source: examples/acme_rockets_rt0_typed/rr @ e88c95b

rm -rf creds_dump

eloc=/home/mei/Deter/abac/libabac
keyloc=/home/mei/Deter/abac/examples/acme_rockets_rt0_typed

acme=`creddy --keyid --cert $keyloc/Acme_ID.pem`
coyote=`creddy --keyid --cert $keyloc/Coyote_ID.pem`

preferred_customer="[keyid:$acme].role:preferred_customer"
buy_rockets="[keyid:$acme].role:buy_rockets"
coyote_prin="[keyid:$coyote]"
friend="[keyid:$acme].role:friend"
acme_prin="[keyid:$acme]"

## dump all credentials
$eloc/abac_prover_yap  --keystore $keyloc --dump creds_dump

#[keyid:Acme].role:preferred_customer <-?- [keyid:Coyote] yap
#isMember(pCoyote, role(pAcme,preferred_customer), C).
echo "  "
echo "===good============ Acme.preferred_customer <- Coyote yap "
$eloc/abac_prover_yap  --keystore $keyloc \
      --role "$preferred_customer" --principal "$coyote_prin"

#[keyid:Acme].role:buy_rockets <-?- [keyid:Coyote] yap
#isMember(pCoyote, role(pAcme,buy_rockets), C).
echo "  "
echo "===good=============== Acme.buy_rockets <- Coyote yap"
$eloc/abac_prover_yap  --keystore $keyloc \
        --role "$buy_rockets" --principal "$coyote_prin"

## this is not suppose to work
#[keyid:Acme].role:buy_rockets <-?- [keyid:Acme].role:preferred_customer yap
echo "  "
echo "===bad=============== Acme.buy_rockets <- Acme.preferred_customer yap"
$eloc/abac_prover_yap  --keystore $keyloc \
        --role "$buy_rockets" --principal "$preferred_customer"

#[keyid:Coyote].role:friend <-?- [keyid:Acme] yap
#isMember(pAcme, role(pCoyote,friend), C).
echo "  "
echo "===bad=============== Coyote.friend <- Acme yap"
$eloc/abac_prover_yap  --keystore $keyloc \
        --role "$friend" --principal "$acme_prin"