-
Notifications
You must be signed in to change notification settings - Fork 8
/
hails.cabal
215 lines (191 loc) · 5.31 KB
/
hails.cabal
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
Name: hails
Version: 0.11.2.1
build-type: Simple
License: MIT
License-File: LICENSE
Author: Hails team
Maintainer: Hails team <hails at scs dot stanford dot edu>
Synopsis: Multi-app web platform framework
Category: Web
Cabal-Version: >= 1.8
Description:
The rise of web platforms and their associated /apps/ represents a
new way of developing and deploying software. Sites such as
Facebook and Yammer are no longer written by a single entity, but
rather are freely extended by third-party developers offering
competing features to users.
.
Allowing an app to access more user data allows developers to build
more compelling products. It also opens the door to accidental or
malicious breaches of user privacy. In the case of a website like
Facebook, exposing access to a user's private messages would allow
an external developer to build a search feature. Exciting! But,
another developer can take advantage of this feature to build an app
that mines private messages for credit card numbers, ad keywords, or
other sensitive data.
.
Frameworks such as Ruby on Rails, Django, Yesod, etc. are geared
towards building monolithic web sites. And, they are great for
this! However, they are not designed for websites that integrate
third-party code, and thus lack a good mechanism for building such
multi-app platforms without sacrificing a user's security or an
app's functionality.
.
Hails is explicitly designed for building web /platforms/, where it
is expected that a site will comprise many mutually-distrustful
components written by a variety of entities. We built Hails around
two core design principles.
.
* Separation of policy:
Data access policies should be concisely specified alongside data
structures and schemas, rather than strewn throughout the
codebase in a series of conditionals. Code that implements this
is called a /policy module/ in Hails (see "Hails.PolicyModule").
.
* Mandatory access control (MAC):
Data access policies should be mandatory even once code has
obtained access to data. MAC lets platform components modules
productively interact by sharing data, despite mutual distrust.
Haskell lets us implement MAC at a fine grained level using the
information flow control library "LIO".
.
A Hails platform hosts two types of code: /apps/ and /policy
modules/. Apps encompass what would traditionally be considered
controller and view logic. Policy modules are libraries that
implement both the model and the data security policy. They are
invoked directly by apps or other policy modules, but run with
different privileges from the invoking code. Both apps and policy
modules can be implemented by untrusted third parties, with the user
only needing to trust the policy module governing the data in
question. Separating of policy code from app code allows users to
inspect and more easily unserstand the overall security provided by
the system, while MAC guarantees that these policies are enforced
in an end-to-end fashion.
Extra-source-files:
examples/simpleDBExample.hs
examples/SimpleApp.hs
examples/httpClientExample.hs
Source-repository head
Type: git
Location: git://github.com/scslab/hails.git
Library
Build-Depends:
base < 6
,transformers
,mtl
,containers
,bytestring
,text
,parsec
,binary
,time
,lio >= 0.11
,base64-bytestring
,bson
,mongoDB
,network
,http-conduit >= 2.1.0
,conduit
,conduit-extra
,resourcet
,exceptions
,wai >= 2.1 && < 3.0
,wai-app-static
,wai-extra
,http-types
,authenticate
,cookie
,blaze-builder
,failure
,SHA
GHC-options: -Wall -fno-warn-orphans
Exposed-modules:
Hails.Data.Hson
Hails.Data.Hson.TCB
Hails.Database
Hails.Database.Core
Hails.Database.TCB
Hails.Database.Query
Hails.Database.Query.TCB
Hails.Database.Structured
Hails.HttpServer
Hails.HttpServer.Auth
Hails.HttpServer.Types
Hails.PolicyModule
Hails.PolicyModule.DSL
Hails.PolicyModule.Groups
Hails.PolicyModule.TCB
Hails.HttpClient
Hails.Version
Hails.Web
Hails.Web.User
Hails.Web.Controller
Hails.Web.Frank
Hails.Web.REST
Hails.Web.Responses
Hails.Web.Router
Other-modules:
Paths_hails
Executable hails
Main-is: hails.hs
ghc-options: -package ghc -Wall -fno-warn-orphans
Build-Depends:
base < 6
,transformers
,mtl
,containers
,bytestring
,text
,parsec
,binary
,time
,lio >= 0.11
,base64-bytestring
,bson
,mongoDB
,network
,http-conduit >= 2.1.0
,conduit
,conduit-extra
,resourcet
,exceptions
,wai >= 2.1 && < 3.0
,wai-extra
,wai-app-static
,warp
,http-types
,authenticate
,cookie
,blaze-builder
,directory
,filepath
,unix
,ghc-paths
,SHA
,hint
,hails
test-suite tests
type: exitcode-stdio-1.0
hs-source-dirs: tests
main-is: Tests.hs
ghc-options: -threaded -rtsopts -Wall -fno-warn-orphans
build-depends:
hails
,base
,containers
,unix
,time
,text
,QuickCheck
,HUnit
,quickcheck-instances
,test-framework
,test-framework-quickcheck2
,test-framework-hunit
,lio
,quickcheck-lio-instances
,bson
,mongoDB
,wai
,wai-test
,http-types