e744336385
C-6: ConnectorRuntime enforces capability_mask per operation.
READ-only ACs cannot invoke MUTATE operations (wipe, lock, retire).
C-7: AC validated against database (exists, active, not expired)
before connector invocation.
C-9: Delegated AC capability bounded by delegator's capability.
C-10: Command counter uses atomic SQL increment with limit check.
M-23: expire_stale() uses same atomic SQL pattern.
H-1: Sensitive credential fields hidden from repr/logs via repr=False.
H-2: Stub backend requires ALLOW_STUB_CREDENTIALS=true to activate.
H-3: Kerberos backend raises CredentialResolutionError instead of
returning stub ticket.
H-4: Chronicle INTENT emitted before execution, RESULT after.
H-5: device_id validated as UUID before Graph API URL interpolation.
H-8: ConnectorRuntime enforces governance for all connector invocations.
Signed-off-by: Tyler King <tking@guildhouse.dev>
81 lines
2 KiB
Python
81 lines
2 KiB
Python
"""
|
|
pygments.lexers.roboconf
|
|
~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
Lexers for Roboconf DSL.
|
|
|
|
:copyright: Copyright 2006-present by the Pygments team, see AUTHORS.
|
|
:license: BSD, see LICENSE for details.
|
|
"""
|
|
|
|
from pygments.lexer import RegexLexer, words, re
|
|
from pygments.token import Text, Operator, Keyword, Name, Comment
|
|
|
|
__all__ = ['RoboconfGraphLexer', 'RoboconfInstancesLexer']
|
|
|
|
|
|
class RoboconfGraphLexer(RegexLexer):
|
|
"""
|
|
Lexer for Roboconf graph files.
|
|
"""
|
|
name = 'Roboconf Graph'
|
|
aliases = ['roboconf-graph']
|
|
filenames = ['*.graph']
|
|
url = 'https://roboconf.github.io/en/user-guide/graph-definition.html'
|
|
version_added = '2.1'
|
|
|
|
flags = re.IGNORECASE | re.MULTILINE
|
|
tokens = {
|
|
'root': [
|
|
# Skip white spaces
|
|
(r'\s+', Text),
|
|
|
|
# There is one operator
|
|
(r'=', Operator),
|
|
|
|
# Keywords
|
|
(words(('facet', 'import'), suffix=r'\s*\b', prefix=r'\b'), Keyword),
|
|
(words((
|
|
'installer', 'extends', 'exports', 'imports', 'facets',
|
|
'children'), suffix=r'\s*:?', prefix=r'\b'), Name),
|
|
|
|
# Comments
|
|
(r'#.*\n', Comment),
|
|
|
|
# Default
|
|
(r'[^#]', Text),
|
|
(r'.*\n', Text)
|
|
]
|
|
}
|
|
|
|
|
|
class RoboconfInstancesLexer(RegexLexer):
|
|
"""
|
|
Lexer for Roboconf instances files.
|
|
"""
|
|
name = 'Roboconf Instances'
|
|
aliases = ['roboconf-instances']
|
|
filenames = ['*.instances']
|
|
url = 'https://roboconf.github.io'
|
|
version_added = '2.1'
|
|
|
|
flags = re.IGNORECASE | re.MULTILINE
|
|
tokens = {
|
|
'root': [
|
|
|
|
# Skip white spaces
|
|
(r'\s+', Text),
|
|
|
|
# Keywords
|
|
(words(('instance of', 'import'), suffix=r'\s*\b', prefix=r'\b'), Keyword),
|
|
(words(('name', 'count'), suffix=r's*:?', prefix=r'\b'), Name),
|
|
(r'\s*[\w.-]+\s*:', Name),
|
|
|
|
# Comments
|
|
(r'#.*\n', Comment),
|
|
|
|
# Default
|
|
(r'[^#]', Text),
|
|
(r'.*\n', Text)
|
|
]
|
|
}
|