#
# This example demonstrates linking parameterized roles and delegating across
# institutions.  There are 4 principals USC, ISI, John, and Maryann.  USC and
# ISI are companies, and USC owns ISI.  USC sets the policy that the manager of
# a principal (an employee) has the role of evaluating that employee (and no
# others).  That policy is expressed in Credential 1.  Credential 2 says that
# ISI's assignment of manager roles is accepted by USC.  Similarly Credential 4
# says that any ISI employee is a USC employee.
#
# Credential 3 encodes ISI asserting that John is the manager of Maryann and
# credentials 5 and 6 idicate that John and Maryann are ISI employees.
# 
# The query.py script queries that USC grants John the role of evaluator
# of Maryann, that ISI asserts John is Maryann's manager and that John is an
# ISI employee.

# evaluator_rt1

# Credential 1
#[keyid:USC].role:evaluatorOf([principal:?K])
#                                  <-[keyid:USC].role:managerOf([principal:?K])

# Credential 2
#[keyid:USC].role:managerOf([principal:?K])
#                                  <-[keyid:ISI].role:managerOf([principal:?K])

# Credential 3
#[keyid:ISI].role:managerOf([keyid:Maryann]) <- [keyid:John]

# Credential 4
#[keyid:USC].role:employee <- [keyid:ISI].role:employee

# Credential 5
#[keyid:ISI].role:employee  <- [keyid:Maryann]

# Credential 6
#[keyid:ISI].role:employee <- [keyid:John]