# evaluator_rt1_typed

pwd=`pwd`
eloc=`which abac_prover_yap | sed 's/\/abac_prover_yap//'`
if [ "$eloc" = "" ]; then
  echo "ERROR: abac_prover_yap is not in the search path!!!"
  exit 1
fi
keyloc=$pwd

isi=`creddy --keyid --cert ISI_ID.pem`
usc=`creddy --keyid --cert USC_ID.pem`
maryann=`creddy --keyid --cert Maryann_ID.pem`
john=`creddy --keyid --cert John_ID.pem`

usc_employee="[keyid:$usc].role:employee"
usc_eval_maryann="[keyid:$usc].role:evaluatorOf([keyid:$maryann])"
isi_manager_maryann="[keyid:$isi].role:managerOf([keyid:$maryann])"
john_prin="[keyid:$john]"

## dump all credentials
$eloc/abac_prover_yap  --keystore $keyloc --dump creds_dump

#[keyid:USC].role:evaluatorOf([keyid:Maryann]) <-?- [keyid:John]
echo " "
echo "===good============ USC.evaluatorOf(Maryann) <- John"
$eloc/abac_prover_yap  --keystore $keyloc --role "$usc_eval_maryann" --principal "$john_prin"

#[keyid:ISI].role:managerOf([keyid:Maryann]) <-?- [keyid:John]
echo " "
echo "===good============ ISI.managerOf(Maryann) <- John"
$eloc/abac_prover_yap  --keystore $keyloc --role "$isi_manager_maryann" --principal "$john_prin"


#[keyid:USC].role:employee <- [keyid:John]"
#USC.employee <-?- John
echo " "
echo "===good============  USC.employee <-?- John"
$eloc/abac_prover_yap  --keystore $keyloc --role "$usc_employee" --principal "$john_prin"