Exemple #1
0
        public Either <Error, HashSet <FactBuilder> > Query(string s, RunLimits limits)
        {
            Either <Token.Builder.Parser.Error, Tuple <string, RuleBuilder> > res =
                Token.Builder.Parser.Parser.Rule(s);

            if (res.IsLeft)
            {
                return(new ParserError(res.Left));
            }

            Tuple <string, RuleBuilder> t = res.Right;

            return(Query(t.Item2, limits));
        }
Exemple #2
0
        public Either <Error, HashSet <FactBuilder> > Query(RuleBuilder query, RunLimits limits)
        {
            Either <Error, Void> runRes = world.Run(limits, new HashSet <ulong>());

            if (runRes.IsLeft)
            {
                Error e = runRes.Left;
                return(new Left(e));
            }

            HashSet <Fact>        facts = world.QueryRule(query.Convert(symbols));
            HashSet <FactBuilder> s     = new HashSet <FactBuilder>();

            foreach (Fact f in facts)
            {
                s.Add(FactBuilder.ConvertFrom(f, symbols));
            }

            return(new Right(s));
        }
Exemple #3
0
        public Either <Error, long> Verify(RunLimits limits)
        {
            DateTime timeLimit = DateTime.Now.Add(limits.MaxTime);

            if (this.symbols.Get("authority").IsEmpty() || this.symbols.Get("ambient").IsEmpty())
            {
                return(new MissingSymbols());
            }

            HashSet <ulong> restricted_symbols = new HashSet <ulong>
            {
                this.symbols.Get("authority").Get(),
                this.symbols.Get("ambient").Get()
            };

            Either <Error, Void> runRes = world.Run(limits, restricted_symbols);

            if (runRes.IsLeft)
            {
                return(runRes.Left);
            }

            SymbolTable symbols = new SymbolTable(this.symbols);

            List <FailedCheck> errors = new List <FailedCheck>();

            for (int j = 0; j < this.checks.Count; j++)
            {
                Datalog.Check c          = this.checks[j].Convert(symbols);
                bool          successful = false;

                for (int k = 0; k < c.Queries.Count && !successful; k++)
                {
                    bool res = world.TestRule(c.Queries[k]);

                    if (DateTime.Now.CompareTo(timeLimit) >= 0)
                    {
                        return(new TimeoutError());
                    }

                    if (res)
                    {
                        successful = true;
                    }
                }

                if (!successful)
                {
                    errors.Add(new FailedCheck.FailedVerifier(j, symbols.PrintCheck(c)));
                }
            }


            for (int i = 0; i < this.token_checks.Count; i++)
            {
                List <Check> checks = this.token_checks[i];

                for (int j = 0; j < checks.Count; j++)
                {
                    bool  successful = false;
                    Check c          = checks[j];

                    for (int k = 0; k < c.Queries.Count && !successful; k++)
                    {
                        bool res = world.TestRule(c.Queries[k]);

                        if (DateTime.Now.CompareTo(timeLimit) >= 0)
                        {
                            return(new TimeoutError());
                        }

                        if (res)
                        {
                            successful = true;
                        }
                    }

                    if (!successful)
                    {
                        errors.Add(new FailedCheck.FailedBlock(i, j, symbols.PrintCheck(checks[j])));
                    }
                }
            }

            if (errors.IsEmpty())
            {
                for (int i = 0; i < this.policies.Count; i++)
                {
                    Check c = this.policies[i].Convert(symbols);
                    for (int k = 0; k < c.Queries.Count; k++)
                    {
                        bool res = world.TestRule(c.Queries[k]);

                        if (DateTime.Now.CompareTo(timeLimit) >= 0)
                        {
                            return(new TimeoutError());
                        }

                        if (res)
                        {
                            if (this.policies[i].kind == Policy.Kind.Deny)
                            {
                                return(new FailedLogic(new LogicError.Denied(i)));
                            }
                            else
                            {
                                return(new Right((long)i));
                            }
                        }
                    }
                }

                return(new FailedLogic(new LogicError.NoMatchingPolicy()));
            }
            else
            {
                return(new FailedLogic(new LogicError.FailedChecks(errors)));
            }
        }