#!/usr/bin/ruby
require 'optparse'
require 'rubygems'
require 'active_record'
require 'alois/config'
require 'socket'
require "pathname"
require "fileutils"
require 'termios'


class OssimConfig < ActiveRecord::Base
  set_table_name "config"
  set_primary_key "conf"

  def OssimConfig::set_value(conf, value) 
    c = OssimConfig.find_by_conf(conf)
    if c == nil then
      p "SETTING #{conf} NOT FOUND!!!"
    else
      c.value = value
      c.save
    end
  end
  
end


update_etc = false
update_db = false
update_ossim = false
print_sql = false
templateroot = "/etc/alois/templates"
configfile = "TO REIMPLEMENT WITHOUT alois.conf"
myname = TCPSocket.gethostbyname('127.0.0.1')[0]
opts = OptionParser.new do |o|
  o.banner = "Usage: alois-updatepasswords OPTIONS"
  
  o.on( "-e", "--etc", "Updates passwords in the etc directory." ) do |arg|
    update_etc = true    
  end
  
  o.on( "-d", "--db", "Updates passwords in the databases." ) do |d|
    update_db = true
  end

  o.on( "-o", "--ossim", "Updates ossimdatabase configuration." ) do |d|
    update_ossim = true
  end

  o.on( "-c", "--config CONFIGFILE", "The configuration file to use (default:#{configfile})." ) do |cf|
    configfile = cf
  end

  o.on( "--host HOSTNAME", "The name of the host to configure (this:#{myname})." ) do |hn|
    myname = hn
  end

  o.on( "-t", "--templates TEMPLATEROOT", "Template root (default:#{templateroot})." ) do |t|
    templateroot = t
  end

  o.on( "-s","--printsql","Print sql queries instead of execute." ) do |s|
    print_sql = true
  end
  
  o.on("-h", "--help", "This help." ) do
    puts o
    exit
  end
end

begin
  opts.parse!( ARGV )

  raise "No action selected." if not (update_etc || update_db || update_ossim)
rescue => exc
  STDERR.puts "E: #{exc.message}"
  STDERR.puts opts.to_s
  exit 1
end

# from ruby/password
def echo(on=true, masked=false)
  term = Termios::getattr( $stdin )
  
  if on
    term.c_lflag |= ( Termios::ECHO | Termios::ICANON )
  else # off
    term.c_lflag &= ~Termios::ECHO
    term.c_lflag &= ~Termios::ICANON if masked
  end
  
  Termios::setattr( $stdin, Termios::TCSANOW, term )
end

if update_etc then
  raise "To reimplement without alois.conf"
  configs = read_config(configfile)
  replacements = get_replacements(configfile)

  root = Pathname.new(templateroot)
  etc = Pathname.new("/etc")
  files = Dir.glob(root.join("**/*"))

  for file in files
    if File.file?(file)
      relfile = Pathname.new(file).relative_path_from(root).to_s
      
      #      root.join(relfile)
      if etc.join(relfile).file?() then
	# configfile exists on computer so
	# replace the markers and copy file
	print "Replacing file #{etc.join(relfile).to_s}.\n"

	if not File.file?(etc.join(relfile).to_s + ".alois.bak") then
	  FileUtils.copy(etc.join(relfile).to_s, etc.join(relfile).to_s + ".alois.bak")
	end
	
	oFile = File.new(etc.join(relfile),"w")
	
	aFile = File.new(root.join(relfile))
	aFile.each_line {|line| 
	  str = line
	  for (reg,val) in replacements
	    str = str.gsub(reg.to_s,val.to_s)
	  end
	  print "WARNING: Not replaced:#{str}" if str =~ /\{\{/ or str =~ /\}\}/
	  oFile.print(str)
	}
	oFile.close()
      end
      
    end
  end
end

if update_db then

  if not print_sql then
    print "#Please enter root password for db on #{myname}:"
    echo(false)
    begin
      password = gets.strip()
    ensure
      echo(true)
      print "\n"      
    end      
  end
  
  # find all databasekonfigurations for this host

  raise "To reimplement without alois.conf"
  configs = read_config(configfile)

   for (name,config) in configs
     break if config == nil
     break if config["adapter"] == nil 
     raise "unsupported adapter #{config['adapter']}" if not config["adapter"] == "mysql"
     ActiveRecord::Base.establish_connection({
					       :adapter => "mysql",
					       :database => "mysql", #config["mysql"],
					       :host => "localhost", #config["database"],
					       :username => "root",
					       :password => password,
					       :port => config["port"]
					     }) if not print_sql
     # delete permissions and redefine it.
     print "#Delete all permissions for #{config['username']} in database #{config['database']}.\n"
     raise "DO NOT USE root TO CONNECT!!" if config["username"]=="root"
     
     cmd = "REVOKE ALL PRIVILEGES ON *.* FROM #{config['username']};"
     print cmd + "\n" #if print_sql
     begin
       ActiveRecord::Base.connection.execute(cmd) if not print_sql
     rescue
       raise if not $!.to_s =~ /There is no such grant/
     end
   end
  
  
  done_one = false
  users = {}
  for (name,config) in configs
    print "#WARNING: Configuraiton #{name} not found.\n" if config == nil

    if not config == nil and config["host"] == myname then
      done_one = true
      # if the configurationdatabase is on this host


      print "#Processing configuration #{name}.\n"

      raise "password may not contain '" if (config["password"] =~ /\'/)

      # connect
      raise "unsupported adapter #{config['adapter']}" if not config["adapter"] == "mysql"
      ActiveRecord::Base.establish_connection({
						:adapter => "mysql",
						:database => "mysql", #config["mysql"],
						:host => "localhost", #config["database"],
						:username => "root",
						:password => password,
						:port => config["port"]
					      }) if not print_sql


      for host in config['hosts']
	print "#Setting new permissions (#{config['rights']}) for host: #{host}.\n"

	if not users["#{config['username']}@#{host}"] == nil and not users["#{config['username']}@#{host}"] = config['password'] then
	  print "#\n" if not done_one
	  print "##############################################\n" 
	  print "#       TWO DIFFERENT PASSWORDS FOR USER     #\n"  
	  print "# #{config['username']}@#{host} #{myname}.\n"
	  print "#       ONLY SECOND WILL TAKE AFFECT!!!      #\n"  
	  print "##############################################\n" 
	  print "#\n" if not done_one
	end
	
	users["#{config['username']}@#{host}"] = config['password']

	for table in config['tables']
	  cmd = "GRANT #{config['rights']} ON #{config['database']}.#{table} TO "
	  cmd += "'#{config['username']}'@'#{host}' IDENTIFIED BY '#{config['password']}'"
	  print cmd + "\n" #if print_sql
	  
	  begin
            ActiveRecord::Base.connection.execute(cmd) if not print_sql
          rescue
	    print $!.to_s
          end
	end
      end      
    end
  end
  print "#\n" if not done_one
  print "##############################################\n" if not done_one
  print "#NO DB DEFINED FOR HOST #{myname}.\n" if not done_one
  print "##############################################\n" if not done_one
end

if update_ossim then
  raise "To reimplement without alois.conf"
  configs = read_config(configfile)

  ossim_config = configs["ossim"]
  raise "ossim connection not found in #{configfile}." if ossim_config == nil 
  ossim_db_config = configs["ossim_database_configuration"]
  raise "ossim_database_configuration not found in #{configfile}." if ossim_db_config == nil 

  ActiveRecord::Base.establish_connection({
					    :adapter => ossim_config["adapter"],
					    :database => ossim_config["database"],
					    :host => ossim_config["host"],
					    :username => ossim_config["username"],
					    :password => ossim_config["password"],
					    :port => ossim_config["port"],
					  }) 
  
  for (config, value) in ossim_db_config
    OssimConfig::set_value(config, value)
  end

end