First commit

2023-09-21 19:50:09 +02:00
commit c8dd8ef4fc
15 changed files with 533 additions and 0 deletions
--- a/abac/init.py
+++ b/abac/init.py
--- a/abac/admin.py
+++ b/abac/admin.py
@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.
--- a/abac/apps.py
+++ b/abac/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class AbacConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'abac'
--- a/abac/migrations/0001_initial.py
+++ b/abac/migrations/0001_initial.py
@@ -0,0 +1,91 @@
+# Generated by Django 4.2.5 on 2023-09-21 17:15
+
+from django.conf import settings
+import django.contrib.auth.models
+import django.contrib.auth.validators
+from django.db import migrations, models
+import django.db.models.deletion
+import django.utils.timezone
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0012_alter_user_first_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
+                ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
+                ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
+                ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('public_key', models.TextField()),
+                ('private_key', models.TextField()),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
+                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
+            ],
+            options={
+                'permissions': [('can_create_users', 'Can create new users')],
+            },
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Attribute',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('value', models.IntegerField()),
+            ],
+        ),
+        migrations.CreateModel(
+            name='AttributeType',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('is_secret', models.BooleanField(default=False)),
+                ('datatype', models.CharField(max_length=15)),
+                ('significant_digits', models.PositiveIntegerField(blank=True, null=True)),
+                ('name', models.CharField(max_length=40)),
+            ],
+        ),
+        migrations.CreateModel(
+            name='Rule',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('rule_type', models.CharField(choices=[('and', 'AND'), ('or', 'OR')], max_length=3)),
+                ('attributes', models.ManyToManyField(to='abac.attribute')),
+            ],
+        ),
+        migrations.CreateModel(
+            name='File',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=255)),
+                ('file', models.FileField(upload_to='uploads/')),
+                ('owner', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+                ('rules', models.ManyToManyField(to='abac.rule')),
+            ],
+        ),
+        migrations.AddField(
+            model_name='attribute',
+            name='attribute_type',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='abac.attributetype'),
+        ),
+        migrations.AddField(
+            model_name='attribute',
+            name='user',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
+        ),
+    ]
--- a/abac/migrations/init.py
+++ b/abac/migrations/init.py
--- a/abac/models.py
+++ b/abac/models.py
@@ -0,0 +1,74 @@
+import pickle
+from base64 import b64encode, b64decode
+from django.contrib.auth.models import AbstractUser
+from django.db import models
+
+
+class User(AbstractUser):
+    pass
+    public_key = models.TextField()
+    private_key = models.TextField()
+
+    def save(self, *args, **kwargs):
+        if hasattr(self, '_phe_public_key') and hasattr(self, '_phe_private_key'):
+            self.phe_public_key = b64encode(pickle.dumps(self._phe_public_key)).decode('utf-8')
+            self.phe_private_key = b64encode(pickle.dumps(self._phe_private_key)).decode('utf-8')
+        
+        super().save(*args, **kwargs)
+
+    @property
+    def deserialized_public_key(self):
+        return pickle.loads(b64decode(self.phe_public_key))
+        
+    @property
+    def deserialized_private_key(self):
+        return pickle.loads(b64decode(self.phe_private_key))
+    
+    class Meta:
+        permissions = [
+            ("can_create_users", "Can create new users"),
+        ]
+
+
+class AttributeType(models.Model):
+    DATATYPE_CHOICES = [
+        ('string', 'String'),
+        ('boolean', 'Boolean'),
+        ('integer', 'Integer'),
+    ]
+
+    is_secret = models.BooleanField(default=False)
+    datatype = models.CharField(max_length=15)
+    significant_digits = models.PositiveIntegerField(null=True, blank=True)
+    name = models.CharField(max_length=40)
+
+    def save(self, *args, **kwargs):
+        if self.datatype.startswith('float'):
+            if self.significant_digits is None:
+                raise ValueError('significant_digits must be set for float datatype')
+            self.datatype = f'float_{self.significant_digits}'
+        elif self.significant_digits is not None:
+            raise ValueError('significant_digits must be None for non-float datatype')
+        super().save(*args, **kwargs)
+
+    
+class Attribute(models.Model):
+    user = models.ForeignKey(User, on_delete=models.CASCADE)
+    attribute_type = models.ForeignKey(AttributeType, on_delete=models.CASCADE)
+    value = models.IntegerField()  # assuming value is always stored as an integer
+
+
+class Rule(models.Model):
+    TYPE_CHOICES = [
+        ('and', 'AND'),
+        ('or', 'OR'),
+    ]
+    rule_type = models.CharField(max_length=3, choices=TYPE_CHOICES)
+    attributes = models.ManyToManyField(Attribute)
+
+
+class File(models.Model):
+    owner = models.ForeignKey(User, on_delete=models.CASCADE)
+    name = models.CharField(max_length=255)
+    file = models.FileField(upload_to='uploads/')  # assuming you are using FileField to store the file
+    rules = models.ManyToManyField(Rule)
--- a/abac/tests.py
+++ b/abac/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
--- a/abac/views.py
+++ b/abac/views.py
@@ -0,0 +1,18 @@
+from django.shortcuts import render
+from django.http.response import HttpResponseNotAllowed
+from django.contrib.auth.decorators import permission_required
+from django.http import HttpResponse
+
+# Create your views here.
+def create_user(request):
+    special_user = request.user
+    if special_user.has_perm('abac.can_create_users'):
+        pass #TODO: Create new User
+    else:
+        # Return a response indicating insufficient permissions
+        return HttpResponseNotAllowed(request)
+    
+@permission_required('abac.can_create_users', raise_exception=True)
+def create_user_view(request):
+    # Your view logic here
+    return HttpResponse('New user created')