#!/usr/bin/env python

"""
  to test with python

cmd1:env keystore=`pwd` ./query.py 
cmd2: env ABAC_CN=1 keystore=`pwd` ./query.py

"""

import os
import ABAC

ctxt = ABAC.Context()

# print "ABAC version %s" % ctxt.version()

keystore=os.environ["keystore"]

ctxt.load_directory(keystore)

acmeID=ABAC.ID("Acme_ID.pem");
acmeID.id_load_privkey_file("Acme_private.pem");
acme=acmeID.id_keyid()

coyoteID=ABAC.ID("Coyote_ID.pem");
coyoteID.id_load_privkey_file("Coyote_private.pem");
coyote=coyoteID.id_keyid()

warnerbrosID=ABAC.ID("WarnerBros_ID.pem");
warnerbrosID.id_load_privkey_file("WarnerBros_private.pem");
warnerbros=warnerbrosID.id_keyid()

batmanID=ABAC.ID("Batman_ID.pem");
batmanID.id_load_privkey_file("Batman_private.pem");
batman=batmanID.id_keyid()

##########################################################################
# role = "[keyid:Acme].role:buy_rockets"
# p = "[keyid:coyote]" 
role = ABAC.Role(acme,"buy_rockets")
p = ABAC.Role(coyote)

print "\n===good============ Acme.buy_rockets <- Coyote"
out = ctxt.query(role, p)

for c in out[1]:
    print "%s <- %s" % (c.head_string(), c.tail_string())


##########################################################################
# role = "[keyid:Acme].role:buy_rockets"
# p = "[keyid:batman]" 
role = ABAC.Role(acme,"buy_rockets")
p = ABAC.Role(batman)

print "\n===bad============ Acme.buy_rockets <- Batman"
out = ctxt.query(role, p)

for c in out[1]:
    print "%s <- %s" % (c.head_string(), c.tail_string())


##########################################################################
# dump the loaded principals/policies
#
out = ctxt.context_principals()
print "\n...final principal set..."
for x in out[1]:
    print "%s " % x.string()
print "\n"
out = ctxt.context_credentials()
print "\n...final policy attribute set..."
for c in out[1]:
    print "%s <- %s" % (c.head_string(), c.tail_string())
print "\n"