search

wizardofzos / pyracf

RACF parsing for the rest of us...
Apache License 2.0
6 stars 8 forks source link

idea: combine CERT and KEYRING segment data with UACC and APPLDATA from BASE segment #46

Closed rob-vh closed 2 months ago

rob-vh commented 3 months ago

DIGTCERT and DIGTRING profiles have useful info in UACC (trust) and APPLDATA (user ID) . Remaining info is CERT and KEYRING segments, resp. It would make sense to copy UACC and APPLDATA fields to those segment records, in a custom profile publisher function, like we do for SSIGNON.

rob-vh commented 3 months ago

In rule verifier and now also in browser I have to programmatically select dataframes, e.g., looping through all segments for user profiles, so the code uses the .table() method, e.g., r.table('USTSO'). table() returns the internal dataframe:

    def table(self, rname=None) -> ProfileFrame:
        """ return table with this name (type) """
        if rname:
            try:
                return getattr(self, RACF._recordname_df[rname])
            except KeyError:
                warnings.warn(f'RACF object does not have a table {rname}')

This means, however, that views that have been improved/extended by the the publisher attribute are inaccessible/ignored:

class EnhancedProfileFrame():
    """Profile presentation properties that make data easier to report by adding fields to the original ProfileFrame.
    """
    @property
    def SSIGNON(self) -> ProfileFrame: # GRSIGN
        """combined DataFrame of ``._generalSSIGNON`` and ``.generals``, copying the ``GRBD_APPL_DATA`` field to show if replay protection is available for the passticket.
        """
        return self._generalSSIGNON.join(self._generals['GRBD_APPL_DATA'])

So I think the table() method must be changed to return the publisher associated with the table, instead of the internal table. Then we can use the property method used for SSIGNON also for DIGTCERT and DIGTRING, to join the UACC and APPLDATA fields.

Currently: r.table('USTSO') -(lookup in map)-> r._userTSO with the proposed change r.table('USTSO') -(lookup in new map)-> r.userTSO -(is assigned with atrribute-> r._userTSO

so this is a moot change, but for SSSIGNON: r.table('GRSIGN') -(lookup in map)-> r._generalSSIGNON which does not have the extension, but with the proposed change r.table('GRSIGN') -(lookup in new map)-> r.SSIGNON -(publishing attribute)-> function SSIGNON -> r._generalSSIGNON joined to r._general

This approach would make it possible to "fix" more frames without having to change correlate() / __init__()

rob-vh commented 2 months ago

Modified the way publishers are assigned as described above. ProfilePublisher now has an attribute _doc_stubs that lists the properties that are there purely for documentation (autodoc) purpose.