From a62ce3f9c2b605e0033f4772b0f64c4525de4d86 Mon Sep 17 00:00:00 2001 From: Eduardo Julian Date: Wed, 11 Aug 2021 02:38:59 -0400 Subject: Relocated maybe and lazy from data to control. --- .../library/lux/control/security/capability.lux | 28 +++++----- .../source/library/lux/control/security/policy.lux | 64 +++++++++++----------- 2 files changed, 46 insertions(+), 46 deletions(-) (limited to 'stdlib/source/library/lux/control/security') diff --git a/stdlib/source/library/lux/control/security/capability.lux b/stdlib/source/library/lux/control/security/capability.lux index b0123dc68..bf689a80c 100644 --- a/stdlib/source/library/lux/control/security/capability.lux +++ b/stdlib/source/library/lux/control/security/capability.lux @@ -25,8 +25,8 @@ ["|.|" annotations]]]]]) (abstract: .public (Capability brand input output) - {#.doc (doc "Represents the capability to perform an operation." - "This operation is assumed to have security implications.")} + {#.doc (example "Represents the capability to perform an operation." + "This operation is assumed to have security implications.")} (-> input output) @@ -37,7 +37,7 @@ (|>> :abstraction)) (def: .public (use capability input) - {#.doc (doc "Applies a capability against its required input.")} + {#.doc (example "Applies a capability against its required input.")} (All [brand input output] (-> (Capability brand input output) input @@ -50,21 +50,21 @@ |declaration|.parser (<>.maybe |annotations|.parser) (.form ($_ <>.and .local_identifier .any .any))))}) - {#.doc (doc "Defines a capability as a unique type, and a constructor for instances." + {#.doc (example "Defines a capability as a unique type, and a constructor for instances." - (capability: (Can_Duplicate a) - (can_duplicate a [a a])) - - (let [capability (can_duplicate - (function (_ value) - [value value])) - [left right] (..use capability 123)] - (is? left right)))} + (capability: (Can_Duplicate a) + (can_duplicate a [a a])) + + (let [capability (can_duplicate + (function (_ value) + [value value])) + [left right] (..use capability 123)] + (is? left right)))} (do {! meta.monad} [this_module meta.current_module_name .let [[name vars] declaration] g!brand (\ ! map (|>> %.code code.text) - (macro.gensym (format (%.name [this_module name])))) + (macro.identifier (format (%.name [this_module name])))) .let [capability (` (..Capability (.primitive (~ g!brand)) (~ input) (~ output)))]] (in (list (` (type: (~ export_policy) (~ (|declaration|.format declaration)) @@ -77,7 +77,7 @@ )))) (def: .public (async capability) - {#.doc (doc "Converts a synchronous I/O-based capability into an asynchronous capability.")} + {#.doc (example "Converts a synchronous I/O-based capability into an asynchronous capability.")} (All [brand input output] (-> (Capability brand input (IO output)) (Capability brand input (Async output)))) diff --git a/stdlib/source/library/lux/control/security/policy.lux b/stdlib/source/library/lux/control/security/policy.lux index 32bf06c38..ea47056bd 100644 --- a/stdlib/source/library/lux/control/security/policy.lux +++ b/stdlib/source/library/lux/control/security/policy.lux @@ -9,38 +9,38 @@ abstract]]]) (abstract: .public (Policy brand value label) - {#.doc (doc "A security policy encoded as the means to 'upgrade' or 'downgrade' in a secure context.")} + {#.doc (example "A security policy encoded as the means to 'upgrade' or 'downgrade' in a secure context.")} value (type: .public (Can_Upgrade brand label value) - {#.doc (doc "Represents the capacity to 'upgrade' a value.")} + {#.doc (example "Represents the capacity to 'upgrade' a value.")} (-> value (Policy brand value label))) (type: .public (Can_Downgrade brand label value) - {#.doc (doc "Represents the capacity to 'downgrade' a value.")} + {#.doc (example "Represents the capacity to 'downgrade' a value.")} (-> (Policy brand value label) value)) (type: .public (Privilege brand label) - {#.doc (doc "Represents the privilege to both 'upgrade' and 'downgrade' a value.")} + {#.doc (example "Represents the privilege to both 'upgrade' and 'downgrade' a value.")} {#can_upgrade (Can_Upgrade brand label) #can_downgrade (Can_Downgrade brand label)}) (type: .public (Delegation brand from to) - {#.doc (doc "Represents the act of delegating policy capacities.")} + {#.doc (example "Represents the act of delegating policy capacities.")} (All [value] (-> (Policy brand value from) (Policy brand value to)))) (def: .public (delegation downgrade upgrade) - {#.doc (doc "Delegating policy capacities.")} + {#.doc (example "Delegating policy capacities.")} (All [brand from to] (-> (Can_Downgrade brand from) (Can_Upgrade brand to) (Delegation brand from to))) (|>> downgrade upgrade)) (type: .public (Context brand scope label) - {#.doc (doc "A computational context with an associated policy privilege.")} + {#.doc (example "A computational context with an associated policy privilege.")} (-> (Privilege brand label) (scope label))) @@ -50,27 +50,27 @@ #can_downgrade (|>> :representation)}) (def: .public (with_policy context) - {#.doc (doc "Activates a security context with the priviledge to enforce it's policy." - - (type: Password - (Private Text)) - - (interface: (Policy %) - (: (-> Text (Password %)) - password) - (: (-> (Password %) Text) - unsafe)) - - (def: (policy _) - (Ex [%] (-> Any (Policy %))) - (with_policy - (: (Context Privacy Policy) - (function (_ (^open "%::.")) - (implementation - (def: (password value) - (%::can_upgrade value)) - (def: (unsafe password) - (%::can_downgrade password))))))))} + {#.doc (example "Activates a security context with the priviledge to enforce it's policy." + + (type: Password + (Private Text)) + + (interface: (Policy %) + (: (-> Text (Password %)) + password) + (: (-> (Password %) Text) + unsafe)) + + (def: (policy _) + (Ex [%] (-> Any (Policy %))) + (with_policy + (: (Context Privacy Policy) + (function (_ (^open "%::.")) + (implementation + (def: (password value) + (%::can_upgrade value)) + (def: (unsafe password) + (%::can_downgrade password))))))))} (All [brand scope] (Ex [label] (-> (Context brand scope label) @@ -121,9 +121,9 @@ )] [Privacy Private Can_Conceal Can_Reveal - (doc "A security context for privacy." - "Private data is data which cannot be allowed to leak outside of the programmed.")] + (example "A security context for privacy." + "Private data is data which cannot be allowed to leak outside of the programmed.")] [Safety Safe Can_Trust Can_Distrust - (doc "A security context for safety." - "Safe data is data coming from outside the program which can be trusted to be properly formatted and lacking injections.")] + (example "A security context for safety." + "Safe data is data coming from outside the program which can be trusted to be properly formatted and lacking injections.")] ) -- cgit v1.2.3