package org.openslx.taskmanager.tasks;

import java.io.File;

import org.openslx.satserver.util.Exec;
import org.openslx.satserver.util.Util;
import org.openslx.taskmanager.api.AbstractTask;

import com.google.gson.annotations.Expose;

/**
 * Task for enabling or disabling https support in lighttpd.
 * Can greate a self-signed cert on the fly, or use a supplied one.
 */
public class LighttpdHttps extends AbstractTask
{

	private Output status = new Output();

	@Expose
	private String importcert = null;
	@Expose
	private String importkey = null;
	@Expose
	private String importchain = null;

	@Expose
	private String proxyip = null;

	@Override
	protected boolean initTask()
	{
		this.setStatusObject( this.status );
		return true;
	}

	@Override
	protected boolean execute()
	{
		if ( this.importcert != null && this.importkey != null && !this.importcert.isEmpty() && !this.importkey.isEmpty() )
			return createFromInput();
		if ( this.proxyip != null && !this.proxyip.isEmpty() )
			return createRandom();
		return disableHttps();
	}

	private boolean createRandom()
	{
		int ret = Exec.sync( 15, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--random", this.proxyip );
		if ( ret != 0 ) {
			status.error = "generator exited with code " + ret;
			return false;
		}
		return true;
	}

	private boolean createFromInput()
	{
		// Import supplied certificate and key. Test if they are valid first
		File tmpKey = null;
		File tmpCert = null;
		File tmpChain = null;
		try {
			try {
				tmpCert = File.createTempFile( "bwlp-", ".pem" );
				tmpKey = File.createTempFile( "bwlp-", ".pem" );
				Util.writeStringToFile( tmpCert, this.importcert );
				Util.writeStringToFile( tmpKey, this.importkey );
				if ( this.importchain != null && !this.importchain.isEmpty() ) {
					tmpChain = File.createTempFile( "bwlp-", ".pem" );
					Util.writeStringToFile( tmpChain, this.importchain );
				}
			} catch ( Exception e ) {
				status.error = "Could not create temporary files: " + e.getMessage();
				return false;
			}
			int ret;
			ret = Exec.sync( 15, "/opt/taskmanager/scripts/install-https", "--test", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() );
			if ( ret != 0 ) {
				status.error = "Given key and certificate do not match, or have invalid format (exit code: " + ret + ")";
				return false;
			}
			if ( tmpChain != null ) {
				ret = Exec.sync( 15, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath(),
						tmpChain.getAbsolutePath() );
			} else {
				ret = Exec.sync( 15, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() );
			}
			if ( ret != 0 ) {
				status.error = "import exited with code " + ret;
				return false;
			}
			return true;
		} finally {
			if ( tmpKey != null )
				tmpKey.delete();
			if ( tmpCert != null )
				tmpCert.delete();
		}
	}

	private boolean disableHttps()
	{
		int ret = Exec.sync( 15, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--disable" );
		if ( ret != 0 ) {
			status.error = "disable exited with code " + ret;
			return false;
		}
		return true;
	}

	/**
	 * Output - contains additional status data of this task
	 */
	@SuppressWarnings( "unused" )
	private static class Output
	{
		protected String error = null;
	}

}