ia64/xen-unstable

changeset 9833:65ce9bf4a86f

This patch adds support for managing and creating the simplified
policies to the policy generation tools.

Signed-off by: Thomas Lendacky <toml@us.ibm.com>
Signed-off by: Reiner Sailer <sailer@us.ibm.com>
author smh22@firebug.cl.cam.ac.uk
date Mon Apr 24 10:52:19 2006 +0100 (2006-04-24)
parents ad30019015a2
children 37da8dd5d43e
files tools/security/python/xensec_gen/cgi-bin/policy.cgi tools/security/python/xensec_gen/index.html
line diff
     1.1 --- a/tools/security/python/xensec_gen/cgi-bin/policy.cgi	Mon Apr 24 10:51:50 2006 +0100
     1.2 +++ b/tools/security/python/xensec_gen/cgi-bin/policy.cgi	Mon Apr 24 10:52:19 2006 +0100
     1.3 @@ -2,7 +2,7 @@
     1.4  #
     1.5  # The Initial Developer of the Original Code is International
     1.6  # Business Machines Corporation. Portions created by IBM
     1.7 -# Corporation are Copyright (C) 2005 International Business
     1.8 +# Corporation are Copyright (C) 2005, 2006 International Business
     1.9  # Machines Corporation. All Rights Reserved.
    1.10  #
    1.11  # This program is free software; you can redistribute it and/or modify
    1.12 @@ -31,9 +31,9 @@ from StringIO import StringIO
    1.13  from sets import Set
    1.14  
    1.15  def getSavedData( ):
    1.16 -	global formData, policyXml, formVariables, formCSNames
    1.17 -	global templateCSMTypes, templateCSMDel, templateCSMType, templateCSMAdd
    1.18 -	global allCSMTypes
    1.19 +	global formData, policyXml
    1.20 +	global formVariables, formCSNames, formVmNames, formResNames
    1.21 +	global allCSMTypes, allVmChWs, allVmStes, allResStes
    1.22  
    1.23  	# Process the XML upload policy file
    1.24  	if formData.has_key( 'i_policy' ):
    1.25 @@ -64,6 +64,46 @@ def getSavedData( ):
    1.26  			if len( dataList ) > 0:
    1.27  				exec 'allCSMTypes[csName][1] = ' + dataList[0]
    1.28  
    1.29 +	# The form can contain any number of "Virtual Machines"
    1.30 +	#   so update the list of form variables to include
    1.31 +	#   each virtual machine (hidden input variable)
    1.32 +	for vmName in formVmNames[1]:
    1.33 +		newVm( vmName )
    1.34 +
    1.35 +		vmFormVar = allVmChWs[vmName]
    1.36 +		if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ):
    1.37 +			dataList = formData.getlist( vmFormVar[2] )
    1.38 +			if len( dataList ) > 0:
    1.39 +				if isinstance( vmFormVar[1], list ):
    1.40 +					exec 'vmFormVar[1] = ' + dataList[0]
    1.41 +				else:
    1.42 +					vmFormVar[1] = dataList[0]
    1.43 +
    1.44 +		vmFormVar = allVmStes[vmName]
    1.45 +		if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ):
    1.46 +			dataList = formData.getlist( vmFormVar[2] )
    1.47 +			if len( dataList ) > 0:
    1.48 +				if isinstance( vmFormVar[1], list ):
    1.49 +					exec 'vmFormVar[1] = ' + dataList[0]
    1.50 +				else:
    1.51 +					vmFormVar[1] = dataList[0]
    1.52 +
    1.53 +	# The form can contain any number of "Resources"
    1.54 +	#   so update the list of form variables to include
    1.55 +	#   each resource (hidden input variable)
    1.56 +	for resName in formResNames[1]:
    1.57 +		newRes( resName )
    1.58 +
    1.59 +		resFormVar = allResStes[resName]
    1.60 +		if (resFormVar[2] != '') and formData.has_key( resFormVar[2] ):
    1.61 +			dataList = formData.getlist( resFormVar[2] )
    1.62 +			if len( dataList ) > 0:
    1.63 +				if isinstance( resFormVar[1], list ):
    1.64 +					exec 'resFormVar[1] = ' + dataList[0]
    1.65 +				else:
    1.66 +					resFormVar[1] = dataList[0]
    1.67 +
    1.68 +
    1.69  def getCurrentTime( ):
    1.70  	return time.strftime( '%Y-%m-%d %H:%M:%S', time.localtime( ) )
    1.71  
    1.72 @@ -77,14 +117,49 @@ def getName( domNode ):
    1.73  	for childNode in nameNodes[0].childNodes:
    1.74  		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
    1.75  			name = name + childNode.data
    1.76 +	return name
    1.77 +
    1.78 +def getPolicyName( domNode ):
    1.79 +	nameNodes = domNode.getElementsByTagName( 'PolicyName' )
    1.80 +	if len( nameNodes ) == 0:
    1.81 +		formatXmlError( '"<PolicyName>" tag is missing' )
    1.82 +		return None
    1.83 +
    1.84 +	name = ''
    1.85 +	for childNode in nameNodes[0].childNodes:
    1.86 +		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
    1.87 +			name = name + childNode.data
    1.88  
    1.89  	return name
    1.90  
    1.91 +def getUrl( domNode ):
    1.92 +	urlNodes = domNode.getElementsByTagName( 'PolicyUrl' )
    1.93 +	if len( urlNodes ) == 0:
    1.94 +		return ''
    1.95 +
    1.96 +	url = ''
    1.97 +	for childNode in urlNodes[0].childNodes:
    1.98 +		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
    1.99 +			url = url + childNode.data
   1.100 +
   1.101 +	return url
   1.102 +
   1.103 +def getRef( domNode ):
   1.104 +	refNodes = domNode.getElementsByTagName( 'Reference' )
   1.105 +	if len( refNodes ) == 0:
   1.106 +		return ''
   1.107 +
   1.108 +	ref = ''
   1.109 +	for childNode in refNodes[0].childNodes:
   1.110 +		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
   1.111 +			ref = ref + childNode.data
   1.112 +
   1.113 +	return ref
   1.114 +
   1.115  def getDate( domNode ):
   1.116  	dateNodes = domNode.getElementsByTagName( 'Date' )
   1.117  	if len( dateNodes ) == 0:
   1.118 -		formatXmlError( '"<Date>" tag is missing' )
   1.119 -		return None
   1.120 +		return ''
   1.121  
   1.122  	date = ''
   1.123  	for childNode in dateNodes[0].childNodes:
   1.124 @@ -93,6 +168,18 @@ def getDate( domNode ):
   1.125  
   1.126  	return date
   1.127  
   1.128 +def getNSUrl( domNode ):
   1.129 +	urlNodes = domNode.getElementsByTagName( 'NameSpaceUrl' )
   1.130 +	if len( urlNodes ) == 0:
   1.131 +		return ''
   1.132 +
   1.133 +	url = ''
   1.134 +	for childNode in urlNodes[0].childNodes:
   1.135 +		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
   1.136 +			url = url + childNode.data
   1.137 +
   1.138 +	return url
   1.139 +
   1.140  def getSteTypes( domNode, missingIsError = 0 ):
   1.141  	steNodes = domNode.getElementsByTagName( 'SimpleTypeEnforcementTypes' )
   1.142  	if len( steNodes ) == 0:
   1.143 @@ -170,9 +257,7 @@ def formatXmlGenError( msg ):
   1.144  	xmlMessages.append( cgi.escape( msg ) )
   1.145  
   1.146  def parseXml( xmlInput ):
   1.147 -	global xmlMessages, xmlError, xmlLine, xmlColumn
   1.148 -
   1.149 -	xmlParser  = xml.sax.make_parser( )
   1.150 +	xmlParser = xml.sax.make_parser( )
   1.151  	try:
   1.152  		domDoc = xml.dom.minidom.parseString( xmlInput, xmlParser )
   1.153  
   1.154 @@ -198,14 +283,16 @@ def parseXml( xmlInput ):
   1.155  
   1.156  def parsePolicyXml( ):
   1.157  	global policyXml
   1.158 -	global formPolicyName, formPolicyDate, formPolicyOrder
   1.159 -	global formSteTypes, formChWallTypes
   1.160 -	global allCSMTypes
   1.161 +	global formPolicyName, formPolicyUrl, formPolicyRef, formPolicyDate, formPolicyNSUrl
   1.162 +	global formPolicyOrder
   1.163 +	global formSteTypes, formChWallTypes, formVmNames, formVmNameDom0
   1.164 +	global allCSMTypes, allVmStes, allVmChWs
   1.165  
   1.166  	domDoc = parseXml( policyXml )
   1.167  	if domDoc == None:
   1.168  		return
   1.169  
   1.170 +	# Process the PolicyHeader
   1.171  	domRoot    = domDoc.documentElement
   1.172  	domHeaders = domRoot.getElementsByTagName( 'PolicyHeader' )
   1.173  	if len( domHeaders ) == 0:
   1.174 @@ -215,7 +302,7 @@ def parsePolicyXml( ):
   1.175  		formatXmlError( msg )
   1.176  		return
   1.177  
   1.178 -	pName = getName( domHeaders[0] )
   1.179 +	pName = getPolicyName( domHeaders[0] )
   1.180  	if pName == None:
   1.181  		msg = ''
   1.182  		msg = msg + 'Error processing the Policy header information.\n'
   1.183 @@ -223,18 +310,13 @@ def parsePolicyXml( ):
   1.184  		formatXmlError( msg )
   1.185  		return
   1.186  
   1.187 -	formPolicyName[1] = pName
   1.188 +	formPolicyName[1]  = pName
   1.189 +	formPolicyUrl[1]   = getUrl( domHeaders[0] )
   1.190 +	formPolicyRef[1]   = getRef( domHeaders[0] )
   1.191 +	formPolicyDate[1]  = getDate( domHeaders[0] )
   1.192 +	formPolicyNSUrl[1] = getNSUrl( domHeaders[0] )
   1.193  
   1.194 -	pDate = getDate( domHeaders[0] )
   1.195 -	if pDate == None:
   1.196 -		msg = ''
   1.197 -		msg = msg + 'Error processing the Policy header information.\n'
   1.198 -		msg = msg + 'Please validate the Policy file used.'
   1.199 -		formatXmlError( msg )
   1.200 -		return
   1.201 -
   1.202 -	formPolicyDate[1] = pDate
   1.203 -
   1.204 +	# Process the STEs
   1.205  	pOrder = ''
   1.206  	domStes = domRoot.getElementsByTagName( 'SimpleTypeEnforcement' )
   1.207  	if len( domStes ) > 0:
   1.208 @@ -259,6 +341,7 @@ def parsePolicyXml( ):
   1.209  
   1.210  		formSteTypes[1] = steTypes
   1.211  
   1.212 +	# Process the ChineseWalls and Conflict Sets
   1.213  	domChWalls = domRoot.getElementsByTagName( 'ChineseWall' )
   1.214  	if len( domChWalls ) > 0:
   1.215  		if domChWalls[0].hasAttribute( 'priority' ):
   1.216 @@ -291,45 +374,39 @@ def parsePolicyXml( ):
   1.217  		formChWallTypes[1] = chwTypes
   1.218  
   1.219  		csNodes = domChWalls[0].getElementsByTagName( 'ConflictSets' )
   1.220 -		if len( csNodes ) == 0:
   1.221 -			msg = ''
   1.222 -			msg = msg + 'Required "<ConflictSets>" tag missing.\n'
   1.223 -			msg = msg + 'Please validate the Policy file used.'
   1.224 -			formatXmlError( msg )
   1.225 -			return
   1.226 -
   1.227 -		cNodes = csNodes[0].getElementsByTagName( 'Conflict' )
   1.228 -		if len( cNodes ) == 0:
   1.229 -			msg = ''
   1.230 -			msg = msg + 'Required "<Conflict>" tag missing.\n'
   1.231 -			msg = msg + 'Please validate the Policy file used.'
   1.232 -			formatXmlError( msg )
   1.233 -			return
   1.234 -
   1.235 -		for cNode in cNodes:
   1.236 -			csName = cNode.getAttribute( 'name' )
   1.237 -			newCS( csName, 1 )
   1.238 -
   1.239 -			csMemberList = getTypes( cNode )
   1.240 -			if csMemberList == None:
   1.241 +		if csNodes and (len( csNodes ) > 0):
   1.242 +			cNodes = csNodes[0].getElementsByTagName( 'Conflict' )
   1.243 +			if not cNodes or len( cNodes ) == 0:
   1.244  				msg = ''
   1.245 -				msg = msg + 'Error processing the Conflict Set members.\n'
   1.246 +				msg = msg + 'Required "<Conflict>" tag missing.\n'
   1.247  				msg = msg + 'Please validate the Policy file used.'
   1.248  				formatXmlError( msg )
   1.249  				return
   1.250  
   1.251 -			# Verify the conflict set members are valid types
   1.252 -			ctSet = Set( formChWallTypes[1] )
   1.253 -			csSet = Set( csMemberList )
   1.254 -			if not csSet.issubset( ctSet ):
   1.255 -				msg = ''
   1.256 -				msg = msg + 'Error processing Conflict Set "' + csName + '".\n'
   1.257 -				msg = msg + 'Members of the conflict set are not valid '
   1.258 -				msg = msg + 'Chinese Wall types.\n'
   1.259 -				msg = msg + 'Please validate the Policy file used.'
   1.260 -				formatXmlError( msg )
   1.261 +			for cNode in cNodes:
   1.262 +				csName = cNode.getAttribute( 'name' )
   1.263 +				newCS( csName, 1 )
   1.264  
   1.265 -			allCSMTypes[csName][1] = csMemberList
   1.266 +				csMemberList = getTypes( cNode )
   1.267 +				if csMemberList == None:
   1.268 +					msg = ''
   1.269 +					msg = msg + 'Error processing the Conflict Set members.\n'
   1.270 +					msg = msg + 'Please validate the Policy file used.'
   1.271 +					formatXmlError( msg )
   1.272 +					return
   1.273 +
   1.274 +				# Verify the conflict set members are valid types
   1.275 +				ctSet = Set( formChWallTypes[1] )
   1.276 +				csSet = Set( csMemberList )
   1.277 +				if not csSet.issubset( ctSet ):
   1.278 +					msg = ''
   1.279 +					msg = msg + 'Error processing Conflict Set "' + csName + '".\n'
   1.280 +					msg = msg + 'Members of the conflict set are not valid '
   1.281 +					msg = msg + 'Chinese Wall types.\n'
   1.282 +					msg = msg + 'Please validate the Policy file used.'
   1.283 +					formatXmlError( msg )
   1.284 +
   1.285 +					allCSMTypes[csName][1] = csMemberList
   1.286  
   1.287  	if pOrder != '':
   1.288  		formPolicyOrder[1] = pOrder
   1.289 @@ -342,6 +419,74 @@ def parsePolicyXml( ):
   1.290  			formatXmlError( msg )
   1.291  			return
   1.292  
   1.293 +	# Process the Labels
   1.294 +	domLabels = domRoot.getElementsByTagName( 'SecurityLabelTemplate' )
   1.295 +	if not domLabels or (len( domLabels ) == 0):
   1.296 +		msg = ''
   1.297 +		msg = msg + '<SecurityLabelTemplate> tag is missing.\n'
   1.298 +		msg = msg + 'Please validate the Policy file used.'
   1.299 +		formatXmlError( msg )
   1.300 +		return
   1.301 +
   1.302 +
   1.303 +	# Process the VMs
   1.304 +	domSubjects = domLabels[0].getElementsByTagName( 'SubjectLabels' )
   1.305 +	if len( domSubjects ) > 0:
   1.306 +		formVmNameDom0[1] = domSubjects[0].getAttribute( 'bootstrap' )
   1.307 +		domNodes = domSubjects[0].getElementsByTagName( 'VirtualMachineLabel' )
   1.308 +		for domNode in domNodes:
   1.309 +			vmName = getName( domNode )
   1.310 +			if vmName == None:
   1.311 +				msg = ''
   1.312 +				msg = msg + 'Error processing the VirtualMachineLabel name.\n'
   1.313 +				msg = msg + 'Please validate the Policy file used.'
   1.314 +				formatXmlError( msg )
   1.315 +				continue
   1.316 +
   1.317 +			steTypes = getSteTypes( domNode )
   1.318 +			if steTypes == None:
   1.319 +				msg = ''
   1.320 +				msg = msg + 'Error processing the SimpleTypeEnforcement types.\n'
   1.321 +				msg = msg + 'Please validate the Policy file used.'
   1.322 +				formatXmlError( msg )
   1.323 +				return
   1.324 +
   1.325 +			chwTypes = getChWTypes( domNode )
   1.326 +			if chwTypes == None:
   1.327 +				msg = ''
   1.328 +				msg = msg + 'Error processing the ChineseWall types.\n'
   1.329 +				msg = msg + 'Please validate the Policy file used.'
   1.330 +				formatXmlError( msg )
   1.331 +				return
   1.332 +
   1.333 +			newVm( vmName, 1 )
   1.334 +			allVmStes[vmName][1] = steTypes
   1.335 +			allVmChWs[vmName][1] = chwTypes
   1.336 +
   1.337 +	# Process the Resources
   1.338 +	domObjects = domLabels[0].getElementsByTagName( 'ObjectLabels' )
   1.339 +	if len( domObjects ) > 0:
   1.340 +		domNodes = domObjects[0].getElementsByTagName( 'ResourceLabel' )
   1.341 +		for domNode in domNodes:
   1.342 +			resName = getName( domNode )
   1.343 +			if resName == None:
   1.344 +				msg = ''
   1.345 +				msg = msg + 'Error processing the ResourceLabel name.\n'
   1.346 +				msg = msg + 'Please validate the Policy file used.'
   1.347 +				formatXmlError( msg )
   1.348 +				continue
   1.349 +
   1.350 +			steTypes = getSteTypes( domNode )
   1.351 +			if steTypes == None:
   1.352 +				msg = ''
   1.353 +				msg = msg + 'Error processing the SimpleTypeEnforcement types.\n'
   1.354 +				msg = msg + 'Please validate the Policy file used.'
   1.355 +				formatXmlError( msg )
   1.356 +				return
   1.357 +
   1.358 +			newRes( resName, 1 )
   1.359 +			allResStes[resName][1] = steTypes
   1.360 +
   1.361  def modFormTemplate( formTemplate, suffix ):
   1.362  	formVar = [x for x in formTemplate]
   1.363  
   1.364 @@ -383,19 +528,80 @@ def newCS( csName, addToList = 0 ):
   1.365  			formCSNames[1].append( csName )
   1.366  			formCSNames[1] = removeDups( formCSNames[1] )
   1.367  
   1.368 +def newVm( vmName, addToList = 0 ):
   1.369 +	global formVmNames
   1.370 +	global templateVmDel, allVmDel, templateVmDom0, allVmDom0
   1.371 +	global templateVmChWs, templateVmChWDel, templateVmChW, templateVmChWAdd
   1.372 +	global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd
   1.373 +	global templateVmStes, templateVmSteDel, templateVmSte, templateVmSteAdd
   1.374 +	global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd
   1.375 +
   1.376 +	# Make sure we have an actual name and check one of the 'all'
   1.377 +	# variables to be sure it hasn't been previously defined
   1.378 +	if (len( vmName ) > 0) and (not allVmDom0.has_key( vmName )):
   1.379 +		vmSuffix = '_' + vmName
   1.380 +		allVmDom0[vmName]   = modFormTemplate( templateVmDom0,   vmSuffix )
   1.381 +		allVmDel[vmName]    = modFormTemplate( templateVmDel,    vmSuffix )
   1.382 +		allVmChWs[vmName]   = modFormTemplate( templateVmChWs,   vmSuffix )
   1.383 +		allVmChWDel[vmName] = modFormTemplate( templateVmChWDel, vmSuffix )
   1.384 +		allVmChW[vmName]    = modFormTemplate( templateVmChW,    vmSuffix )
   1.385 +		allVmChWAdd[vmName] = modFormTemplate( templateVmChWAdd, vmSuffix )
   1.386 +		allVmStes[vmName]   = modFormTemplate( templateVmStes,   vmSuffix )
   1.387 +		allVmSteDel[vmName] = modFormTemplate( templateVmSteDel, vmSuffix )
   1.388 +		allVmSte[vmName]    = modFormTemplate( templateVmSte,    vmSuffix )
   1.389 +		allVmSteAdd[vmName] = modFormTemplate( templateVmSteAdd, vmSuffix )
   1.390 +		if addToList == 1:
   1.391 +			formVmNames[1].append( vmName )
   1.392 +			formVmNames[1] = removeDups( formVmNames[1] )
   1.393 +
   1.394 +def newRes( resName, addToList = 0 ):
   1.395 +	global formResNames
   1.396 +	global templateResDel, allResDel
   1.397 +	global templateResStes, templateResSteDel, templateResSte, templateResSteAdd
   1.398 +	global allResStes, allResSteDel, allResSteType, allResSteAdd
   1.399 +
   1.400 +	# Make sure we have an actual name and check one of the 'all'
   1.401 +	# variables to be sure it hasn't been previously defined
   1.402 +	if (len( resName ) > 0) and (not allResDel.has_key( resName )):
   1.403 +		resSuffix = '_' + resName
   1.404 +		allResDel[resName]    = modFormTemplate( templateResDel,    resSuffix )
   1.405 +		allResStes[resName]   = modFormTemplate( templateResStes,   resSuffix )
   1.406 +		allResSteDel[resName] = modFormTemplate( templateResSteDel, resSuffix )
   1.407 +		allResSte[resName]    = modFormTemplate( templateResSte,    resSuffix )
   1.408 +		allResSteAdd[resName] = modFormTemplate( templateResSteAdd, resSuffix )
   1.409 +		if addToList == 1:
   1.410 +			formResNames[1].append( resName )
   1.411 +			formResNames[1] = removeDups( formResNames[1] )
   1.412 +
   1.413  def updateInfo( ):
   1.414 -	global formData, formPolicyName, formPolicyDate, formPolicyOrder
   1.415 +	global formData, formPolicyName, formPolicyUrl, formPolicyRef, formPolicyDate, formPolicyNSUrl
   1.416 +	global formPolicyOrder
   1.417  
   1.418  	if formData.has_key( formPolicyName[3] ):
   1.419  		formPolicyName[1] = formData[formPolicyName[3]].value
   1.420  	elif formData.has_key( formPolicyUpdate[3] ):
   1.421  		formPolicyName[1] = ''
   1.422  
   1.423 +	if formData.has_key( formPolicyUrl[3] ):
   1.424 +		formPolicyUrl[1] = formData[formPolicyUrl[3]].value
   1.425 +	elif formData.has_key( formPolicyUpdate[3] ):
   1.426 +		formPolicyUrl[1] = ''
   1.427 +
   1.428 +	if formData.has_key( formPolicyRef[3] ):
   1.429 +		formPolicyRef[1] = formData[formPolicyRef[3]].value
   1.430 +	elif formData.has_key( formPolicyUpdate[3] ):
   1.431 +		formPolicyRef[1] = ''
   1.432 +
   1.433  	if formData.has_key( formPolicyDate[3] ):
   1.434  		formPolicyDate[1] = formData[formPolicyDate[3]].value
   1.435  	elif formData.has_key( formPolicyUpdate[3] ):
   1.436  		formPolicyDate[1] = ''
   1.437  
   1.438 +	if formData.has_key( formPolicyNSUrl[3] ):
   1.439 +		formPolicyNSUrl[1] = formData[formPolicyNSUrl[3]].value
   1.440 +	elif formData.has_key( formPolicyUpdate[3] ):
   1.441 +		formPolicyNSUrl[1] = ''
   1.442 +
   1.443  	if formData.has_key( formPolicyOrder[3] ):
   1.444  		formPolicyOrder[1] = formData[formPolicyOrder[3]].value
   1.445  
   1.446 @@ -483,6 +689,136 @@ def delCSMember( csName ):
   1.447  			csm = csm.strip( )
   1.448  			formVar[1].remove( csm )
   1.449  
   1.450 +def addVm( ):
   1.451 +	global formData, fromVmName, formVmNames, formVmNameDom0
   1.452 +
   1.453 +	if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formVmAdd[3] )):
   1.454 +		if formData.has_key( formVmName[3] ):
   1.455 +			vmName = formData[formVmName[3]].value
   1.456 +			vmName = vmName.strip( )
   1.457 +			newVm( vmName, 1 )
   1.458 +			if formVmNameDom0[1] == '':
   1.459 +				formVmNameDom0[1] = vmName
   1.460 +
   1.461 +def delVm( vmName ):
   1.462 +	global formVmNames, formVmNameDom0
   1.463 +	global allVmDel, allVmDom0
   1.464 +	global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd
   1.465 +	global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd
   1.466 +
   1.467 +	vmName = vmName.strip( )
   1.468 +	formVmNames[1].remove( vmName )
   1.469 +	del allVmDom0[vmName]
   1.470 +	del allVmDel[vmName]
   1.471 +	del allVmChWs[vmName]
   1.472 +	del allVmChWDel[vmName]
   1.473 +	del allVmChW[vmName]
   1.474 +	del allVmChWAdd[vmName]
   1.475 +	del allVmStes[vmName]
   1.476 +	del allVmSteDel[vmName]
   1.477 +	del allVmSte[vmName]
   1.478 +	del allVmSteAdd[vmName]
   1.479 +
   1.480 +	if formVmNameDom0[1] == vmName:
   1.481 +		if len( formVmNames[1] ) > 0:
   1.482 +			formVmNameDom0[1] = formVmNames[1][0]
   1.483 +		else:
   1.484 +			formVmNameDom0[1] = ''
   1.485 +
   1.486 +def makeVmDom0( vmName ):
   1.487 +	global formVmNameDom0
   1.488 +
   1.489 +	vmName = vmName.strip( )
   1.490 +	formVmNameDom0[1] = vmName
   1.491 +
   1.492 +def addVmChW( vmName ):
   1.493 +	global formData, allVmChW, allVmChWs
   1.494 +
   1.495 +	formVar = allVmChW[vmName]
   1.496 +	if formData.has_key( formVar[3] ):
   1.497 +		chwList = formData.getlist( formVar[3] )
   1.498 +		formVar = allVmChWs[vmName]
   1.499 +		for chw in chwList:
   1.500 +			chw = chw.strip( )
   1.501 +			formVar[1].append( chw )
   1.502 +			formVar[1] = removeDups( formVar[1] )
   1.503 +
   1.504 +def delVmChW( vmName ):
   1.505 +	global formData, allVmChWs
   1.506 +
   1.507 +	formVar = allVmChWs[vmName]
   1.508 +	if formData.has_key( formVar[3] ):
   1.509 +		chwList = formData.getlist( formVar[3] )
   1.510 +		for chw in chwList:
   1.511 +			chw = chw.strip( )
   1.512 +			formVar[1].remove( chw )
   1.513 +
   1.514 +def addVmSte( vmName ):
   1.515 +	global formData, allVmSte, allVmStes
   1.516 +
   1.517 +	formVar = allVmSte[vmName]
   1.518 +	if formData.has_key( formVar[3] ):
   1.519 +		steList = formData.getlist( formVar[3] )
   1.520 +		formVar = allVmStes[vmName]
   1.521 +		for ste in steList:
   1.522 +			ste = ste.strip( )
   1.523 +			formVar[1].append( ste )
   1.524 +			formVar[1] = removeDups( formVar[1] )
   1.525 +
   1.526 +def delVmSte( vmName ):
   1.527 +	global formData, allVmStes
   1.528 +
   1.529 +	formVar = allVmStes[vmName]
   1.530 +	if formData.has_key( formVar[3] ):
   1.531 +		steList = formData.getlist( formVar[3] )
   1.532 +		for ste in steList:
   1.533 +			ste = ste.strip( )
   1.534 +			formVar[1].remove( ste )
   1.535 +
   1.536 +def addRes( ):
   1.537 +	global formData, fromResName, formResNames
   1.538 +
   1.539 +	if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formResAdd[3] )):
   1.540 +		if formData.has_key( formResName[3] ):
   1.541 +			resName = formData[formResName[3]].value
   1.542 +			resName = resName.strip( )
   1.543 +			newRes( resName, 1 )
   1.544 +
   1.545 +def delRes( resName ):
   1.546 +	global formResNames
   1.547 +	global allResDel
   1.548 +	global allResStes, allResSteDel, allResSteType, allResSteAdd
   1.549 +
   1.550 +	resName = resName.strip( )
   1.551 +	formResNames[1].remove( resName )
   1.552 +	del allResDel[resName]
   1.553 +	del allResStes[resName]
   1.554 +	del allResSteDel[resName]
   1.555 +	del allResSte[resName]
   1.556 +	del allResSteAdd[resName]
   1.557 +
   1.558 +def addResSte( vmName ):
   1.559 +	global formData, allResSte, allResStes
   1.560 +
   1.561 +	formVar = allResSte[vmName]
   1.562 +	if formData.has_key( formVar[3] ):
   1.563 +		steList = formData.getlist( formVar[3] )
   1.564 +		formVar = allResStes[vmName]
   1.565 +		for ste in steList:
   1.566 +			ste = ste.strip( )
   1.567 +			formVar[1].append( ste )
   1.568 +			formVar[1] = removeDups( formVar[1] )
   1.569 +
   1.570 +def delResSte( vmName ):
   1.571 +	global formData, allResStes
   1.572 +
   1.573 +	formVar = allResStes[vmName]
   1.574 +	if formData.has_key( formVar[3] ):
   1.575 +		steList = formData.getlist( formVar[3] )
   1.576 +		for ste in steList:
   1.577 +			ste = ste.strip( )
   1.578 +			formVar[1].remove( ste )
   1.579 +
   1.580  def processRequest( ):
   1.581  	global policyXml
   1.582  	global formData, formPolicyUpdate
   1.583 @@ -490,6 +826,12 @@ def processRequest( ):
   1.584  	global formChWallAdd, formChWallDel
   1.585  	global formCSAdd, allCSDel
   1.586  	global formCSNames, allCSMAdd, allCSMDel
   1.587 +	global formVmAdd
   1.588 +	global formVmNames, allVmDel, allVmDom0
   1.589 +	global allVmChWAdd, allVmChWDel, allVmSteAdd, allVmSteDel
   1.590 +	global formResAdd
   1.591 +	global formResNames, allResDel
   1.592 +	global allResSteAdd, allResSteDel
   1.593  
   1.594  	if policyXml != '':
   1.595  		parsePolicyXml( )
   1.596 @@ -498,11 +840,13 @@ def processRequest( ):
   1.597  	# an action is performed
   1.598  	updateInfo( )
   1.599  
   1.600 -	# Allow the adding of types/sets if the user has hit the
   1.601 -	# enter key when attempting to add a type/set
   1.602 +	# Allow the adding of types/sets/vms if the user has hit the
   1.603 +	# enter key when attempting to add a type/set/vm
   1.604  	addSteType( )
   1.605  	addChWallType( )
   1.606  	addCS( )
   1.607 +	addVm( )
   1.608 +	addRes( )
   1.609  
   1.610  	if formData.has_key( formSteDel[3] ):
   1.611  		delSteType( )
   1.612 @@ -522,6 +866,37 @@ def processRequest( ):
   1.613  			elif formData.has_key( allCSMDel[csName][3] ):
   1.614  				delCSMember( csName )
   1.615  
   1.616 +	for vmName in formVmNames[1]:
   1.617 +		if formData.has_key( allVmDel[vmName][3] ):
   1.618 +			delVm( vmName )
   1.619 +			continue
   1.620 +
   1.621 +		if formData.has_key( allVmDom0[vmName][3] ):
   1.622 +			makeVmDom0( vmName )
   1.623 +
   1.624 +		if formData.has_key( allVmChWAdd[vmName][3] ):
   1.625 +			addVmChW( vmName )
   1.626 +
   1.627 +		elif formData.has_key( allVmChWDel[vmName][3] ):
   1.628 +			delVmChW( vmName )
   1.629 +
   1.630 +		elif formData.has_key( allVmSteAdd[vmName][3] ):
   1.631 +			addVmSte( vmName )
   1.632 +
   1.633 +		elif formData.has_key( allVmSteDel[vmName][3] ):
   1.634 +			delVmSte( vmName )
   1.635 +
   1.636 +	for resName in formResNames[1]:
   1.637 +		if formData.has_key( allResDel[resName][3] ):
   1.638 +			delRes( resName )
   1.639 +			continue
   1.640 +
   1.641 +		if formData.has_key( allResSteAdd[resName][3] ):
   1.642 +			addResSte( resName )
   1.643 +
   1.644 +		elif formData.has_key( allResSteDel[resName][3] ):
   1.645 +			delResSte( resName )
   1.646 +
   1.647  def makeName( name, suffix='' ):
   1.648  	rName = name
   1.649  	if suffix != '':
   1.650 @@ -553,7 +928,7 @@ def makeValue( value, suffix='' ):
   1.651  def makeValueAttr( value, suffix='' ):
   1.652  	return 'value="' + makeValue( value, suffix ) + '"'
   1.653  
   1.654 -def sendHtmlFormVar( formVar, attrs='' ):
   1.655 +def sendHtmlFormVar( formVar, attrs='', rb_select=0 ):
   1.656  	nameAttr  = ''
   1.657  	valueAttr = ''
   1.658  	htmlText  = ''
   1.659 @@ -614,7 +989,7 @@ def sendHtmlFormVar( formVar, attrs='' )
   1.660  
   1.661  				print '<INPUT type="radio"', nameAttr, valueAttr, addAttrs, checked, '>', htmlText, '<BR>'
   1.662  
   1.663 -	if formVar[2] != '':
   1.664 +	if ( formVar[2] != '' ) and ( rb_select == 0 ):
   1.665  		nameAttr = makeNameAttr( formVar[2] )
   1.666  		valueAttr = makeValueAttr( formVar[1] )
   1.667  		print '<INPUT type="hidden"', nameAttr, valueAttr, '>'
   1.668 @@ -625,7 +1000,9 @@ def sendHtmlHeaders( ):
   1.669  	print
   1.670  
   1.671  def sendPolicyHtml( ):
   1.672 -	global xmlError, xmlIncomplete, xmlMessages, formXmlGen
   1.673 +	global xmlError, xmlIncomplete, xmlMessages
   1.674 +	global formDefaultButton, formXmlGen
   1.675 +	global formVmNameDom0
   1.676  
   1.677  	print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"'
   1.678  	print '  "http://www.w3.org/TR/html4/loose.dtd">'
   1.679 @@ -704,12 +1081,17 @@ def sendPolicyHtml( ):
   1.680  	print '  <TR>'
   1.681  	print '    <TD>'
   1.682  	print '      <TABLE class="full">'
   1.683 +	print '        <COLGROUP>'
   1.684 +	print '          <COL width="49%">'
   1.685 +	print '          <COL width="2%">'
   1.686 +	print '          <COL width="49%">'
   1.687 +	print '        </COLGROUP>'
   1.688  	print '        <TR>'
   1.689 -	print '          <TD width="49%">'
   1.690 +	print '          <TD>'
   1.691  	sendPSteHtml( )
   1.692  	print '          </TD>'
   1.693 -	print '          <TD width="2%">&nbsp;</TD>'
   1.694 -	print '          <TD width="49%">'
   1.695 +	print '          <TD>&nbsp;</TD>'
   1.696 +	print '          <TD>'
   1.697  	sendPChWallHtml( )
   1.698  	print '          </TD>'
   1.699  	print '        </TR>'
   1.700 @@ -717,7 +1099,57 @@ def sendPolicyHtml( ):
   1.701  	print '    </TD>'
   1.702  	print '  </TR>'
   1.703  
   1.704 +	# Separator
   1.705 +	print '  <TR>'
   1.706 +	print '    <TD>'
   1.707 +	print '      <HR>'
   1.708 +	print '    </TD>'
   1.709 +	print '  </TR>'
   1.710 +
   1.711 +	# Policy Labels (vms)
   1.712 +	print '  <TR>'
   1.713 +	print '    <TD>'
   1.714 +	print '      <TABLE class="full">'
   1.715 +	print '        <COLGROUP>'
   1.716 +	print '          <COL width="100%">'
   1.717 +	print '        </COLGROUP>'
   1.718 +	print '        <TR>'
   1.719 +	print '          <TD>'
   1.720 +	sendPLSubHtml( )
   1.721 +	print '          </TD>'
   1.722 +	print '        </TR>'
   1.723 +	print '      </TABLE>'
   1.724 +	print '    </TD>'
   1.725 +	print '  </TR>'
   1.726 +
   1.727 +	# Separator
   1.728 +	print '  <TR>'
   1.729 +	print '    <TD>'
   1.730 +	print '      <HR>'
   1.731 +	print '    </TD>'
   1.732 +	print '  </TR>'
   1.733 +
   1.734 +	# Policy Labels (resources)
   1.735 +	print '  <TR>'
   1.736 +	print '    <TD>'
   1.737 +	print '      <TABLE class="full">'
   1.738 +	print '        <COLGROUP>'
   1.739 +	print '          <COL width="100%">'
   1.740 +	print '        </COLGROUP>'
   1.741 +	print '        <TR>'
   1.742 +	print '          <TD>'
   1.743 +	sendPLObjHtml( )
   1.744 +	print '          </TD>'
   1.745 +	print '        </TR>'
   1.746 +	print '      </TABLE>'
   1.747 +	print '    </TD>'
   1.748 +	print '  </TR>'
   1.749 +
   1.750  	print '</TABLE>'
   1.751 +
   1.752 +	# Send some data that needs to be available across sessions
   1.753 +	sendHtmlFormVar( formVmNameDom0 )
   1.754 +
   1.755  	print '</FORM>'
   1.756  	print '</CENTER>'
   1.757  
   1.758 @@ -733,8 +1165,8 @@ def sendHtmlHead( ):
   1.759  	print '<!--'
   1.760  	print 'BODY            {background-color: #EEEEFF;}'
   1.761  	print 'TABLE.container {width:  90%; border: 1px solid black; border-collapse: seperate;}'
   1.762 -	print 'TABLE.fullbox   {width: 100%; border: 1px solid black; border-collapse: collapse;}'
   1.763 -	print 'TABLE.full      {width: 100%; border: 0px solid black; border-collapse: collapse;}'
   1.764 +	print 'TABLE.full      {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}'
   1.765 +	print 'TABLE.fullbox   {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}'
   1.766  	print 'THEAD           {font-weight: bold; font-size: larger;}'
   1.767  	print 'TD              {border: 0px solid black; vertical-align: top;}'
   1.768  	print 'TD.heading      {border: 0px solid black; vertical-align: top; font-weight: bold; font-size: larger;}'
   1.769 @@ -752,7 +1184,8 @@ def sendHtmlHead( ):
   1.770  	print '</HEAD>'
   1.771  
   1.772  def sendPHeaderHtml( ):
   1.773 -	global formPolicyName, formPolicyDate, formPolicyOrder, formPolicyUpdate
   1.774 +	global formPolicyName, formPolicyUrl, formPolicyRef, formPolicyDate, formPolicyNSUrl
   1.775 +	global formPolicyOrder, formPolicyUpdate
   1.776  
   1.777  	# Policy header definition
   1.778  	print '<TABLE class="full">'
   1.779 @@ -770,12 +1203,30 @@ def sendPHeaderHtml( ):
   1.780  	print '    </TD>'
   1.781  	print '  </TR>'
   1.782  	print '  <TR>'
   1.783 +	print '    <TD align="right">Url:</TD>'
   1.784 +	print '    <TD align="left">'
   1.785 +	sendHtmlFormVar( formPolicyUrl, 'class="full"' )
   1.786 +	print '    </TD>'
   1.787 +	print '  </TR>'
   1.788 +	print '  <TR>'
   1.789 +	print '    <TD align="right">Reference:</TD>'
   1.790 +	print '    <TD align="left">'
   1.791 +	sendHtmlFormVar( formPolicyRef, 'class="full"' )
   1.792 +	print '    </TD>'
   1.793 +	print '  </TR>'
   1.794 +	print '  <TR>'
   1.795  	print '    <TD align="right">Date:</TD>'
   1.796  	print '    <TD align="left">'
   1.797  	sendHtmlFormVar( formPolicyDate, 'class="full"' )
   1.798  	print '    </TD>'
   1.799  	print '  </TR>'
   1.800  	print '  <TR>'
   1.801 +	print '    <TD align="right">NameSpace URL:</TD>'
   1.802 +	print '    <TD align="left">'
   1.803 +	sendHtmlFormVar( formPolicyNSUrl, 'class="full"' )
   1.804 +	print '    </TD>'
   1.805 +	print '  </TR>'
   1.806 +	print '  <TR>'
   1.807  	print '    <TD align="right">Primary Policy:</TD>'
   1.808  	print '    <TD align="left">'
   1.809  	sendHtmlFormVar( formPolicyOrder )
   1.810 @@ -983,17 +1434,335 @@ def sendPChWallHtml( ):
   1.811  
   1.812  	print '</TABLE>'
   1.813  
   1.814 +def sendPLSubHtml( ):
   1.815 +	global formVmNames, formVmDel, formVmName, formVmAdd
   1.816 +	global allVmDel, allVmDom0
   1.817 +	global allVmChWs, allVmChWDel, allVmChW, allVmChWAdd
   1.818 +	global allVmStes, allVmSteDel, allVmSte, allVmSteAdd
   1.819 +	global formSteTypes, formChWallTypes
   1.820 +
   1.821 +	print '<TABLE class="full">'
   1.822 +	print '  <COLGROUP>'
   1.823 +	print '    <COL width="100%">'
   1.824 +	print '  </COLGROUP>'
   1.825 +
   1.826 +	# Virtual Machines...
   1.827 +	print '  <TR>'
   1.828 +	print '    <TD>'
   1.829 +	print '      <TABLE class="full">'
   1.830 +	print '        <COLGROUP>'
   1.831 +	print '          <COL width="10%">'
   1.832 +	print '          <COL width="40%">'
   1.833 +	print '          <COL width="50%">'
   1.834 +	print '        </COLGROUP>'
   1.835 +	print '        <TR>'
   1.836 +	print '          <TD class="heading" align="center" colspan="3">Virtual Machine Classes</TD>'
   1.837 +	print '        </TR>'
   1.838 +	print '        <TR>'
   1.839 +	print '          <TD colspan="2">'
   1.840 +	sendHtmlFormVar( formVmName, 'class="full"' )
   1.841 +	sendHtmlFormVar( formVmNames )
   1.842 +	print '          </TD>'
   1.843 +	print '          <TD>&nbsp;</TD>'
   1.844 +	print '        </TR>'
   1.845 +	print '        <TR>'
   1.846 +	print '          <TD>'
   1.847 +	sendHtmlFormVar( formVmAdd, 'class="full"' )
   1.848 +	print '          </TD>'
   1.849 +	print '          <TD colspan="2">'
   1.850 +	print '            Create a new VM class with the above name'
   1.851 +	print '          </TD>'
   1.852 +	print '        </TR>'
   1.853 +	print '      </TABLE>'
   1.854 +	print '    </TD>'
   1.855 +	print '  </TR>'
   1.856 +	if len( formVmNames[1] ) > 0:
   1.857 +		print '  <TR>'
   1.858 +		print '    <TD colspan="1">'
   1.859 +		print '      &nbsp;'
   1.860 +		print '    </TD>'
   1.861 +		print '  </TR>'
   1.862 +		print '  <TR>'
   1.863 +		print '    <TD>'
   1.864 +		print '      <TABLE class="fullbox">'
   1.865 +		print '        <COLGROUP>'
   1.866 +		print '          <COL width="10%">'
   1.867 +		print '          <COL width="40%">'
   1.868 +		print '          <COL width="50%">'
   1.869 +		print '        </COLGROUP>'
   1.870 +		print '        <THEAD>'
   1.871 +		print '          <TR>'
   1.872 +		print '            <TD class="fullbox">Dom 0?</TD>'
   1.873 +		print '            <TD class="fullbox">Name</TD>'
   1.874 +		print '            <TD class="fullbox">Actions</TD>'
   1.875 +		print '          </TR>'
   1.876 +		print '        </THEAD>'
   1.877 +		for i, vmName in enumerate( formVmNames[1] ):
   1.878 +			print '        <TR>'
   1.879 +			print '          <TD class="fullbox">'
   1.880 +			if formVmNameDom0[1] == vmName:
   1.881 +				print 'Yes'
   1.882 +			else:
   1.883 +				print '&nbsp;'
   1.884 +			print '          </TD>'
   1.885 +			print '          <TD class="fullbox">' + vmName + '</TD>'
   1.886 +			print '          <TD class="fullbox">'
   1.887 +			print '            <A href="#' + vmName + '">Edit</A>'
   1.888 +			formVar = allVmDel[vmName]
   1.889 +			sendHtmlFormVar( formVar, 'class="link"' )
   1.890 +			formVar = allVmDom0[vmName]
   1.891 +			sendHtmlFormVar( formVar, 'class="link"' )
   1.892 +			print '          </TD>'
   1.893 +			print '        </TR>'
   1.894 +		print '      </TABLE>'
   1.895 +		print '    </TD>'
   1.896 +		print '  </TR>'
   1.897 +		for vmName in formVmNames[1]:
   1.898 +			print '  <TR>'
   1.899 +			print '    <TD>'
   1.900 +			print '      <HR>'
   1.901 +			print '    </TD>'
   1.902 +			print '  </TR>'
   1.903 +			print '  <TR>'
   1.904 +			print '    <TD>'
   1.905 +			print '      <TABLE class="full">'
   1.906 +			print '        <COLGROUP>'
   1.907 +			print '          <COL width="10%">'
   1.908 +			print '          <COL width="39%">'
   1.909 +			print '          <COL width="2%">'
   1.910 +			print '          <COL width="10%">'
   1.911 +			print '          <COL width="39%">'
   1.912 +			print '        </COLGROUP>'
   1.913 +			print '        <TR>'
   1.914 +			print '          <TD colspan="5" align="center" class="heading">'
   1.915 +			print '            <A name="' + vmName + '">Virtual Machine Class: ' + vmName + '</A>'
   1.916 +			print '          </TD>'
   1.917 +			print '        </TR>'
   1.918 +			print '        <TR>'
   1.919 +			print '          <TD colspan="2" align="center">Simple Type Enforcement Types</TD>'
   1.920 +			print '          <TD>&nbsp;</TD>'
   1.921 +			print '          <TD colspan="2" align="center">Chinese Wall Types</TD>'
   1.922 +			print '        </TR>'
   1.923 +			print '        <TR>'
   1.924 +			print '          <TD colspan="2">'
   1.925 +			formVar = allVmStes[vmName];
   1.926 +			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
   1.927 +			print '          </TD>'
   1.928 +			print '          <TD>&nbsp;</TD>'
   1.929 +			print '          <TD colspan="2">'
   1.930 +			formVar = allVmChWs[vmName];
   1.931 +			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
   1.932 +			print '          </TD>'
   1.933 +			print '        </TR>'
   1.934 +			print '        <TR>'
   1.935 +			print '          <TD>'
   1.936 +			formVar = allVmSteDel[vmName];
   1.937 +			sendHtmlFormVar( formVar, 'class="full"' )
   1.938 +			print '          </TD>'
   1.939 +			print '          <TD>'
   1.940 +			print '            Delete the type(s) selected above'
   1.941 +			print '          </TD>'
   1.942 +			print '          <TD>&nbsp;</TD>'
   1.943 +			print '          <TD>'
   1.944 +			formVar = allVmChWDel[vmName];
   1.945 +			sendHtmlFormVar( formVar, 'class="full"' )
   1.946 +			print '          </TD>'
   1.947 +			print '          <TD>'
   1.948 +			print '            Delete the type(s) selected above'
   1.949 +			print '          </TD>'
   1.950 +			print '        </TR>'
   1.951 +			print '        <TR>'
   1.952 +			print '          <TD colspan="2">'
   1.953 +			stSet = Set( formSteTypes[1] )
   1.954 +			vmSet = Set( allVmStes[vmName][1] )
   1.955 +			formVar = allVmSte[vmName]
   1.956 +			formVar[1] = []
   1.957 +			for steType in stSet.difference( vmSet ):
   1.958 +				formVar[1].append( steType )
   1.959 +			formVar[1].sort( )
   1.960 +			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
   1.961 +			print '          </TD>'
   1.962 +			print '          <TD>&nbsp;</TD>'
   1.963 +			print '          <TD colspan="2">'
   1.964 +			ctSet = Set( formChWallTypes[1] )
   1.965 +			vmSet = Set( allVmChWs[vmName][1] )
   1.966 +			formVar = allVmChW[vmName]
   1.967 +			formVar[1] = []
   1.968 +			for chwallType in ctSet.difference( vmSet ):
   1.969 +				formVar[1].append( chwallType )
   1.970 +			formVar[1].sort( )
   1.971 +			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
   1.972 +			print '          </TD>'
   1.973 +			print '        </TR>'
   1.974 +			print '        <TR>'
   1.975 +			print '          <TD>'
   1.976 +			formVar = allVmSteAdd[vmName];
   1.977 +			sendHtmlFormVar( formVar, 'class="full"' )
   1.978 +			print '          </TD>'
   1.979 +			print '          <TD>'
   1.980 +			print '            Add the type(s) selected above'
   1.981 +			print '          </TD>'
   1.982 +			print '          <TD>&nbsp;</TD>'
   1.983 +			print '          <TD>'
   1.984 +			formVar = allVmChWAdd[vmName];
   1.985 +			sendHtmlFormVar( formVar, 'class="full"' )
   1.986 +			print '          </TD>'
   1.987 +			print '          <TD>'
   1.988 +			print '            Add the type(s) selected above'
   1.989 +			print '          </TD>'
   1.990 +			print '        </TR>'
   1.991 +			print '      </TABLE>'
   1.992 +			print '    </TD>'
   1.993 +			print '  </TR>'
   1.994 +
   1.995 +	print '</TABLE>'
   1.996 +
   1.997 +def sendPLObjHtml( ):
   1.998 +	global formResNames, formResDel, formResName, formResAdd
   1.999 +	global allResDel
  1.1000 +	global allResStes, allResSteDel, allResSte, allResSteAdd
  1.1001 +	global formSteTypes, formChWallTypes
  1.1002 +
  1.1003 +	print '<TABLE class="full">'
  1.1004 +	print '  <COLGROUP>'
  1.1005 +	print '    <COL width="100%">'
  1.1006 +	print '  </COLGROUP>'
  1.1007 +
  1.1008 +	# Resources...
  1.1009 +	print '  <TR>'
  1.1010 +	print '    <TD>'
  1.1011 +	print '      <TABLE class="full">'
  1.1012 +	print '        <COLGROUP>'
  1.1013 +	print '          <COL width="10%">'
  1.1014 +	print '          <COL width="40%">'
  1.1015 +	print '          <COL width="50%">'
  1.1016 +	print '        </COLGROUP>'
  1.1017 +	print '        <TR>'
  1.1018 +	print '          <TD class="heading" align="center" colspan="3">Resource Classes</TD>'
  1.1019 +	print '        </TR>'
  1.1020 +	print '        <TR>'
  1.1021 +	print '          <TD colspan="2">'
  1.1022 +	sendHtmlFormVar( formResName, 'class="full"' )
  1.1023 +	sendHtmlFormVar( formResNames )
  1.1024 +	print '          </TD>'
  1.1025 +	print '          <TD>&nbsp;</TD>'
  1.1026 +	print '        </TR>'
  1.1027 +	print '        <TR>'
  1.1028 +	print '          <TD>'
  1.1029 +	sendHtmlFormVar( formResAdd, 'class="full"' )
  1.1030 +	print '          </TD>'
  1.1031 +	print '          <TD colspan="2">'
  1.1032 +	print '            Create a new Resource class with the above name'
  1.1033 +	print '          </TD>'
  1.1034 +	print '        </TR>'
  1.1035 +	print '      </TABLE>'
  1.1036 +	print '    </TD>'
  1.1037 +	print '  </TR>'
  1.1038 +	if len( formResNames[1] ) > 0:
  1.1039 +		print '  <TR>'
  1.1040 +		print '    <TD colspan="1">'
  1.1041 +		print '      &nbsp;'
  1.1042 +		print '    </TD>'
  1.1043 +		print '  </TR>'
  1.1044 +		print '  <TR>'
  1.1045 +		print '    <TD>'
  1.1046 +		print '      <TABLE class="fullbox">'
  1.1047 +		print '        <COLGROUP>'
  1.1048 +		print '          <COL width="50%">'
  1.1049 +		print '          <COL width="50%">'
  1.1050 +		print '        </COLGROUP>'
  1.1051 +		print '        <THEAD>'
  1.1052 +		print '          <TR>'
  1.1053 +		print '            <TD class="fullbox">Name</TD>'
  1.1054 +		print '            <TD class="fullbox">Actions</TD>'
  1.1055 +		print '          </TR>'
  1.1056 +		print '        </THEAD>'
  1.1057 +		for i, resName in enumerate( formResNames[1] ):
  1.1058 +			print '        <TR>'
  1.1059 +			print '          <TD class="fullbox">' + resName + '</TD>'
  1.1060 +			print '          <TD class="fullbox">'
  1.1061 +			print '            <A href="#' + resName + '">Edit</A>'
  1.1062 +			formVar = allResDel[resName]
  1.1063 +			sendHtmlFormVar( formVar, 'class="link"' )
  1.1064 +			print '          </TD>'
  1.1065 +			print '        </TR>'
  1.1066 +		print '      </TABLE>'
  1.1067 +		print '    </TD>'
  1.1068 +		print '  </TR>'
  1.1069 +		for resName in formResNames[1]:
  1.1070 +			print '  <TR>'
  1.1071 +			print '    <TD>'
  1.1072 +			print '      <HR>'
  1.1073 +			print '    </TD>'
  1.1074 +			print '  </TR>'
  1.1075 +			print '  <TR>'
  1.1076 +			print '    <TD>'
  1.1077 +			print '      <TABLE class="full">'
  1.1078 +			print '        <COLGROUP>'
  1.1079 +			print '          <COL width="10%">'
  1.1080 +			print '          <COL width="90%">'
  1.1081 +			print '        </COLGROUP>'
  1.1082 +			print '        <TR>'
  1.1083 +			print '          <TD colspan="2" align="center" class="heading">'
  1.1084 +			print '            <A name="' + resName + '">Resource Class: ' + resName + '</A>'
  1.1085 +			print '          </TD>'
  1.1086 +			print '        </TR>'
  1.1087 +			print '        <TR>'
  1.1088 +			print '          <TD colspan="2" align="center">Simple Type Enforcement Types</TD>'
  1.1089 +			print '        </TR>'
  1.1090 +			print '        <TR>'
  1.1091 +			print '          <TD colspan="2">'
  1.1092 +			formVar = allResStes[resName];
  1.1093 +			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
  1.1094 +			print '          </TD>'
  1.1095 +			print '        </TR>'
  1.1096 +			print '        <TR>'
  1.1097 +			print '          <TD>'
  1.1098 +			formVar = allResSteDel[resName];
  1.1099 +			sendHtmlFormVar( formVar, 'class="full"' )
  1.1100 +			print '          </TD>'
  1.1101 +			print '          <TD>'
  1.1102 +			print '            Delete the type(s) selected above'
  1.1103 +			print '          </TD>'
  1.1104 +			print '        </TR>'
  1.1105 +			print '        <TR>'
  1.1106 +			print '          <TD colspan="2">'
  1.1107 +			stSet = Set( formSteTypes[1] )
  1.1108 +			resSet = Set( allResStes[resName][1] )
  1.1109 +			formVar = allResSte[resName]
  1.1110 +			formVar[1] = []
  1.1111 +			for steType in stSet.difference( resSet ):
  1.1112 +				formVar[1].append( steType )
  1.1113 +			formVar[1].sort( )
  1.1114 +			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
  1.1115 +			print '          </TD>'
  1.1116 +			print '        </TR>'
  1.1117 +			print '        <TR>'
  1.1118 +			print '          <TD>'
  1.1119 +			formVar = allResSteAdd[resName];
  1.1120 +			sendHtmlFormVar( formVar, 'class="full"' )
  1.1121 +			print '          </TD>'
  1.1122 +			print '          <TD>'
  1.1123 +			print '            Add the type(s) selected above'
  1.1124 +			print '          </TD>'
  1.1125 +			print '        </TR>'
  1.1126 +			print '      </TABLE>'
  1.1127 +			print '    </TD>'
  1.1128 +			print '  </TR>'
  1.1129 +
  1.1130 +	print '</TABLE>'
  1.1131 +
  1.1132  def checkXmlData( ):
  1.1133  	global xmlIncomplete
  1.1134 +	global formPolicyName, formPolicyOrder
  1.1135 +	global formChWallTypes, formSteTypes, formCSNames
  1.1136  
  1.1137  	# Validate the Policy Header requirements
  1.1138 -	if ( len( formPolicyName[1] ) > 0 ) or ( len( formPolicyDate[1] ) > 0 ):
  1.1139 -		if ( len( formPolicyName[1] ) == 0 ) or ( len( formPolicyDate[1] ) == 0 ):
  1.1140 -			msg = ''
  1.1141 -			msg = msg + 'The XML policy schema requires that the Policy '
  1.1142 -			msg = msg + 'Information Name and Date fields both have values '
  1.1143 -			msg = msg + 'or both not have values.'
  1.1144 -			formatXmlGenError( msg )
  1.1145 +	if ( len( formPolicyName[1] ) == 0 ):
  1.1146 +		msg = ''
  1.1147 +		msg = msg + 'The XML policy schema requires that the Policy '
  1.1148 +		msg = msg + 'Information Name field have a value.'
  1.1149 +		formatXmlGenError( msg )
  1.1150  
  1.1151  	if formPolicyOrder[1] == 'v_ChWall':
  1.1152  		if len( formChWallTypes[1] ) == 0:
  1.1153 @@ -1014,14 +1783,6 @@ def checkXmlData( ):
  1.1154  			msg = msg + 'primary policy.'
  1.1155  			formatXmlGenError( msg )
  1.1156  
  1.1157 -	# Validate the Chinese Wall required data
  1.1158 -	if len( formChWallTypes[1] ) > 0:
  1.1159 -		if len( formCSNames[1] ) == 0:
  1.1160 -			msg = ''
  1.1161 -			msg = msg + 'The XML policy schema for the Chinese Wall '
  1.1162 -			msg = msg + 'requires at least one Conflict Set be defined.'
  1.1163 -			formatXmlGenError( msg )
  1.1164 -
  1.1165  def sendXmlHeaders( ):
  1.1166  	# HTML headers
  1.1167  	print 'Content-Type: text/xml'
  1.1168 @@ -1042,17 +1803,28 @@ def sendPolicyXml( ):
  1.1169  	sendPSteXml( )
  1.1170  	sendPChWallXml( )
  1.1171  
  1.1172 +	# Policy Labels (subjects and objects)
  1.1173 +	print '<SecurityLabelTemplate>'
  1.1174 +	sendPLSubXml( )
  1.1175 +	sendPLObjXml( )
  1.1176 +	print '</SecurityLabelTemplate>'
  1.1177  	print '</SecurityPolicyDefinition>'
  1.1178  
  1.1179  def sendPHeaderXml( ):
  1.1180 -	global formPolicyName, formPolicyDate
  1.1181 +	global formPolicyName, formPolicyUrl, formPolicyRef, formPolicyDate, formPolicyNSUrl
  1.1182  
  1.1183  	# Policy header definition
  1.1184 -	if ( len( formPolicyName[1] ) > 0 ) or ( len( formPolicyDate[1] ) > 0 ):
  1.1185 -		print '<PolicyHeader>'
  1.1186 -		print '  <Name>' + formPolicyName[1] + '</Name>'
  1.1187 +	print '<PolicyHeader>'
  1.1188 +	print '  <PolicyName>' + formPolicyName[1] + '</PolicyName>'
  1.1189 +	if len( formPolicyUrl[1] ) > 0:
  1.1190 +		print '  <PolicyUrl>' + formPolicyUrl[1] + '</PolicyUrl>'
  1.1191 +	if len( formPolicyRef[1] ) > 0:
  1.1192 +		print '  <Reference>' + formPolicyRef[1] + '</Reference>'
  1.1193 +	if len( formPolicyDate[1] ) > 0:
  1.1194  		print '  <Date>' + formPolicyDate[1] + '</Date>'
  1.1195 -		print '</PolicyHeader>'
  1.1196 +	if len( formPolicyNSUrl[1] ) > 0:
  1.1197 +		print '  <NameSpaceUrl>' + formPolicyNSUrl[1] + '</NameSpaceUrl>'
  1.1198 +	print '</PolicyHeader>'
  1.1199  
  1.1200  def sendPSteXml( ):
  1.1201  	global formPolicyOrder, formSteTypes
  1.1202 @@ -1091,20 +1863,72 @@ def sendPChWallXml( ):
  1.1203  		print '    <Type>' + chWallType + '</Type>'
  1.1204  	print '  </ChineseWallTypes>'
  1.1205  
  1.1206 -	# Chinese Wall Conflict Sets...
  1.1207 -	print '  <ConflictSets>'
  1.1208 -	for cs in formCSNames[1]:
  1.1209 -		formVar = allCSMTypes[cs]
  1.1210 -		if len( formVar[1] ) == 0:
  1.1211 -			continue
  1.1212 -		print '    <Conflict name="' + cs + '">'
  1.1213 -		for csm in formVar[1]:
  1.1214 -			print '      <Type>' + csm + '</Type>'
  1.1215 -		print '    </Conflict>'
  1.1216 -	print '  </ConflictSets>'
  1.1217 +	# Chinese Wall Conflict Sets (if any) ...
  1.1218 +	if len( formCSNames[1] ) > 0:
  1.1219 +		print '  <ConflictSets>'
  1.1220 +		for cs in formCSNames[1]:
  1.1221 +			formVar = allCSMTypes[cs]
  1.1222 +			if len( formVar[1] ) == 0:
  1.1223 +				continue
  1.1224 +			print '    <Conflict name="' + cs + '">'
  1.1225 +			for csm in formVar[1]:
  1.1226 +				print '      <Type>' + csm + '</Type>'
  1.1227 +			print '    </Conflict>'
  1.1228 +		print '  </ConflictSets>'
  1.1229  
  1.1230  	print '</ChineseWall>'
  1.1231  
  1.1232 +def sendPLSubXml( ):
  1.1233 +	global formVmNames, allVmChWs, allVmStes
  1.1234 +
  1.1235 +	# Virtual machines...
  1.1236 +	if len( formVmNames[1] ) == 0:
  1.1237 +		return
  1.1238 +
  1.1239 +	print '  <SubjectLabels bootstrap="' + formVmNameDom0[1] + '">'
  1.1240 +	for vmName in formVmNames[1]:
  1.1241 +		print '    <VirtualMachineLabel>'
  1.1242 +		print '      <Name>' + vmName + '</Name>'
  1.1243 +		formVar = allVmStes[vmName]
  1.1244 +		if len( formVar[1] ) > 0:
  1.1245 +			print '      <SimpleTypeEnforcementTypes>'
  1.1246 +			for ste in formVar[1]:
  1.1247 +				print '      <Type>' + ste + '</Type>'
  1.1248 +			print '      </SimpleTypeEnforcementTypes>'
  1.1249 +
  1.1250 +		formVar = allVmChWs[vmName]
  1.1251 +		if len( formVar[1] ) > 0:
  1.1252 +			print '      <ChineseWallTypes>'
  1.1253 +			for chw in formVar[1]:
  1.1254 +				print '        <Type>' + chw + '</Type>'
  1.1255 +			print '      </ChineseWallTypes>'
  1.1256 +
  1.1257 +		print '    </VirtualMachineLabel>'
  1.1258 +
  1.1259 +	print '  </SubjectLabels>'
  1.1260 +
  1.1261 +def sendPLObjXml( ):
  1.1262 +	global formResNames, allResStes
  1.1263 +
  1.1264 +	# Resources...
  1.1265 +	if len( formResNames[1] ) == 0:
  1.1266 +		return
  1.1267 +
  1.1268 +	print '  <ObjectLabels>'
  1.1269 +	for resName in formResNames[1]:
  1.1270 +		print '    <ResourceLabel>'
  1.1271 +		print '      <Name>' + resName + '</Name>'
  1.1272 +		formVar = allResStes[resName]
  1.1273 +		if len( formVar[1] ) > 0:
  1.1274 +			print '      <SimpleTypeEnforcementTypes>'
  1.1275 +			for ste in formVar[1]:
  1.1276 +				print '        <Type>' + ste + '</Type>'
  1.1277 +			print '      </SimpleTypeEnforcementTypes>'
  1.1278 +
  1.1279 +		print '    </ResourceLabel>'
  1.1280 +
  1.1281 +	print '  </ObjectLabels>'
  1.1282 +
  1.1283  
  1.1284  # Set up initial HTML variables
  1.1285  headTitle = 'Xen Policy Generation'
  1.1286 @@ -1125,6 +1949,20 @@ formPolicyName    = [ 'text',
  1.1287  			'',
  1.1288  			'',
  1.1289  		    ]
  1.1290 +formPolicyUrl     = [ 'text',
  1.1291 +			'',
  1.1292 +			'h_policyUrl',
  1.1293 +			'i_policyUrl',
  1.1294 +			'',
  1.1295 +			'',
  1.1296 +			]
  1.1297 +formPolicyRef    = [ 'text',
  1.1298 +			'',
  1.1299 +			'h_policyRef',
  1.1300 +			'i_policyRef',
  1.1301 +			'',
  1.1302 +			'',
  1.1303 +			]
  1.1304  formPolicyDate    = [ 'text',
  1.1305  			getCurrentTime( ),
  1.1306  			'h_policyDate',
  1.1307 @@ -1132,6 +1970,13 @@ formPolicyDate    = [ 'text',
  1.1308  			'',
  1.1309  			'',
  1.1310  		    ]
  1.1311 +formPolicyNSUrl   = [ 'text',
  1.1312 +			'',
  1.1313 +			'h_policyNSUrl',
  1.1314 +			'i_policyNSUrl',
  1.1315 +			'',
  1.1316 +			'',
  1.1317 +			]
  1.1318  formPolicyOrder   = [ 'radiobutton-all',
  1.1319  			'v_ChWall',
  1.1320  			'h_policyOrder',
  1.1321 @@ -1289,13 +2134,218 @@ allCSMDel         = {};
  1.1322  allCSMType        = {};
  1.1323  allCSMAdd         = {};
  1.1324  
  1.1325 +formVmNames       = [ '',
  1.1326 +			[],
  1.1327 +			'h_vmNames',
  1.1328 +			'',
  1.1329 +			'',
  1.1330 +			'',
  1.1331 +		    ]
  1.1332 +formVmDel         = [ 'button',
  1.1333 +			'',
  1.1334 +			'',
  1.1335 +			'i_vmDel',
  1.1336 +			'Delete',
  1.1337 +			'',
  1.1338 +		    ]
  1.1339 +formVmName        = [ 'text',
  1.1340 +			'',
  1.1341 +			'',
  1.1342 +			'i_vmName',
  1.1343 +			'',
  1.1344 +			'',
  1.1345 +		    ]
  1.1346 +formVmAdd         = [ 'button',
  1.1347 +			'',
  1.1348 +			'',
  1.1349 +			'i_vmAdd',
  1.1350 +			'New',
  1.1351 +			'',
  1.1352 +		    ]
  1.1353 +
  1.1354 +formVmNameDom0    = [ '',
  1.1355 +			'',
  1.1356 +			'h_vmDom0',
  1.1357 +			'',
  1.1358 +			'',
  1.1359 +			'',
  1.1360 +		    ]
  1.1361 +
  1.1362 +# This is a set of templates used for each virtual machine
  1.1363 +#   Each virtual machine is initially assigned these templates,
  1.1364 +#   then each form attribute value is changed to append
  1.1365 +#   "_virtual-machine-name" for uniqueness.
  1.1366 +templateVmDel     = [ 'button',
  1.1367 +			'',
  1.1368 +			'',
  1.1369 +			'i_vmDel',
  1.1370 +			'Delete',
  1.1371 +			'',
  1.1372 +		    ]
  1.1373 +templateVmDom0    = [ 'button',
  1.1374 +			'',
  1.1375 +			'',
  1.1376 +			'i_vmDom0',
  1.1377 +			'SetDom0',
  1.1378 +			'',
  1.1379 +		    ]
  1.1380 +allVmDel          = {};
  1.1381 +allVmDom0         = {};
  1.1382 +
  1.1383 +templateVmChWs    = [ 'list',
  1.1384 +			[],
  1.1385 +			'h_vmChWs',
  1.1386 +			'i_vmChWs',
  1.1387 +			'',
  1.1388 +			'',
  1.1389 +		    ]
  1.1390 +templateVmChWDel  = [ 'button',
  1.1391 +			'',
  1.1392 +			'',
  1.1393 +			'i_vmChWDel',
  1.1394 +			'Delete',
  1.1395 +			'',
  1.1396 +		    ]
  1.1397 +templateVmChW     = [ 'list',
  1.1398 +			[],
  1.1399 +			'',
  1.1400 +			'i_vmChW',
  1.1401 +			'',
  1.1402 +			'',
  1.1403 +		    ]
  1.1404 +templateVmChWAdd  = [ 'button',
  1.1405 +			'',
  1.1406 +			'',
  1.1407 +			'i_vmChWAdd',
  1.1408 +			'Add',
  1.1409 +			'',
  1.1410 +		    ]
  1.1411 +allVmChWs         = {};
  1.1412 +allVmChWDel       = {};
  1.1413 +allVmChW          = {};
  1.1414 +allVmChWAdd       = {};
  1.1415 +
  1.1416 +templateVmStes    = [ 'list',
  1.1417 +			[],
  1.1418 +			'h_vmStes',
  1.1419 +			'i_vmStes',
  1.1420 +			'',
  1.1421 +			'',
  1.1422 +		    ]
  1.1423 +templateVmSteDel  = [ 'button',
  1.1424 +			'',
  1.1425 +			'',
  1.1426 +			'i_vmSteDel',
  1.1427 +			'Delete',
  1.1428 +			'',
  1.1429 +		    ]
  1.1430 +templateVmSte     = [ 'list',
  1.1431 +			[],
  1.1432 +			'',
  1.1433 +			'i_vmSte',
  1.1434 +			'',
  1.1435 +			'',
  1.1436 +		    ]
  1.1437 +templateVmSteAdd  = [ 'button',
  1.1438 +			'',
  1.1439 +			'',
  1.1440 +			'i_vmSteAdd',
  1.1441 +			'Add',
  1.1442 +			'',
  1.1443 +		    ]
  1.1444 +allVmStes         = {};
  1.1445 +allVmSteDel       = {};
  1.1446 +allVmSte          = {};
  1.1447 +allVmSteAdd       = {};
  1.1448 +
  1.1449 +formResNames      = [ '',
  1.1450 +			[],
  1.1451 +			'h_resNames',
  1.1452 +			'',
  1.1453 +			'',
  1.1454 +			'',
  1.1455 +		    ]
  1.1456 +formResDel        = [ 'button',
  1.1457 +			'',
  1.1458 +			'',
  1.1459 +			'i_resDel',
  1.1460 +			'Delete',
  1.1461 +			'',
  1.1462 +		    ]
  1.1463 +formResName       = [ 'text',
  1.1464 +			'',
  1.1465 +			'',
  1.1466 +			'i_resName',
  1.1467 +			'',
  1.1468 +			'',
  1.1469 +		    ]
  1.1470 +formResAdd        = [ 'button',
  1.1471 +			'',
  1.1472 +			'',
  1.1473 +			'i_resAdd',
  1.1474 +			'New',
  1.1475 +			'',
  1.1476 +		    ]
  1.1477 +
  1.1478 +# This is a set of templates used for each resource
  1.1479 +#   Each resource is initially assigned these templates,
  1.1480 +#   then each form attribute value is changed to append
  1.1481 +#   "_resource-name" for uniqueness.
  1.1482 +templateResDel    = [ 'button',
  1.1483 +			'',
  1.1484 +			'',
  1.1485 +			'i_resDel',
  1.1486 +			'Delete',
  1.1487 +			'',
  1.1488 +		    ]
  1.1489 +allResDel         = {};
  1.1490 +
  1.1491 +templateResStes   = [ 'list',
  1.1492 +			[],
  1.1493 +			'h_resStes',
  1.1494 +			'i_resStes',
  1.1495 +			'',
  1.1496 +			'',
  1.1497 +		    ]
  1.1498 +templateResSteDel = [ 'button',
  1.1499 +			'',
  1.1500 +			'',
  1.1501 +			'i_resSteDel',
  1.1502 +			'Delete',
  1.1503 +			'',
  1.1504 +		    ]
  1.1505 +templateResSte    = [ 'list',
  1.1506 +			[],
  1.1507 +			'',
  1.1508 +			'i_resSte',
  1.1509 +			'',
  1.1510 +			'',
  1.1511 +		    ]
  1.1512 +templateResSteAdd = [ 'button',
  1.1513 +			'',
  1.1514 +			'',
  1.1515 +			'i_resSteAdd',
  1.1516 +			'Add',
  1.1517 +			'',
  1.1518 +		    ]
  1.1519 +allResStes        = {};
  1.1520 +allResSteDel      = {};
  1.1521 +allResSte         = {};
  1.1522 +allResSteAdd      = {};
  1.1523 +
  1.1524  # A list of all form variables used for saving info across requests
  1.1525  formVariables     = [ formPolicyName,
  1.1526 +			formPolicyUrl,
  1.1527 +			formPolicyRef,
  1.1528  			formPolicyDate,
  1.1529 +			formPolicyNSUrl,
  1.1530  			formPolicyOrder,
  1.1531  			formSteTypes,
  1.1532  			formChWallTypes,
  1.1533  			formCSNames,
  1.1534 +			formVmNames,
  1.1535 +			formVmNameDom0,
  1.1536 +			formResNames,
  1.1537  		    ]
  1.1538  
  1.1539  policyXml         = ''
     2.1 --- a/tools/security/python/xensec_gen/cgi-bin/policylabel.cgi	Mon Apr 24 10:51:50 2006 +0100
     2.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.3 @@ -1,1396 +0,0 @@
     2.4 -#!/usr/bin/python
     2.5 -#
     2.6 -# The Initial Developer of the Original Code is International
     2.7 -# Business Machines Corporation. Portions created by IBM
     2.8 -# Corporation are Copyright (C) 2005 International Business
     2.9 -# Machines Corporation. All Rights Reserved.
    2.10 -#
    2.11 -# This program is free software; you can redistribute it and/or modify
    2.12 -# it under the terms of the GNU General Public License as published by
    2.13 -# the Free Software Foundation; either version 2 of the License,
    2.14 -# or (at your option) any later version.
    2.15 -#
    2.16 -# This program is distributed in the hope that it will be useful,
    2.17 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
    2.18 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    2.19 -# GNU General Public License for more details.
    2.20 -#
    2.21 -# You should have received a copy of the GNU General Public License
    2.22 -# along with this program; if not, write to the Free Software
    2.23 -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
    2.24 -#
    2.25 -
    2.26 -import os
    2.27 -import cgi
    2.28 -import cgitb; cgitb.enable( )
    2.29 -import time
    2.30 -import xml.dom.minidom
    2.31 -import xml.sax
    2.32 -import xml.sax.handler
    2.33 -from StringIO import StringIO
    2.34 -from sets import Set
    2.35 -
    2.36 -def getSavedData( ):
    2.37 -	global formData, policyXml, policyLabelXml
    2.38 -	global formVariables, formVmNames
    2.39 -	global allVmChWs, allVmStes
    2.40 -
    2.41 -	# Process the XML upload policy file
    2.42 -	if formData.has_key( 'i_policy' ):
    2.43 -		dataList = formData.getlist( 'i_policy' )
    2.44 -		if len( dataList ) > 0:
    2.45 -			policyXml = dataList[0].strip( )
    2.46 -
    2.47 -	# The XML upload policy file must be specified at the start
    2.48 -	if formData.has_key( 'i_policyLabelCreate' ):
    2.49 -		if policyXml == '':
    2.50 -			msg = ''
    2.51 -			msg = msg + 'A Policy file was not supplied.  A Policy file '
    2.52 -			msg = msg + 'must be supplied in order to successfully create '
    2.53 -			msg = msg + 'a Policy Labeling file.'
    2.54 -			formatXmlError( msg )
    2.55 -
    2.56 -	# Process the XML upload policy label file
    2.57 -	if formData.has_key( 'i_policyLabel' ):
    2.58 -		dataList = formData.getlist( 'i_policyLabel' )
    2.59 -		if len( dataList ) > 0:
    2.60 -			policyLabelXml = dataList[0].strip( )
    2.61 -
    2.62 -	# Process all the hidden input variables (if present)
    2.63 -	for formVar in formVariables:
    2.64 -		if formVar[2] == '':
    2.65 -			continue
    2.66 -
    2.67 -		if formData.has_key( formVar[2] ):
    2.68 -			dataList = formData.getlist( formVar[2] )
    2.69 -			if len( dataList ) > 0:
    2.70 -				if isinstance( formVar[1], list ):
    2.71 -					exec 'formVar[1] = ' + dataList[0]
    2.72 -				else:
    2.73 -					formVar[1] = dataList[0]
    2.74 -
    2.75 -	# The form can contain any number of "Virtual Machines"
    2.76 -	#   so update the list of form variables to include
    2.77 -	#   each virtual machine (hidden input variable)
    2.78 -	for vmName in formVmNames[1]:
    2.79 -		newVm( vmName )
    2.80 -
    2.81 -		vmFormVar = allVmChWs[vmName]
    2.82 -		if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ):
    2.83 -			dataList = formData.getlist( vmFormVar[2] )
    2.84 -			if len( dataList ) > 0:
    2.85 -				if isinstance( vmFormVar[1], list ):
    2.86 -					exec 'vmFormVar[1] = ' + dataList[0]
    2.87 -				else:
    2.88 -					vmFormVar[1] = dataList[0]
    2.89 -
    2.90 -		vmFormVar = allVmStes[vmName]
    2.91 -		if (vmFormVar[2] != '') and formData.has_key( vmFormVar[2] ):
    2.92 -			dataList = formData.getlist( vmFormVar[2] )
    2.93 -			if len( dataList ) > 0:
    2.94 -				if isinstance( vmFormVar[1], list ):
    2.95 -					exec 'vmFormVar[1] = ' + dataList[0]
    2.96 -				else:
    2.97 -					vmFormVar[1] = dataList[0]
    2.98 -
    2.99 -def getCurrentTime( ):
   2.100 -	return time.strftime( '%Y-%m-%d %H:%M:%S', time.localtime( ) )
   2.101 -
   2.102 -def getName( domNode ):
   2.103 -	nameNodes = domNode.getElementsByTagName( 'Name' )
   2.104 -	if len( nameNodes ) == 0:
   2.105 -		formatXmlError( '"<Name>" tag is missing' )
   2.106 -		return None
   2.107 -
   2.108 -	name = ''
   2.109 -	for childNode in nameNodes[0].childNodes:
   2.110 -		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
   2.111 -			name = name + childNode.data
   2.112 -
   2.113 -	return name
   2.114 -
   2.115 -def getDate( domNode ):
   2.116 -	dateNodes = domNode.getElementsByTagName( 'Date' )
   2.117 -	if len( dateNodes ) == 0:
   2.118 -		formatXmlError( '"<Date>" tag is missing' )
   2.119 -		return None
   2.120 -
   2.121 -	date = ''
   2.122 -	for childNode in dateNodes[0].childNodes:
   2.123 -		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
   2.124 -			date = date + childNode.data
   2.125 -
   2.126 -	return date
   2.127 -
   2.128 -def getDefUrl( domNode ):
   2.129 -	domNodes = domNode.getElementsByTagName( 'PolicyName' )
   2.130 -	if len( domNodes ) == 0:
   2.131 -		formatXmlError( '"<PolicyName>" tag is missing' )
   2.132 -		return None
   2.133 -
   2.134 -	urlNodes = domNode.getElementsByTagName( 'Url' )
   2.135 -	if len( urlNodes ) == 0:
   2.136 -		formatXmlError( '"<Url>" tag is missing' )
   2.137 -		return None
   2.138 -
   2.139 -	url = ''
   2.140 -	for childNode in urlNodes[0].childNodes:
   2.141 -		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
   2.142 -			url = url + childNode.data
   2.143 -
   2.144 -	return url
   2.145 -
   2.146 -def getDefRef( domNode ):
   2.147 -	domNodes = domNode.getElementsByTagName( 'PolicyName' )
   2.148 -	if len( domNodes ) == 0:
   2.149 -		formatXmlError( '"<PolicyName>" tag is missing' )
   2.150 -		return None
   2.151 -
   2.152 -	refNodes = domNode.getElementsByTagName( 'Reference' )
   2.153 -	if len( refNodes ) == 0:
   2.154 -		formatXmlError( '"<Reference>" tag is missing' )
   2.155 -		return None
   2.156 -
   2.157 -	ref = ''
   2.158 -	for childNode in refNodes[0].childNodes:
   2.159 -		if childNode.nodeType == xml.dom.Node.TEXT_NODE:
   2.160 -			ref = ref + childNode.data
   2.161 -
   2.162 -	return ref
   2.163 -
   2.164 -def getSteTypes( domNode, missingIsError = 0 ):
   2.165 -	steNodes = domNode.getElementsByTagName( 'SimpleTypeEnforcementTypes' )
   2.166 -	if len( steNodes ) == 0:
   2.167 -		if missingIsError == 1:
   2.168 -			formatXmlError( '"<SimpleTypeEnforcementTypes>" tag is missing' )
   2.169 -			return None
   2.170 -		else:
   2.171 -			return []
   2.172 -
   2.173 -	return getTypes( steNodes[0] )
   2.174 -
   2.175 -def getChWTypes( domNode, missingIsError = 0 ):
   2.176 -	chwNodes = domNode.getElementsByTagName( 'ChineseWallTypes' )
   2.177 -	if len( chwNodes ) == 0:
   2.178 -		if missingIsError == 1:
   2.179 -			formatXmlError( '"<ChineseWallTypes>" tag is missing' )
   2.180 -			return None
   2.181 -		else:
   2.182 -			return []
   2.183 -
   2.184 -	return getTypes( chwNodes[0] )
   2.185 -
   2.186 -def getTypes( domNode ):
   2.187 -	types = []
   2.188 -
   2.189 -	domNodes = domNode.getElementsByTagName( 'Type' )
   2.190 -	if len( domNodes ) == 0:
   2.191 -		formatXmlError( '"<Type>" tag is missing' )
   2.192 -		return None
   2.193 -
   2.194 -	for domNode in domNodes:
   2.195 -		typeText = ''
   2.196 -		for childNode in domNode.childNodes:
   2.197 -			if childNode.nodeType == xml.dom.Node.TEXT_NODE:
   2.198 -				typeText = typeText + childNode.data
   2.199 -
   2.200 -		if typeText == '':
   2.201 -			formatXmlError( 'No text associated with the "<Type>" tag' )
   2.202 -			return None
   2.203 -
   2.204 -		types.append( typeText )
   2.205 -
   2.206 -	return types
   2.207 -
   2.208 -def formatXmlError( msg, xml = '', lineNum = -1, colNum = -1 ):
   2.209 -	global xmlMessages, xmlError
   2.210 -
   2.211 -	xmlError = 1
   2.212 -	addMsg = cgi.escape( msg )
   2.213 -
   2.214 -	if lineNum != -1:
   2.215 -		sio = StringIO( xml )
   2.216 -		for xmlLine in sio:
   2.217 -			lineNum = lineNum - 1
   2.218 -			if lineNum == 0:
   2.219 -				break;
   2.220 -
   2.221 -		addMsg += '<BR><PRE>' + cgi.escape( xmlLine.rstrip( ) )
   2.222 -
   2.223 -		if colNum != -1:
   2.224 -			errLine = ''
   2.225 -			for i in range( colNum ):
   2.226 -				errLine = errLine + '-'
   2.227 -
   2.228 -			addMsg += '\n' + errLine + '^'
   2.229 -
   2.230 -		addMsg += '</PRE>'
   2.231 -
   2.232 -	xmlMessages.append( addMsg )
   2.233 -
   2.234 -def formatXmlGenError( msg ):
   2.235 -	global xmlMessages, xmlIncomplete
   2.236 -
   2.237 -	xmlIncomplete = 1
   2.238 -	xmlMessages.append( cgi.escape( msg ) )
   2.239 -
   2.240 -def parseXml( xmlInput ):
   2.241 -	global xmlMessages, xmlError, xmlLine, xmlColumn
   2.242 -
   2.243 -	xmlParser  = xml.sax.make_parser( )
   2.244 -	try:
   2.245 -		domDoc = xml.dom.minidom.parseString( xmlInput, xmlParser )
   2.246 -
   2.247 -	except xml.sax.SAXParseException, xmlErr:
   2.248 -		msg = ''
   2.249 -		msg = msg + 'XML parsing error occurred at line '
   2.250 -		msg = msg + `xmlErr.getLineNumber( )`
   2.251 -		msg = msg + ', column '
   2.252 -		msg = msg + `xmlErr.getColumnNumber( )`
   2.253 -		msg = msg + ': reason = "'
   2.254 -		msg = msg + xmlErr.getMessage( )
   2.255 -		msg = msg + '"'
   2.256 -		formatXmlError( msg, xmlInput, xmlErr.getLineNumber( ), xmlErr.getColumnNumber( ) )
   2.257 -		return None
   2.258 -
   2.259 -	except xml.sax.SAXException, xmlErr:
   2.260 -		msg = ''
   2.261 -		msg = msg + 'XML Parsing error: ' + `xmlErr`
   2.262 -		formatXmlError( msg, xmlInput, xmlErr.getLineNumber( ), xmlErr.getColumnNumber( ) )
   2.263 -		return None
   2.264 -
   2.265 -	return domDoc
   2.266 -
   2.267 -def parsePolicyXml( ):
   2.268 -	global policyXml
   2.269 -	global formSteTypes, formChWallTypes
   2.270 -
   2.271 -	domDoc = parseXml( policyXml )
   2.272 -	if domDoc == None:
   2.273 -		return
   2.274 -
   2.275 -	domRoot  = domDoc.documentElement
   2.276 -	domNodes = domRoot.getElementsByTagName( 'SimpleTypeEnforcement' )
   2.277 -	if len( domNodes ) > 0:
   2.278 -		steTypes = getSteTypes( domNodes[0], 1 )
   2.279 -		if steTypes == None:
   2.280 -			msg = ''
   2.281 -			msg = msg + 'Error processing the SimpleTypeEnforcement types.\n'
   2.282 -			msg = msg + 'Please validate the Policy Definition file used.'
   2.283 -			formatXmlError( msg )
   2.284 -			return
   2.285 -
   2.286 -		formSteTypes[1] = steTypes
   2.287 -
   2.288 -	domNodes = domRoot.getElementsByTagName( 'ChineseWall' )
   2.289 -	if len( domNodes ) > 0:
   2.290 -		chwTypes = getChWTypes( domNodes[0], 1 )
   2.291 -		if chwTypes == None:
   2.292 -			msg = ''
   2.293 -			msg = msg + 'Error processing the ChineseWall types.\n'
   2.294 -			msg = msg + 'Please validate the Policy Definition file used.'
   2.295 -			formatXmlError( msg )
   2.296 -			return
   2.297 -
   2.298 -		formChWallTypes[1] = chwTypes
   2.299 -
   2.300 -def parsePolicyLabelXml( ):
   2.301 -	global policyLabelXml
   2.302 -
   2.303 -	domDoc = parseXml( policyLabelXml )
   2.304 -	if domDoc == None:
   2.305 -		return
   2.306 -
   2.307 -	domRoot     = domDoc.documentElement
   2.308 -	domHeaders = domRoot.getElementsByTagName( 'LabelHeader' )
   2.309 -	if len( domHeaders ) == 0:
   2.310 -		msg = ''
   2.311 -		msg = msg + '"<LabelHeader>" tag is missing.\n'
   2.312 -		msg = msg + 'Please validate the Policy Labeling file used.'
   2.313 -		formatXmlError( msg )
   2.314 -		return
   2.315 -
   2.316 -	pName = getName( domHeaders[0] )
   2.317 -	if pName == None:
   2.318 -		msg = ''
   2.319 -		msg = msg + 'Error processing the Policy Labeling header information.\n'
   2.320 -		msg = msg + 'Please validate the Policy Labeling file used.'
   2.321 -		formatXmlError( msg )
   2.322 -		return
   2.323 -
   2.324 -	formPolicyLabelName[1] = pName
   2.325 -
   2.326 -	pDate = getDate( domHeaders[0] )
   2.327 -	if pDate == None:
   2.328 -		msg = ''
   2.329 -		msg = msg + 'Error processing the Policy Labeling header information.\n'
   2.330 -		msg = msg + 'Please validate the Policy Labeling file used.'
   2.331 -		formatXmlError( msg )
   2.332 -		return
   2.333 -
   2.334 -	formPolicyLabelDate[1] = pDate
   2.335 -
   2.336 -	pUrl = getDefUrl( domHeaders[0] )
   2.337 -	if pUrl == None:
   2.338 -		msg = ''
   2.339 -		msg = msg + 'Error processing the Policy Labeling header information.\n'
   2.340 -		msg = msg + 'Please validate the Policy Labeling file used.'
   2.341 -		formatXmlError( msg )
   2.342 -		return
   2.343 -
   2.344 -	formPolicyUrl[1] = pUrl
   2.345 -
   2.346 -	pRef = getDefRef( domHeaders[0] )
   2.347 -	if pRef == None:
   2.348 -		msg = ''
   2.349 -		msg = msg + 'Error processing the Policy Labeling header information.\n'
   2.350 -		msg = msg + 'Please validate the Policy Labeling file used.'
   2.351 -		formatXmlError( msg )
   2.352 -		return
   2.353 -
   2.354 -	formPolicyRef[1] = pRef
   2.355 -
   2.356 -	domSubjects = domRoot.getElementsByTagName( 'SubjectLabels' )
   2.357 -	if len( domSubjects ) > 0:
   2.358 -		formVmNameDom0[1] = domSubjects[0].getAttribute( 'bootstrap' )
   2.359 -		domNodes = domSubjects[0].getElementsByTagName( 'VirtualMachineLabel' )
   2.360 -		for domNode in domNodes:
   2.361 -			vmName = getName( domNode )
   2.362 -			if vmName == None:
   2.363 -				msg = ''
   2.364 -				msg = msg + 'Error processing the VirtualMachineLabel name.\n'
   2.365 -				msg = msg + 'Please validate the Policy Labeling file used.'
   2.366 -				formatXmlError( msg )
   2.367 -				continue
   2.368 -
   2.369 -			steTypes = getSteTypes( domNode )
   2.370 -			if steTypes == None:
   2.371 -				msg = ''
   2.372 -				msg = msg + 'Error processing the SimpleTypeEnforcement types.\n'
   2.373 -				msg = msg + 'Please validate the Policy Labeling file used.'
   2.374 -				formatXmlError( msg )
   2.375 -				return
   2.376 -
   2.377 -			chwTypes = getChWTypes( domNode )
   2.378 -			if chwTypes == None:
   2.379 -				msg = ''
   2.380 -				msg = msg + 'Error processing the ChineseWall types.\n'
   2.381 -				msg = msg + 'Please validate the Policy Labeling file used.'
   2.382 -				formatXmlError( msg )
   2.383 -				return
   2.384 -
   2.385 -			newVm( vmName, 1 )
   2.386 -			allVmStes[vmName][1] = steTypes
   2.387 -			allVmChWs[vmName][1] = chwTypes
   2.388 -
   2.389 -def removeDups( curList ):
   2.390 -	newList = []
   2.391 -	curSet  = Set( curList )
   2.392 -	for x in curSet:
   2.393 -		newList.append( x )
   2.394 -	newList.sort( )
   2.395 -
   2.396 -	return newList
   2.397 -
   2.398 -def newVm( vmName, addToList = 0 ):
   2.399 -	global formVmNames
   2.400 -	global templateVmDel, allVmDel, templateVmDom0, allVmDom0
   2.401 -	global templateVmChWs, templateVmChWDel, templateVmChW, templateVmChWAdd
   2.402 -	global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd
   2.403 -	global templateVmStes, templateVmSteDel, templateVmSte, templateVmSteAdd
   2.404 -	global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd
   2.405 -
   2.406 -	# Make sure we have an actual name and check one of the 'all'
   2.407 -	# variables to be sure it hasn't been previously defined
   2.408 -	if (len( vmName ) > 0) and (not allVmDom0.has_key( vmName )):
   2.409 -		vmSuffix = '_' + vmName
   2.410 -		allVmDom0[vmName]   = modFormTemplate( templateVmDom0,   vmSuffix )
   2.411 -		allVmDel[vmName]    = modFormTemplate( templateVmDel,    vmSuffix )
   2.412 -		allVmChWs[vmName]   = modFormTemplate( templateVmChWs,   vmSuffix )
   2.413 -		allVmChWDel[vmName] = modFormTemplate( templateVmChWDel, vmSuffix )
   2.414 -		allVmChW[vmName]    = modFormTemplate( templateVmChW,    vmSuffix )
   2.415 -		allVmChWAdd[vmName] = modFormTemplate( templateVmChWAdd, vmSuffix )
   2.416 -		allVmStes[vmName]   = modFormTemplate( templateVmStes,   vmSuffix )
   2.417 -		allVmSteDel[vmName] = modFormTemplate( templateVmSteDel, vmSuffix )
   2.418 -		allVmSte[vmName]    = modFormTemplate( templateVmSte,    vmSuffix )
   2.419 -		allVmSteAdd[vmName] = modFormTemplate( templateVmSteAdd, vmSuffix )
   2.420 -		if addToList == 1:
   2.421 -			formVmNames[1].append( vmName )
   2.422 -			formVmNames[1] = removeDups( formVmNames[1] )
   2.423 -
   2.424 -def updateInfo( ):
   2.425 -	global formData, formPolicyLabelName, formPolicyLabelDate
   2.426 -	global formPolicyUrl, formPolicyRef
   2.427 -
   2.428 -	if formData.has_key( formPolicyLabelName[3] ):
   2.429 -		formPolicyLabelName[1] = formData[formPolicyLabelName[3]].value
   2.430 -	elif formData.has_key( formPolicyLabelUpdate[3] ):
   2.431 -		formPolicyLabelName[1] = ''
   2.432 -
   2.433 -	if formData.has_key( formPolicyLabelDate[3] ):
   2.434 -		formPolicyLabelDate[1] = formData[formPolicyLabelDate[3]].value
   2.435 -	elif formData.has_key( formPolicyLabelUpdate[3] ):
   2.436 -		formPolicyLabelDate[1] = ''
   2.437 -
   2.438 -	if formData.has_key( formPolicyUrl[3] ):
   2.439 -		formPolicyUrl[1] = formData[formPolicyUrl[3]].value
   2.440 -	elif formData.has_key( formPolicyLabelUpdate[3] ):
   2.441 -		formPolicyUrl[1] = ''
   2.442 -
   2.443 -	if formData.has_key( formPolicyRef[3] ):
   2.444 -		formPolicyRef[1] = formData[formPolicyRef[3]].value
   2.445 -	elif formData.has_key( formPolicyLabelUpdate[3] ):
   2.446 -		formPolicyRef[1] = ''
   2.447 -
   2.448 -def addVm( ):
   2.449 -	global formData, fromVmName, formVmNames, formVmNameDom0
   2.450 -
   2.451 -	if (formData.has_key( formDefaultButton[3] )) or (formData.has_key( formVmAdd[3] )):
   2.452 -		if formData.has_key( formVmName[3] ):
   2.453 -			vmName = formData[formVmName[3]].value
   2.454 -			vmName = vmName.strip( )
   2.455 -			newVm( vmName, 1 )
   2.456 -			if formVmNameDom0[1] == '':
   2.457 -				formVmNameDom0[1] = vmName
   2.458 -
   2.459 -def delVm( vmName ):
   2.460 -	global formVmNames, formVmNameDom0
   2.461 -	global allVmDel, allVmDom0
   2.462 -	global allVmChWs, allVmChWDel, allVmChWType, allVmChWAdd
   2.463 -	global allVmStes, allVmSteDel, allVmSteType, allVmSteAdd
   2.464 -
   2.465 -	vmName = vmName.strip( )
   2.466 -	formVmNames[1].remove( vmName )
   2.467 -	del allVmDom0[vmName]
   2.468 -	del allVmDel[vmName]
   2.469 -	del allVmChWs[vmName]
   2.470 -	del allVmChWDel[vmName]
   2.471 -	del allVmChW[vmName]
   2.472 -	del allVmChWAdd[vmName]
   2.473 -	del allVmStes[vmName]
   2.474 -	del allVmSteDel[vmName]
   2.475 -	del allVmSte[vmName]
   2.476 -	del allVmSteAdd[vmName]
   2.477 -
   2.478 -	if formVmNameDom0[1] == vmName:
   2.479 -		if len( formVmNames[1] ) > 0:
   2.480 -			formVmNameDom0[1] = formVmNames[1][0]
   2.481 -		else:
   2.482 -			formVmNameDom0[1] = ''
   2.483 -
   2.484 -def makeVmDom0( vmName ):
   2.485 -	global formVmNameDom0
   2.486 -
   2.487 -	vmName = vmName.strip( )
   2.488 -	formVmNameDom0[1] = vmName
   2.489 -
   2.490 -def addVmChW( chwName ):
   2.491 -	global formData, allVmChW, allVmChWs
   2.492 -
   2.493 -	formVar = allVmChW[chwName]
   2.494 -	if formData.has_key( formVar[3] ):
   2.495 -		chwList = formData.getlist( formVar[3] )
   2.496 -		formVar = allVmChWs[chwName]
   2.497 -		for chw in chwList:
   2.498 -			chw = chw.strip( )
   2.499 -			formVar[1].append( chw )
   2.500 -			formVar[1] = removeDups( formVar[1] )
   2.501 -
   2.502 -def delVmChW( chwName ):
   2.503 -	global formData, allVmChWs
   2.504 -
   2.505 -	formVar = allVmChWs[chwName]
   2.506 -	if formData.has_key( formVar[3] ):
   2.507 -		chwList = formData.getlist( formVar[3] )
   2.508 -		for chw in chwList:
   2.509 -			chw = chw.strip( )
   2.510 -			formVar[1].remove( chw )
   2.511 -
   2.512 -def addVmSte( steName ):
   2.513 -	global formData, allVmSte, allVmStes
   2.514 -
   2.515 -	formVar = allVmSte[steName]
   2.516 -	if formData.has_key( formVar[3] ):
   2.517 -		steList = formData.getlist( formVar[3] )
   2.518 -		formVar = allVmStes[steName]
   2.519 -		for ste in steList:
   2.520 -			ste = ste.strip( )
   2.521 -			formVar[1].append( ste )
   2.522 -			formVar[1] = removeDups( formVar[1] )
   2.523 -
   2.524 -def delVmSte( steName ):
   2.525 -	global formData, allVmStes
   2.526 -
   2.527 -	formVar = allVmStes[steName]
   2.528 -	if formData.has_key( formVar[3] ):
   2.529 -		steList = formData.getlist( formVar[3] )
   2.530 -		for ste in steList:
   2.531 -			ste = ste.strip( )
   2.532 -			formVar[1].remove( ste )
   2.533 -
   2.534 -def processRequest( ):
   2.535 -	global formData, policyXml, policyLabelXml, formPolicyLabelUpdate
   2.536 -	global formVmAdd
   2.537 -	global formVmNames, allVmDel, allVmDom0
   2.538 -	global allVmChWAdd, allVmChWDel, allVmSteAdd, allVmSteDel
   2.539 -
   2.540 -	if policyXml != '':
   2.541 -		parsePolicyXml( )
   2.542 -
   2.543 -	if policyLabelXml != '':
   2.544 -		parsePolicyLabelXml( )
   2.545 -
   2.546 -	# Allow the updating of the header information whenever
   2.547 -	# an action is performed
   2.548 -	updateInfo( )
   2.549 -
   2.550 -	# Allow the adding of labels if the user has hit the
   2.551 -	# enter key when attempting to add a type/set
   2.552 -	addVm( )
   2.553 -
   2.554 -	for vmName in formVmNames[1]:
   2.555 -		if formData.has_key( allVmDel[vmName][3] ):
   2.556 -			delVm( vmName )
   2.557 -			continue
   2.558 -
   2.559 -		if formData.has_key( allVmDom0[vmName][3] ):
   2.560 -			makeVmDom0( vmName )
   2.561 -
   2.562 -		if formData.has_key( allVmChWAdd[vmName][3] ):
   2.563 -			addVmChW( vmName )
   2.564 -
   2.565 -		elif formData.has_key( allVmChWDel[vmName][3] ):
   2.566 -			delVmChW( vmName )
   2.567 -
   2.568 -		elif formData.has_key( allVmSteAdd[vmName][3] ):
   2.569 -			addVmSte( vmName )
   2.570 -
   2.571 -		elif formData.has_key( allVmSteDel[vmName][3] ):
   2.572 -			delVmSte( vmName )
   2.573 -
   2.574 -def modFormTemplate( formTemplate, suffix ):
   2.575 -	formVar = [x for x in formTemplate]
   2.576 -
   2.577 -	if formVar[2] != '':
   2.578 -		formVar[2] = formVar[2] + suffix
   2.579 -	if formVar[3] != '':
   2.580 -		formVar[3] = formVar[3] + suffix
   2.581 -	if (formVar[0] != 'button') and (formVar[4] != ''):
   2.582 -		formVar[4] = formVar[4] + suffix
   2.583 -
   2.584 -	return formVar;
   2.585 -
   2.586 -def makeName( name, suffix='' ):
   2.587 -	rName = name
   2.588 -	if suffix != '':
   2.589 -		rName = rName + '_' + suffix
   2.590 -
   2.591 -	return rName
   2.592 -
   2.593 -def makeNameAttr( name, suffix='' ):
   2.594 -	return 'name="' + makeName( name, suffix ) + '"'
   2.595 -
   2.596 -def makeValue( value, suffix='' ):
   2.597 -	rValue = value
   2.598 -
   2.599 -	if isinstance( value, list ):
   2.600 -		rValue = '['
   2.601 -		for val in value:
   2.602 -			rValue = rValue + '\'' + val
   2.603 -			if suffix != '':
   2.604 -				rValue = rValue + '_' + suffix
   2.605 -			rValue = rValue + '\','
   2.606 -		rValue = rValue + ']'
   2.607 -
   2.608 -	else:
   2.609 -		if suffix != '':
   2.610 -			rValue = rValue + '_' + suffix
   2.611 -
   2.612 -	return rValue
   2.613 -
   2.614 -def makeValueAttr( value, suffix='' ):
   2.615 -	return 'value="' + makeValue( value, suffix ) + '"'
   2.616 -
   2.617 -def sendHtmlFormVar( formVar, attrs='', rb_select=0 ):
   2.618 -	nameAttr  = ''
   2.619 -	valueAttr = ''
   2.620 -	htmlText  = ''
   2.621 -
   2.622 -	if formVar[0] == 'text':
   2.623 -		if formVar[3] != '':
   2.624 -			nameAttr = makeNameAttr( formVar[3] )
   2.625 -		valueAttr = makeValueAttr( formVar[1] )
   2.626 -
   2.627 -		print '<INPUT type="text"', nameAttr, valueAttr, attrs, '>'
   2.628 -
   2.629 -	elif formVar[0] == 'list':
   2.630 -		if formVar[3] != '':
   2.631 -			nameAttr = makeNameAttr( formVar[3] )
   2.632 -
   2.633 -		print '<SELECT', nameAttr, attrs, '>'
   2.634 -		for option in formVar[1]:
   2.635 -			print '<OPTION>' + option + '</OPTION>'
   2.636 -		print '</SELECT>'
   2.637 -
   2.638 -	elif formVar[0] == 'button':
   2.639 -		if formVar[3] != '':
   2.640 -			nameAttr = makeNameAttr( formVar[3] )
   2.641 -		if formVar[4] != '':
   2.642 -			valueAttr = makeValueAttr( formVar[4] )
   2.643 -
   2.644 -		print '<INPUT type="submit"', nameAttr, valueAttr, attrs, '>'
   2.645 -
   2.646 -	elif formVar[0] == 'radiobutton':
   2.647 -		if formVar[3] != '':
   2.648 -			nameAttr  = makeNameAttr( formVar[3] )
   2.649 -			valueAttr = makeValueAttr( formVar[4][rb_select] )
   2.650 -			htmlText  = formVar[5][rb_select]
   2.651 -			if formVar[4][rb_select] == formVar[1]:
   2.652 -				checked = 'checked'
   2.653 -			else:
   2.654 -				checked = ''
   2.655 -
   2.656 -			print '<INPUT type="radio"', nameAttr, valueAttr, attrs, checked, '>', htmlText
   2.657 -
   2.658 -	elif formVar[0] == 'radiobutton-all':
   2.659 -		if formVar[3] != '':
   2.660 -			nameAttr = makeNameAttr( formVar[3] )
   2.661 -			buttonVals  = formVar[4]
   2.662 -			for i, buttonVal in enumerate( buttonVals ):
   2.663 -				htmlText = ''
   2.664 -				addAttrs = ''
   2.665 -				checked  = ''
   2.666 -
   2.667 -				valueAttr = makeValueAttr( buttonVal )
   2.668 -				if formVar[5] != '':
   2.669 -					htmlText = formVar[5][i]
   2.670 -				if attrs != '':
   2.671 -					addAttrs = attrs[i]
   2.672 -				if buttonVal == formVar[1]:
   2.673 -					checked = 'checked'
   2.674 -
   2.675 -				print '<INPUT type="radio"', nameAttr, valueAttr, addAttrs, checked, '>', htmlText
   2.676 -
   2.677 -	if ( formVar[2] != '' ) and ( rb_select == 0 ):
   2.678 -		nameAttr = makeNameAttr( formVar[2] )
   2.679 -		valueAttr = makeValueAttr( formVar[1] )
   2.680 -		print '<INPUT type="hidden"', nameAttr, valueAttr, '>'
   2.681 -
   2.682 -def sendHtmlHeaders( ):
   2.683 -	# HTML headers
   2.684 -	print 'Content-Type: text/html'
   2.685 -	print
   2.686 -
   2.687 -def sendPolicyLabelHtml( ):
   2.688 -	global xmlError, xmlIncomplete, xmlMessages, formXmlGen
   2.689 -	global formVmNameDom0, formSteTypes, formChWallTypes
   2.690 -
   2.691 -	print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"'
   2.692 -	print '  "http://www.w3.org/TR/html4/loose.dtd">'
   2.693 -
   2.694 -	print '<HTML>'
   2.695 -
   2.696 -	sendHtmlHead( )
   2.697 -
   2.698 -	print '<BODY>'
   2.699 -
   2.700 -	# An input XML file was specified that had errors, output the
   2.701 -	# error information
   2.702 -	if xmlError == 1:
   2.703 -		print '<P>'
   2.704 -		print 'An error has been encountered while processing the input'
   2.705 -		print 'XML file:'
   2.706 -		print '<UL>'
   2.707 -		for msg in xmlMessages:
   2.708 -			print '<LI>'
   2.709 -			print msg
   2.710 -		print '</UL>'
   2.711 -		print '</BODY>'
   2.712 -		print '</HTML>'
   2.713 -		return
   2.714 -
   2.715 -	# When attempting to generate the XML output, all required data was not
   2.716 -	# present, output the error information
   2.717 -	if xmlIncomplete == 1:
   2.718 -		print '<P>'
   2.719 -		print 'An error has been encountered while validating the data'
   2.720 -		print 'required for the output XML file:'
   2.721 -		print '<UL>'
   2.722 -		for msg in xmlMessages:
   2.723 -			print '<LI>'
   2.724 -			print msg
   2.725 -		print '</UL>'
   2.726 -		print '</BODY>'
   2.727 -		print '</HTML>'
   2.728 -		return
   2.729 -
   2.730 -	print '<CENTER>'
   2.731 -	print '<FORM action="' + os.environ['SCRIPT_NAME'] + '" method="post">'
   2.732 -	print '<TABLE class="container">'
   2.733 -	print '  <COLGROUP>'
   2.734 -	print '    <COL width="100%">'
   2.735 -	print '  </COLGROUP>'
   2.736 -
   2.737 -	print '  <TR>'
   2.738 -	print '    <TD>'
   2.739 -	sendHtmlFormVar( formDefaultButton, 'class="hidden"' )
   2.740 -	print '    </TD>'
   2.741 -	print '  </TR>'
   2.742 -	print '  <TR>'
   2.743 -	print '    <TD>'
   2.744 -	sendHtmlFormVar( formXmlGen )
   2.745 -	print '    </TD>'
   2.746 -	print '  </TR>'
   2.747 -
   2.748 -	# Policy Labeling header
   2.749 -	print '  <TR>'
   2.750 -	print '    <TD>'
   2.751 -	sendPLHeaderHtml( )
   2.752 -	print '    </TD>'
   2.753 -	print '  </TR>'
   2.754 -
   2.755 -	# Separator
   2.756 -	print '  <TR>'
   2.757 -	print '    <TD>'
   2.758 -	print '      <HR>'
   2.759 -	print '    </TD>'
   2.760 -	print '  </TR>'
   2.761 -
   2.762 -	# Policy Labels (vms)
   2.763 -	print '  <TR>'
   2.764 -	print '    <TD>'
   2.765 -	print '      <TABLE class="full">'
   2.766 -	print '        <TR>'
   2.767 -	print '          <TD width="100%">'
   2.768 -	sendPLSubHtml( )
   2.769 -	print '          </TD>'
   2.770 -	print '        </TR>'
   2.771 -	print '      </TABLE>'
   2.772 -	print '    </TD>'
   2.773 -	print '  </TR>'
   2.774 -
   2.775 -	print '</TABLE>'
   2.776 -
   2.777 -	# Send some data that needs to be available across sessions
   2.778 -	sendHtmlFormVar( formVmNameDom0 )
   2.779 -	sendHtmlFormVar( formSteTypes )
   2.780 -	sendHtmlFormVar( formChWallTypes )
   2.781 -
   2.782 -	print '</FORM>'
   2.783 -	print '</CENTER>'
   2.784 -
   2.785 -	print '</BODY>'
   2.786 -
   2.787 -	print '</HTML>'
   2.788 -
   2.789 -def sendHtmlHead( ):
   2.790 -	global headTitle
   2.791 -
   2.792 -	print '<HEAD>'
   2.793 -	print '<STYLE type="text/css">'
   2.794 -	print '<!--'
   2.795 -	print 'BODY            {background-color: #EEEEFF;}'
   2.796 -	print 'TABLE.container {width:  90%; border: 1px solid black; border-collapse: seperate;}'
   2.797 -	print 'TABLE.full      {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}'
   2.798 -	print 'TABLE.fullbox   {width: 100%; border: 0px solid black; border-collapse: collapse; border-spacing: 3px;}'
   2.799 -	print 'THEAD           {font-weight: bold; font-size: larger;}'
   2.800 -	print 'TD              {border: 0px solid black; vertical-align: top;}'
   2.801 -	print 'TD.heading      {border: 0px solid black; vertical-align: top; font-weight: bold; font-size: larger;}'
   2.802 -	print 'TD.subheading   {border: 0px solid black; vertical-align: top; font-size: smaller;}'
   2.803 -	print 'TD.fullbox      {border: 1px solid black; vertical-align: top;}'
   2.804 -	print 'SELECT.full     {width: 100%;}'
   2.805 -	print 'INPUT.full      {width: 100%;}'
   2.806 -	print 'INPUT.link      {cursor: pointer; background-color: #EEEEFF; border: 0px; text-decoration: underline; color: blue;}'
   2.807 -	print 'INPUT.hidden    {visibility: hidden; width: 1px; height: 1px;}'
   2.808 -	print ':link           {color: blue;}'
   2.809 -	print ':visited        {color: red;}'
   2.810 -	print '-->'
   2.811 -	print '</STYLE>'
   2.812 -	print '<TITLE>', headTitle, '</TITLE>'
   2.813 -	print '</HEAD>'
   2.814 -
   2.815 -def sendPLHeaderHtml( ):
   2.816 -	global formPolicyLabelName, formPolicyLabelDate
   2.817 -	global formPolicyUrl, formPolicyRef
   2.818 -	global formPolicyLabelUpdate
   2.819 -
   2.820 -	# Policy Labeling header definition
   2.821 -	print '<TABLE class="full">'
   2.822 -	print '  <COLGROUP>'
   2.823 -	print '    <COL width="20%">'
   2.824 -	print '    <COL width="80%">'
   2.825 -	print '  </COLGROUP>'
   2.826 -	print '  <TR>'
   2.827 -	print '    <TD class="heading" align="center" colspan="2">Policy Labeling Information</TD>'
   2.828 -	print '  </TR>'
   2.829 -	print '  <TR>'
   2.830 -	print '    <TD align="right">Name:</TD>'
   2.831 -	print '    <TD align="left">'
   2.832 -	sendHtmlFormVar( formPolicyLabelName, 'class="full"' )
   2.833 -	print '    </TD>'
   2.834 -	print '  </TR>'
   2.835 -	print '  <TR>'
   2.836 -	print '    <TD align="right">Date:</TD>'
   2.837 -	print '    <TD align="left">'
   2.838 -	sendHtmlFormVar( formPolicyLabelDate, 'class="full"' )
   2.839 -	print '    </TD>'
   2.840 -	print '  </TR>'
   2.841 -	print '  <TR>'
   2.842 -	print '    <TD align="right">Policy URL:</TD>'
   2.843 -	print '    <TD align="left">'
   2.844 -	sendHtmlFormVar( formPolicyUrl, 'class="full"' )
   2.845 -	print '    </TD>'
   2.846 -	print '  </TR>'
   2.847 -	print '  <TR>'
   2.848 -	print '    <TD align="right">Policy Reference:</TD>'
   2.849 -	print '    <TD align="left">'
   2.850 -	sendHtmlFormVar( formPolicyRef, 'class="full"' )
   2.851 -	print '    </TD>'
   2.852 -	print '  </TR>'
   2.853 -	print '  <TR>'
   2.854 -	print '    <TD align="center" colspan="2">'
   2.855 -	sendHtmlFormVar( formPolicyLabelUpdate )
   2.856 -	print '    </TD>'
   2.857 -	print '  </TR>'
   2.858 -	print '  <TR>'
   2.859 -	print '    <TD align="center" colspan="2" class="subheading">'
   2.860 -	print '      (The Policy Labeling Information is updated whenever an action is performed'
   2.861 -	print '       or it can be updated separately using the "Update" button)'
   2.862 -	print '    </TD>'
   2.863 -	print '  </TR>'
   2.864 -	print '</TABLE>'
   2.865 -
   2.866 -def sendPLSubHtml( ):
   2.867 -	global formVmNames, formVmDel, formVmName, formVmAdd
   2.868 -	global allVmDel, allVmDom0
   2.869 -	global allVmChWs, allVmChWDel, allVmChW, allVmChWAdd
   2.870 -	global allVmStes, allVmSteDel, allVmSte, allVmSteAdd
   2.871 -	global formSteTypes, formChWallTypes
   2.872 -
   2.873 -	print '<TABLE class="full">'
   2.874 -	print '  <COLGROUP>'
   2.875 -	print '    <COL width="100%">'
   2.876 -	print '  </COLGROUP>'
   2.877 -
   2.878 -	# Virtual Machines...
   2.879 -	print '  <TR>'
   2.880 -	print '    <TD>'
   2.881 -	print '      <TABLE class="full">'
   2.882 -	print '        <COLGROUP>'
   2.883 -	print '          <COL width="10%">'
   2.884 -	print '          <COL width="40%">'
   2.885 -	print '          <COL width="50%">'
   2.886 -	print '        </COLGROUP>'
   2.887 -	print '        <TR>'
   2.888 -	print '          <TD class="heading" align="center" colspan="3">Virtual Machine Classes</TD>'
   2.889 -	print '        </TR>'
   2.890 -	print '        <TR>'
   2.891 -	print '          <TD colspan="2">'
   2.892 -	sendHtmlFormVar( formVmName, 'class="full"' )
   2.893 -	sendHtmlFormVar( formVmNames )
   2.894 -	print '          </TD>'
   2.895 -	print '          <TD>&nbsp;</TD>'
   2.896 -	print '        </TR>'
   2.897 -	print '        <TR>'
   2.898 -	print '          <TD>'
   2.899 -	sendHtmlFormVar( formVmAdd, 'class="full"' )
   2.900 -	print '          </TD>'
   2.901 -	print '          <TD colspan="2">'
   2.902 -	print '            Create a new VM class with the above name'
   2.903 -	print '          </TD>'
   2.904 -	print '        </TR>'
   2.905 -	print '      </TABLE>'
   2.906 -	print '    </TD>'
   2.907 -	print '  </TR>'
   2.908 -	if len( formVmNames[1] ) > 0:
   2.909 -		print '  <TR>'
   2.910 -		print '    <TD colspan="1">'
   2.911 -		print '      &nbsp;'
   2.912 -		print '    </TD>'
   2.913 -		print '  </TR>'
   2.914 -		print '  <TR>'
   2.915 -		print '    <TD>'
   2.916 -		print '      <TABLE class="fullbox">'
   2.917 -		print '        <COLGROUP>'
   2.918 -		print '          <COL width="10%">'
   2.919 -		print '          <COL width="40%">'
   2.920 -		print '          <COL width="50%">'
   2.921 -		print '        </COLGROUP>'
   2.922 -		print '        <THEAD>'
   2.923 -		print '          <TR>'
   2.924 -		print '            <TD class="fullbox">Dom 0?</TD>'
   2.925 -		print '            <TD class="fullbox">Name</TD>'
   2.926 -		print '            <TD class="fullbox">Actions</TD>'
   2.927 -		print '          </TR>'
   2.928 -		print '        </THEAD>'
   2.929 -		for i, vmName in enumerate( formVmNames[1] ):
   2.930 -			print '        <TR>'
   2.931 -			print '          <TD class="fullbox">'
   2.932 -			if formVmNameDom0[1] == vmName:
   2.933 -				print 'Yes'
   2.934 -			else:
   2.935 -				print '&nbsp;'
   2.936 -			print '          </TD>'
   2.937 -			print '          <TD class="fullbox">' + vmName + '</TD>'
   2.938 -			print '          <TD class="fullbox">'
   2.939 -			print '            <A href="#' + vmName + '">Edit</A>'
   2.940 -			formVar = allVmDel[vmName]
   2.941 -			sendHtmlFormVar( formVar, 'class="link"' )
   2.942 -			formVar = allVmDom0[vmName]
   2.943 -			sendHtmlFormVar( formVar, 'class="link"' )
   2.944 -			print '          </TD>'
   2.945 -			print '        </TR>'
   2.946 -		print '      </TABLE>'
   2.947 -		print '    </TD>'
   2.948 -		print '  </TR>'
   2.949 -		for vmName in formVmNames[1]:
   2.950 -			print '  <TR>'
   2.951 -			print '    <TD>'
   2.952 -			print '      <HR>'
   2.953 -			print '    </TD>'
   2.954 -			print '  </TR>'
   2.955 -			print '  <TR>'
   2.956 -			print '    <TD>'
   2.957 -			print '      <TABLE class="full">'
   2.958 -			print '        <COLGROUP>'
   2.959 -			print '          <COL width="10%">'
   2.960 -			print '          <COL width="39%">'
   2.961 -			print '          <COL width="2%">'
   2.962 -			print '          <COL width="10%">'
   2.963 -			print '          <COL width="39%">'
   2.964 -			print '        </COLGROUP>'
   2.965 -			print '        <TR>'
   2.966 -			print '          <TD colspan="5" align="center" class="heading">'
   2.967 -			print '            <A name="' + vmName + '">Virtual Machine Class: ' + vmName + '</A>'
   2.968 -			print '          </TD>'
   2.969 -			print '        </TR>'
   2.970 -			print '        <TR>'
   2.971 -			print '          <TD colspan="2" align="center">Simple Type Enforcement Types</TD>'
   2.972 -			print '          <TD>&nbsp;</TD>'
   2.973 -			print '          <TD colspan="2" align="center">Chinese Wall Types</TD>'
   2.974 -			print '        </TR>'
   2.975 -			print '        <TR>'
   2.976 -			print '          <TD colspan="2">'
   2.977 -			formVar = allVmStes[vmName];
   2.978 -			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
   2.979 -			print '          </TD>'
   2.980 -			print '          <TD>&nbsp;</TD>'
   2.981 -			print '          <TD colspan="2">'
   2.982 -			formVar = allVmChWs[vmName];
   2.983 -			sendHtmlFormVar( formVar, 'class="full" size="4" multiple"' )
   2.984 -			print '          </TD>'
   2.985 -			print '        </TR>'
   2.986 -			print '        <TR>'
   2.987 -			print '          <TD>'
   2.988 -			formVar = allVmSteDel[vmName];
   2.989 -			sendHtmlFormVar( formVar, 'class="full"' )
   2.990 -			print '          </TD>'
   2.991 -			print '          <TD>'
   2.992 -			print '            Delete the type(s) selected above'
   2.993 -			print '          </TD>'
   2.994 -			print '          <TD>&nbsp;</TD>'
   2.995 -			print '          <TD>'
   2.996 -			formVar = allVmChWDel[vmName];
   2.997 -			sendHtmlFormVar( formVar, 'class="full"' )
   2.998 -			print '          </TD>'
   2.999 -			print '          <TD>'
  2.1000 -			print '            Delete the type(s) selected above'
  2.1001 -			print '          </TD>'
  2.1002 -			print '        </TR>'
  2.1003 -			print '        <TR>'
  2.1004 -			print '          <TD colspan="2">'
  2.1005 -			stSet = Set( formSteTypes[1] )
  2.1006 -			vmSet = Set( allVmStes[vmName][1] )
  2.1007 -			formVar = allVmSte[vmName]
  2.1008 -			formVar[1] = []
  2.1009 -			for steType in stSet.difference( vmSet ):
  2.1010 -				formVar[1].append( steType )
  2.1011 -			formVar[1].sort( )
  2.1012 -			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
  2.1013 -			print '          </TD>'
  2.1014 -			print '          <TD>&nbsp;</TD>'
  2.1015 -			print '          <TD colspan="2">'
  2.1016 -			ctSet = Set( formChWallTypes[1] )
  2.1017 -			vmSet = Set( allVmChWs[vmName][1] )
  2.1018 -			formVar = allVmChW[vmName]
  2.1019 -			formVar[1] = []
  2.1020 -			for chwallType in ctSet.difference( vmSet ):
  2.1021 -				formVar[1].append( chwallType )
  2.1022 -			formVar[1].sort( )
  2.1023 -			sendHtmlFormVar( formVar, 'class="full" size="2" multiple"' )
  2.1024 -			print '          </TD>'
  2.1025 -			print '        </TR>'
  2.1026 -			print '        <TR>'
  2.1027 -			print '          <TD>'
  2.1028 -			formVar = allVmSteAdd[vmName];
  2.1029 -			sendHtmlFormVar( formVar, 'class="full"' )
  2.1030 -			print '          </TD>'
  2.1031 -			print '          <TD>'
  2.1032 -			print '            Add the type(s) selected above'
  2.1033 -			print '          </TD>'
  2.1034 -			print '          <TD>&nbsp;</TD>'
  2.1035 -			print '          <TD>'
  2.1036 -			formVar = allVmChWAdd[vmName];
  2.1037 -			sendHtmlFormVar( formVar, 'class="full"' )
  2.1038 -			print '          </TD>'
  2.1039 -			print '          <TD>'
  2.1040 -			print '            Add the type(s) selected above'
  2.1041 -			print '          </TD>'
  2.1042 -			print '        </TR>'
  2.1043 -			print '      </TABLE>'
  2.1044 -			print '    </TD>'
  2.1045 -			print '  </TR>'
  2.1046 -
  2.1047 -	print '</TABLE>'
  2.1048 -
  2.1049 -def sendPLObjHtml( ):
  2.1050 -
  2.1051 -	# Resources...
  2.1052 -	print '<TABLE class="full">'
  2.1053 -	print '  <COLGROUP>'
  2.1054 -	print '    <COL width="60%">'
  2.1055 -	print '    <COL width="20%">'
  2.1056 -	print '    <COL width="20%">'
  2.1057 -	print '  </COLGROUP>'
  2.1058 -
  2.1059 -	print '  <TR>'
  2.1060 -	print '    <TD align="center" colspan="3" class="heading">Resources</TD>'
  2.1061 -	print '  </TR>'
  2.1062 -	print '  <TR>'
  2.1063 -	print '    <TD colspan="2">'
  2.1064 -	#sendHtmlFormVar( formVmNames, 'class="full" size="4" multiple"' )
  2.1065 -	print '    </TD>'
  2.1066 -	print '    <TD>'
  2.1067 -	#sendHtmlFormVar( formVmDel, 'class="full"' )
  2.1068 -	print '    </TD>'
  2.1069 -	print '  </TR>'
  2.1070 -	print '  <TR>'
  2.1071 -	print '    <TD colspan="2">'
  2.1072 -	#sendHtmlFormVar( formVmName, 'class="full"' )
  2.1073 -	print '    </TD>'
  2.1074 -	print '    <TD>'
  2.1075 -	#sendHtmlFormVar( formVmAdd, 'class="full"' )
  2.1076 -	print '    </TD>'
  2.1077 -	print '  </TR>'
  2.1078 -	print '</TABLE>'
  2.1079 -
  2.1080 -def checkXmlData( ):
  2.1081 -	global xmlIncomplete
  2.1082 -
  2.1083 -	# Validate the Policy Label Header requirements
  2.1084 -	if ( len( formPolicyLabelName[1] ) == 0 ) or \
  2.1085 -	   ( len( formPolicyLabelDate[1] ) == 0 ) or \
  2.1086 -	   ( len( formPolicyUrl[1] ) == 0 ) or \
  2.1087 -	   ( len( formPolicyRef[1] ) == 0 ):
  2.1088 -			msg = ''
  2.1089 -			msg = msg + 'The XML policy label schema requires that the Policy '
  2.1090 -			msg = msg + 'Labeling Information Name, Date, Policy URL and '
  2.1091 -			msg = msg + 'Policy Reference fields all have values.'
  2.1092 -			formatXmlGenError( msg )
  2.1093 -
  2.1094 -def sendXmlHeaders( ):
  2.1095 -	# HTML headers
  2.1096 -	print 'Content-Type: text/xml'
  2.1097 -	print 'Content-Disposition: attachment; filename=security_label_template.xml'
  2.1098 -	print
  2.1099 -
  2.1100 -def sendPolicyLabelXml( ):
  2.1101 -	print '<?xml version="1.0"?>'
  2.1102 -
  2.1103 -	print '<SecurityLabelTemplate xmlns="http://www.ibm.com"'
  2.1104 -	print '                       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"'
  2.1105 -	print '                       xsi:schemaLocation="http://www.ibm.com security_policy.xsd">'
  2.1106 -
  2.1107 -	# Policy Labeling header
  2.1108 -	sendPLHeaderXml( )
  2.1109 -
  2.1110 -	# Policy Labels (subjects and objects)
  2.1111 -	sendPLSubXml( )
  2.1112 -	#sendPLObjXml( )
  2.1113 -
  2.1114 -	print '</SecurityLabelTemplate>'
  2.1115 -
  2.1116 -def sendPLHeaderXml( ):
  2.1117 -	global formPolicyLabelName, formPolicyLabelDate
  2.1118 -	global formPolicyUrl, formPolicyRef
  2.1119 -
  2.1120 -	# Policy Labeling header definition
  2.1121 -	print '<LabelHeader>'
  2.1122 -	print '  <Name>' + formPolicyLabelName[1] + '</Name>'
  2.1123 -	print '  <Date>' + formPolicyLabelDate[1] + '</Date>'
  2.1124 -	print '  <PolicyName>'
  2.1125 -	print '    <Url>' + formPolicyUrl[1] + '</Url>'
  2.1126 -	print '    <Reference>' + formPolicyRef[1] + '</Reference>'
  2.1127 -	print '  </PolicyName>'
  2.1128 -	print '</LabelHeader>'
  2.1129 -
  2.1130 -def sendPLSubXml( ):
  2.1131 -	global formVmNames, allVmChWs, allVmStes
  2.1132 -
  2.1133 -	# Virtual machines...
  2.1134 -	if len( formVmNames[1] ) == 0:
  2.1135 -		return
  2.1136 -
  2.1137 -	print '<SubjectLabels bootstrap="' + formVmNameDom0[1] + '">'
  2.1138 -	for vmName in formVmNames[1]:
  2.1139 -		print '  <VirtualMachineLabel>'
  2.1140 -		print '    <Name>' + vmName + '</Name>'
  2.1141 -		formVar = allVmStes[vmName]
  2.1142 -		if len( formVar[1] ) > 0:
  2.1143 -			print '    <SimpleTypeEnforcementTypes>'
  2.1144 -			for ste in formVar[1]:
  2.1145 -				print '      <Type>' + ste + '</Type>'
  2.1146 -			print '    </SimpleTypeEnforcementTypes>'
  2.1147 -
  2.1148 -		formVar = allVmChWs[vmName]
  2.1149 -		if len( formVar[1] ) > 0:
  2.1150 -			print '    <ChineseWallTypes>'
  2.1151 -			for chw in formVar[1]:
  2.1152 -				print '      <Type>' + chw + '</Type>'
  2.1153 -			print '    </ChineseWallTypes>'
  2.1154 -
  2.1155 -		print '  </VirtualMachineLabel>'
  2.1156 -
  2.1157 -	print '</SubjectLabels>'
  2.1158 -
  2.1159 -
  2.1160 -# Set up initial HTML variables
  2.1161 -headTitle = 'Xen Policy Labeling Generation'
  2.1162 -
  2.1163 -# Form variables
  2.1164 -#   The format of these variables is as follows:
  2.1165 -#   [ p0, p1, p2, p3, p4, p5 ]
  2.1166 -#     p0 = input type
  2.1167 -#     p1 = the current value of the variable
  2.1168 -#     p2 = the hidden input name attribute
  2.1169 -#     p3 = the name attribute
  2.1170 -#     p4 = the value attribute
  2.1171 -#     p5 = text to associate with the tag
  2.1172 -formPolicyLabelName   = [ 'text',
  2.1173 -			'',
  2.1174 -			'h_policyLabelName',
  2.1175 -			'i_policyLabelName',
  2.1176 -			'',
  2.1177 -			'',
  2.1178 -			]
  2.1179 -formPolicyLabelDate   = [ 'text',
  2.1180 -			getCurrentTime( ),
  2.1181 -			'h_policyLabelDate',
  2.1182 -			'i_policyLabelDate',
  2.1183 -			'',
  2.1184 -			'',
  2.1185 -			]
  2.1186 -formPolicyUrl         = [ 'text',
  2.1187 -			'',
  2.1188 -			'h_policyUrl',
  2.1189 -			'i_policyUrl',
  2.1190 -			'',
  2.1191 -			'',
  2.1192 -			]
  2.1193 -formPolicyRef         = [ 'text',
  2.1194 -			'',
  2.1195 -			'h_policyRef',
  2.1196 -			'i_policyRef',
  2.1197 -			'',
  2.1198 -			'',
  2.1199 -			]
  2.1200 -formPolicyLabelUpdate = [ 'button',
  2.1201 -			'',
  2.1202 -			'',
  2.1203 -			'i_PolicyLabelUpdate',
  2.1204 -			'Update',
  2.1205 -			'',
  2.1206 -		    ]
  2.1207 -
  2.1208 -formVmNames       = [ '',
  2.1209 -			[],
  2.1210 -			'h_vmNames',
  2.1211 -			'',
  2.1212 -			'',
  2.1213 -			'',
  2.1214 -		    ]
  2.1215 -formVmDel         = [ 'button',
  2.1216 -			'',
  2.1217 -			'',
  2.1218 -			'i_vmDel',
  2.1219 -			'Delete',
  2.1220 -			'',
  2.1221 -		    ]
  2.1222 -formVmName        = [ 'text',
  2.1223 -			'',
  2.1224 -			'',
  2.1225 -			'i_vmName',
  2.1226 -			'',
  2.1227 -			'',
  2.1228 -		    ]
  2.1229 -formVmAdd         = [ 'button',
  2.1230 -			'',
  2.1231 -			'',
  2.1232 -			'i_vmAdd',
  2.1233 -			'New',
  2.1234 -			'',
  2.1235 -		    ]
  2.1236 -
  2.1237 -formVmNameDom0    = [ '',
  2.1238 -			'',
  2.1239 -			'h_vmDom0',
  2.1240 -			'',
  2.1241 -			'',
  2.1242 -			'',
  2.1243 -		    ]
  2.1244 -
  2.1245 -formXmlGen        = [ 'button',
  2.1246 -			'',
  2.1247 -			'',
  2.1248 -			'i_xmlGen',
  2.1249 -			'Generate XML',
  2.1250 -			'',
  2.1251 -		    ]
  2.1252 -
  2.1253 -formDefaultButton = [ 'button',
  2.1254 -			'',
  2.1255 -			'',
  2.1256 -			'i_defaultButton',
  2.1257 -			'.',
  2.1258 -			'',
  2.1259 -		    ]
  2.1260 -
  2.1261 -formSteTypes      = [ '',
  2.1262 -                        [],
  2.1263 -			'h_steTypes',
  2.1264 -			'',
  2.1265 -			'',
  2.1266 -			'',
  2.1267 -		    ]
  2.1268 -formChWallTypes   = [ '',
  2.1269 -                        [],
  2.1270 -			'h_chwallTypes',
  2.1271 -			'',
  2.1272 -			'',
  2.1273 -			'',
  2.1274 -		    ]
  2.1275 -
  2.1276 -# This is a set of templates used for each virtual machine
  2.1277 -#   Each virtual machine is initially assigned these templates,
  2.1278 -#   then each form attribute value is changed to append
  2.1279 -#   "_virtual-machine-name" for uniqueness.
  2.1280 -templateVmDel     = [ 'button',
  2.1281 -			'',
  2.1282 -			'',
  2.1283 -			'i_vmDel',
  2.1284 -			'Delete',
  2.1285 -			'',
  2.1286 -		    ]
  2.1287 -templateVmDom0    = [ 'button',
  2.1288 -			'',
  2.1289 -			'',
  2.1290 -			'i_vmDom0',
  2.1291 -			'SetDom0',
  2.1292 -			'',
  2.1293 -		    ]
  2.1294 -allVmDel          = {};
  2.1295 -allVmDom0         = {};
  2.1296 -
  2.1297 -templateVmChWs    = [ 'list',
  2.1298 -			[],
  2.1299 -			'h_vmChWs',
  2.1300 -			'i_vmChWs',
  2.1301 -			'',
  2.1302 -			'',
  2.1303 -		    ]
  2.1304 -templateVmChWDel  = [ 'button',
  2.1305 -			'',
  2.1306 -			'',
  2.1307 -			'i_vmChWDel',
  2.1308 -			'Delete',
  2.1309 -			'',
  2.1310 -		    ]
  2.1311 -templateVmChW     = [ 'list',
  2.1312 -			[],
  2.1313 -			'',
  2.1314 -			'i_vmChW',
  2.1315 -			'',
  2.1316 -			'',
  2.1317 -		    ]
  2.1318 -templateVmChWAdd  = [ 'button',
  2.1319 -			'',
  2.1320 -			'',
  2.1321 -			'i_vmChWAdd',
  2.1322 -			'Add',
  2.1323 -			'',
  2.1324 -		    ]
  2.1325 -allVmChWs         = {};
  2.1326 -allVmChWDel       = {};
  2.1327 -allVmChW          = {};
  2.1328 -allVmChWAdd       = {};
  2.1329 -
  2.1330 -templateVmStes    = [ 'list',
  2.1331 -			[],
  2.1332 -			'h_vmStes',
  2.1333 -			'i_vmStes',
  2.1334 -			'',
  2.1335 -			'',
  2.1336 -		    ]
  2.1337 -templateVmSteDel  = [ 'button',
  2.1338 -			'',
  2.1339 -			'',
  2.1340 -			'i_vmSteDel',
  2.1341 -			'Delete',
  2.1342 -			'',
  2.1343 -		    ]
  2.1344 -templateVmSte     = [ 'list',
  2.1345 -			[],
  2.1346 -			'',
  2.1347 -			'i_vmSte',
  2.1348 -			'',
  2.1349 -			'',
  2.1350 -		    ]
  2.1351 -templateVmSteAdd  = [ 'button',
  2.1352 -			'',
  2.1353 -			'',
  2.1354 -			'i_vmSteAdd',
  2.1355 -			'Add',
  2.1356 -			'',
  2.1357 -		    ]
  2.1358 -allVmStes         = {};
  2.1359 -allVmSteDel       = {};
  2.1360 -allVmSte          = {};
  2.1361 -allVmSteAdd       = {};
  2.1362 -
  2.1363 -# A list of all form variables used for saving info across requests
  2.1364 -formVariables     = [ formPolicyLabelName,
  2.1365 -			formPolicyLabelDate,
  2.1366 -			formPolicyUrl,
  2.1367 -			formPolicyRef,
  2.1368 -			formVmNames,
  2.1369 -			formVmNameDom0,
  2.1370 -			formSteTypes,
  2.1371 -			formChWallTypes,
  2.1372 -		    ]
  2.1373 -
  2.1374 -policyXml         = ''
  2.1375 -policyLabelXml    = ''
  2.1376 -xmlError          = 0
  2.1377 -xmlIncomplete     = 0
  2.1378 -xmlMessages       = []
  2.1379 -
  2.1380 -
  2.1381 -# Extract any form data
  2.1382 -formData = cgi.FieldStorage( )
  2.1383 -
  2.1384 -# Process the form
  2.1385 -getSavedData( )
  2.1386 -processRequest( )
  2.1387 -
  2.1388 -if formData.has_key( formXmlGen[3] ):
  2.1389 -	# Generate and send the XML file
  2.1390 -	checkXmlData( )
  2.1391 -
  2.1392 -	if xmlIncomplete == 0:
  2.1393 -		sendXmlHeaders( )
  2.1394 -		sendPolicyLabelXml( )
  2.1395 -
  2.1396 -if (not formData.has_key( formXmlGen[3] )) or (xmlIncomplete == 1 ):
  2.1397 -	# Send HTML to continue processing the form
  2.1398 -	sendHtmlHeaders( )
  2.1399 -	sendPolicyLabelHtml( )
     3.1 --- a/tools/security/python/xensec_gen/index.html	Mon Apr 24 10:51:50 2006 +0100
     3.2 +++ b/tools/security/python/xensec_gen/index.html	Mon Apr 24 10:52:19 2006 +0100
     3.3 @@ -1,7 +1,7 @@
     3.4  <!--
     3.5   The Initial Developer of the Original Code is International
     3.6   Business Machines Corporation. Portions created by IBM
     3.7 - Corporation are Copyright (C) 2005 International Business
     3.8 + Corporation are Copyright (C) 2005, 2006 International Business
     3.9   Machines Corporation. All Rights Reserved.
    3.10   -->
    3.11  
    3.12 @@ -10,7 +10,7 @@
    3.13  <HTML>
    3.14    <HEAD>
    3.15      <META name="author" content="Tom Lendacky">
    3.16 -    <META name="copyright" content="Copyright (C) 2005 International Business Machines Corporation. All rights reserved">
    3.17 +    <META name="copyright" content="Copyright (C) 2005, 2006 International Business Machines Corporation. All rights reserved">
    3.18  
    3.19      <STYLE type="text/css">
    3.20        <!--
    3.21 @@ -67,60 +67,6 @@
    3.22        </TR>
    3.23      </TABLE>
    3.24      </FORM>
    3.25 -
    3.26 -    <FORM action="/cgi-bin/policylabel.cgi" method="post" enctype="multipart/form-data">
    3.27 -    <TABLE class="xen">
    3.28 -      <COLGROUP>
    3.29 -        <COL width="25%">
    3.30 -        <COL width="20%">
    3.31 -        <COL width="55%">
    3.32 -      </COLGROUP>
    3.33 -
    3.34 -      <TR>
    3.35 -        <TD valign="top" class="heading">
    3.36 -          Security Policy Labeling
    3.37 -        </TD>
    3.38 -        <TD valign="top" colspan="2">
    3.39 -          To generate or edit the Xen Security Policy Labeling you <B>must</B>
    3.40 -          specify the name of
    3.41 -          an existing Xen Security Policy file in the
    3.42 -          <B>"Policy File"</B> entry field.<BR>
    3.43 -          To generate new Xen Security Policy Labeling leave the
    3.44 -          <B>"Policy Labeling File"</B> entry field
    3.45 -          empty and click the "Create" button.<BR>
    3.46 -          To modify existing Xen Security Policy Labeling enter the
    3.47 -          file name containing the labeling in the
    3.48 -          <B>"Policy Labeling File"</B> entry field
    3.49 -          and click the "Create" button.<HR>
    3.50 -        </TD>
    3.51 -      </TR>
    3.52 -      <TR>
    3.53 -        <TD></TD>
    3.54 -        <TD>
    3.55 -          Policy File:
    3.56 -        </TD>
    3.57 -        <TD>
    3.58 -          <INPUT type="file" size="50" name="i_policy">
    3.59 -        </TD>
    3.60 -      </TR>
    3.61 -      <TR>
    3.62 -        <TD></TD>
    3.63 -        <TD>
    3.64 -          Policy Labeling File:
    3.65 -        </TD>
    3.66 -        <TD>
    3.67 -          <INPUT type="file" size="50" name="i_policyLabel">
    3.68 -        </TD>
    3.69 -      </TR>
    3.70 -      <TR>
    3.71 -        <TD></TD>
    3.72 -        <TD valign="top">
    3.73 -          <INPUT type="submit" name="i_policyLabelCreate" value="Create">
    3.74 -        </TD>
    3.75 -        <TD></TD>
    3.76 -      </TR>
    3.77 -    </TABLE>
    3.78 -    </FORM>
    3.79    </CENTER>
    3.80    </BODY>
    3.81  </HTML>