e744336385
C-6: ConnectorRuntime enforces capability_mask per operation.
READ-only ACs cannot invoke MUTATE operations (wipe, lock, retire).
C-7: AC validated against database (exists, active, not expired)
before connector invocation.
C-9: Delegated AC capability bounded by delegator's capability.
C-10: Command counter uses atomic SQL increment with limit check.
M-23: expire_stale() uses same atomic SQL pattern.
H-1: Sensitive credential fields hidden from repr/logs via repr=False.
H-2: Stub backend requires ALLOW_STUB_CREDENTIALS=true to activate.
H-3: Kerberos backend raises CredentialResolutionError instead of
returning stub ticket.
H-4: Chronicle INTENT emitted before execution, RESULT after.
H-5: device_id validated as UUID before Graph API URL interpolation.
H-8: ConnectorRuntime enforces governance for all connector invocations.
Signed-off-by: Tyler King <tking@guildhouse.dev>
49 lines
1.4 KiB
Python
49 lines
1.4 KiB
Python
|
|
class Node(object):
|
|
def __init__(self, tag, value, start_mark, end_mark):
|
|
self.tag = tag
|
|
self.value = value
|
|
self.start_mark = start_mark
|
|
self.end_mark = end_mark
|
|
def __repr__(self):
|
|
value = self.value
|
|
#if isinstance(value, list):
|
|
# if len(value) == 0:
|
|
# value = '<empty>'
|
|
# elif len(value) == 1:
|
|
# value = '<1 item>'
|
|
# else:
|
|
# value = '<%d items>' % len(value)
|
|
#else:
|
|
# if len(value) > 75:
|
|
# value = repr(value[:70]+u' ... ')
|
|
# else:
|
|
# value = repr(value)
|
|
value = repr(value)
|
|
return '%s(tag=%r, value=%s)' % (self.__class__.__name__, self.tag, value)
|
|
|
|
class ScalarNode(Node):
|
|
id = 'scalar'
|
|
def __init__(self, tag, value,
|
|
start_mark=None, end_mark=None, style=None):
|
|
self.tag = tag
|
|
self.value = value
|
|
self.start_mark = start_mark
|
|
self.end_mark = end_mark
|
|
self.style = style
|
|
|
|
class CollectionNode(Node):
|
|
def __init__(self, tag, value,
|
|
start_mark=None, end_mark=None, flow_style=None):
|
|
self.tag = tag
|
|
self.value = value
|
|
self.start_mark = start_mark
|
|
self.end_mark = end_mark
|
|
self.flow_style = flow_style
|
|
|
|
class SequenceNode(CollectionNode):
|
|
id = 'sequence'
|
|
|
|
class MappingNode(CollectionNode):
|
|
id = 'mapping'
|
|
|