso(app):
from .expense import Expense
from .organization import Organization
from .user import Actor, Guest, User
oso = Oso()
oso.register_class(Actor)
oso.register_class(Guest)
oso.register_class(User)
oso.register_class(Expense)
oso.register_class(Organization)
for policy in app.config.get("OSO_POLICIES", []):
oso.load_file(policy)
app.oso = oso
def init_oso(db: Session):
oso = Oso()
register_models(oso, Base)
set_get_session(oso, lambda: db)
oso.load_file("app/authorization/rules/role_basics.polar")
oso.load_file("app/authorization/rules/organization_permissions.polar")
oso.load_file("app/authorization/rules/team_permissions.polar")
oso.load_file("app/authorization/rules/dataroom_permissions.polar")
enable_roles(oso)
return oso
def load_oso():
"""Loads and returns the oso policy"""
oso = Oso()
policy_path = Path(__file__).resolve().parent.parent / "expenses"
## Policy Data
oso.load_file(policy_path / "data.polar")
## Role definitions
oso.load_file(policy_path / "roles.polar")
## ABAC policy
oso.load_file(policy_path / "abac.polar")
return oso
def main():
# parser = argparse.ArgumentParser(description="An epic Polar adventure.")
# parser.add_argument(
# "-l", "--load", type=str, nargs=1, help="the filename of a saved game"
# )
# args = parser.parse_args()
# if args.load:
# GAME.load_saved(args.load)
oso = Oso()
oso.register_class(Game)
oso.register_class(Room)
oso.register_class(Passage)
oso.register_class(Player)
oso.register_class(Collection)
oso.register_class(Object)
oso.register_class(Animal)
oso.register_class(Food)
oso.register_class(Container)
oso.register_class(Takeable)
oso.register_class(Mushroomy)
oso.register_class(Soup)
oso.register_class(Source)
oso.register_class(Wand)
oso.register_class(Wet)
oso.register_class(OnFire)
oso.register_class(Leafy)
oso.register_constant(GAME, "GAME")
oso.register_constant(PLAYER, "PLAYER")
oso.register_constant(ROOMS, "Rooms")
oso.register_constant(PASSAGES, "Passages")
oso.register_constant(OBJECTS, "Objects")
oso.load_file("world.polar")
oso.load_file("commands.polar")
oso.load_file("tests.polar")
oso.repl()
return B.C(y)
oso.register_class(B.C, name="C", from_polar=custom_c_constructor)
class E:
@staticmethod
def sum(*args):
return sum(*args)
oso.register_class(E)
polar_file = os.path.dirname(os.path.realpath(__file__)) + "/test.polar"
oso.load_file(polar_file)
assert oso.is_allowed("a", "b", "c")
# Test that a built in string method can be called.
oso.load_str("""?= x = "hello world!" and x.endswith("world!");""")
# Test that a custom error type is thrown.
exception_thrown = False
try:
oso.load_str("missingSemicolon()")
except UnrecognizedEOF as e:
exception_thrown = True
assert (
str(e)
== "hit the end of the file unexpectedly. Did you forget a semi-colon at line 1, column 19"
def is_authenticated(self):
return self.id is not None
def is_active(self):
return self.id is not None
def is_anonymous(self):
return self.id is None
def get_id(self):
return self.id
base_oso = Oso()
base_oso.register_class(User)
base_oso.load_file("policies.polar")
@login_manager.user_loader
def load_user(user_id):
return User.get(user_id)
@app.route("/login", methods=["POST"])
def login():
username = request.json.get("username")
# no password check
user = User(username)
login_user(user, remember=True)
return jsonify(msg="login was a success!")
Pair = 2
TwoPair = 3
Trio = 4
Straight = 5
Flush = 6
FullHouse = 7
Poker = 8
StraightFlush = 9
#------------------CONFIG & REGISTER CLASSES----------------------
oso = Oso()
oso.register_class(Card)
oso.register_class(Cards)
oso.register_class(Pattern)
oso.load_file("poker.polar")
def setHand(cards): #Establish the pattern and the top 5 cards
#fiveCards = []
list_of_all_cards = cards
list_of_all_faces = toNumbers(cards)
list_of_all_suits = toSuits(cards)
duplicate_list_of_all_faces = toNumbers(cards)
top_cards = []
pattern = 0 #: Pattern
check_for_flush = ""
polar_result = list(
oso.query_rule("hand", list_of_all_cards, list_of_all_faces,
duplicate_list_of_all_faces, list_of_all_suits,
from http.server import HTTPServer, BaseHTTPRequestHandler
from oso import Oso
from expense import Expense, EXPENSES
oso = Oso()
oso.load_file("expenses.polar")
class RequestHandler(BaseHTTPRequestHandler):
def _respond(self, msg, code=200):
self.send_response(code)
self.end_headers()
self.wfile.write(str(msg).encode())
self.wfile.write(b"\n")
def do_GET(self):
actor = self.headers.get("user", None)
action = "GET"
try:
_, resource_type, resource_id = self.path.split("/")
if resource_type != "expenses":
return self._respond("Not Found!", 404)
resource = EXPENSES[int(resource_id)]
if oso.is_allowed(actor, action, resource):
self._respond(resource)
else:
self._respond("Not Authorized!", 403)
except (KeyError, ValueError) as e:
self._respond("Not Found!", 404)