grammar Dmapl; options{ output = AST; ASTLabelType = CommonTree; } tokens{ ALLOW;DENY;SUBJECT_USER;SUBJECT_ROLE;TARGET_METHOD;CHANGE_RELATION_RULE; TARGET_ANNOTATION;TARGET_RELATION;CONSTRAINT;CLASS_NAME;METHOD_NAME; RELATION_NAME;ARG_LIST;TICKET_ARG_LIST;TICKET_DECL;TICKET_INV;AMP_RULE; GRANTOR;GRANTEE;VALID;HOPS;DELEG;ADD_RELATION_RULE;REMOVE_RELATION_RULE; } @header{ package pt.ist.dmapl; } @lexer::header{ package pt.ist.dmapl; } // Parser policy : rule* EOF! ; rule : authRuleDecl | ticketDecl | ampRuleDecl | delegRuleDecl | relationRuleDecl ; relationRuleDecl : changeRelationRule | addRelationRule | removeRelationRule ; changeRelationRule : IDENTIFIER ':' 'allow' subject 'to' 'change' 'relation' targetRelation constraint? -> ^(CHANGE_RELATION_RULE IDENTIFIER subject targetRelation constraint?) ; addRelationRule : IDENTIFIER ':' 'allow' subject 'to' 'add-to' 'relation' targetRelation constraint? -> ^(ADD_RELATION_RULE IDENTIFIER subject targetRelation constraint?) ; removeRelationRule : IDENTIFIER ':' 'allow' subject 'to' 'remove-from' 'relation' targetRelation constraint? -> ^(REMOVE_RELATION_RULE IDENTIFIER subject targetRelation constraint?) ; authRuleDecl : posAuthRule | negAuthRule ; posAuthRule : IDENTIFIER ':' 'allow' subject 'to' target constraint? -> ^(ALLOW IDENTIFIER subject target constraint?) ; negAuthRule : IDENTIFIER ':' 'deny' subject 'to' target constraint? -> ^(DENY IDENTIFIER subject target constraint?) ; delegRuleDecl : (IDENTIFIER ':')? 'allow' 'delegation' 'of' IDENTIFIER grantor? grantee ('to' targetMethod)? constraint? validity? -> ^(DELEG IDENTIFIER? ALLOW IDENTIFIER grantor? grantee targetMethod? constraint? validity?) ; subject : subjectRole | subjectUser ; subjectRole: 'role' IDENTIFIER -> ^(SUBJECT_ROLE IDENTIFIER) ; subjectUser: 'user' IDENTIFIER -> ^(SUBJECT_USER IDENTIFIER) ; target : targetMethod | targetAnnotation ; targetMethod : className '.' method argumentList -> ^(TARGET_METHOD className method argumentList) ; targetAnnotation : ANNOTATION_LITERAL -> ^(TARGET_ANNOTATION ANNOTATION_LITERAL) ; targetRelation : relation -> ^(TARGET_RELATION relation) ; relation : IDENTIFIER ('.' IDENTIFIER)* -> ^(RELATION_NAME IDENTIFIER ('.' IDENTIFIER)*) ; className : IDENTIFIER ('.' IDENTIFIER)* -> ^(CLASS_NAME IDENTIFIER ('.' IDENTIFIER)*) ; method : IDENTIFIER -> ^(METHOD_NAME IDENTIFIER) ; argumentList : '(' (IDENTIFIER IDENTIFIER)? (',' IDENTIFIER IDENTIFIER?)*')' -> ^(ARG_LIST (IDENTIFIER IDENTIFIER)* ) ; constraint : 'where' CONSTRAINT_LITERAL -> ^(CONSTRAINT CONSTRAINT_LITERAL) ; ticketDecl : 'ticket' IDENTIFIER argumentList 'to' target constraint? -> ^(TICKET_DECL IDENTIFIER argumentList target constraint?) ; ampRuleDecl : (IDENTIFIER ':')? 'on' targetMethod 'give' (subject)? ticketInvocation+ -> ^(AMP_RULE IDENTIFIER? targetMethod subject? ticketInvocation+) ; ticketInvocation : 'ticket' IDENTIFIER ticketArgs -> ^(TICKET_INV IDENTIFIER ticketArgs) ; ticketArgs : '(' IDENTIFIER? (',' IDENTIFIER)* ')' -> ^(TICKET_ARG_LIST IDENTIFIER*) ; grantor : 'grantor' subject -> ^(GRANTOR subject); grantee : 'grantee' subject -> ^(GRANTEE subject) ; validity: 'valid' CONSTRAINT_LITERAL -> ^(VALID CONSTRAINT_LITERAL) ; // LEXER CONSTRAINT_LITERAL : '{'! .* '}'! ; ANNOTATION_LITERAL : '@'IDENTIFIER ('.' IDENTIFIER)* ; NUMBER : ('0'..'9')+ ; /* CLASS_LITERAL : IDENTIFIER ('.' IDENTIFIER)* ; */ IDENTIFIER : ('a'..'z'|'A'..'Z'|'_'|NUMBER)* ; WS : (' '|'\r'|'\n'|'\t')+ {$channel = HIDDEN;} ; COMMENT : '/*' .* '*/' {$channel = HIDDEN;} ; LINE_COMMENT : '//' ~('\n'|'\r')* '\r'? '\n' {$channel = HIDDEN;} ;