Gitiles
Code Review Sign In
gerrit.opencord.org / xos / 9a42f87f37b51eef614abd59a436249bfc4aa88b / . / lib / xos-genx / xosgenx / jinja2_extensions / fol2.py
blob: 0997e007699f5f62d80cffe7de204059b12acf4b [file] [log] [blame]
Matteo Scandolod2044a42017-08-07 16:08:28 -0700[diff] [blame]1# Copyright 2017-present Open Networking Foundation
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]15from __future__ import absolute_import, print_function
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]16import astunparse
17import ast
18import random
19import string
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]20import jinja2
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]21from plyxproto.parser import lex, yacc
22from plyxproto.logicparser import FOLParser, FOLLexer
23from six.moves import range
24from six.moves import input
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]25
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]26BINOPS = ["|", "&", "->"]
27QUANTS = ["exists", "forall"]
28
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]29
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]30class PolicyException(Exception):
31 pass
32
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]33
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]34class ConstructNotHandled(Exception):
35 pass
36
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]37
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]38class TrivialPolicy(Exception):
39 pass
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]40
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]41
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]42class AutoVariable:
43 def __init__(self, base):
44 self.base = base
45
46 def __iter__(self):
47 self.idx = 0
48 return self
49
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]50 def __next__(self):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]51 var = "i%d" % self.idx
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]52 self.idx += 1
53 return var
54
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]55 next = __next__ # 2to3
56
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]57
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]58def gen_random_string():
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]59 return "".join(
60 random.choice(string.ascii_lowercase + string.digits) for _ in range(5)
61 )
62
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]63
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]64class FOL2Python:
65 def __init__(self, context_map=None):
66 # This will produce i0, i1, i2 etc.
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]67 self.loopvar = iter(AutoVariable("i"))
68 self.verdictvar = iter(AutoVariable("result"))
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]69
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]70 self.loop_variable = next(self.loopvar)
71 self.verdict_variable = next(self.verdictvar)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]72 self.context_map = context_map
73
74 if not self.context_map:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]75 self.context_map = {"user": "self", "obj": "obj"}
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]76
77 def loop_next(self):
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]78 self.loop_variable = next(self.loopvar)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]79
80 def verdict_next(self):
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]81 self.verdict_variable = next(self.verdictvar)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]82
83 def gen_enumerate(self, fol):
84 pass
85
86 def format_term_for_query(self, model, term, django=False):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]87 if term.startswith(model + "."):
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]88 term = term[len(model) + 1:]
89 if django:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]90 term = term.replace(".", "__")
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]91 else:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]92 term = "__elt" + "." + term
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]93 return term
94
95 def fol_to_python_filter(self, model, e, django=False, negate=False):
96 try:
97 (k, v), = e.items()
98 except AttributeError:
99 return [self.format_term_for_query(model, e)]
100
101 if django:
102 if negate:
103 # De Morgan's negation
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]104 q_bracket = "~Q(%s)"
105 or_expr = ","
106 and_expr = "|"
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]107 else:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]108 q_bracket = "Q(%s)"
109 or_expr = "|"
110 and_expr = ","
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]111 else:
112 if negate:
113 # De Morgan's negation
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]114 q_bracket = "not %s"
115 or_expr = " and "
116 and_expr = " or "
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]117 else:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]118 q_bracket = "%s"
119 or_expr = " or "
120 and_expr = " and "
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]121
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]122 if k in ["=", "in"]:
123 v = [self.format_term_for_query(model, term, django=django) for term in v]
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]124 if django:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]125 operator_map = {"=": " = ", "in": "__in"}
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]126 else:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]127 operator_map = {"=": " == ", "in": "in"}
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]128 operator = operator_map[k]
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]129 return [q_bracket % operator.join(v)]
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]130 elif k == "|":
131 components = [
132 self.fol_to_python_filter(model, x, django=django).pop() for x in v
133 ]
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]134 return [or_expr.join(components)]
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]135 elif k == "&":
136 components = [
137 self.fol_to_python_filter(model, x, django=django).pop() for x in v
138 ]
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]139 return [and_expr.join(components)]
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]140 elif k == "->":
141 components = [
142 self.fol_to_python_filter(model, x, django=django).pop() for x in v
143 ]
144 return ["~%s | %s" % (components[0], components[1])]
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]145
146 """ Convert a single leaf node from a string
147 to an AST"""
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]148
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]149 def str_to_ast(self, s):
150 ast_module = ast.parse(s)
151 return ast_module.body[0]
152
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]153 def reduce_operands(self, operands):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]154 if operands[0] in ["True", "False"]:
155 return (operands[0], operands[1])
156 elif operands[1] in ["True", "False"]:
157 return (operands[1], operands[0])
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]158 else:
159 return None
160
161 """ Simplify binops with constants """
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]162
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]163 def simplify_binop(self, binop):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]164 (k, v), = binop.items()
165 if k == "->":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]166 lhs, rhs = v
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]167 if lhs == "True":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]168 return rhs
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]169 elif rhs == "True":
170 return "True"
171 elif lhs == "False":
172 return "True"
173 elif rhs == "False":
174 return {"not": lhs}
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]175
176 var_expr = self.reduce_operands(v)
177
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]178 if not var_expr:
179 return binop
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]180 else:
181 constant, var = var_expr
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]182 if k == "|":
183 if constant == "True":
184 return "True"
185 elif constant == "False":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]186 return var
187 else:
188 raise Exception("Internal error - variable read as constant")
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]189 elif k == "&":
190 if constant == "True":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]191 return var
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]192 elif constant == "False":
193 return "False"
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]194
195 def is_constant(self, var, fol):
196 try:
197 (k, v), = fol.items()
198 except AttributeError:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]199 k = "term"
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]200 v = fol
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]201
202 if k in ["python", "policy"]:
203 # Treat as a constant and hoist, since it cannot be quantified
204 return True
205 elif k == "term":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]206 return not v.startswith(var)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]207 elif k == "not":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]208 return self.is_constant(var, fol)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]209 elif k in ["in", "="]:
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]210 lhs, rhs = v
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]211 return self.is_constant(var, lhs) and self.is_constant(var, rhs)
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]212 elif k in BINOPS:
213 lhs, rhs = v
214 return self.is_constant(lhs, var) and self.is_constant(rhs, var)
215 elif k in QUANTS:
216 is_constant = self.is_constant(var, fol[1])
217 return is_constant
218 else:
219 raise ConstructNotHandled(k)
220
221 def find_constants(self, var, fol, constants):
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]222 try:
223 (k, v), = fol.items()
224 except AttributeError:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]225 k = "term"
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]226 v = fol
227
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]228 if k in ["python", "policy"]:
229 # Treat as a constant and hoist, since it cannot be quantified
230 if fol not in constants:
231 constants.append(fol)
232 return constants
233 elif k == "term":
234 if not v.startswith(var):
235 constants.append(v)
236 return constants
237 elif k == "not":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]238 return self.find_constants(var, v, constants)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]239 elif k in ["in", "="]:
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]240 lhs, rhs = v
241 if isinstance(lhs, str) and isinstance(rhs, str):
242 if not lhs.startswith(var) and not rhs.startswith(var):
243 constants.append(fol)
244 return constants
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]245 else:
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]246 constants = self.find_constants(var, lhs, constants)
247 return self.find_constants(var, rhs, constants)
248 elif k in BINOPS:
249 lhs, rhs = v
250 constants = self.find_constants(var, lhs, constants)
251 constants = self.find_constants(var, rhs, constants)
252 return constants
253 elif k in QUANTS:
254 is_constant = self.is_constant(var, v[1])
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]255 if is_constant:
256 constants.append(fol)
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]257 return constants
258 else:
259 raise ConstructNotHandled(k)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]260
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]261 """ Hoist constants out of quantifiers. Depth-first. """
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]262
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]263 def hoist_outer(self, fol):
264 try:
265 (k, v), = fol.items()
266 except AttributeError:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]267 k = "term"
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]268 v = fol
269
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]270 if k in ["python", "policy"]:
271 # Tainted, optimization and distribution not possible
272 return fol
273 elif k == "term":
274 return fol
275 elif k == "not":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]276 vprime = self.hoist_outer(v)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]277 return {"not": vprime}
278 elif k in ["in", "="]:
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]279 lhs, rhs = v
280 rlhs = self.hoist_outer(lhs)
281 rrhs = self.hoist_outer(rhs)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]282 return {k: [rlhs, rrhs]}
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]283 elif k in BINOPS:
284 lhs, rhs = v
285 rlhs = self.hoist_outer(lhs)
286 rrhs = self.hoist_outer(rhs)
287
288 fol_prime = {k: [rlhs, rrhs]}
289 fol_simplified = self.simplify_binop(fol_prime)
290 return fol_simplified
291 elif k in QUANTS:
292 rexpr = self.hoist_outer(v[1])
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]293 return self.hoist_quant(k, [v[0], rexpr])
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]294 else:
295 raise ConstructNotHandled(k)
296
297 def replace_const(self, fol, c, value):
298 if fol == c:
299 return value
300
301 try:
302 (k, v), = fol.items()
303 except AttributeError:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]304 k = "term"
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]305 v = fol
306
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]307 if k == "term":
308 if v == c:
309 return value
310 else:
311 return v
312 elif k == "not":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]313 new_expr = self.replace_const(v, c, value)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]314 if new_expr == "True":
315 return "False"
316 elif new_expr == "False":
317 return "True"
318 else:
319 return {"not": new_expr}
320 elif k in ["in", "="]:
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]321 lhs, rhs = v
322 rlhs = self.replace_const(lhs, c, value)
323 rrhs = self.replace_const(rhs, c, value)
324
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]325 if rlhs == rrhs:
326 return "True"
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]327 else:
328 return {k: [rlhs, rrhs]}
329 elif k in BINOPS:
330 lhs, rhs = v
331
332 rlhs = self.replace_const(lhs, c, value)
333 rrhs = self.replace_const(rhs, c, value)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]334
335 return self.simplify_binop({k: [rlhs, rrhs]})
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]336 elif k in QUANTS:
337 var, expr = v
338 new_expr = self.replace_const(expr, c, value)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]339 if new_expr in ["True", "False"]:
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]340 return new_expr
341 else:
342 return {k: [var, new_expr]}
343 else:
344 raise ConstructNotHandled(k)
345
346 def shannon_expand(self, c, fol):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]347 lhs = self.replace_const(fol, c, "True")
348 rhs = self.replace_const(fol, c, "False")
349 not_c = {"not": c}
350 rlhs = {"&": [c, lhs]}
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]351 rlhs = self.simplify_binop(rlhs)
352
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]353 rrhs = {"&": [not_c, rhs]}
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]354 rrhs = self.simplify_binop(rrhs)
355
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]356 combined = {"|": [rlhs, rrhs]}
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]357 return self.simplify_binop(combined)
358
359 def hoist_quant(self, k, expr):
360 var, v = expr
361
362 constants = self.find_constants(var, v, constants=[])
363
364 fol = {k: expr}
365
366 for c in constants:
367 fol = self.shannon_expand(c, fol)
368
369 return fol
370
371 """
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]372 if var:
373 if k == 'term':
374 if not v.startswith(var):
375 return {'hoist': ['const', fol], 'result': 'True'}
376 else:
377 return {'hoist': [], 'result': fol}
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]378 elif k in ['=', 'in']:
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]379 lhs, rhs = v
380 if not lhs.startswith(var) and not rhs.startswith(var):
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]381 return {'hoist': [k, fol], 'result': 'True'} # XXX
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]382 else:
383 return {'hoist': [], 'result': fol}
384 elif k in BINOPS:
385 lhs, rhs = v
386 rlhs = self.hoist_constants(lhs, var)
387 rrhs = self.hoist_constants(rhs, var)
388
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]389 if rlhs['hoist'] and rrhs['hoist'] and rlhs['result']=='True' and llhs['result']=='True':
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]390 return {'hoist': ['=', fol], 'result': 'True'}
391 elif rlhs['hoist']:
392 return {'hoist': [k, lhs], 'result': rhs}
393 elif rrhs['hoist']:
394 return {'hoist': [k, rhs], 'result': lhs}
395 else:
396 return {'hoist': [], 'result': fol}
397
398 elif k in QUANTS:
399 var2, expr = v
400 result = self.hoist_constants(expr, var2)
401 if result['hoist']:
402 if result['result'] == 'True':
403 return {'hoist': ['const'], 'result': result['hoist'][1]}
404 elif result['hoist'][0] in BINOPS:
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]405 return {'hoist': ['const'], 'result': {result['hoist'][0]:
406 [result['hoist'][1], {k: [var2, result['result']]}]}}
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]407 else:
408 return {'hoist': ['const'], 'result': {k: [var2, result['result']]}}
409 else:
410 result = self.hoist_constants(expr, var)
411 if result['result'] == 'True':
412 return {'hoist': ['&', fol], 'result': 'True'}
413 else:
414 return {'hoist': [], 'result': fol}
415 else:
416 return {'hoist': [], 'result': fol}
417 else:
418 if k in BINOPS:
419 lhs, rhs = v
420 rlhs = self.hoist_constants(lhs)
421 rrhs = self.hoist_constants(rhs)
422 return {k: [rlhs, rrhs]}
423 elif k in QUANTS:
424 var, expr = v
425 result = self.hoist_constants(expr, var)
426 if result['hoist']:
427 if result['result'] == 'True':
428 return result['hoist'][1]
429 elif result['hoist'][0] in BINOPS:
430 return {result['hoist'][0]: [result['hoist'][1], {k: [var, result['result']]}]}
431 else:
432 return {k: [var, result['result']]}
433 else:
434 return fol
435 else:
436 return fol
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]437 """
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]438
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]439 def gen_validation_function(self, fol, policy_name, message, tag):
440 if not tag:
441 tag = gen_random_string()
442
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]443 policy_function_name_template = "policy_%s_" + "%(random_string)s" % {
444 "random_string": tag
445 }
Sapan Bhatiad3fcb662017-07-25 21:13:48 -0400[diff] [blame]446 policy_function_name = policy_function_name_template % policy_name
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]447 self.verdict_next()
448 function_str = """
449def %(fn_name)s(obj, ctx):
Scott Bakera8b6d692018-04-17 10:21:32 -0700[diff] [blame]450 if not %(vvar)s: raise XOSValidationError("%(message)s".format(obj=obj, ctx=ctx))
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]451 """ % {
452 "fn_name": policy_function_name,
453 "vvar": self.verdict_variable,
454 "message": message,
455 }
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]456
457 function_ast = self.str_to_ast(function_str)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]458 policy_code = self.gen_test(
459 policy_function_name_template, fol, self.verdict_variable
460 )
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]461
462 function_ast.body = [policy_code] + function_ast.body
463
464 return function_ast
465
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]466 def gen_test_function(self, fol, policy_name, tag):
467 if not tag:
468 tag = gen_random_string()
469
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]470 policy_function_name_template = "%s_" + "%(random_string)s" % {
471 "random_string": tag
472 }
Sapan Bhatiad3fcb662017-07-25 21:13:48 -0400[diff] [blame]473 policy_function_name = policy_function_name_template % policy_name
474
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]475 self.verdict_next()
476 function_str = """
477def %(fn_name)s(obj, ctx):
478 return %(vvar)s
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]479 """ % {
480 "fn_name": policy_function_name,
481 "vvar": self.verdict_variable,
482 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]483
484 function_ast = self.str_to_ast(function_str)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]485 policy_code = self.gen_test(
486 policy_function_name_template, fol, self.verdict_variable
487 )
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]488
489 function_ast.body = [policy_code] + function_ast.body
490
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]491 return function_ast
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]492
Sapan Bhatiad3fcb662017-07-25 21:13:48 -0400[diff] [blame]493 def gen_test(self, fn_template, fol, verdict_var, bindings=None):
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]494 if isinstance(fol, str):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]495 return self.str_to_ast(
496 "%(verdict_var)s = %(constant)s"
497 % {"verdict_var": verdict_var, "constant": fol}
498 )
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]499
500 (k, v), = fol.items()
501
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]502 if k == "policy":
Sapan Bhatiad3fcb662017-07-25 21:13:48 -0400[diff] [blame]503 policy_name, object_name = v
504
505 policy_fn = fn_template % policy_name
506 call_str = """
Sapan Bhatiac6543dd2017-12-07 11:40:36 -0500[diff] [blame]507if obj.%(object_name)s:
508 %(verdict_var)s = %(policy_fn)s(obj.%(object_name)s, ctx)
509else:
510 # Everybody has access to null objects
511 %(verdict_var)s = True
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]512 """ % {
513 "verdict_var": verdict_var,
514 "policy_fn": policy_fn,
515 "object_name": object_name,
516 }
Sapan Bhatiad3fcb662017-07-25 21:13:48 -0400[diff] [blame]517
518 call_ast = self.str_to_ast(call_str)
519 return call_ast
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]520 if k == "python":
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]521 try:
522 expr_ast = self.str_to_ast(v)
523 except SyntaxError:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]524 raise PolicyException("Syntax error in %s" % v)
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]525
526 if not isinstance(expr_ast, ast.Expr):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]527 raise PolicyException("%s is not an expression" % expr_ast)
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]528
529 assignment_str = """
530%(verdict_var)s = (%(escape_expr)s)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]531 """ % {
532 "verdict_var": verdict_var,
533 "escape_expr": v,
534 }
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]535
536 assignment_ast = self.str_to_ast(assignment_str)
537 return assignment_ast
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]538 elif k == "not":
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]539 top_vvar = verdict_var
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]540 self.verdict_next()
541 sub_vvar = self.verdict_variable
Sapan Bhatiad3fcb662017-07-25 21:13:48 -0400[diff] [blame]542 block = self.gen_test(fn_template, v, sub_vvar)
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]543 assignment_str = """
544%(verdict_var)s = not (%(subvar)s)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]545 """ % {
546 "verdict_var": top_vvar,
547 "subvar": sub_vvar,
548 }
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]549
550 assignment_ast = self.str_to_ast(assignment_str)
551
552 return ast.Module(body=[block, assignment_ast])
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]553 elif k in ["=", "in"]:
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]554 # This is the simplest case, we don't recurse further
555 # To use terms that are not simple variables, use
556 # the Python escape, e.g. {{ slice.creator is not None }}
557 lhs, rhs = v
558
559 assignments = []
560
561 try:
562 for t in lhs, rhs:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]563 py_expr = t["python"]
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]564
565 self.verdict_next()
566 vv = self.verdict_variable
567
568 try:
569 expr_ast = self.str_to_ast(py_expr)
570 except SyntaxError:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]571 raise PolicyException("Syntax error in %s" % v)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]572
573 if not isinstance(expr_ast, ast.Expr):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]574 raise PolicyException("%s is not an expression" % expr_ast)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]575
576 assignment_str = """
577%(verdict_var)s = (%(escape_expr)s)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]578 """ % {
579 "verdict_var": vv,
580 "escape_expr": py_expr,
581 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]582
583 if t == lhs:
584 lhs = vv
585 else:
586 rhs = vv
587
588 assignment_ast = self.str_to_ast(assignment_str)
589 assignments.append(assignment_ast)
590 except TypeError:
591 pass
592
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]593 if k == "=":
594 operator = "=="
595 elif k == "in":
596 operator = "in"
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]597
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]598 comparison_str = """
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]599%(verdict_var)s = (%(lhs)s %(operator)s %(rhs)s)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]600 """ % {
601 "verdict_var": verdict_var,
602 "lhs": lhs,
603 "rhs": rhs,
604 "operator": operator,
605 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]606
607 comparison_ast = self.str_to_ast(comparison_str)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]608 combined_ast = ast.Module(body=assignments + [comparison_ast])
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]609
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]610 return combined_ast
611 elif k in BINOPS:
612 lhs, rhs = v
613
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]614 top_vvar = verdict_var
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]615
616 self.verdict_next()
617 lvar = self.verdict_variable
618
619 self.verdict_next()
620 rvar = self.verdict_variable
621
Sapan Bhatiad3fcb662017-07-25 21:13:48 -0400[diff] [blame]622 lblock = self.gen_test(fn_template, lhs, lvar)
623 rblock = self.gen_test(fn_template, rhs, rvar)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]624
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]625 invert = ""
626 if k == "&":
627 binop = "and"
628 elif k == "|":
629 binop = "or"
630 elif k == "->":
631 binop = "or"
632 invert = "not"
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]633
634 binop_str = """
635%(verdict_var)s = %(invert)s %(lvar)s %(binop)s %(rvar)s
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]636 """ % {
637 "verdict_var": top_vvar,
638 "invert": invert,
639 "lvar": lvar,
640 "binop": binop,
641 "rvar": rvar,
642 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]643
644 binop_ast = self.str_to_ast(binop_str)
645
646 combined_ast = ast.Module(body=[lblock, rblock, binop_ast])
647 return combined_ast
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]648 elif k == "exists":
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]649 # If the variable starts with a capital letter,
650 # we assume that it is a model. If it starts with
651 # a small letter, we assume it is an enumerable
652 #
653 # We do not support nested exists yet. FIXME.
654
655 var, expr = v
656
657 if var.istitle():
658 f = self.fol_to_python_filter(var, expr, django=True)
659 entry = f.pop()
660
661 python_str = """
Sapan Bhatia9227b4d2017-07-25 23:14:48 -0400[diff] [blame]662%(verdict_var)s = not not %(model)s.objects.filter(%(query)s)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]663 """ % {
664 "verdict_var": verdict_var,
665 "model": var,
666 "query": entry,
667 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]668
669 python_ast = ast.parse(python_str)
670 else:
671 f = self.fol_to_python_filter(var, expr, django=False)
672 entry = f.pop()
673
674 python_str = """
675%(verdict_var)s = filter(lambda __elt:%(query)s, %(model)s)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]676 """ % {
677 "verdict_var": verdict_var,
678 "model": var,
679 "query": entry,
680 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]681
682 python_ast = ast.parse(python_str)
683
684 return python_ast
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]685 elif k == "forall":
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]686 var, expr = v
687
688 if var.istitle():
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]689 f = self.fol_to_python_filter(var, expr, django=True, negate=True)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]690 entry = f.pop()
691
692 self.verdict_next()
693 vvar = self.verdict_variable
694
695 python_str = """
Sapan Bhatia9227b4d2017-07-25 23:14:48 -0400[diff] [blame]696%(verdict_var)s = not not %(model)s.objects.filter(%(query)s)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]697 """ % {
698 "verdict_var": vvar,
699 "model": var,
700 "query": entry,
701 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]702
703 python_ast = ast.parse(python_str)
704 else:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]705 f = self.fol_to_python_filter(var, expr, django=False, negate=True)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]706 entry = f.pop()
707
708 python_str = """
709%(verdict_var)s = next(elt for elt in %(model)s if %(query)s)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]710 """ % {
711 "verdict_var": vvar,
712 "model": var,
713 "query": entry,
714 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]715
716 python_ast = ast.parse(python_str)
717
718 negate_str = """
719%(verdict_var)s = not %(vvar)s
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]720 """ % {
721 "verdict_var": verdict_var,
722 "vvar": vvar,
723 }
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]724
725 negate_ast = ast.parse(negate_str)
726
727 return ast.Module(body=[python_ast, negate_ast])
728
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]729
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]730def xproto_fol_to_python_test(policy, fol, model, tag=None):
731 if isinstance(fol, jinja2.Undefined):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]732 raise Exception("Could not find policy:", policy)
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]733
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]734 f2p = FOL2Python()
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]735 fol_reduced = f2p.hoist_outer(fol)
736
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]737 if fol_reduced in ["True", "False"] and fol != fol_reduced:
738 raise TrivialPolicy(
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]739 "Policy %(name)s trivially reduces to %(reduced)s."
740 "If this is what you want, replace its contents with %(reduced)s"
741 % {"name": policy, "reduced": fol_reduced}
742 )
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]743
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]744 a = f2p.gen_test_function(fol_reduced, policy, tag="security_check")
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]745
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]746 return astunparse.unparse(a)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]747
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]748
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]749def xproto_fol_to_python_validator(policy, fol, model, message, tag=None):
750 if isinstance(fol, jinja2.Undefined):
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]751 raise Exception("Could not find policy:", policy)
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]752
753 f2p = FOL2Python()
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]754 fol_reduced = f2p.hoist_outer(fol)
755
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]756 if fol_reduced in ["True", "False"] and fol != fol_reduced:
757 raise TrivialPolicy(
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]758 "Policy %(name)s trivially reduces to %(reduced)s."
759 "If this is what you want, replace its contents with %(reduced)s"
760 % {"name": policy, "reduced": fol_reduced}
761 )
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]762
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]763 a = f2p.gen_validation_function(fol_reduced, policy, message, tag="validator")
764
Sapan Bhatia5ea307d2017-07-19 00:13:21 -0400[diff] [blame]765 return astunparse.unparse(a)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]766
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]767
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]768def main():
769 while True:
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]770 inp = ""
Sapan Bhatiab69f4702017-07-31 16:03:33 -0400[diff] [blame]771 while True:
Zack Williams9a42f872019-02-15 17:56:04 -0700[diff] [blame^]772 inp_line = input()
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]773 if inp_line == "EOF":
774 break
775 else:
776 inp += inp_line
777
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]778 fol_lexer = lex.lex(module=FOLLexer())
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]779 fol_parser = yacc.yacc(
780 module=FOLParser(), start="goal", outputdir="/tmp", debug=0
781 )
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]782
783 val = fol_parser.parse(inp, lexer=fol_lexer)
Zack Williams045b63d2019-01-22 16:30:57 -0700[diff] [blame]784 a = xproto_fol_to_python_test("pol", val, "output", "Test")
785 # f2p = FOL2Python()
786 # a = f2p.hoist_outer(val)
787 print(a)
Sapan Bhatia3e3c1cd2017-07-15 01:35:44 -0400[diff] [blame]788
789
790if __name__ == "__main__":
791 main()