# raise_rt1_typed

pwd=`pwd`
eloc=`which abac_prover_yap | sed 's/\/abac_prover_yap//'`
if [ "$eloc" = "" ]; then
  echo "ERROR: abac_prover_yap is not in the search path!!!"
  exit 1
fi
keyloc=$pwd

alpha=`creddy --keyid --cert $keyloc/Alpha_ID.pem`

bob=`creddy --keyid --cert $keyloc/Bob_ID.pem`
maryann=`creddy --keyid --cert $keyloc/Maryann_ID.pem`
joe=`creddy --keyid --cert $keyloc/Joe_ID.pem`

alpha_payRaise="[keyid:$alpha].role:payRaise"

bob_prin="[keyid:$bob]"
maryann_prin="[keyid:$maryann]"
joe_prin="[keyid:$joe]"

# [keyid:alpha].role:payRaise <-?- [keyid:Maryann] (yes)
# [keyid:alpha].role:payRaise <-?- [keyid:Joe] (yes) 

## dump all credentials
$eloc/abac_prover_yap  --keystore $keyloc --dump creds_dump
#$eloc/abac_prover_yap  --keystore $keyloc --dbdump

# [keyid:alpha].role:payRaise <-?- [keyid:Joe] (no)
echo " "
echo "===bad============ alpha.payRaise <- Joe"
$eloc/abac_prover_yap  --keystore $keyloc --role "$alpha_payRaise" --principal "$joe_prin"

# [keyid:alpha].role:payRaise <-?- [keyid:Maryann] (yes)
echo " "
echo "===good============ alpha.payRaise <- Maryann"
$eloc/abac_prover_yap  --keystore $keyloc --role "$alpha_payRaise" --principal "$maryann_prin"