#!/bin/bash
#
# This script is designed to run the manage domains utility.
# The script assumes all RPM dependencies were installed, so jar
# files can be found under /usr/share/java. The tool's configuration
# should be under the /etc directory.
#

# Load the prolog:
. "$(dirname "$(readlink -f "$0")")"/engine-prolog.sh

CONF_DIR="${ENGINE_ETC}/engine-manage-domains"
CONF_FILE="${CONF_DIR}/engine-manage-domains.conf"

found=0
for ((i=1; i<=$# && ! found; i++))
do
        var="${!i}"
        next=$[$i+1]
        next="${!next}"

        if [ "-c" == "${var}" ]; then
                CONF_FILE="${next}"
                found=1
        elif [ `echo "${var}" | grep -i '\-configFile\='` ]; then
                candidate=${var#-configFile=}
                if [ -s $candidate ]; then
                        CONF_FILE=$candidate
                else
                        die "Error: Alternate conf file $candidate is either empty or does not exist"
                fi
                found=1
        fi
done

if [ ! -s $CONF_FILE ]; then
		die "Error: Configuration file $CONF_FILE is either empty or does not exist"
fi


. $CONF_FILE


usage () {
        printf "engine-manage-domains: add/edit/delete/validate/list domains\n"
        printf "USAGE:\n"
        printf "\tengine-manage-domains -action=ACTION [-domain=DOMAIN -provider=PROVIDER -user=USER -passwordFile=PASSWORD_FILE -interactive -configFile=PATH -addPermissions -forceDelete] -report\n"
        printf "Where:\n"
        printf "\tACTION             action to perform (add/edit/delete/validate/list). See details below.\n"
        printf "\tDOMAIN             	(mandatory for add, edit and delete) the domain you wish to perform the action on.\n"
        printf "\tPROVIDER             	(mandatory for add, optional for edit) the LDAP provider type of server used for the domain. Among the supported providers IPA,RHDS and ActiveDirectory.\n"
        printf "\tUSER   			 (optional for edit, mandatory for add) the domain user.\n"
        printf "\tPASSWORD_FILE   		 (optional for edit, mandatory for add) a file containing the password in the first line.\n"
	printf "\tinteractive        alternative for using -passwordFile - read the password interactively.\n"
        printf "\tPATH               (optional) use the given alternate configuration file.\n"
        printf "\n"
        printf "\tAvailable actions:\n"
        printf "\tadd\n"
		printf "\tExamples:\n"
		printf "\t\t-action=add -domain=example.com -user=admin -provider=IPA -passwordFile=/tmp/.pwd\n"
		printf "\t\t\tAdd a domain called example.com, using user admin with ldap server type IPA and read the password from /tmp/.pwd.\n"
		printf "\t\t-action=edit -domain=example.com -provider=ActiveDirectory -passwordFile=/tmp/.new_password\n"
		printf "\t\t\tEdit the domain example.com, using another password file and updated the provider type to Active Directory.\n"
		printf "\t\t-action=delete -domain=example.com [-forceDelete]\n"
		printf "\t\t\tDelete the domain example.com.\n"
		printf "\t\t-forceDelete Optional parameter used in combination with -action=delete to skip confirmation of operation.\n"
		printf "\t\t\tDefault behaviour is prompt for confirmation of delete.\n"
		printf "\t\t-action=validate\n"
		printf "\t\t\tValidate the current configuration (go over all the domains, try to authenticate to each domain using the configured user/password.).\n"
		printf "\t\t-report In combination with -action=validate will report all validation error, if occured.\n"
		printf "\t\t\tDefault behaviour is to exit when a validation error occurs.\n"
		printf "\t\t-addPermissions In combination with -action=add/edit will add engine superuser permissions to the user.\n"
		printf "\t\t\tDefault behaviour is not to add permissions.\n"
		printf "\t\t-action=list\n"
		printf "\t\t\tLists the current configuration.\n"
		printf "\t\t-h\n"
		printf "\t\t\tShow this help.\n"

        return 0
}

if [ "$#" -gt 6 -o "$#" -lt 1 ]; then
        usage
		exit 1
fi


if [ "$1" == "--help" -o "$1" == "-h" ]; then
        usage
        exit 0
fi

CP=\
$CONF_DIR:`\
build-classpath \
apache-commons-codec \
apache-commons-collections \
apache-commons-configuration \
apache-commons-jxpath \
apache-commons-lang \
apache-commons-logging \
log4j \
ovirt-engine/common \
ovirt-engine/compat \
ovirt-engine/engineencryptutils \
ovirt-engine/engine-tools-common \
ovirt-engine/utils \
postgresql-jdbc \
springframework/spring-beans \
springframework/spring-core \
springframework/spring-tx \
spring-ldap/spring-ldap-core \
`

for f in $(echo $CP|sed 's/:/ /g')
do
        if [ ! -s $f ]; then
                die "Error: can't run without missing JAR file: $f\n"
        fi
done

PROPERTIES_FILE=`mktemp`

if [ ! -e $PROPERTIES_FILE ]; then
	die "Error: Temporary properties file cannot be created\n"
fi

cat << EOF > $PROPERTIES_FILE
AdUserName=
AdUserPassword.type=CompositePassword
LDAPSecurityAuthentication=
DomainName=
AdUserId=
LdapServers=
LDAPProviderTypes=
EOF

"${JAVA_HOME}/bin/java" -cp .:$CP org.ovirt.engine.core.utils.kerberos.ManageDomains "$@" -propertiesFile=$PROPERTIES_FILE

RET_VAL=$?

rm $PROPERTIES_FILE

exit $RET_VAL

