blob: 4d8339a2af30bbb10c9cdc442852e3d529e98422 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
|
# Copyright (C) 2001-2007 Tresys Technology, LLC
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
namespace eval Apol_Roles {
variable widgets
variable opts
variable role_list {}
}
proc Apol_Roles::create {tab_name nb} {
variable widgets
variable opts
_initializeVars
set frame [$nb insert end $tab_name -text "Roles"]
set pw [PanedWindow $frame.pw -side top]
set leftf [$pw add -weight 0]
set rightf [$pw add -weight 1]
pack $pw -fill both -expand yes
set rolebox [TitleFrame $leftf.rolebox -text "Roles"]
set s_optionsbox [TitleFrame $rightf.obox -text "Search Options"]
set resultsbox [TitleFrame $rightf.rbox -text "Search Results"]
pack $rolebox -fill both -expand yes
pack $s_optionsbox -padx 2 -fill both -expand 0
pack $resultsbox -padx 2 -fill both -expand yes
set rlistbox [Apol_Widget::makeScrolledListbox [$rolebox getframe].lb \
-width 20 -listvar Apol_Roles::role_list]
Apol_Widget::setListboxCallbacks $rlistbox \
{{"Display Role Info" {Apol_Roles::_popupRoleInfo role}}}
pack $rlistbox -fill both -expand yes
# Search options subframes
set ofm [$s_optionsbox getframe]
set lfm [frame $ofm.to]
set cfm [frame $ofm.co]
pack $lfm $cfm -side left -anchor nw -padx 4 -pady 2
radiobutton $lfm.all_info -text "All information" \
-variable Apol_Roles::opts(showSelection) -value all
radiobutton $lfm.names_only -text "Names only" \
-variable Apol_Roles::opts(showSelection) -value names
pack $lfm.all_info $lfm.names_only -anchor w -padx 5 -pady 4
set cb_type [checkbutton $cfm.cb -variable Apol_Roles::opts(useType) -text "Type"]
set widgets(combo_types) [Apol_Widget::makeTypeCombobox $cfm.combo_types]
Apol_Widget::setTypeComboboxState $widgets(combo_types) disabled
trace add variable Apol_Roles::opts(useType) write \
[list Apol_Roles::_toggleTypeCombobox $widgets(combo_types)]
pack $cb_type -anchor w
pack $widgets(combo_types) -anchor w -padx 4
button $ofm.ok -text OK -width 6 -command Apol_Roles::_searchRoles
pack $ofm.ok -side top -anchor e -pady 5 -padx 5
set widgets(results) [Apol_Widget::makeSearchResults [$resultsbox getframe].sw]
pack $widgets(results) -expand 1 -fill both
return $frame
}
proc Apol_Roles::open {ppath} {
set q [new_apol_role_query_t]
set v [$q run $::ApolTop::policy]
$q -acquire
$q -delete
variable role_list [lsort [role_vector_to_list $v]]
$v -acquire
$v -delete
variable widgets
Apol_Widget::resetTypeComboboxToPolicy $widgets(combo_types)
}
proc Apol_Roles::close {} {
variable widgets
variable opts
variable role_list {}
_initializeVars
Apol_Widget::clearTypeCombobox $widgets(combo_types)
Apol_Widget::clearSearchResults $widgets(results)
}
proc Apol_Roles::getTextWidget {} {
variable widgets
return $widgets(results).tb
}
# Return a list of all role names in the current policy. If no policy
# is loaded then return an empty list.
proc Apol_Roles::getRoles {} {
variable role_list
set role_list
}
#### private functions below ####
proc Apol_Roles::_initializeVars {} {
variable opts
array set opts {
useType 0
showSelection all
}
}
proc Apol_Roles::_toggleTypeCombobox {path name1 name2 op} {
Apol_Widget::setTypeComboboxState $path $Apol_Roles::opts(useType)
}
proc Apol_Roles::_popupRoleInfo {which role} {
Apol_Widget::showPopupText $role [_renderRole $role 1]
}
proc Apol_Roles::_searchRoles {} {
variable widgets
variable opts
Apol_Widget::clearSearchResults $widgets(results)
if {![ApolTop::is_policy_open]} {
tk_messageBox -icon error -type ok -title "Error" -message "No current policy file is opened."
return
}
if {$opts(useType)} {
set type [lindex [Apol_Widget::getTypeComboboxValueAndAttrib $widgets(combo_types)] 0]
if {$type == {}} {
tk_messageBox -icon error -type ok -title "Error" -message "No type selected."
return
}
} else {
set type {}
}
if {$opts(showSelection) == "names"} {
set show_all 0
} else {
set show_all 1
}
set q [new_apol_role_query_t]
$q set_type $::ApolTop::policy $type
set v [$q run $::ApolTop::policy]
$q -acquire
$q -delete
set roles_data [role_vector_to_list $v]
$v -acquire
$v -delete
set text "ROLES:\n"
if {[llength $roles_data] == 0} {
append text "Search returned no results."
} else {
foreach r [lsort $roles_data] {
append text "\n[_renderRole $r $show_all]"
}
}
Apol_Widget::appendSearchResultText $widgets(results) $text
}
proc Apol_Roles::_renderRole {role_name show_all} {
set qpol_role_datum [new_qpol_role_t $::ApolTop::qpolicy $role_name]
if {!$show_all} {
return $role_name
}
set i [$qpol_role_datum get_type_iter $::ApolTop::qpolicy]
set types {}
while {![$i end]} {
set qpol_type_datum [qpol_type_from_void [$i get_item]]
lappend types [$qpol_type_datum get_name $::ApolTop::qpolicy]
$i next
}
$i -acquire
$i -delete
set text "$role_name ([llength $types] type"
if {[llength $types] != 1} {
append text "s"
}
append text ")\n"
foreach t [lsort -dictionary $types] {
append text " $t\n"
}
# append text " dominance: $dominates\n"
return $text
}
|
