idea: combine CERT and KEYRING segment data with UACC and APPLDATA from BASE segment
Closed this issue · 2 comments
DIGTCERT and DIGTRING profiles have useful info in UACC (trust) and APPLDATA (user ID) .
Remaining info is CERT and KEYRING segments, resp.
It would make sense to copy UACC and APPLDATA fields to those segment records, in a custom profile publisher function, like we do for SSIGNON.
In rule verifier and now also in browser I have to programmatically select dataframes, e.g., looping through all segments for user profiles, so the code uses the .table() method, e.g., r.table('USTSO'). table() returns the internal dataframe:
def table(self, rname=None) -> ProfileFrame:
""" return table with this name (type) """
if rname:
try:
return getattr(self, RACF._recordname_df[rname])
except KeyError:
warnings.warn(f'RACF object does not have a table {rname}')
This means, however, that views that have been improved/extended by the the publisher attribute are inaccessible/ignored:
class EnhancedProfileFrame():
"""Profile presentation properties that make data easier to report by adding fields to the original ProfileFrame.
"""
@property
def SSIGNON(self) -> ProfileFrame: # GRSIGN
"""combined DataFrame of ``._generalSSIGNON`` and ``.generals``, copying the ``GRBD_APPL_DATA`` field to show if replay protection is available for the passticket.
"""
return self._generalSSIGNON.join(self._generals['GRBD_APPL_DATA'])
So I think the table() method must be changed to return the publisher associated with the table, instead of the internal table. Then we can use the property method used for SSIGNON also for DIGTCERT and DIGTRING, to join the UACC and APPLDATA fields.
Currently:
r.table('USTSO') -(lookup in map)-> r._userTSO
with the proposed change
r.table('USTSO') -(lookup in new map)-> r.userTSO -(is assigned with atrribute-> r._userTSO
so this is a moot change, but for SSSIGNON:
r.table('GRSIGN') -(lookup in map)-> r._generalSSIGNON
which does not have the extension, but with the proposed change
r.table('GRSIGN') -(lookup in new map)-> r.SSIGNON -(publishing attribute)-> function SSIGNON -> r._generalSSIGNON joined to r._general
This approach would make it possible to "fix" more frames without having to change correlate() / __init__()
Modified the way publishers are assigned as described above.
ProfilePublisher now has an attribute _doc_stubs that lists the properties that are there purely for documentation (autodoc) purpose.