<a href="https://colab.research.google.com/github/missmisspa/IAS/blob/main/Canchela_IAS_Access_Control_Lab_Act.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [None]:
class MAC:
    def __init__(self):
        self.documents = {
            "top_secret_file": ("top_secret", "✅ Access Granted: {role} can read Top Secret File."),
            "confidential_report": ("confidential", "✅ Access Granted: {role} can read Confidential Report.")
        }

        self.clearance_levels = {
            "soldier": "confidential",
            "colonel": "confidential",
            "general": "top_secret"
        }

        self.user_roles = {}# Stores user roles

    def set_role(self, user, role):
        """Assign a role to a user, granting appropriate clearance."""
        if role in self.clearance_levels:
            self.user_roles[user] = role
            print(f"✅ {user} is now assigned as a {role}.")
        else:
            print("❌ Invalid role. Choose from: soldier, colonel, general.")

    def access_document(self, user, doc):
        """Check if a user has the necessary clearance to access a document."""
        if user not in self.user_roles:
            return "❌ Access Denied. User not registered."

        user_role = self.user_roles[user]

        doc_key = doc.replace(" ", "_").lower()

        if doc_key not in self.documents:
            return "❌ Document not found."

        doc_level, content_template = self.documents[doc_key]
        user_clearance = self.clearance_levels[user_role]

        clearance_hierarchy = ["confidential", "top_secret"]

        if clearance_hierarchy.index(user_clearance) >= clearance_hierarchy.index(doc_level):
            return content_template.format(role=user_role)
        return "❌ Access Denied. Insufficient clearance."


def main():
    mac = MAC()

    while True:
        print("\n1. Assign Role\n2. Access Document\n3. Exit")
        choice = input("Choose an option: ")

        if choice == "1":
            user = input("Enter name: ").strip()
            role = input("Enter role (soldier/colonel/general): ").strip().lower()
            mac.set_role(user, role)

        elif choice == "2":
            user = input("Enter name: ").strip()
            doc = input("Enter document name (e.g., 'Top Secret File' or 'Confidential Report'): ").strip()
            print(mac.access_document(user, doc))

        elif choice == "3":
            print("Exiting...")
            break

        else:
            print("❌ Invalid choice. Please try again.")


if __name__ == "__main__":
    main()



1. Assign Role
2. Access Document
3. Exit
Choose an option: 1
Enter name: Mizpa
Enter role (soldier/colonel/general): Colonel
✅ Mizpa is now assigned as a colonel.

1. Assign Role
2. Access Document
3. Exit
Choose an option: 2
Enter name: Mizpa
Enter document name (e.g., 'Top Secret File' or 'Confidential Report'): Top Secret File
❌ Access Denied. Insufficient clearance.

1. Assign Role
2. Access Document
3. Exit
Choose an option: 1
Enter name: Mingyu
Enter role (soldier/colonel/general): General
✅ Mingyu is now assigned as a general.

1. Assign Role
2. Access Document
3. Exit
Choose an option: 2
Enter name: Mingyu
Enter document name (e.g., 'Top Secret File' or 'Confidential Report'): Top Secret File
✅ Access Granted: general can read Top Secret File.

1. Assign Role
2. Access Document
3. Exit
Choose an option: 2
Enter name: Vernon
Enter document name (e.g., 'Top Secret File' or 'Confidential Report'): Confidential report
❌ Access Denied. User not registered.

1. Assign Role
2. Acces

In [None]:
class DAC:
    def __init__(self):
        self.files = {}
        self.permissions = {}

    def create_file(self, user, file_name):
        if file_name in self.files:
            print("❌ File already exists.")
        else:
            self.files[file_name] = user
            self.permissions[file_name] = {user: {"read", "modify", "delete"}}
            print(f"✅ {user} created the file '{file_name}'.")

    def grant_permission(self, owner, file_name, target_user, permission):
        if file_name not in self.files:
            print("❌ File does not exist.")
            return
        if self.files[file_name] != owner:
            print("❌ You are not the owner of this file.")
            return
        if permission not in {"read", "modify", "delete"}:
            print("❌ Invalid permission. Choose from: read, modify, delete.")
            return

        if file_name not in self.permissions:
            self.permissions[file_name] = {}

        if target_user not in self.permissions[file_name]:
            self.permissions[file_name][target_user] = set()

        self.permissions[file_name][target_user].add(permission)
        print(f"✅ {owner} granted '{permission}' access on '{file_name}' to {target_user}.")

    def revoke_permission(self, owner, file_name, target_user, permission):
        if file_name not in self.files:
            print("❌ File does not exist.")
            return
        if self.files[file_name] != owner:
            print("❌ You are not the owner of this file.")
            return
        if target_user not in self.permissions[file_name] or permission not in self.permissions[file_name][target_user]:
            print("❌ {target_user} does not have '{permission}' permission on '{file_name}'.")
            return

        self.permissions[file_name][target_user].remove(permission)
        print(f"✅ {owner} revoked '{permission}' access on '{file_name}' from {target_user}.")

    def access_file(self, user, file_name, action):
        """Checks if a user has permission to perform an action on a file."""
        if file_name not in self.files:
            print("❌ File does not exist.")
            return

        if user in self.permissions.get(file_name, {}) and action in self.permissions[file_name][user]:
            print(f"✅ {user} successfully performed '{action}' on '{file_name}'.")
        else:
            print("❌ Access Denied. You do not have the required permission.")

    def delete_file(self, user, file_name):
        """Allows the owner or a user with 'delete' permission to remove a file."""
        if file_name not in self.files:
            print("❌ File does not exist.")
            return

        if user == self.files[file_name] or "delete" in self.permissions.get(file_name, {}).get(user, {}):
            del self.files[file_name]
            del self.permissions[file_name]
            print(f"✅ {user} deleted the file '{file_name}'.")
        else:
            print("❌ Access Denied. You do not have delete permission.")

def main():
    dac = DAC()

    while True:
        print("\n1. Create File\n2. Grant Permission\n3. Revoke Permission\n4. Access File\n5. Delete File\n6. Exit")
        choice = input("Choose an option: ")

        if choice == "1":
            user = input("Enter your name: ")
            file_name = input("Enter file name: ")
            dac.create_file(user, file_name)

        elif choice == "2":
            owner = input("Enter your name (File Owner): ")
            file_name = input("Enter file name: ")
            target_user = input("Enter user to grant access: ")
            permission = input("Enter permission to grant (read/modify/delete): ").lower()
            dac.grant_permission(owner, file_name, target_user, permission)

        elif choice == "3":
            owner = input("Enter your name (File Owner): ")
            file_name = input("Enter file name: ")
            target_user = input("Enter user to revoke access from: ")
            permission = input("Enter permission to revoke (read/modify/delete): ").lower()
            dac.revoke_permission(owner, file_name, target_user, permission)

        elif choice == "4":
            user = input("Enter your name: ")
            file_name = input("Enter file name: ")
            action = input("Enter action (read/modify/delete): ").lower()
            dac.access_file(user, file_name, action)

        elif choice == "5":
            user = input("Enter your name: ")
            file_name = input("Enter file name: ")
            dac.delete_file(user, file_name)

        elif choice == "6":
            print("Exiting...")
            break

        else:
            print("❌ Invalid choice. Please try again.")

if __name__ == "__main__":
    main()



1. Create File
2. Grant Permission
3. Revoke Permission
4. Access File
5. Delete File
6. Exit
Choose an option: 1
Enter your name: Mizpa
Enter file name: report
✅ Mizpa created the file 'report'.

1. Create File
2. Grant Permission
3. Revoke Permission
4. Access File
5. Delete File
6. Exit
Choose an option: 2
Enter your name (File Owner): Mizpa
Enter file name: report
Enter user to grant access: Mingyu
Enter permission to grant (read/modify/delete): modify
✅ Mizpa granted 'modify' access on 'report' to Mingyu.

1. Create File
2. Grant Permission
3. Revoke Permission
4. Access File
5. Delete File
6. Exit
Choose an option: 2
Enter your name (File Owner): Mizpa
Enter file name: report
Enter user to grant access: Vernon
Enter permission to grant (read/modify/delete): read
✅ Mizpa granted 'read' access on 'report' to Vernon.

1. Create File
2. Grant Permission
3. Revoke Permission
4. Access File
5. Delete File
6. Exit
Choose an option: 4
Enter your name: Mingyu
Enter file name: report
Ente

In [None]:
class RBAC:
    def __init__(self):
        self.roles_permissions = {
            "doctor": {"view patient records", "prescribe medication"},
            "nurse": {"prescribe medication"},
            "admin": {"manage accounts"}
        }
        self.user_roles = {}

    def assign_role(self, user, role):
        role = role.lower()
        if role in self.roles_permissions:
            self.user_roles[user] = role
            print(f"✅ {user} is assigned the role of {role}.")
        else:
            print("❌ Invalid role. Choose from:", ", ".join(self.roles_permissions.keys()))

    def check_permission(self, user, action):
        action = action.lower()
        if user not in self.user_roles:
            print(f"❌ Error: '{user}' is not registered. Please assign a role first.")
            return
        role = self.user_roles.get(user)
        if action in self.roles_permissions.get(role, set()):
            print(f"✅ Access Granted: {user} ({role}) can perform '{action}'.")
        else:
            print(f"❌ Access Denied: {user} ({role}) is not authorized for '{action}'.")

def main():
    rbac = RBAC()
    while True:
        print("\n1. Assign Role\n2. Perform Action\n3. Exit")
        choice = input("Choose an option: ")
        if choice == "1":
            user = input("Enter name: ").strip()
            role = input("Enter role (doctor/nurse/admin): ").strip()
            rbac.assign_role(user, role)
        elif choice == "2":
            user = input("Enter name: ").strip()
            action = input("Enter action (view patient records/manage accounts/prescribe medication): ").strip()
            rbac.check_permission(user, action)
        elif choice == "3":
            print("Exiting...")
            break
        else:
            print("❌ Invalid choice. Please try again.")

if __name__ == "__main__":
    main()


1. Assign Role
2. Perform Action
3. Exit
Choose an option: 1
Enter name: Mizpa
Enter role (doctor/nurse/admin): Doctor
✅ Mizpa is assigned the role of doctor.

1. Assign Role
2. Perform Action
3. Exit
Choose an option: 1
Enter name: Mingyu
Enter role (doctor/nurse/admin): nurse
✅ Mingyu is assigned the role of nurse.

1. Assign Role
2. Perform Action
3. Exit
Choose an option: 
❌ Invalid choice. Please try again.

1. Assign Role
2. Perform Action
3. Exit
Choose an option: 1
Enter name: Vernon
Enter role (doctor/nurse/admin): admin
✅ Vernon is assigned the role of admin.

1. Assign Role
2. Perform Action
3. Exit
Choose an option: 2
Enter name: Mizpa
Enter action (view patient records/manage accounts/prescribe medication): view patient records
✅ Access Granted: Mizpa (doctor) can perform 'view patient records'.

1. Assign Role
2. Perform Action
3. Exit
Choose an option: 2
Enter name: Mizpa
Enter action (view patient records/manage accounts/prescribe medication): prescribe medication
✅ Ac

In [None]:
class CloudStorage:
    def __init__(self):
        self.devices = {"laptop work", "desktop work", "tablet work"}
        self.hours = (9, 17)

    def in_work_hours(self, hour):
        return self.hours[0] <= hour < self.hours[1]

    def valid_device(self, device):
        return device.lower() in self.devices

    def access(self, user, device, hour):
        if not self.in_work_hours(hour):
            return f"❌ Access Denied: {user}, outside work hours ({hour}:00)."
        if not self.valid_device(device):
            return f"❌ Access Denied: {user}, unapproved device."
        return f"✅ Access Granted: {user}, you can access the file."

storage = CloudStorage()

user = input("Enter your name: ").strip()
device = input("Enter your device: ").strip()

while True:
    try:
        hour = int(input("Enter current hour (0-23): ").strip())
        if 0 <= hour < 24:
            break
        print("❌ Invalid hour. Enter a number between 0 and 23.")
    except ValueError:
        print("❌ Invalid input. Enter a valid number.")

print(storage.access(user, device, hour))


Enter your name: Mizpa
Enter your device: laptop work
Enter current hour (0-23): 9
✅ Access Granted: Mizpa, you can access the file.
