def add_new_document(request, user_profile):
JeevesLib.set_viewer(user_profile)
document_name = request.POST.get('document_name')
description = request.POST.get('description')
classification = request.POST.get('classification')
project_id = request.POST.get('project_id')
filedata = request.FILES.get('docfile')
department = user_profile.department
project = Project.objects.get(jeeves_id=project_id)
#If we don't concretize the filedata, DRS will store the file twice.
filedata = JeevesLib.concretize(user_profile, filedata)
Document.objects.create(
document_name = document_name,
description = description,
last_accessed_by = user_profile,
department = department,
classification = getattr(Levels, classification),
project = project,
filedata = filedata)
return ("add_document.html", {'project_id': project_id})
def __get__(self, instance, instance_type):
"""??
"""
if instance is None:
return self
cache = self.get_cache(instance)
def get_obj(jeeves_id):
"""??
"""
if jeeves_id is None:
return None
if jeeves_id not in cache:
cache[jeeves_id] = self.field.to.objects.get(**{self.field.join_field.name: jeeves_id})
return cache[jeeves_id]
# TODO: Why do we need to facetMap this guy? If we know the viewer,
# can we get rid of it?
r = getattr(instance, self.field.get_attname())
if not isinstance(JeevesLib.get_viewer(), FNull):
robj = get_obj(r)
if isinstance(robj, FObject):
return robj.v
else:
return r
else:
return JeevesLib.facetMapper(fexpr_cast(r), get_obj)
def real_view_fn(request):
try:
profile = UserProfile.objects.get(username=request.user.username)
ans = view_fn(request, profile, *args, **kwargs)
template_name = ans[0]
context_dict = ans[1]
if template_name == "redirect":
path = context_dict
return HttpResponseRedirect(JeevesLib.concretize(profile, path))
concretizeState = JeevesLib.jeevesState.policyenv.getNewSolverState(profile)
def concretize(val):
return concretizeState.concretizeExp(val, JeevesLib.jeevesState.pathenv.getEnv())
add_to_context(context_dict, request, template_name, profile, concretize)
return render_to_response(template_name, RequestContext(request, context_dict))
except Exception:
import traceback
traceback.print_exc()
raise
finally:
# Clear concretization cache.
JeevesLib.clear_cache()
def testCountUsersInLocation(self): # Only Alice and Bob can see Alice's "high" location of S locNetwork = LocationNetwork([self.alice, self.bob, self.carol]) usersInStata = locNetwork.countUsersInLocation(self.gpsMIT) self.assertEqual(JeevesLib.concretize(self.alice, usersInStata), 1) self.assertEqual(JeevesLib.concretize(self.bob, usersInStata), 1) self.assertEqual(JeevesLib.concretize(self.carol, usersInStata), 0)
def register_account(request):
JeevesLib.clear_viewer()
if request.user.is_authenticated():
return HttpResponseRedirect("index")
if request.method == 'POST':
form = UserCreationForm(request.POST)
if form.is_valid():
user = form.save()
user.save()
UserProfile.objects.create(
username=user.username,
name=request.POST.get('name',''),
affiliation=request.POST.get('affiliation',''),
level='normal',
email=request.POST.get('email', ''),
)
user = authenticate(username=request.POST['username'],
password=request.POST['password1'])
login(request, user)
return HttpResponseRedirect("index")
else:
form = UserCreationForm()
return render(request, 'registration/account.html', {
'form' : form,
'which_page' : 'register'
})
def testLogin(self):
self.assertEqual( JeevesLib.concretize(self.aliceUser
, Authentication.login(self.aliceUser, self.alicePwd))
, self.aliceUser)
self.assertEqual( JeevesLib.concretize(self.aliceUser
, Authentication.login(self.aliceUser, "otherPwd"))
, Principal.NullUser())
def test_permitted_writer_overwrite(self): x = ProtectedRef(0, None, self.allowUserWrite(self.bobUser)) assert x.update(self.aliceUser, self.aliceUser, 42) == UpdateResult.Unknown assert x.update(self.bobUser, self.bobUser, 43) == UpdateResult.Unknown self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 43) self.assertEqual(JeevesLib.concretize(self.bobUser, x.v), 43) self.assertEqual(JeevesLib.concretize(self.carolUser, x.v), 43)
def test_not_tracking_implicit_flows(self): x = ProtectedRef(0, None, self.allowUserWrite(self.aliceUser), False) x.update(self.aliceUser, self.aliceUser, 42) y = ProtectedRef(1, None, self.allowUserWrite(self.bobUser), False) y.update(self.bobUser, self.bobUser, 2 if x.v == 42 else 3) self.assertEqual(JeevesLib.concretize(self.aliceUser, y.v), 2) self.assertEqual(JeevesLib.concretize(self.bobUser, y.v), 2)
def setUp(self): # reset the Jeeves state JeevesLib.init() self.nobodyUser = DummyUser(-1) self.aliceUser = DummyUser(0) self.bobUser = DummyUser(1) self.carolUser = DummyUser(2)
def test_determine_writer_trust_later(self): x = ProtectedRef(0, None , lambda _this: lambda ictxt: lambda octxt: JeevesLib.jhas(octxt, ictxt)) x.update(self.aliceUser, self.aliceUser, 42) self.assertEqual(JeevesLib.concretize([self.aliceUser], x.v), 42) self.assertEqual(JeevesLib.concretize([], x.v), 0)
def test_prevent_untrusted_writes_through_implicit_flows(self): x = ProtectedRef(0, None, self.allowUserWrite(self.aliceUser)) x.update(self.aliceUser, self.aliceUser, 42) y = ProtectedRef(1, None, self.allowUserWrite(self.bobUser)) y.update(self.bobUser, self.bobUser, 2 if x.v == 42 else 3) self.assertEqual(JeevesLib.concretize(self.aliceUser, y.v), 3) self.assertEqual(JeevesLib.concretize(self.bobUser, y.v), 3)
def test_view_email(self):
self.assertEqual(
JeevesLib.concretize(self.aliceUser, self.aliceUser.email)
, "*****@*****.**")
self.assertEqual(
JeevesLib.concretize(self.aliceUser, self.eveUser.email)
, "[redacted]")
def setUp(self):
JeevesLib.init()
self.aliceUser = UserProfile.objects.create(
username="******"
, email="*****@*****.**")
self.bobUser = UserProfile.objects.create(
username="******"
, email="*****@*****.**")
self.carolUser = UserProfile.objects.create(
username="******"
, email="*****@*****.**")
self.eveUser = UserProfile.objects.create(
username="******"
, email="*****@*****.**")
self.eveParty = Event.objects.create(
name="Eve's surprise party"
, location="Chuck E. Cheese's"
, time=datetime(2014, 10, 24, 20, 0, tzinfo=pytz.utc)
, description="Don't tell Eve!"
, visibility='G'
)
self.otherParty = Event.objects.create(
name="Other party"
, location="Other location"
, time=datetime(2014, 10, 24, 20, 0, tzinfo=pytz.utc)
, description="Nothing of note."
)
EventHost.objects.create(event=self.eveParty, host=self.aliceUser)
EventHost.objects.create(event=self.eveParty, host=self.bobUser)
EventGuest.objects.create(event=self.eveParty, guest=self.carolUser)
def setUp(self):
JeevesLib.init()
self.alice = UserProfile.objects.create(
username="******", email="*****@*****.**")
self.bob = UserProfile.objects.create(
username="******", email="*****@*****.**")
def test_output_varies_depending_on_viewer(self): x = ProtectedRef(0, None , lambda _this: lambda ictxt: lambda octxt: ictxt == self.aliceUser and octxt == self.bobUser) x.update(self.aliceUser, self.aliceUser, 42) self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 0) self.assertEqual(JeevesLib.concretize(self.bobUser, x.v), 42) self.assertEqual(JeevesLib.concretize(self.carolUser, x.v), 0)
def test_write_selectively_allowed(self): x = ProtectedRef(0, None , lambda _this: lambda ictxt: lambda octxt: ictxt == self.aliceUser and octxt == self.bobUser) assert x.update(self.aliceUser, self.aliceUser, 42) == UpdateResult.Unknown self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 0) self.assertEqual(JeevesLib.concretize(self.bobUser, x.v), 42) self.assertEqual(JeevesLib.concretize(self.carolUser, x.v), 0)
def test_jlist_loop(self):
x = JeevesLib.mkLabel("x")
JeevesLib.restrict(x, lambda ctxt: ctxt)
l = JeevesLib.mkSensitive(x, [0, 1, 2], [3, 4, 5, 6])
count = 0
for elt in l:
count += 1
def test_output_write_policies_involving_this_can_update(self):
x = ProtectedRef(0, None
, lambda v: lambda ictxt: lambda _:
v == 0 and ictxt == self.aliceUser)
x.update(self.aliceUser, self.aliceUser, 1)
self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 1)
x.update(self.aliceUser, self.aliceUser, 3)
self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 1)
def test_view_email(self):
self.assertEqual(JeevesLib.concretize(self.benUser, self.benUser.email)
, "*****@*****.**")
self.assertEqual(JeevesLib.concretize(self.janeUser, self.benUser.email)
, "[redacted]")
self.assertEqual(
JeevesLib.concretize(self.rishabhUser, self.benUser.email)
, "[redacted]")
def submit_view(request):
JeevesLib.clear_viewer()
user = UserProfile.objects.get(username=request.user.username)
if request.method == 'POST':
# Clear viewer because we're doing a write to the DB.
JeevesLib.clear_viewer()
coauthors = request.POST.getlist('coauthors[]')
title = request.POST.get('title', None)
abstract = request.POST.get('abstract', None)
contents = request.FILES.get('contents', None)
if title == None or abstract == None or contents == None:
return ("submit.html", {
'coauthors' : coauthors,
'title' : title,
'abstract' : abstract,
'contents' : contents.name,
'error' : 'Please fill out all fields',
'which_page' : "submit",
})
print "creating paper"
paper = Paper.objects.create(author=user, accepted=False)
print "iterating over coauthors"
for coauthor in coauthors:
if coauthor != "":
PaperCoauthor.objects.create(paper=paper, author=coauthor)
set_random_name(contents)
print "creating paper"
PaperVersion.objects.create(
paper=paper,
title=title,
abstract=abstract,
contents=contents
)
for conf in request.POST.getlist('pc_conflicts[]'):
new_pc_conflict = UserProfile.objects.get(username=conf)
PaperPCConflict.objects.create(paper=paper, pc=new_pc_conflict)
return ("redirect", "paper?id=" + paper.jeeves_id)
pcs = UserProfile.objects.filter(level='pc').all()
pc_conflicts = [uppc.pc for uppc in UserPCConflict.objects.filter(user=user).all()]
return ("submit.html", {
'coauthors' : [],
'title' : '',
'abstract' : '',
'contents' : '',
'error' : '',
"pcs": [{'pc':pc, 'conflict':pc in pc_conflicts} for pc in pcs],
'pc_conflicts' : pc_conflicts,
'which_page': "submit",
})
def test_prevent_flow_of_untrusted_writes(self): x = ProtectedRef(0, None, self.allowUserWrite(self.aliceUser)) assert x.update(self.aliceUser, self.aliceUser, 42) == UpdateResult.Unknown y = ProtectedRef(1, None, self.allowUserWrite(self.bobUser)) assert y.update(self.bobUser, self.bobUser, x.v) == UpdateResult.Unknown self.assertEqual(JeevesLib.concretize(self.aliceUser, x.v), 42) self.assertEqual(JeevesLib.concretize(self.bobUser, x.v), 42) self.assertEqual(JeevesLib.concretize(self.aliceUser, y.v), 0) self.assertEqual(JeevesLib.concretize(self.bobUser, y.v), 0)
def acquire_label(self, field_name):
label_name = "%s__%s__%s" % (self.__class__.__name__, field_name, self.jeeves_id)
if JeevesLib.doesLabelExist(label_name):
return JeevesLib.getLabel(label_name)
else:
label = JeevesLib.mkLabel(label_name, uniquify=False)
restrictor = getattr(self, "jeeves_restrict_" + field_name)
JeevesLib.restrict(label, lambda ctxt: restrictor(self, ctxt), True)
return label
def test_restrict_with_context(self):
x = JeevesLib.mkLabel('x')
JeevesLib.restrict(x, lambda y: y == 2)
xConcrete = JeevesLib.concretize(2, x)
self.assertTrue(xConcrete)
xConcrete = JeevesLib.concretize(3, x)
self.assertFalse(xConcrete)
def test_view_submission_grade(self):
self.assertEqual(JeevesLib.concretize(self.benUser, self.ben813_1.grade)
, 'A')
self.assertEqual(
JeevesLib.concretize(self.janeUser, self.ben813_1.grade)
, 'U')
self.assertEqual(
JeevesLib.concretize(self.rishabhUser, self.ben813_1.grade)
, 'A')
def test_view_grade(self):
course_info = StudentCourse.objects.get(student=self.benUser)
self.assertEqual(JeevesLib.concretize(self.benUser, course_info.grade)
, 'B')
self.assertEqual(JeevesLib.concretize(self.janeUser, course_info.grade)
, 'U')
self.assertEqual(
JeevesLib.concretize(self.rishabhUser, course_info.grade)
, 'B')
def setUp(self):
JeevesLib.init()
self.f = open('log.txt', 'w')
JeevesLib.set_log_policies(self.f)
Animal.objects.create(name='lion', sound='roar')
# Animal.objects.create(name='cat', sound='meow')
'''
def __init__(self, value, owner, policy):
lab = JeevesLib.mkLabel ()
# TODO: Add policy that the output channel has to be either the owner or
# satisfy the policy on it (policy(oc)).
JeevesLib.restrict(lab
, lambda oc: JeevesLib.jor(
lambda: oc.user == owner, lambda: policy(oc)))
self.value = JeevesLib.mkSensitive(lab, value, -1)
self.owner = owner
def testViewLocation(self):
# Alice and Bob can see the high-confidentiality version of Alice's
# location, but Carol cannot.
self.assertEqual(JeevesLib.concretize(self.alice, self.alice.location)
, self.gpsMIT)
self.assertEqual(JeevesLib.concretize(self.bob, self.alice.location)
, self.gpsMIT)
self.assertEqual(JeevesLib.concretize(self.carol, self.alice.location)
, self.cityCambridge)
def testIsFriends(self):
self.assertTrue(
JeevesLib.concretize(self.alice, self.alice.isFriends(self.bob)))
self.assertTrue(
JeevesLib.concretize(self.alice, self.bob.isFriends(self.alice)))
self.assertFalse(
JeevesLib.concretize(self.alice, self.alice.isFriends(self.carol)))
self.assertFalse(
JeevesLib.concretize(self.alice, self.carol.isFriends(self.alice)))
def testBehavioralGood(self):
touchedBadData = False
def f(x):
return x+1
x = ProtectedRef(lambda x: x, None
, lambda _this: lambda ic: lambda touchedBad: not touchedBad)
self.assertEqual(JeevesLib.concretize(None, (x.v)(1)), 1)
assert x.update(None, None, f) == UpdateResult.Unknown
self.assertEqual(JeevesLib.concretize(None, (x.v)(1)), 2)
def save(self, *args, **kw):
"""Saves elements with the appropriate faceted labels.
"""
def full_eval(val, env):
"""Evaluating a value in the context of an environment.
"""
eval_expr = val.partialEval(env)
return eval_expr.v
# TODO: OMG why is this so long.
if not self.jeeves_id:
self.jeeves_id = JeevesModelUtils.get_random_jeeves_id()
if kw.get("update_field", None) is not None:
raise NotImplementedError("Partial saves not supported.")
# Go through fields and do something. TODO: Figure out what.
field_names = set()
for field in self._meta.concrete_fields:
if not field.primary_key and not hasattr(field, 'through'):
field_names.add(field.attname)
# Go through labels and create facets.
for label_name, field_name_list in self._jeeves_labels.iteritems():
label = self.acquire_label(label_name)
for field_name in field_name_list:
public_field_value = getattr(self, field_name)
private_field_value = getattr(self
, 'jeeves_get_private_' + \
field_name)(self)
faceted_field_value = JeevesLib.mkSensitive(label
, public_field_value
, private_field_value).partialEval(
JeevesLib.jeevesState.pathenv. \
getEnv())
setattr(self, field_name, faceted_field_value)
all_vars = []
field_dict = {}
env = JeevesLib.jeevesState.pathenv.getEnv()
for field_name in field_names:
value = getattr(self, field_name)
field_val = fexpr_cast(value).partialEval(env)
all_vars.extend(v.name for v in field_val.vars())
field_dict[field_name] = field_val
all_vars = list(set(all_vars))
for cur_vars in JeevesModelUtils.powerset(all_vars):
true_vars = list(cur_vars)
false_vars = list(set(all_vars).difference(cur_vars))
env_dict = dict(env)
env_dict.update({tv: True for tv in true_vars})
env_dict.update({fv: False for fv in false_vars})
self.do_delete(env_dict)
klass = self.__class__
obj_to_save = klass(
**{
field_name: full_eval(field_value, env_dict)
for field_name, field_value in field_dict.iteritems()
})
all_jid_objs = list(
klass._objects_ordinary.filter(
jeeves_id=obj_to_save.jeeves_id).all())
all_relevant_objs = [
obj for obj in all_jid_objs
if all(field_name == 'jeeves_vars' or getattr(
obj_to_save, field_name) == getattr(obj, field_name)
for field_name in field_dict)
]
# Optimization.
# TODO: See how we can refactor this to shorten the function.
while True:
# check if we can collapse
# if we can, repeat; otherwise, exit
for i in xrange(len(all_relevant_objs)):
other_obj = all_relevant_objs[i]
diff_var = get_one_differing_var(
env_dict,
JeevesModelUtils.unserialize_vars(
other_obj.jeeves_vars))
if diff_var is not None:
super(JeevesModel, other_obj).delete()
del env_dict[diff_var]
break
else:
break
obj_to_save.jeeves_vars = JeevesModelUtils.serialize_vars(env_dict)
super(JeevesModel, obj_to_save).save(*args, **kw)
def setUp(self):
JeevesLib.init()
# x = Auth.Test()
# self.auth = Authentication()
self.alicePrin = Auth.U("Alice")
self.adminPrin = Auth.Admin()
