#!/bin/sh

#####################################################################
# This example demostrates how to use 'this' as a data term of a RT1 
# policy credential where it is implicitly translated to a variable.
#
# Credential 1 is the policy credential with 2 intersecting rules.
# A employee is up for a pay raise if the evaluator of the employee 
# affirms his/her good performance and the manager of the employee 
# affirms his/her pleasantness.
#
# Credential 2 is the policy credential that states an evaluator of
# an employee is also the manager of the employee.
#
# Credential 3, 4 and 5 state Bob is the evaluator of Maryann and she
# is showing good performance and is a nice coworker. Credential 6 and
# 7 state Bob is also the evaluator of Joe and he is showing good
# performance. But, there is no fact that says Joe is a nice coworker.
#
# The attached ./run_query file asks if a given principal is
# entitled to a pay raise. Maryann is but not Joe, because his manager
# did not affirm his pleasantness(but neither did he deny it)

# payraise_rt1

# [keyid:Alpha].role:payRaise <-?- [keyid:Maryann] (yes)
# [keyid:Alpha].role:payRaise <-?- [keyid:Joe] (no)

creddy --generate --cn Alpha
creddy --generate --cn Bob
creddy --generate --cn Maryann
creddy --generate --cn Joe

alpha_keyid=`creddy --keyid --cert Alpha_ID.pem`

bob_keyid=`creddy --keyid --cert Bob_ID.pem`
maryann_keyid=`creddy --keyid --cert Maryann_ID.pem`
joe_keyid=`creddy --keyid --cert Joe_ID.pem`

performance_qT="evaluatorOf([?this])"
niceguy_qT="managerOf([?this])"

manager_qZ="managerOf([principal:?Z])"
evaluator_qZ="evaluatorOf([principal:?Z])"

evaluator_m="evaluatorOf([keyid:$maryann_keyid])"
evaluator_j="evaluatorOf([keyid:$joe_keyid])"

# [keyid:alpha].role:payRaise <-
#           [keyid:alpha].role:evaluatorOf([?this]).role:goodPerformance &
#           [keyid:alpha].role:managerOf([?this]).role:niceCoworker
# Credential 1
creddy --attribute \
       --issuer Alpha_ID.pem --key Alpha_private.pem --role payRaise \
       --subject-cert Alpha_ID.pem --subject-link "$performance_qT" \
                                     --subject-role goodPerformance \
       --subject-cert Alpha_ID.pem --subject-link "$niceguy_qT" \
                                     --subject-role niceCoworker \
       --out Alpha_payraise__Alpha_performance_qT_niceguy_qT_attr.der

# [keyid:alpha].role:managerOf([principal:?Z])<-
#           [keyid:alpha].role:evaluatorOf([principal:?Z])
# Credential 2
creddy --attribute \
       --issuer Alpha_ID.pem --key Alpha_private.pem --role "$manager_qZ" \
       --subject-cert Alpha_ID.pem --subject-role "$evaluator_qZ" \
       --out Alpha_manager_qZ__Alpha_evaluator_qZ_attr.der

# [keyid:alpha].role:evaluatorOf([keyid:Maryann]) <-[keyid:Bob]
# Credential 3
creddy --attribute \
        --issuer Alpha_ID.pem --key Alpha_private.pem --role "$evaluator_m" \
        --subject-cert Bob_ID.pem \
        --out Alpha_evaluator_m__Bob_attr.der

# [keyid:Bob].role:goodPerformance <- [keyid:Maryann])
# Credential 4 
creddy --attribute \
        --issuer Bob_ID.pem --key Bob_private.pem --role goodPerformance \
        --subject-cert Maryann_ID.pem \
        --out Bob_goodperformance__Maryann_attr.der

# [keyid:Bob].role:niceCoworker <- [keyid:Maryann])
# Credential 5 
creddy --attribute \
        --issuer Bob_ID.pem --key Bob_private.pem --role niceCoworker \
        --subject-cert Maryann_ID.pem \
        --out Bob_niceworker__Maryann_attr.der

# [keyid:alpha].role:evaluatorOf([keyid:Joe]) <-[keyid:Bob]
# Credential 6
creddy --attribute \
        --issuer Alpha_ID.pem --key Alpha_private.pem --role "$evaluator_j" \
        --subject-cert Bob_ID.pem \
        --out Alpha_evaluator_j__Bob_attr.der

# [keyid:Bob].role:goodPerformance <- [keyid:Joe])
# Credential 7 
creddy --attribute \
        --issuer Bob_ID.pem --key Bob_private.pem --role goodPerformance \
        --subject-cert Joe_ID.pem \
        --out Bob_goodperformance__Joe_attr.der


#####################################################################
# 
# alpha.payRaise <- alpha.evaluatorOf(this).goodPerformance & 
#                   alpha.managerOf(this).niceCoworker
# [keyid:alpha].role:payRaise <-
#           [keyid:alpha].role:evaluatorOf([?this]).role:goodPerformance &
#           [keyid:alpha].role:managerOf([?this]).role:niceCoworker
#
# alpha.managerOf(this) <- alpha.evaluatorOf(this)
# [keyid:alpha].role:managerOf([?this])<-
#           [keyid:alpha].role:evaluatorOf([?this])
#
# alpha.evaluatorOf(Maryann)<-Bob
# [keyid:alpha].role:evaluatorOf([keyid:Maryann]) <-[keyid:Bob]
# Bob.goodPerformance<-Maryann
# [keyid:Bob].role:goodPerformance <- [keyid:Maryann])
# Bob.niceCoworker<-Maryann
# [keyid:Bob].role:niceCoworker <- [keyid:Maryann])
#
# alpha.evaluatorOf(Joe)<-Bob
# [keyid:alpha].role:evaluatorOf([keyid:Joe]) <-[keyid:Bob]
# Bob.goodPerformance<-Joe
# [keyid:Bob].role:goodPerformance <- [keyid:Joe])