#! /usr/bin/env perl

use v5.10.1;
use strict;
use warnings;
use Mail::Internet;
use Pod::Usage;

use lib "../../";

use ACU::Log;
use ACU::LDAP;
use ACU::Process;

our $ou = "intra";

my %group_actions =
(
 "new" => \&_new,
 "add" => \&_add,
 "delete" => \&_delete,
 "flush" => \&_flush,
 "remove" => \&_remove,
 "update" => \&_update,
);

my %user_actions =
(
 "add" => \&_add,
 "flush" => \&_flush,
 "remove" => \&_remove,
 "update" => \&_update,
);

my $_get_type;

sub _new($$$)
{
    my $ldap = shift;
    my $dn = shift;
    my $args = shift;

    # Add group
    if (LDAP::add_group($ldap, $args->{param}{cn}, $args->{param}{year}) eq $dn)
    {
	if ($args->{param}{type}) {
	    group_add $dn, $args;
	}
    }
}

sub _add($$$)
{
    my $ldap = shift;
    my $dn = shift;
    my $args = shift;

    my $cnt_type = $_get_type->($args->{param});

    log TRACE, $args;

    # Add content if any
    for (my $i = $args->{unamed}; $i > 0; $i--) {
	LDAP::add_attribute($ldap, $dn, $cnt_type, $args->{param}{$i});
    }
}

sub _delete($$$)
{
    return LDAP::delete_entry($_[0], $_[1]);
}

sub _flush($$)
{
    my $ldap = shift;
    my $dn = shift;
    my $args = shift;

    my $cnt_type = $_get_type->($args->{param});

    return LDAP::flush_attribute($ldap, $dn, $cnt_type);
}

sub _remove($$)
{
    my $ldap = shift;
    my $dn = shift;
    my $args = shift;

    my $cnt_type = $_get_type->($args->{param});

    my @data;
    for (my $i = $args->{unamed}; $i > 0; $i--) {
	push @data, $args->{param}{$i};
    }

    return LDAP::delete_attribute($ldap, $dn, $cnt_type, @data);
}

sub _update($$)
{
    my $ldap = shift;
    my $dn = shift;
    my $args = shift;

    my $cnt_type = $_get_type->($args->{param});

    return user_update($ldap, $dn, $args) if ($cnt_type eq "userInfos");

    my @data;
    for (my $i = $args->{unamed}; $i > 0; $i--) {
	push @data, $args->{param}{$i};
    }

    return LDAP::update_attribute($ldap, $dn, $cnt_type, @data);
}

sub user_update($$)
{
    my $ldap = shift;
    my $dn = shift;
    my $args = shift;

    LDAP::update_attribute($ldap, $dn, "cn", $args->{param}{cn}) if ($args->{param}{cn});
    LDAP::update_attribute($ldap, $dn, "cn", $args->{param}{firstname}." ".$args->{param}{lastname}) if ($args->{param}{firstname} && $args->{param}{lastname});
    LDAP::update_attribute($ldap, $dn, "l", $args->{param}{l}) if ($args->{param}{l});
    LDAP::update_attribute($ldap, $dn, "mail", $args->{param}{mail}) if ($args->{param}{mail});
    LDAP::update_attribute($ldap, $dn, "postalAddress", $args->{param}{postalAddress}) if ($args->{param}{postalAddress});
    LDAP::update_attribute($ldap, $dn, "postalCode", $args->{param}{postalCode}) if ($args->{param}{postalCode});
    LDAP::update_attribute($ldap, $dn, "sn", $args->{param}{sn}) if ($args->{param}{sn});
    LDAP::update_attribute($ldap, $dn, "telephoneNumber", $args->{param}{telephoneNumber}) if ($args->{param}{telephoneNumber});
    LDAP::update_attribute($ldap, $dn, "strongAuthKey", $args->{param}{strongAuthKey}) if ($args->{param}{strongAuthKey});
    LDAP::update_attribute($ldap, $dn, "c", $args->{param}{c}) if ($args->{param}{c});
    LDAP::update_attribute($ldap, $dn, "title", $args->{param}{title}) if ($args->{param}{title});
    LDAP::update_attribute($ldap, $dn, "intraTheme", $args->{param}{intraTheme}) if ($args->{param}{intraTheme});
    LDAP::update_attribute($ldap, $dn, "birthdate", $args->{param}{birthdate}) if ($args->{param}{birthdate});
}

sub alert_mail($$$$@)
{
    my $ldap = shift;
    my $login = shift;
    my $dn = shift;
    my $action = shift;
    my @args = @_;

    my $to_name = LDAP::get_attribute($ldap, $dn, "cn");
    $to_name =~ s/(<|>)//g;
    my $to = LDAP::get_attribute($ldap, $dn, "mail");

    my $subject = "Mise à jour des clefs SSH";
    $subject = "Nouvelle clef SSH" if($action eq "add");
    $subject = "Suppression d'une clef SSH" if($action eq "remove");

    my $message = "Vous recevez ce message suite ";

    if ($action eq "flush") {
	$message .= "au vidage de vos clefs SSH.";
    }
    elsif ($action eq "update") {
	$message .= "au remplacement de vos clefs SSH.\n\nVoici la liste des clefs SSH active pour votre compte :\n";
    }
    else
    {
	$message .= "à l'ajout " if ($action eq "add");
	$message .= "à la suppression " if ($action eq "remove");

	$message .= "d'une clef" if ($#args == 0);
	$message .= "de plusieurs clefs" if ($#args > 0);

	$message .= " SSH :\n";
    }

    for my $key (@args) {
	chomp $key;
	$message .= "  - $key\n"
    }

    my $email = Mail::Internet->new();
    $email->add( "To", "$to_name <$to>" );
    $email->add( "From", "Roots assistants <admin\@acu.epita.fr>" );
    $email->add( "Subject", "[INTRA][SSH] $subject" );
    $email->body("Bonjour,

$message

Si vous n'êtes pas à l'origine de cette requête, vous pouvez modifier vos clefs
SSH sur la page : https://www.acu.epita.fr/users/users/sshkeys

Cordialement,

-- 
Les roots
");
    $email->send();
}


sub group_get_type($)
{
    my $param = shift;

    my $type = $param->{type} // "members";

    # Extract data type
    if ($type eq "members") {
	return "memberUid";
    }
    elsif ($type eq "rights") {
	return "intraRight" ;
    }
    else {
	die ("Unknown type to add: ".$type);
    }
}

sub user_get_type($)
{
    my $param = shift;

    my $type = $param->{type} // "userInfos";

    # Extract data type
    if ($type eq "rights") {
	return "intraRight" ;
    }
    elsif ($type eq "sshkeys") {
	return "sshPublicKey" ;
    }
    elsif ($type eq "userInfos") {
	return "userInfos" ;
    }
    else {
	die ("Unknown type to add: ".$type);
    }
}


sub process_group
{
    my ($given_args, $args) = @_;

    my $year = $args->{param}{year} // LDAP::get_year;
    my $dn = "cn=".$args->{param}{cn}.",ou=$year,ou=$ou,ou=groups,dc=acu,dc=epita,dc=fr";
    my $action = $args->{param}{action} // "update";

    # Read action
    if (! exists $group_actions{$action}) {
	return "Unknown command for update_group: ". $action;
    }

    my $ldap = LDAP::ldap_connect();

    $group_actions{$action}($ldap, $dn, $args);

    $ldap->unbind or warn "couldn't disconnect correctly";

    return "Ok";
}

sub process_user
{
    my ($given_args, $args) = @_;

    my $action = $args->{param}{action} // "update";

    # Read action
    if (! exists $user_actions{$action}) {
	return "Unknown command for update_user: ". $action;
    }

    my $ldap = LDAP::ldap_connect();

    my $dn = LDAP::search_dn($ldap, "ou=users", "uid=".$args->{param}{uid});

    $user_actions{$action}($ldap, $dn, $args);

    if ($args->{param}{type} && $args->{param}{type} eq "sshkeys" && $args->{param}{"uid"})
    {
	my @ssh_name;
	for (my $i = $args->{unamed}; $i > 0; $i--) {
	    my $name = $args->{param}{$i};
	    $name =~ s/^.+ .+ (.+)$/$1/;
	    push @ssh_name, $name;
	}

	alert_mail($ldap, $args->{param}{"uid"}, $dn, $action, @ssh_name);
	Process::Client::launch("sync_ssh_keys", { "action" => "update", "__0" => $args->{param}{"uid"} }, 1);
    }

    $ldap->unbind or warn "couldn't disconnect correctly";

    return "Ok";
}

if ($0 =~ /^update_group/) {
    $_get_type = \&group_get_type;
    Process::register("update_group", \&process_group);
}
elsif ($0 =~ /^update_user/) {
    $_get_type = \&user_get_type;
    Process::register("update_user", \&process_user);
}
else {
    die ("Bad filename.");
}