#!/usr/bin/env python

from sys import argv, exit
from ABAC import Context
from ABAC import ID, Attribute, Role

## initial context
ctxt = Context()

if len(argv) != 4:
    print "Usage: abac_attr.py <cert.pem> <key.pem> <attr.der>"
    exit(1)

# load the ID and its key
id = None
try:
    id = ID(argv[1])
    id.id_load_privkey_file(argv[2])
except Exception, e:
    print "Problem loading cert: %s" % e
    exit(1)

# load the id into the context
ctxt.load_id_chunks(id.id_cert_chunk(), id.id_privkey_chunk())
# another way to load the id into the context
# ctxt.load_id(id)

# create an attribute cert
head= Role(id.id_keyid(),"delicious")
tail= Role(id.id_keyid())

attr = Attribute(head, 1800)
print "making it..."
attr.attribute_add_tail(tail)
attr.attribute_bake()

# load attribute cert into the context
ctxt.load_attribute_chunk(attr.cert_chunk())

# another way to load the attribute cert into the context,
# ctxt.load_attribute(attr)

# yet another way to load the attribute cert into the context,
attr.attribute_write_cert(argv[3])
# ctxt.load_attribute_file(argv[3])

# what is in prolog db
# ctxt.dump_yap_db()

# run a proof
role = Role(id.id_keyid(),"delicious")
p=Role(id.id_keyid())

out = ctxt.query(role, p)
for c in out[1]:
    print "%s <- %s" % (c.head_string(), c.tail_string())