Mini Shell

Direktori : /lib64/python3.9/site-packages/setools/
Upload File :
Current File : //lib64/python3.9/site-packages/setools/objclassquery.py

# Copyright 2014-2015, Tresys Technology, LLC
#
# SPDX-License-Identifier: LGPL-2.1-only
#
import logging
import re
from contextlib import suppress
from typing import Iterable

from .descriptors import CriteriaDescriptor, CriteriaSetDescriptor
from .exception import NoCommon
from .mixins import MatchName
from .policyrep import ObjClass
from .query import PolicyQuery
from .util import match_regex, match_regex_or_set


class ObjClassQuery(MatchName, PolicyQuery):

    """
    Query object classes.

    Parameter:
    policy          The policy to query.

    Keyword Parameters/Class attributes:
    name            The name of the object set to match.
    name_regex      If true, regular expression matching will
                    be used for matching the name.
    common          The name of the inherited common to match.
    common_regex    If true, regular expression matching will
                    be used for matching the common name.
    perms           The permissions to match.
    perms_equal     If true, only commons with permission sets
                    that are equal to the criteria will
                    match.  Otherwise, any intersection
                    will match.
    perms_regex     If true, regular expression matching
                    will be used on the permission names instead
                    of set logic.
                    comparison will not be used.
    perms_indirect  If false, permissions inherited from a common
                    permission set not will be evaluated.  Default
                    is true.
    """

    common = CriteriaDescriptor("common_regex", "lookup_common")
    common_regex: bool = False
    perms = CriteriaSetDescriptor("perms_regex")
    perms_equal: bool = False
    perms_indirect: bool = True
    perms_regex: bool = False

    def __init__(self, policy, **kwargs) -> None:
        super(ObjClassQuery, self).__init__(policy, **kwargs)
        self.log = logging.getLogger(__name__)

    def results(self) -> Iterable[ObjClass]:
        """Generator which yields all matching object classes."""
        self.log.info("Generating object class results from {0.policy}".format(self))
        self._match_name_debug(self.log)
        self.log.debug("Common: {0.common!r}, regex: {0.common_regex}".format(self))
        self.log.debug("Perms: {0.perms}, regex: {0.perms_regex}, "
                       "eq: {0.perms_equal}, indirect: {0.perms_indirect}".format(self))

        for class_ in self.policy.classes():
            if not self._match_name(class_):
                continue

            if self.common:
                try:
                    if not match_regex(
                            class_.common,
                            self.common,
                            self.common_regex):
                        continue
                except NoCommon:
                    continue

            if self.perms:
                perms = class_.perms

                if self.perms_indirect:
                    with suppress(NoCommon):
                        perms |= class_.common.perms

                if not match_regex_or_set(
                        perms,
                        self.perms,
                        self.perms_equal,
                        self.perms_regex):
                    continue

            yield class_

Zerion Mini Shell 1.0