#!/usr/bin/env python

"""
  to test with python

cmd1:env keystore=`pwd` alpha=`creddy --keyid --cert Alpha_ID.pem` bob=`creddy --keyid --cert Bob_ID.pem` ./query.py
cmd2: env ABAC_CN=1 keystore=`pwd` alpha=`creddy --keyid --cert Alpha_ID.pem` bob=`creddy --keyid --cert Bob_ID.pem` ./query.py

"""

import os
import ABAC

ctxt = ABAC.Context()

keystore=os.environ["keystore"]
alpha=os.environ["alpha"]
bob=os.environ["bob"]

ctxt.load_directory(keystore)

role ="[keyid:%s].role:access([string:'Read'],[urn:'file//fileA'])" % alpha
p = "[keyid:%s]" % bob

out = ctxt.query(role, p)
print out

for c in out[1]:
    print "%s <- %s" % (c.head().string(), c.tail().string())