func Load(path string) (tao.Guard, error) {
s, err := NewScanner(path)
if err != nil {
return nil, err
}
t := s.NextLine()
var g tao.Guard
switch t {
case "acl":
g = tao.NewACLGuard()
case "datalog":
g = tao.NewTemporaryDatalogGuard()
case "":
return nil, fmt.Errorf("%s: first line must specify 'datalog' or 'acl'\n", path)
default:
return nil, fmt.Errorf("%s: expected 'datalog' or 'acl', found %q\n", path, t)
}
for line := s.NextLine(); line != ""; line = s.NextLine() {
err = g.AddRule(line)
if err != nil {
return nil, fmt.Errorf("%s: %s; processing this line:\n> %s\n", path, err, line)
}
}
return g, nil
}
func generateGuard(t *testing.T) *tao.Guard {
guard := tao.NewACLGuard(nil, tao.ACLGuardDetails{})
err := guard.Authorize(*hostName, "Host", []string{})
if err != nil {
t.Fatal("Error adding a rule to the guard", err)
}
err = guard.Authorize(*programName, "Execute", []string{})
if err != nil {
t.Fatal("Error adding a rule to the guard", err)
}
machinePrin := auth.Prin{Type: "MachineInfo", KeyHash: auth.Str(machineName)}
err = guard.Authorize(machinePrin, "Root", []string{})
if err != nil {
t.Fatal("Error adding a rule to the guard", err)
}
return &guard
}