#!/usr/bin/perl
use strict;

use Data::Dumper;

#TODO: Add support for assigning phone number
#TODO: Add support for overriding default domain ...

use Getopt::Long;
use Net::LDAP;
use Net::LDAP::Control::Paged;
use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED );
use LWP;
use JSON;
use AppConfig;
use Text::Iconv;

my $api_key;

my $help;
my $username;
my $permission = undef;
my $configfile = undef;
my ($g_ua, $session, $api_key, $auth_key, $data, $domain);

my $config = AppConfig->new({ CREATE => 1 });

$config->define("api_url=s");
$config->define("api_keyfile=s");

$config->define("default_domain=s");
$config->default_domain("hig.no");

$config->define("numbers_local_prefix=s");
$config->define("numbers_local_series=s");
$config->define("numbers_countrycode=s");

foreach ( 
	"/usr/local/etc/hermes/hermes_config",
	"/usr/local/etc/hermes/config",
	"/etc/hermes/config",
	$ENV{"HOME"} . "/.hermes/config",
	$ENV{"HOME"} . "/.hermes_config",
) { $configfile = $_ if ( -f $_ ); }

GetOptions(
	"help"		=> \$help,
	"configfile=s" 	=> \$configfile,
	"username=s"  	=> \$username,
	"permission=s" 	=> \$permission,
);

if (
	(not $username) ||
	(not $configfile) ||
	(( $configfile ) && ( not -f $configfile )) 
)
{
	$help = 1;
}

$config->file( $configfile );

if (    ( not  $config->api_url ) ||
	( not  $config->api_keyfile ) ||
	( $config->api_keyfile && not -f $config->api_keyfile ) 
)
{
	$help = 1;
}

if ( $help ) {
print <<END_HELP;
Verify that the following options are set:
	--username=s|--user|-u
 	--permission=s|-p (use to set, leave to show)

Verify the contents of the configuration file.
Verify that the key-file exists.
END_HELP
exit; }

open KEY, "<" . $config->api_keyfile;
chomp( $api_key = <KEY> );
close KEY;

if ( not $username =~ m/\w+/ )
{ print "Illegal username\n"; exit; }

$g_ua = LWP::UserAgent->new;
$g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant

login_apikey();

# First: fetch a supported domain from the API...
$data = exec_apinode("domain/list", undef);
if ( $data->{'response'} eq 'ok' )
{
	$domain = $data->{'list'}[0];
}
else
{
	printf("Unable to get domain name. Aborting\n");
	logout();
	exit;
}

if ( $username =~ /@/ ) 
{
	( $username, $domain ) = split /@/, $username;
}

$data = exec_apinode("user/available", { 'username' => $username, 'domain' => $domain });
if ( $data->{'response'} eq 'ok' )
{
	printf("Username is not registered.\n");
	logout();
	exit;
}

if ( not $data->{'cause'} eq 'exists' )
{
	printf("Username lookup failed, cause: %s.\n", $data->{'cause'});
	logout();
	exit;
}
undef $data;

if ( not $permission )
{

	undef $data;
	$data = exec_apinode("permissions/get", { 'username' => $username, 'domain' => $domain });
	if ( $data->{'response'} eq 'ok' )
	{
		printf("Current permission number is %d\n", $data->{'permission'});
		logout();
		exit;
	}
	else
	{
		printf("Failed lookup. cause: %s\n", $data->{'cause'});
		logout();
		exit;
	}
}
else
{
	if ( not $permission =~ m/^\d+$/ )
	{
		printf("Provided permission not a number.\n");
		logout();
		exit;
	}
	if ( ($permission < 1) || ( $permission > 256 ) )
	{
		printf("Provided permission is outside valid range.\n");
		logout();
		exit;
	}

	undef $data;
	$data = exec_apinode("permissions/set", { 'username' => $username, 'domain' => $domain, 'permission' => $permission });
	if ( $data->{'response'} eq 'ok' )
	{
		printf("Set permission to: %d\n", $data->{'permission'});
		logout();
		exit;
	}
	else
	{
		printf("Failed setting permission cause: %s\n", $data->{'cause'});
		logout();
		exit;
	}
}

logout();
################################################################################################
sub exec_apinode($$)
{
	my $node = shift;
	my $param = shift;

	my ( $response, $data );

	$session = "" if not defined $session;
	$auth_key = "" if not defined $auth_key;
	my $url = $config->api_url . "/" . $node;

	$param->{'session'} = $session;
	$param->{'auth_key'} = $auth_key;

	$response = $g_ua->post( $url, $param );
	if ( $response->is_success )
	{
		if ( $response->content =~ m/\s*{/ )
		{
			$data = decode_json( $response->content);
		}
		else
		{
			$data = $response->content;
		}

	}
	return $data;
}

sub login_apikey
{
	my $response = $g_ua->post( $config->api_url . "/auth/login",
		[ "api_key" => $api_key ] );

	my $data = decode_json( $response->content) if $response->is_success;
	die("HTTP error") unless $response->is_success;

	if ( $data->{'response'} eq "ok" )
	{
		$session = $data->{'session'};
		$auth_key = $data->{'auth_key'};
	}
	else
	{
		print "Unable to log in to Hermes API\n";
		exit;
	}
	undef $data; undef $response;
}

sub logout
{
	my $response = $g_ua->post( $config->api_url . "/auth/logout",
		[ "session" => $session ] );
	die("HTTP error") unless $response->is_success;
	undef $session; undef $auth_key;
}