#!/bin/sh 

#####################################################################
# scenario #1
#    Explore simple user and project relationship
#
#  Drd, a geniPI, created a project 'proj1' 
#
unset ABAC_CN
keyloc=`pwd`
sidx=s1

makeWho() {
    WHO=$1
    rm -rf ${WHO}_*.pem
    creddy --generate --cn ${WHO}
}
makeWho GR
makeWho IDP
makeWho EXO
makeWho Drd

g=`creddy --keyid --cert $keyloc/G_ID.pem`
gr=`creddy --keyid --cert $keyloc/GR_ID.pem`
pa=`creddy --keyid --cert $keyloc/PA_ID.pem`
sa=`creddy --keyid --cert $keyloc/SA_ID.pem`
idp=`creddy --keyid --cert $keyloc/IDP_ID.pem`
drd=`creddy --keyid --cert $keyloc/Drd_ID.pem`

pname=${sidx}_yap_clauses
namespace=access1
sfile=sfile_${sidx}

idp_gUser()
{
eval "namename=[keyid:\$$1]"
attr="[keyid:$idp].role:geniUser <- $namename"
name=${sidx}_IDP_gUser__$1_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
}

###############################################################################
echo "s/$g/G/g "  > $sfile 
echo "s/$gr/GR/g "  >> $sfile 
echo "s/$pa/PA/g "  >> $sfile
echo "s/$sa/SA/g "  >> $sfile
echo "s/$idp/IDP/g "  >> $sfile
echo "s/$drd/Drd/g "  >> $sfile

# G.geniRoot <- GR 
attr="[keyid:$g].role:geniRoot <- [keyid:$gr]"
name=${sidx}_G_geniRoot__gr_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# GR.sliceAuthority <- SA
attr="[keyid:$gr].role:sliceAuthority <- [keyid:$sa]"
name=${sidx}_GR_sliceAuthority__sa_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# GR.identityProvider <- IDP
attr="[keyid:$gr].role:identityProvider <- [keyid:$idp]"
name=${sidx}_GR_identityProvider__idp_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# GR.projectAuthority <- PA
attr="[keyid:$gr].role:projectAuthority <- [keyid:$pa]"
name=${sidx}_GR_projAuthority__pa_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# IDP.geniUser <- Drd
idp_gUser drd

# IDP.geniPI <- Drd
attr="[keyid:$idp].role:geniPI <- [keyid:$drd]"
name=${sidx}_IDP_geniPI__drd_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

## drd requesting a proj1 from pa
# Drd.project <- 'proj1'
attr="[keyid:$drd].oset:project <- [string:'proj1']"
name=${sidx}_Drd_project__proj1_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# PA.standard <- 'proj1'
attr="[keyid:$pa].oset:standard <- [string:'proj1']"
name=${sidx}_PA_standard__proj1_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# PA.owner('proj1') <- Drd 
attr="[keyid:$pa].role:owner([string:'proj1']) <- [keyid:$drd]"
name=${sidx}_PA_owner_proj1__drd_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# PA.root('proj1') <-Drd
attr="[keyid:$pa].role:root([string:'proj1']) <- [keyid:$drd]"
name=${sidx}_PA_root_proj1__drd_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace