PK���ȼRY��������€��� �v3.phpUT �øŽg‰gñ“gux �õ��õ��½T]kÛ0}߯pEhìâÙM7X‰çv%”v0֐µ{)Aå:6S$!ÉMJèߕ?R÷!>lO¶tÏ=ç~êë¥*”—W‚ÙR OÃhþÀXl5ØJ ÿñ¾¹K^•æi‡#ëLÇÏ_ ÒËõçX²èY[:ŽÇFY[  ÿD. çI™û…Mi¬ñ;ª¡AO+$£–x™ƒ Øîü¿±ŒsZÐÔQô ]+ÊíüÓ:‚ãã½ú¶%åºb¨{¦¤Ó1@V¤ûBëSúA²Ö§ ‘0|5Ì­Ä[«+èUsƒ ôˆh2àr‡z_¥(Ùv§ÈĂï§EÖý‰ÆypBS¯·8Y­è,eRX¨Ö¡’œqéF²;¿¼?Ø?Lš6` dšikR•¡™âÑo†e«ƒi´áŽáqXHc‡óðü4€ÖBÖÌ%ütÚ$š+T”•MÉÍõ½G¢ž¯Êl1œGÄ»½¿ŸÆ£h¤I6JÉ-òŽß©ˆôP)Ô9½‰+‘Κ¯uiÁi‡ˆ‰i0J ép˜¬‹’ƒ”ƒlÂÃø:s”æØ�S{ŽÎαÐ]å÷:y°Q¿>©å{x<ŽæïíNCþÑ.Mf?¨«2ý}=ûõýî'=£§ÿu•Ü(—¾IIa­"éþ@¶�¿ä9?^-qìÇÞôvŠeÈc ðlacã®xèÄ'®âd¶ çˆSEæódP/ÍÆv{Ô)Ó ?>…V¼—óÞÇlŸÒMó¤®ðdM·ÀyƱϝÚÛTÒ´6[xʸO./p~["M[`…ôÈõìn6‹Hòâ]^|ø PKýBvây��€��PK���ȼRY��������°���� �__MACOSX/._v3.phpUT �øŽg‰gþ“gux �õ��õ��c`cg`b`ðMLVðVˆP€'qƒøˆŽ!!AP&HÇ %PDF-1.7 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R >> >> /MediaBox [0.000 0.000 595.280 841.890] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Producer (���d�o�m�p�d�f� �2�.�0�.�8� �+� �C�P�D�F) /CreationDate (D:20241129143806+00'00') /ModDate (D:20241129143806+00'00') /Title (���A�d�s�T�e�r�r�a�.�c�o�m� �i�n�v�o�i�c�e) >> endobj 6 0 obj << /Type /Page /MediaBox [0.000 0.000 595.280 841.890] /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Filter /FlateDecode /Length 904 >> stream x���]o�J���+F�ͩ����su\ �08=ʩzရ���lS��lc� "Ց� ���wޙ�%�R�DS��� �OI�a`� �Q�f��5����_���םO�`�7�_FA���D�Џ.j�a=�j����>��n���R+�P��l�rH�{0��w��0��=W�2D ����G���I�>�_B3ed�H�yJ�G>/��ywy�fk��%�$�2.��d_�h����&)b0��"[\B��*_.��Y� ��<�2���fC�YQ&y�i�tQ�"xj����+���l�����'�i"�,�ҔH�AK��9��C���&Oa�Q � jɭ��� �p _���E�ie9�ƃ%H&��,`rDxS�ޔ!�(�X!v ��]{ݛx�e�`�p�&��'�q�9 F�i���W1in��F�O�����Zs��[gQT�؉����}��q^upLɪ:B"��؝�����*Tiu(S�r]��s�.��s9n�N!K!L�M�?�*[��N�8��c��ۯ�b�� ��� �YZ���SR3�n�����lPN��P�;��^�]�!'�z-���ӊ���/��껣��4�l(M�E�QL��X ��~���G��M|�����*��~�;/=N4�-|y�`�i�\�e�T�<���L��G}�"В�J^���q��"X�?(V�ߣXۆ{��H[����P�� �c���kc�Z�9v�����? �a��R�h|��^�k�D4W���?Iӊ�]<��4�)$wdat���~�����������|�L��x�p|N�*��E� �/4�Qpi�x.>��d����,M�y|4^�Ż��8S/޾���uQe���D�y� ��ͧH�����j�wX � �&z� endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj xref 0 10 0000000000 65535 f 0000000009 00000 n 0000000074 00000 n 0000000120 00000 n 0000000284 00000 n 0000000313 00000 n 0000000514 00000 n 0000000617 00000 n 0000001593 00000 n 0000001700 00000 n trailer << /Size 10 /Root 1 0 R /Info 5 0 R /ID[] >> startxref 1812 %%EOF
Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 128

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 129

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 130

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 131
# Copyright 2016, Tresys Technology, LLC # Copyright 2018, Chris PeBenito # # SPDX-License-Identifier: LGPL-2.1-only # from collections import defaultdict from typing import NamedTuple from ..policyrep import AnyRBACRule, RBACRuletype, Role, RoleAllow, RoleTransition from .descriptors import DiffResultDescriptor from .difference import Difference, Wrapper from .objclass import class_wrapper_factory from .roles import role_wrapper_factory from .types import type_or_attr_wrapper_factory from .typing import RuleList class ModifiedRBACRule(NamedTuple): """Difference details for a modified RBAC rule.""" rule: AnyRBACRule added_default: Role removed_default: Role class RBACRulesDifference(Difference): """Determine the difference in RBAC rules between two policies.""" added_role_allows = DiffResultDescriptor("diff_role_allows") removed_role_allows = DiffResultDescriptor("diff_role_allows") # role allows cannot be modified, only added/removed added_role_transitions = DiffResultDescriptor("diff_role_transitions") removed_role_transitions = DiffResultDescriptor("diff_role_transitions") modified_role_transitions = DiffResultDescriptor("diff_role_transitions") # Lists of rules for each policy _left_rbac_rules: RuleList[RBACRuletype, AnyRBACRule] = None _right_rbac_rules: RuleList[RBACRuletype, AnyRBACRule] = None def diff_role_allows(self) -> None: """Generate the difference in role allow rules between the policies.""" self.log.info( "Generating role allow differences from {0.left_policy} to {0.right_policy}". format(self)) if self._left_rbac_rules is None or self._right_rbac_rules is None: self._create_rbac_rule_lists() assert self._left_rbac_rules is not None, "Left RBAC rules didn't load, this a bug." assert self._right_rbac_rules is not None, "Right RBAC rules didn't load, this a bug." self.added_role_allows, self.removed_role_allows, _ = self._set_diff( self._expand_generator(self._left_rbac_rules[RBACRuletype.allow], RoleAllowWrapper), self._expand_generator(self._right_rbac_rules[RBACRuletype.allow], RoleAllowWrapper)) def diff_role_transitions(self) -> None: """Generate the difference in role_transition rules between the policies.""" self.log.info( "Generating role_transition differences from {0.left_policy} to {0.right_policy}". format(self)) if self._left_rbac_rules is None or self._right_rbac_rules is None: self._create_rbac_rule_lists() assert self._left_rbac_rules is not None, "Left RBAC rules didn't load, this a bug." assert self._right_rbac_rules is not None, "Right RBAC rules didn't load, this a bug." added, removed, matched = self._set_diff( self._expand_generator(self._left_rbac_rules[RBACRuletype.role_transition], RoleTransitionWrapper), self._expand_generator(self._right_rbac_rules[RBACRuletype.role_transition], RoleTransitionWrapper)) modified = [] for left_rule, right_rule in matched: # Criteria for modified rules # 1. change to default role if role_wrapper_factory(left_rule.default) != role_wrapper_factory(right_rule.default): modified.append(ModifiedRBACRule(left_rule, right_rule.default, left_rule.default)) self.added_role_transitions = added self.removed_role_transitions = removed self.modified_role_transitions = modified # # Internal functions # def _create_rbac_rule_lists(self) -> None: """Create rule lists for both policies.""" # do not expand yet, to keep memory # use down as long as possible self._left_rbac_rules = defaultdict(list) self.log.debug("Building RBAC rule lists from {0.left_policy}".format(self)) for rule in self.left_policy.rbacrules(): self._left_rbac_rules[rule.ruletype].append(rule) self._right_rbac_rules = defaultdict(list) self.log.debug("Building RBAC rule lists from {0.right_policy}".format(self)) for rule in self.right_policy.rbacrules(): self._right_rbac_rules[rule.ruletype].append(rule) self.log.debug("Completed building RBAC rule lists.") def _reset_diff(self) -> None: """Reset diff results on policy changes.""" self.log.debug("Resetting RBAC rule differences") self.added_role_allows = None self.removed_role_allows = None self.added_role_transitions = None self.removed_role_transitions = None self.modified_role_transitions = None # Sets of rules for each policy self._left_rbac_rules = None self._right_rbac_rules = None class RoleAllowWrapper(Wrapper[RoleAllow]): """Wrap role allow rules to allow set operations.""" __slots__ = ("source", "target") def __init__(self, rule: RoleAllow) -> None: self.origin = rule self.source = role_wrapper_factory(rule.source) self.target = role_wrapper_factory(rule.target) self.key = hash(rule) def __hash__(self): return self.key def __lt__(self, other): return self.key < other.key def __eq__(self, other): # because RBACRuleDifference groups rules by ruletype, # the ruletype always matches. return self.source == other.source and self.target == other.target class RoleTransitionWrapper(Wrapper[RoleTransition]): """Wrap role_transition rules to allow set operations.""" __slots__ = ("source", "target", "tclass") def __init__(self, rule: RoleTransition) -> None: self.origin = rule self.source = role_wrapper_factory(rule.source) self.target = type_or_attr_wrapper_factory(rule.target) self.tclass = class_wrapper_factory(rule.tclass) self.key = hash(rule) def __hash__(self): return self.key def __lt__(self, other): return self.key < other.key def __eq__(self, other): # because RBACRuleDifference groups rules by ruletype, # the ruletype always matches. return self.source == other.source and \ self.target == other.target and \ self.tclass == other.tclass