src/zope/security/examples/sandbox_security.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205

##############################################################################
#
# Copyright (c) 2003 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""A small, secure sandbox application.

This module is responsible of securing the sandbox application and run it in a
secure mode. There are several steps that are taken to set up the security

  1. map permissions to actions

  2. map authentication tokens/principals onto permissions

  3. implement checker and security policies that affect 1,2

  4. bind checkers to classes/instances

  5. proxy wrap as necessary
"""
import sandbox
from zope.interface import implementer

from zope.security import checker
from zope.security import management
from zope.security import simplepolicies
from zope.security.interfaces import IParticipation


# Define all permissions that will be available
NotAllowed = 'Not Allowed'
Public = checker.CheckerPublic
TransportAgent = 'Transport Agent'
AccessServices = 'Access Services'
AccessAgents = 'Access Agents'
AccessTimeService = 'Access Time Services'
AccessAgentService = 'Access Agent Service'
AccessHomeService = 'Access Home Service'

AddAgent = 'Add Agent'
ALL = 'All'


def NoSetAttr(name): return NotAllowed


class SimulationSecurityDatabase:
    """Security Database

    In the database, locations are mapped to authentication tokens to
    permissions.
    """
    origin = {
        'any': [ALL]
    }

    jail = {
        'norse legend': [TransportAgent, AccessServices, AccessAgentService,
                         AccessHomeService, TransportAgent, AccessAgents],
        'any': [AccessTimeService, AddAgent]
    }

    valhalla = {
        'norse legend': [AddAgent],
        'any': [AccessServices, AccessTimeService, AccessAgentService,
                AccessHomeService, TransportAgent, AccessAgents]
    }


class SimulationSecurityPolicy(simplepolicies.ParanoidSecurityPolicy):
    """Security Policy during the Simulation.

    A very simple security policy that is specific to the simulations.
    """

    def checkPermission(self, permission, object):
        """See zope.security.interfaces.ISecurityPolicy"""
        home = object.getHome()
        db = getattr(SimulationSecurityDatabase, home.getId(), None)

        if db is None:
            return False

        allowed = db.get('any', ())
        if permission in allowed or ALL in allowed:
            return True

        if not self.participations:
            return False

        for participation in self.participations:
            token = participation.principal.getAuthenticationToken()
            allowed = db.get(token, ())
            if permission not in allowed:
                return False

        return True


@implementer(IParticipation)
class AgentParticipation:
    """Agent Participation during the Simulation.

    A very simple participation that is specific to the simulations.
    """

    def __init__(self, agent):
        self.principal = agent
        self.interaction = None


def PermissionMapChecker(permissions_map=None, set_permissions=None):
    """Create a checker from using the 'permission_map.'"""
    if permissions_map is None:
        permissions_map = {}
    if set_permissions is None:
        set_permissions = {}
    res = {}
    for key, value in permissions_map.items():
        for method in value:
            res[method] = key
    return checker.Checker(res, set_permissions)


#################################
# sandbox security settings
sandbox_security = {
    AccessServices: ['getService', 'addService', 'getServiceIds'],
    AccessAgents: ['getAgentsIds', 'getAgents'],
    AddAgent: ['addAgent'],
    TransportAgent: ['transportAgent'],
    Public: ['getId', 'getHome']
}
sandbox_checker = PermissionMapChecker(sandbox_security)

#################################
# service security settings

# time service
tservice_security = {AccessTimeService: ['getTime']}
time_service_checker = PermissionMapChecker(tservice_security)

# home service
hservice_security = {AccessHomeService: ['getAvailableHomes']}
home_service_checker = PermissionMapChecker(hservice_security)

# agent service
aservice_security = {AccessAgentService: ['getLocalAgents']}
agent_service_checker = PermissionMapChecker(aservice_security)


def wire_security():

    management.setSecurityPolicy(SimulationSecurityPolicy)

    checker.defineChecker(sandbox.Sandbox, sandbox_checker)
    checker.defineChecker(sandbox.TimeService, time_service_checker)
    checker.defineChecker(sandbox.AgentDiscoveryService, agent_service_checker)
    checker.defineChecker(sandbox.HomeDiscoveryService, home_service_checker)

    def addAgent(self, agent):
        if (agent.getId() not in self._agents
                and sandbox.IAgent.providedBy(agent)):
            self._agents[agent.getId()] = agent
            agentChecker = checker.selectChecker(self)
            wrapped_home = agentChecker.proxy(self)
            agent.setHome(wrapped_home)
        else:
            raise sandbox.SandboxError("couldn't add agent %s" % agent)

    sandbox.Sandbox.addAgent = addAgent

    def setupAgent(self, agent):
        management.newInteraction(AgentParticipation(agent))

    sandbox.TimeGenerator.setupAgent = setupAgent

    def teardownAgent(self, agent):
        management.endInteraction()

    sandbox.TimeGenerator.teardownAgent = teardownAgent

    def GreenerPastures(agent):
        """ where do they want to go today """
        import random
        _homes = sandbox._homes
        possible_homes = _homes.keys()
        possible_homes.remove(agent.getHome().getId())
        new_home = _homes.get(random.choice(possible_homes))
        return checker.selectChecker(new_home).proxy(new_home)

    sandbox.GreenerPastures = GreenerPastures


if __name__ == '__main__':
    wire_security()
    sandbox.main()