#!/usr/bin/env python

"""
Run the queries described in README

cmd2: env ABAC_CN=1 keystore=`pwd` ./query.py

"""

import os
import ABAC

ctxt = ABAC.Context()

# Keystore is the directory containing the principal credentials.
# Load existing principals and/or policy credentials
if (os.environ.has_key("keystore")) :
    keystore=os.environ["keystore"]
    ctxt.load_directory(keystore)
else:
    print("keystore is not set...")
    exit(1)

##########################################################################
# dump the loaded principals/policies
#

fd=os.open("creds_dump",os.O_WRONLY|os.O_CREAT)
out = ctxt.context_principals()
for x in out[1]:
    os.write(fd, x.string())
    os.write(fd,"\n")
out = ctxt.context_credentials()
for c in out[1]:
    string="%s <- %s" % (c.head_string(), c.tail_string())
    os.write(fd,string) 
    os.write(fd,"\n")
os.close(fd)

##########################################################################
# Does John0 likes JohnX ?
# role = [keyid:JohnX].role:after 
# p [Keyid:john0]
bid="John%s_ID.pem"% #VAL#
bID=ABAC.ID(bid)
b=bID.id_keyid()

aID=ABAC.ID("John0_ID.pem")
a=aID.id_keyid()

role = ABAC.Role(a,"likes")
p = ABAC.Role(b)

print "\n===bad============ john0.likes <- johnX "
out = ctxt.query(role, p)
for c in out[1]:
    print "%s <- %s" % (c.head_string(), c.tail_string())

#### border case for VAL=0 (faking it) #### 
if ( #VAL# == 0) :
    print "YAP query failed (fake)\n"