a qéqeÌ&ã@sødZddlZddlmZmZddlmZddlmZddl m Z ddl m Z m Z mZmZmZmZddlmZd d lmZGd d „d ƒZGd d„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„dƒZdS)zÎ SETools descriptors. These classes override how a class's attributes are get/set/deleted. This is how the @property decorator works. See https://docs.python.org/3/howto/descriptor.html for more details. éN)ÚABCÚabstractmethod)Ú defaultdict)Ú Collection)ÚEnum)ÚAnyÚCallableÚMutableMappingÚOptionalÚTypeÚUnion)ÚWeakKeyDictionaryé)Úvalidate_perms_anyc@sXeZdZdZd eeeeeefeee ddœdd„Z dd„Z d dd „Z d d „Z dS)ÚCriteriaDescriptoraŽ Single item criteria descriptor. Keyword Parameters: name_regex The name of instance's regex setting attribute; used as name_regex below. If unset, regular expressions will never be used. lookup_function The name of the SELinuxPolicy lookup function, e.g. lookup_type or lookup_boolean. default_value The default value of the criteria. The default is None. enum_class The class of enumeration which supports a lookup class method. Read-only instance attribute use (obj parameter): policy The instance of SELinuxPolicy name_regex This attribute is read to determine if the criteria should be looked up or compiled into a regex. If the attribute does not exist, False is assumed. N)Ú name_regexÚlookup_functionÚ enum_classÚreturncCs*||_||_||_||_d|_tƒ|_dS©NÚ)ÚregexÚ default_valuerrÚnamer Ú instances)Úselfrrrr©rú9/usr/lib64/python3.9/site-packages/setools/descriptors.pyÚ__init__:s zCriteriaDescriptor.__init__cCs ||_dS©N©r)rÚownerrrrrÚ __set_name__MszCriteriaDescriptor.__set_name__cCs|dur |S|j ||j¡Sr)rÚ setdefaultr©rÚobjZobjtyperrrÚ__get__PszCriteriaDescriptor.__get__cCs–|s|j|j|<n€|jr8t||jdƒr8t |¡|j|<nZ|jrnt|jƒrP|j}nt|j|jƒ}||ƒ|j|<n$|j rˆ|j   |¡|j|<n ||j|<dS)NF) rrrÚgetattrÚreÚcompilerÚcallableÚpolicyrÚlookup)rr%Úvaluer,rrrÚ__set__Vs zCriteriaDescriptor.__set__)NNNN)N)Ú__name__Ú __module__Ú __qualname__Ú__doc__r Ústrr rr rrr"r&r.rrrrr"sþ þ  rc@seZdZdZdd„ZdS)ÚCriteriaSetDescriptorz!Descriptor for a set of criteria.cs²|sˆjˆj|<nœˆjr8t|ˆjdƒr8t |¡ˆj|<nvˆjr|tˆjƒrPˆj‰nt|jˆjƒ‰t ‡fdd„|Dƒƒˆj|<n2ˆj r t ‡fdd„|Dƒƒˆj|<nt |ƒˆj|<dS)NFc3s|]}ˆ|ƒVqdSrr©Ú.0Úv)r,rrÚ uóz0CriteriaSetDescriptor.__set__..c3s|]}ˆj |¡VqdSr)rr,r5)rrrr8wr9) rrrr'r(r)rr*r+Ú frozensetr©rr%r-r)r,rrr.ks zCriteriaSetDescriptor.__set__N)r/r0r1r2r.rrrrr4gsr4c@s.eZdZdZdeeddœdd„Zdd„ZdS) ÚCriteriaPermissionSetDescriptora¦ Descriptor for a set of permissions criteria. name_regex The name of instance's regex setting attribute; used as name_regex below. If unset, regular expressions will never be used. default_value The default value of the criteria. The default is None. Read-only instance attribute use (obj parameter): policy The instance of SELinuxPolicy tclass If it exists, it will be used to validate the permissions. See validate_perms_any() tclass_regex If tclass is a regex, the above permission validation will not use tclass: permissions are verified to be in at least one class in the policy but not verified that the permissions are in classes that the regex matches. Assumes False if the attribute doesn't exist. N)rrcCs||_||_d|_tƒ|_dSr)rrrr r)rrrrrrr’sz(CriteriaPermissionSetDescriptor.__init__cCsž|s|j|j|<nˆ|jr8t||jdƒr8t |¡|j|<nbtdd„|Dƒƒ}t|ddƒr\d}n t|ddƒ}|r€t|tƒs€t|fƒ}t |||j d||j|<dS)NFcss|] }|VqdSrrr5rrrr8¢r9z:CriteriaPermissionSetDescriptor.__set__..Z tclass_regexÚtclass)r=r+) rrrr'r(r)r:Ú isinstancerrr+)rr%r-Zpermsr=rrrr.œs   þz'CriteriaPermissionSetDescriptor.__set__)NN)r/r0r1r2r r3rr.rrrrr<|s r<c@sBeZdZdZeddœdd„Zd dd„Zedd „ƒZed d „ƒZ dS) ÚNetworkXGraphEdgeDescriptora' Descriptor abstract base class for NetworkX graph edge attributes. Parameter: name The edge property name Instance class attribute use (obj parameter): G The NetworkX graph source The edge's source node target The edge's target node N)ÚpropnamercCs ||_dSrr )rr@rrrrÉsz$NetworkXGraphEdgeDescriptor.__init__cCsH|dur |Sz|j|j|j|jWStyBt|jƒ‚Yn0dSr)ÚGÚsourceÚtargetrÚKeyErrorÚAttributeErrorr$rrrr&Ìs  z#NetworkXGraphEdgeDescriptor.__get__cCsdSrrr;rrrr.Õsz#NetworkXGraphEdgeDescriptor.__set__cCsdSrr©rr%rrrÚ __delete__Ùsz&NetworkXGraphEdgeDescriptor.__delete__)N) r/r0r1r2r3rr&rr.rGrrrrr?»s   r?c@s eZdZdZdd„Zdd„ZdS)Ú EdgeAttrDictz7A descriptor for edge attributes that are dictionaries.cCs:|dur&ttƒ|j|j|j|j<ntd |j¡ƒ‚dS)Nz0{0} dictionaries should not be assigned directly)rÚlistrArBrCrrEÚformatr;rrrr.âs ÿzEdgeAttrDict.__set__cCs |j|j|j|j ¡dSr©rArBrCrÚclearrFrrrrGêszEdgeAttrDict.__delete__N©r/r0r1r2r.rGrrrrrHÞsrHc@s eZdZdZdd„Zdd„ZdS)ÚEdgeAttrIntMaxz‹ A descriptor for edge attributes that are non-negative integers that always keep the max assigned value until re-initialized. cCs\|dur"d|j|j|j|j<n6|j|j|j|j}t||ƒ|j|j|j|j<dS©Nr)rArBrCrÚmax)rr%r-Z current_valuerrrr.õszEdgeAttrIntMax.__set__cCsd|j|j|j|j<dSrO)rArBrCrrFrrrrGýszEdgeAttrIntMax.__delete__NrMrrrrrNîsrNc@s eZdZdZdd„Zdd„ZdS)Ú EdgeAttrListz0A descriptor for edge attributes that are lists.cCs6|dur"g|j|j|j|j<ntd |j¡ƒ‚dS)Nz){0} lists should not be assigned directly)rArBrCrÚ ValueErrorrJr;rrrr.szEdgeAttrList.__set__cCs |j|j|j|j ¡dSrrKrFrrrrG szEdgeAttrList.__delete__NrMrrrrrQsrQc@s:eZdZdZeedœdd„Zd dd„Zdd „Zd d „Z dS) ÚPermissionMapDescriptoraN Descriptor for Permission Map mappings. Parameter: name The map setting name. validator A callable for validating the setting. Instance class attribute use (obj parameter): _perm_map The full permission map. class_ The mapping's object class perm The mapping's permission )r@Ú validatorcCs||_||_dSr)rrT)rr@rTrrrr"sz PermissionMapDescriptor.__init__NcCs$|dur |S|j|j|j|jSr)Ú _perm_mapÚclass_Úpermrr$rrrr&&szPermissionMapDescriptor.__get__cCs"| |¡|j|j|j|j<dSr)rTrUrVrWrr;rrrr.,szPermissionMapDescriptor.__set__cCst‚dSr)rErFrrrrG/sz"PermissionMapDescriptor.__delete__)N) r/r0r1r2r3rrr&r.rGrrrrrSs   rS)r2r(ÚabcrrÚ collectionsrÚcollections.abcrÚenumrÚtypingrrr r r r Úweakrefr Úutilrrr4r<r?rHrNrQrSrrrrÚs        E?#