source: examples/access_tests/creddy_prover/scenario_s6.sh @ 11ca336

#!/bin/sh 

#####################################################################
# scenario #6
#     Explores relationship between slice, createSlice, and gmoc and 
#     projects
#
# Drd is the owner of proj1, a standard project
# Drd grants memberQ/instantiate permission to Dan
# Drd grants memberQ/info permission to Frank
# SA let Dan be a geniProxy
# SA accepts PA as the projectAuthority
# SA accepts Alice as a gmoc
# SA accepts SliceA as a stadard slice and proj1 as standard project
# SA let Dan speaks for Drd
# Lisa is a geniProxy and speaks for Frank
#
unset ABAC_CN
keyloc=`pwd`
sidx=s6

makeWho() {
    WHO=$1
    rm -rf ${WHO}_*.pem
    creddy --generate --cn ${WHO}
}
makeWho GR
makeWho IDP
makeWho EXO
makeWho GM
makeWho Drd
makeWho Dan
makeWho Frank
makeWho Alice
makeWho Lisa

g=`creddy --keyid --cert $keyloc/G_ID.pem`
gr=`creddy --keyid --cert $keyloc/GR_ID.pem`
pa=`creddy --keyid --cert $keyloc/PA_ID.pem`
sa=`creddy --keyid --cert $keyloc/SA_ID.pem`
idp=`creddy --keyid --cert $keyloc/IDP_ID.pem`
exo=`creddy --keyid --cert $keyloc/EXO_ID.pem`
gm=`creddy --keyid --cert $keyloc/GM_ID.pem`
drd=`creddy --keyid --cert $keyloc/Drd_ID.pem`
dan=`creddy --keyid --cert $keyloc/Dan_ID.pem`
frank=`creddy --keyid --cert $keyloc/Frank_ID.pem`
alice=`creddy --keyid --cert $keyloc/Alice_ID.pem`
lisa=`creddy --keyid --cert $keyloc/Lisa_ID.pem`

pname=${sidx}_yap_clauses
namespace=access1
sfile=sfile_${sidx}

sa_gUser()
{
eval "namename=[keyid:\$$1]"
attr="[keyid:$sa].role:geniUser <- $namename"
name=${sidx}_SA_gUser__$1_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
}

## drd requesting a sliceA from sa 
## makeSlice $drd proj1 sliceA Drd
makeSlice() {
   proj="'$2'"
   what="'$3'"
# SA.qualifiedProject <- 'proj1'
   attr="[keyid:$sa].oset:qualifiedProject <- [string:$proj]"
   name=${sidx}_SA_qualProject__$2_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# SA.inProject('proj1') <- 'sliceA'
   attr="[keyid:$sa].oset:inProject([string:$proj]) <- [string:$what]"
   name=${sidx}_SA_inProject_$2__$3_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# Drd.slice <- 'sliceA'
   attr="[keyid:$1].oset:slice <- [string:$what]"
   name=${sidx}_$4_slice__$3_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# SA.standard <- 'sliceA'
   attr="[keyid:$sa].oset:standard <- [string:$what]"
   name=${sidx}_SA_standard__$2_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# SA.owner('sliceA') <- Drd
   attr="[keyid:$sa].role:owner([string:$what]) <- [keyid:$1]"
   name=${sidx}_SA_owner_$2__$3_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# SA.root('sliceA') <-Drd
   attr="[keyid:$sa].role:root([string:$what]) <- [keyid:$1]"
   name=${sidx}_SA_root_$2__$3_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
}

## drd requesting a proj1 from pa
## makeProject $drd proj1 Drd
makeProject() {
   what="'$2'"
# Drd.project <- 'proj1'
   attr="[keyid:$1].oset:project <- [string:$what]"
   name=${sidx}_$3_project__$2_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# PA.standard <- 'proj1'
   attr="[keyid:$pa].oset:standard <- [string:$what]"
   name=${sidx}_PA_standard__$2_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# PA.owner('proj1') <- Drd
   attr="[keyid:$pa].role:owner([string:$what]) <- [keyid:$1]"
   name=${sidx}_PA_owner_$2__$3_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
# PA.root('proj1') <-Drd
   attr="[keyid:$pa].role:root([string:$what]) <- [keyid:$1]"
   name=${sidx}_PA_root_$2__$3_attr.der
   creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace
}


###############################################################################
echo "s/$g/G/g "  > $sfile 
echo "s/$gr/GR/g "  >> $sfile 
echo "s/$sa/SA/g "  >> $sfile
echo "s/$pa/PA/g "  >> $sfile
echo "s/$idp/IDP/g "  >> $sfile
echo "s/$exo/EXO/g "  >> $sfile
echo "s/$gm/GM/g "  >> $sfile
echo "s/$drd/Drd/g "  >> $sfile
echo "s/$dan/Dan/g "  >> $sfile
echo "s/$frank/Frank/g "  >> $sfile
echo "s/$alice/Alice/g "  >> $sfile
echo "s/$lisa/Lisa/g "  >> $sfile

# SA.geniProxy <- Lisa
attr="[keyid:$sa].role:geniProxy <- [keyid:$lisa]"
name=${sidx}_SA_gProxy__lisa_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# G.geniRoot <- GR 
attr="[keyid:$g].role:geniRoot <- [keyid:$gr]"
name=${sidx}_G_geniRoot__gr_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# GR.sliceAuthorithority <- SA
attr="[keyid:$gr].role:sliceAuthority <- [keyid:$sa]"
name=${sidx}_GR_sliceAuthority__sa_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# GR.identityProvider <- IDP
attr="[keyid:$gr].role:identityProvider <- [keyid:$idp]"
name=${sidx}_GR_identityProvider__idp_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# GR.projectAuthority <- PA
attr="[keyid:$gr].role:projectAuthority <- [keyid:$pa]"
name=${sidx}_GR_projAuthority__pa_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

#???, SA trusts PA as the projectAuthority
# SA.projectAuthority <- PA
attr="[keyid:$sa].role:projectAuthority <- [keyid:$pa]"
name=${sidx}_SA_projAuthority__pa_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# SA.gmoc <- Alice
attr="[keyid:$sa].role:gmoc <- [keyid:$alice]"
name=${sidx}_SA_gmoc__alice_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace


# GR.aggregate <- EXO
attr="[keyid:$gr].role:aggregate <- [keyid:$exo]"
name=${sidx}_GR_aggregate__exo_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

# IDP.geniUser <- Drd
sa_gUser drd
sa_gUser dan
sa_gUser frank

makeProject $drd proj1 Drd
makeSlice $drd proj1 sliceA Drd

# IDP.geniPI <- Drd
attr="[keyid:$idp].role:geniPI <- [keyid:$drd]"
name=${sidx}_IDP_geniPI__drd_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

## Drd gives memberQ/instantiate permission on proj1 to Dan
attr="[keyid:$drd].role:memberQ([string:'proj1'],[string:'instantiate']) <- [keyid:$dan]"
name=${sidx}_PA_memberQ_proj1_instantiate__dan_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

## Drd gives memberQ/info permission on proj1 to Frank
attr="[keyid:$drd].role:memberQ([string:'proj1'],[string:'info']) <- [keyid:$frank]"
name=${sidx}_PA_memberQ_proj1_info__frank_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace

## SA let Dan speaks for Drd
## SA.speaksFor(?C:(SA.projectAuthority).memberQ(?P, "instantiate"))
attr="[keyid:$sa].role:speaksFor([keyid:$dan]) <- [keyid:$lisa]"
name=${sidx}_SA_speaksfor_dan__lisa_attr.der
creddy --attrnow --string "$attr" --out $name --out_prolog $pname --namespace $namespace