| # Copyright 2015-2016, Tresys Technology, LLC |
| # |
| # This file is part of SETools. |
| # |
| # SETools is free software: you can redistribute it and/or modify |
| # it under the terms of the GNU Lesser General Public License as |
| # published by the Free Software Foundation, either version 2.1 of |
| # the License, or (at your option) any later version. |
| # |
| # SETools is distributed in the hope that it will be useful, |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| # GNU Lesser General Public License for more details. |
| # |
| # You should have received a copy of the GNU Lesser General Public |
| # License along with SETools. If not, see |
| # <http://www.gnu.org/licenses/>. |
| # |
| from ..exception import SEToolsException |
| |
| # |
| # Policyrep base exception |
| # |
| |
| |
| class PolicyrepException(SEToolsException): |
| |
| """Base class for all policyrep exceptions.""" |
| pass |
| |
| |
| # |
| # General Policyrep exceptions |
| # |
| |
| |
| class InvalidPolicy(SyntaxError, PolicyrepException): |
| |
| """Exception for invalid policy.""" |
| pass |
| |
| |
| class MLSDisabled(PolicyrepException): |
| |
| """ |
| Exception when MLS is disabled. |
| """ |
| pass |
| |
| |
| # |
| # Invalid component exceptions |
| # |
| class InvalidSymbol(ValueError, PolicyrepException): |
| |
| """ |
| Base class for invalid symbols. Typically this is attempting to |
| look up an object in the policy, but it does not exist. |
| """ |
| pass |
| |
| |
| class InvalidBoolean(InvalidSymbol): |
| |
| """Exception for invalid Booleans.""" |
| pass |
| |
| |
| class InvalidCategory(InvalidSymbol): |
| |
| """Exception for invalid MLS categories.""" |
| pass |
| |
| |
| class InvalidClass(InvalidSymbol): |
| |
| """Exception for invalid object classes.""" |
| pass |
| |
| |
| class InvalidCommon(InvalidSymbol): |
| |
| """Exception for invalid common permission sets.""" |
| pass |
| |
| |
| class InvalidInitialSid(InvalidSymbol): |
| |
| """Exception for invalid initial sids.""" |
| pass |
| |
| |
| class InvalidLevel(InvalidSymbol): |
| |
| """ |
| Exception for an invalid level. |
| """ |
| pass |
| |
| |
| class InvalidLevelDecl(InvalidSymbol): |
| |
| """ |
| Exception for an invalid level declaration. |
| """ |
| pass |
| |
| |
| class InvalidRange(InvalidSymbol): |
| |
| """ |
| Exception for an invalid range. |
| """ |
| pass |
| |
| |
| class InvalidRole(InvalidSymbol): |
| |
| """Exception for invalid roles.""" |
| pass |
| |
| |
| class InvalidSensitivity(InvalidSymbol): |
| |
| """ |
| Exception for an invalid sensitivity. |
| """ |
| pass |
| |
| |
| class InvalidType(InvalidSymbol): |
| |
| """Exception for invalid types and attributes.""" |
| pass |
| |
| |
| class InvalidUser(InvalidSymbol): |
| |
| """Exception for invalid users.""" |
| pass |
| |
| # |
| # Rule type exceptions |
| # |
| |
| |
| class InvalidRuleType(InvalidSymbol): |
| |
| """Exception for invalid rule types.""" |
| pass |
| |
| |
| class InvalidConstraintType(InvalidSymbol): |
| |
| """Exception for invalid constraint types.""" |
| # This is not a rule but is similar. |
| pass |
| |
| |
| class InvalidDefaultType(InvalidRuleType): |
| |
| """Exception for invalid default_* types.""" |
| pass |
| |
| |
| class InvalidFSUseType(InvalidRuleType): |
| |
| """Exception for invalid fs_use_* types.""" |
| pass |
| |
| |
| class InvalidMLSRuleType(InvalidRuleType): |
| |
| """Exception for invalid MLS rule types.""" |
| pass |
| |
| |
| class InvalidRBACRuleType(InvalidRuleType): |
| |
| """Exception for invalid RBAC rule types.""" |
| pass |
| |
| |
| class InvalidTERuleType(InvalidRuleType): |
| |
| """Exception for invalid TE rule types.""" |
| pass |
| |
| |
| # |
| # Object use errors |
| # |
| class SymbolUseError(AttributeError, PolicyrepException): |
| |
| """ |
| Base class for incorrectly using an object. Typically this is |
| for classes with strong similarities, but with slight variances in |
| functionality, e.g. allow vs type_transition rules. |
| """ |
| pass |
| |
| |
| class RuleUseError(SymbolUseError): |
| |
| """ |
| Base class for incorrect parameters for a rule. For |
| example, trying to get the permissions of a rule that has no |
| permissions. |
| """ |
| pass |
| |
| |
| class ConstraintUseError(SymbolUseError): |
| |
| """Exception when getting permissions from a validatetrans.""" |
| pass |
| |
| |
| class NoStatement(SymbolUseError): |
| |
| """ |
| Exception for objects that have no inherent statement, such |
| as conditional expressions and MLS ranges. |
| """ |
| pass |
| |
| |
| # |
| # Default rule exceptions |
| # |
| class InvalidDefaultValue(InvalidSymbol): |
| |
| """Exception for invalid default (not source/target)""" |
| pass |
| |
| |
| class InvalidDefaultRange(InvalidSymbol): |
| |
| """Exception for invalid default range""" |
| pass |
| |
| |
| # |
| # Other exceptions |
| # |
| class NoCommon(AttributeError, PolicyrepException): |
| |
| """ |
| Exception when a class does not inherit a common permission set. |
| """ |
| pass |
| |
| |
| class NoDefaults(InvalidSymbol): |
| |
| """Exception for classes that have no default_* statements.""" |
| pass |
| |
| |
| class RuleNotConditional(AttributeError, PolicyrepException): |
| |
| """ |
| Exception when getting the conditional expression for rules |
| that are unconditional (not conditional). |
| """ |
| pass |
| |
| |
| class TERuleNoFilename(AttributeError, PolicyrepException): |
| |
| """ |
| Exception when getting the file name of a |
| type_transition rule that has no file name. |
| """ |
| pass |