3
�^�������������������@���sZ���d�dl�Z�d�dlZd�dlmZmZ�ddlmZ�ddlmZ�ddl m
Z
�G�dd��dee
�Z
dS�) �����N)�AF_INET�AF_INET6����)�
MatchContext)�NodeconIPVersion)�
PolicyQueryc�������������������sh���e�Zd�ZdZdZdZdZedd���Zej dd���Zedd���Z
e
j d d���Z
��fd
d
�Z
d
d
��Z
���Z
S�)�
NodeconQueryaI��
Query nodecon statements.
Parameter:
policy The policy to query.
Keyword Parameters/Class attributes:
network The IPv4/IPv6 address or IPv4/IPv6 network address
with netmask, e.g. 192.168.1.0/255.255.255.0 or
"192.168.1.0/24".
network_overlap If true, the net will match if it overlaps with
the nodecon's network instead of equality.
ip_version The IP version of the nodecon to match. (socket.AF_INET
for IPv4 or socket.AF_INET6 for IPv6)
user The criteria to match the context's user.
user_regex If true, regular expression matching
will be used on the user.
role The criteria to match the context's role.
role_regex If true, regular expression matching
will be used on the role.
type_ The criteria to match the context's type.
type_regex If true, regular expression matching
will be used on the type.
range_ The criteria to match the context's range.
range_subset If true, the criteria will match if it is a subset
of the context's range.
range_overlap If true, the criteria will match if it overlaps
any of the context's range.
range_superset If true, the criteria will match if it is a superset
of the context's range.
range_proper If true, use proper superset/subset operations.
No effect if not using set operations.
NFc�������������C���s���|�j�S�)N)�
_ip_version)�self��r
����$/usr/lib64/python3.6/nodeconquery.py�
ip_versionF���s����zNodeconQuery.ip_versionc�������������C���s
���|rt�j|�|�_nd�|�_d�S�)N)r����lookupr ���)r
����valuer
���r
���r
���r
���J���s����c�������������C���s���|�j�S�)N)�_network)r
���r
���r
���r
����networkQ���s����zNodeconQuery.networkc�������������C���s
���|rt�j|�|�_nd�|�_d�S�)N)� ipaddressZ
ip_networkr���)r
���r���r
���r
���r
���r���U���s����c�������������
���s$���t�t|��j|f|��tjt�|�_d�S�)N)�superr����__init__�loggingZ getLogger�__name__�log)r
����policy�kwargs)� __class__r
���r
���r���\���s����zNodeconQuery.__init__c�������������c���s����|�j�jdj|����|�j�jdj|����|�j�jdj|����|�j|�j���xf|�jj��D�]X}|�jr~|�jrp|�jj |j�s~qNn|j|�jks~qN|�j
r�|�j
|j
kr�qN|�j
|j
�s�qN|V��qNW�dS�)z-Generator which yields all matching nodecons.z*Generating nodecon results from {0.policy}z4Network: {0.network!r}, overlap: {0.network_overlap}z
IP Version: {0.ip_version!r}N)
r����info�format�debugZ_match_context_debugr���Znodeconsr����network_overlapZoverlapsr
���Z_match_context�context)r
���Znodeconr
���r
���r
����results`���s ����
zNodeconQuery.results)r����
__module__�
__qualname__�__doc__r���r
���r ����propertyr
����setterr���r���r ����
__classcell__r
���r
���)r���r
���r���
���s���"
r���)
r���r���Zsocketr���r���Zmixinsr���Z policyrepr���Zqueryr���r���r
���r
���r
���r
����<module>���s
���