#!/usr/bin/env python

"""
  to test with python

cmd1:env keystore=`pwd` ./attr.py 
"""

import os
import ABAC

keystore=os.environ["keystore"]

ctxt = ABAC.Context()
print "ABAC version %s" % ctxt.version()

ctxt.load_directory(keystore)

out = ctxt.context_principals()
print "...initial principal set..."
for x in out[1]:
    print "%s " % x.string()
print "\n" 

out = ctxt.context_credentials()
print "...initial policy attribute set..."
for c in out[1]:
    print "%s <- %s" % (c.head_string(), c.tail_string())
print "\n"

acmeID=ABAC.ID("Acme_ID.pem");
acmeID.id_load_privkey_file("Acme_private.pem");
acme=acmeID.id_keyid()

bobID=ABAC.ID("Bob_ID.pem");
bobID.id_load_privkey_file("Bob_private.pem");
bob=bobID.id_keyid()

aliceID=ABAC.ID("Alice_ID.pem");
aliceID.id_load_privkey_file("Alice_private.pem");
alice=aliceID.id_keyid()

globotronID=ABAC.ID("Globotron_ID.pem");
globotronID.id_load_privkey_file("Globotron_private.pem");
globotron=globotronID.id_keyid()

################################################
# [keyid:Acme].role:experiment_create 
#           <- [keyid:Acme].role:partner.role:experiment_create
head=ABAC.Role(acme,"experiment_create")
tail = ABAC.Role(acme,"partner","experiment_create")
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("Acme_experiment_create__Acme_partner_experiment_create_attr.der")
ctxt.load_attribute_file("Acme_experiment_create__Acme_partner_experiment_create_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

#################################################
# [keyid:Acme].role:partner <- [keyid:Globotron]
#
head=ABAC.Role(acme,"partner")
tail = ABAC.Role(globotron)
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("Acme_partner__Globotron_attr.der")
ctxt.load_attribute_file("Acme_partner__Globotron_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

#################################################
# [keyid:Globotron].role:expriment_create 
#           <- [keyid:Globotron].role:admin.role:power_user
head = ABAC.Role(acme,"experiment_create")
tail = ABAC.Role(globotron,"admin","power_user")
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("Globotron_experiment_create__Globotron_admin_power_user_attr.der")
ctxt.load_attribute_file("Globotron_experiment_create__Globotron_admin_power_user_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

#################################################
# [keyid:Globotron].role:admin <- [keyid:Alice]
head = ABAC.Role(globotron,"admin")
tail = ABAC.Role(alice)
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("Globotron_admin__Alice_attr.der")
ctxt.load_attribute_file("Globotron_admin__Alice_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

#################################################
# [keyid:Alice].role:power_user <- [keyid:Bob]
head = ABAC.Role(alice,"power_user")
tail = ABAC.Role(bob)
attr=ABAC.Attribute(head, 1800)
attr.attribute_add_tail(tail)
attr.attribute_bake()
attr.attribute_write_cert("Alice_power_user__Bob_attr.der")
ctxt.load_attribute_file("Alice_power_user__Bob_attr.der")
print attr.string() 
print attr.typed_string()
print "\n"

ctxt.dump_yap_db()
##