ConstraintExprNode: Refactor to load attributes on construction.

2025-04-01 00:06:19 +00:00 · 2018-08-08 19:50:54 -04:00 · 2018-08-08 19:50:54 -04:00 · a73e76b78f
commit a73e76b78f
parent ded09017d6
1 changed files with 60 additions and 53 deletions
--- a/setools/policyrep/constraint.pxi
+++ b/setools/policyrep/constraint.pxi
@ -182,6 +182,7 @@ cdef class Constraint(BaseConstraint):
            list users = []
            list roles = []
            list types = []
            ConstraintExprNode expr_node
        c.policy = policy
        c.handle = symbol
@ -207,7 +208,6 @@ cdef class Constraint(BaseConstraint):
        c.roles = frozenset(roles)
        c.types = frozenset(types)
        return c
    def __str__(self):
@ -237,6 +237,7 @@ cdef class Validatetrans(BaseConstraint):
            list users = []
            list roles = []
            list types = []
            ConstraintExprNode expr_node
        v.policy = policy
        v.handle = symbol
@ -276,7 +277,19 @@ cdef class ConstraintExprNode(PolicySymbol):
    """A node of a constraint expression."""
-    cdef sepol.constraint_expr_t *handle
+    cdef:
        sepol.constraint_expr_t *handle
        uint32_t expression_type
        uint32_t operator
        uint32_t _symbol_type
        frozenset _names
        list _expression
        # T/F this node is MLS
        bint mls
        # T/F this node has roles/types/users
        bint roles
        bint types
        bint users
    _expr_type_to_text = {
        sepol.CEXPR_NOT: "not",
@ -326,12 +339,46 @@ cdef class ConstraintExprNode(PolicySymbol):
                  sepol.CEXPR_USER + sepol.CEXPR_XTARGET]
    @staticmethod
-    cdef factory(SELinuxPolicy policy, sepol.constraint_expr_t *symbol):
+    cdef inline ConstraintExprNode factory(SELinuxPolicy policy, sepol.constraint_expr_t *symbol):
        """Factory function for creating ConstraintExprNode objects."""
-        r = ConstraintExprNode()
+        cdef ConstraintExprNode n = ConstraintExprNode.__new__(ConstraintExprNode)
-        r.policy = policy
+        n.policy = policy
-        r.handle = symbol
+        n.handle = symbol
-        return r
+        n.expression_type = symbol.expr_type
        n.operator = symbol.op
        #
        # Determine attributes of expression node
        #
        if symbol.expr_type in (sepol.CEXPR_ATTR, sepol.CEXPR_NAMES):
            n._symbol_type = symbol.attr
        try:
            n.mls = n.symbol_type >= sepol.CEXPR_L1L2
            if symbol.expr_type == sepol.CEXPR_NAMES:
                if n.symbol_type in n._role_syms:
                    n.roles = True
                    n._names = frozenset(r for r in RoleEbitmapIterator.factory(policy,
                                                                                &symbol.names))
                elif n.symbol_type in n._type_syms:
                    n.types = True
                    if policy.version > 28:
                        n._names = frozenset(t for t in
                                             TypeOrAttributeEbitmapIterator.factory_from_set(
                                                 policy, symbol.type_names))
                    else:
                        n._names = frozenset(t for t in TypeEbitmapIterator.factory(
                                             policy, &symbol.names))
                else:
                    n.users = True
                    n._names = frozenset(u for u in UserEbitmapIterator.factory(policy,
                                                                                &symbol.names))
        except AttributeError:
            pass
        return n
    def __call__(self):
        expression = []
@ -358,60 +405,20 @@ cdef class ConstraintExprNode(PolicySymbol):
        return expression
    @property
    def expression_type(self):
        return self.handle.expr_type
    @property
    def mls(self):
        """T/F the node is an MLS expression."""
        try:
            return self.symbol_type >= sepol.CEXPR_L1L2
        except AttributeError:
            return False
    @property
    def names(self):
-        if self.expression_type != sepol.CEXPR_NAMES:
+        if self._names is None:
-            raise AttributeError("Names on expression type {}".format(self.expression_type))
+            raise AttributeError("names")
-        if self.symbol_type in self._role_syms:
+        return self._names
            return frozenset(r for r in RoleEbitmapIterator.factory(self.policy, &self.handle.names))
        elif self.symbol_type in self._type_syms:
            if self.policy.version > 28:
                return frozenset(t for t in TypeOrAttributeEbitmapIterator.factory_from_set(
                    self.policy, self.handle.type_names))
            else:
                return frozenset(t for t in TypeEbitmapIterator.factory(
                    self.policy, &self.handle.names))
        else:
            return frozenset(u for u in UserEbitmapIterator.factory(self.policy, &self.handle.names))
    @property
    def operator(self):
        return self.handle.op
    @property
    def roles(self):
        """T/F the node has a role list."""
        return self.expression_type == sepol.CEXPR_NAMES and self.symbol_type in self._role_syms
    @property
    def symbol_type(self):
-        if self.expression_type not in (sepol.CEXPR_ATTR, sepol.CEXPR_NAMES):
+        if self._symbol_type is None:
-            raise AttributeError("Symbol type on expression type {}".format(self.expression_type))
+            raise AttributeError("symbol_type")
-        return self.handle.attr
+        return self._symbol_type
    @property
    def types(self):
        """T/F the node has a type list."""
        return self.expression_type == sepol.CEXPR_NAMES and self.symbol_type in self._type_syms
    @property
    def users(self):
        """T/F the node has a user list."""
        return self.expression_type == sepol.CEXPR_NAMES and self.symbol_type in self._user_syms
 #