package org.openslx.taskmanager.tasks;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;

import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
import org.apache.commons.io.FileUtils;
import org.openslx.satserver.util.Archive;
import org.openslx.satserver.util.Util;
import org.openslx.taskmanager.api.AbstractTask;

import com.google.gson.annotations.Expose;

public class SshdConfigGenerator extends AbstractTask
{

	private static enum PasswordLogin
	{
		NO, USER_ONLY, YES
	};

	private static enum AllowUsers
	{
		ROOT_ONLY, USER_ONLY, ALL
	}

	@Expose
	private int listenPort = 0;
	@Expose
	private PasswordLogin allowPasswordLogin;
	@Expose
	private AllowUsers allowedUsersLogin;
	@Expose
	private String filename = null;

	private Output status = new Output();

	@Override
	protected boolean initTask()
	{
		this.setStatusObject( status );
		if ( !Util.isAllowedDir( this.filename ) ) {
			status.error = "Invalid directory for " + this.filename;
		}
		if ( allowPasswordLogin == null ) {
			status.error = "Invalid value for allowPasswordLogin";
		}
		if ( allowedUsersLogin == null ) {
			status.error = "Invalid value for allowedUsersLogin";
		}
		if ( listenPort > 65535 || listenPort < 1 ) {
			status.error = "Invalid value for listenPort: " + listenPort;
		}
		return status.error == null;
	}

	@Override
	protected boolean execute()
	{
		TarArchiveOutputStream outArchive = null;
		try {
			// Prepare sshd config
			String template;
			try {
				template = FileUtils.readFileToString( new File( "./data/sshd_config.template" ), StandardCharsets.UTF_8 );
			} catch ( IOException e ) {
				status.error = e.toString();
				return false;
			}
			String allowPassword;
			String allowRoot;
			switch ( allowPasswordLogin ) {
			default:
			case NO:
				allowPassword = "no";
				allowRoot = "prohibit-password";
				break;
			case USER_ONLY:
				allowPassword = "yes";
				allowRoot = "prohibit-password";
				break;
			case YES:
				allowPassword = "yes";
				allowRoot = "yes";
				break;
			}
			String allowUsers;
			String denyUsers = "demo";
			switch ( allowedUsersLogin ) {
			case ALL:
				allowUsers = "*";
				break;
			default:
			case ROOT_ONLY:
				allowUsers = "root";
				break;
			case USER_ONLY:
				allowUsers = "*";
				denyUsers += " root";
				allowRoot = "no";
				break;
			}
			template = template.replace( "%PORT%", Integer.toString( this.listenPort ) );
			template = template.replace( "%ALLOW_PASSWORD%", allowPassword );
			template = template.replace( "%ALLOW_ROOT%", allowRoot );
			template = template.replace( "%ALLOW_USERS%", allowUsers );
			template = template.replace( "%DENY_USERS%", denyUsers );
			try {
				outArchive = Archive.createTarArchive( this.filename );
			} catch ( IOException e ) {
				status.error = "Could not create archive at " + this.filename;
				return false;
			}
			boolean ok = Archive.tarCreateFileFromString( outArchive, "/etc/ssh/sshd_config", template, 0644 );
			ok |= Archive.tarCreateSymlink( outArchive, "../sshd.service", "/etc/systemd/system/network.target.wants/sshd.service" );
			if ( !ok ) {
				status.error = "Could not create module archive contents";
				return false;
			}
		} finally {
			Util.multiClose( outArchive );
		}
		return true;
	}

	/**
	 * Output - contains additional status data of this task
	 */
	private static class Output
	{
		protected String error = null;
	}

}