+#!/usr/bin/perl
+use strict;
+
+use Data::Dumper;
+
+#TODO: Add support for assigning phone number
+#TODO: Add support for overriding default domain ...
+
+use Getopt::Long;
+use Net::LDAP;
+use Net::LDAP::Control::Paged;
+use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED );
+use LWP;
+use JSON;
+use AppConfig;
+use Text::Iconv;
+
+my $api_key;
+
+my $help;
+my $username;
+my $permission = undef;
+my $configfile = undef;
+my ($g_ua, $session, $api_key, $auth_key, $data, $domain);
+
+my $config = AppConfig->new({ CREATE => 1 });
+
+$config->define("api_url=s");
+$config->define("api_keyfile=s");
+
+$config->define("default_domain=s");
+$config->default_domain("hig.no");
+
+$config->define("numbers_local_prefix=s");
+$config->define("numbers_local_series=s");
+$config->define("numbers_countrycode=s");
+
+foreach (
+ "/usr/local/etc/hermes/hermes_config",
+ "/usr/local/etc/hermes/config",
+ "/etc/hermes/config",
+ $ENV{"HOME"} . "/.hermes/config",
+ $ENV{"HOME"} . "/.hermes_config",
+) { $configfile = $_ if ( -f $_ ); }
+
+GetOptions(
+ "help" => \$help,
+ "configfile=s" => \$configfile,
+ "username=s" => \$username,
+ "permission=s" => \$permission,
+);
+
+if (
+ (not $username) ||
+ (not $configfile) ||
+ (( $configfile ) && ( not -f $configfile ))
+)
+{
+ $help = 1;
+}
+
+$config->file( $configfile );
+
+if ( ( not $config->api_url ) ||
+ ( not $config->api_keyfile ) ||
+ ( $config->api_keyfile && not -f $config->api_keyfile )
+)
+{
+ $help = 1;
+}
+
+if ( $help ) {
+print <<END_HELP;
+Verify that the following options are set:
+ --username=s|--user|-u
+ --permission=s|-p (use to set, leave to show)
+
+Verify the contents of the configuration file.
+Verify that the key-file exists.
+END_HELP
+exit; }
+
+open KEY, "<" . $config->api_keyfile;
+chomp( $api_key = <KEY> );
+close KEY;
+
+if ( not $username =~ m/\w+/ )
+{ print "Illegal username\n"; exit; }
+
+$g_ua = LWP::UserAgent->new;
+$g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant
+
+login_apikey();
+
+# First: fetch a supported domain from the API...
+$data = exec_apinode("domain/list", undef);
+if ( $data->{'response'} eq 'ok' )
+{
+ $domain = $data->{'list'}[0];
+}
+else
+{
+ printf("Unable to get domain name. Aborting\n");
+ logout();
+ exit;
+}
+
+if ( $username =~ /@/ )
+{
+ ( $username, $domain ) = split /@/, $username;
+}
+
+$data = exec_apinode("user/available", { 'username' => $username, 'domain' => $domain });
+if ( $data->{'response'} eq 'ok' )
+{
+ printf("Username is not registered.\n");
+ logout();
+ exit;
+}
+
+if ( not $data->{'cause'} eq 'exists' )
+{
+ printf("Username lookup failed, cause: %s.\n", $data->{'cause'});
+ logout();
+ exit;
+}
+undef $data;
+
+if ( not $permission )
+{
+
+ undef $data;
+ $data = exec_apinode("permissions/get", { 'username' => $username, 'domain' => $domain });
+ if ( $data->{'response'} eq 'ok' )
+ {
+ printf("Current permission number is %d\n", $data->{'permission'});
+ logout();
+ exit;
+ }
+ else
+ {
+ printf("Failed lookup. cause: %s\n", $data->{'cause'});
+ logout();
+ exit;
+ }
+}
+else
+{
+ if ( not $permission =~ m/^\d+$/ )
+ {
+ printf("Provided permission not a number.\n");
+ logout();
+ exit;
+ }
+ if ( ($permission < 1) || ( $permission > 256 ) )
+ {
+ printf("Provided permission is outside valid range.\n");
+ logout();
+ exit;
+ }
+
+ undef $data;
+ $data = exec_apinode("permissions/set", { 'username' => $username, 'domain' => $domain, 'permission' => $permission });
+ if ( $data->{'response'} eq 'ok' )
+ {
+ printf("Set permission to: %d\n", $data->{'permission'});
+ logout();
+ exit;
+ }
+ else
+ {
+ printf("Failed setting permission cause: %s\n", $data->{'cause'});
+ logout();
+ exit;
+ }
+}
+
+logout();
+################################################################################################
+sub exec_apinode($$)
+{
+ my $node = shift;
+ my $param = shift;
+
+ my ( $response, $data );
+
+ $session = "" if not defined $session;
+ $auth_key = "" if not defined $auth_key;
+ my $url = $config->api_url . "/" . $node;
+
+ $param->{'session'} = $session;
+ $param->{'auth_key'} = $auth_key;
+
+ $response = $g_ua->post( $url, $param );
+ if ( $response->is_success )
+ {
+ if ( $response->content =~ m/\s*{/ )
+ {
+ $data = decode_json( $response->content);
+ }
+ else
+ {
+ $data = $response->content;
+ }
+
+ }
+ return $data;
+}
+
+sub login_apikey
+{
+ my $response = $g_ua->post( $config->api_url . "/auth/login",
+ [ "api_key" => $api_key ] );
+
+ my $data = decode_json( $response->content) if $response->is_success;
+ die("HTTP error") unless $response->is_success;
+
+ if ( $data->{'response'} eq "ok" )
+ {
+ $session = $data->{'session'};
+ $auth_key = $data->{'auth_key'};
+ }
+ else
+ {
+ print "Unable to log in to Hermes API\n";
+ exit;
+ }
+ undef $data; undef $response;
+}
+
+sub logout
+{
+ my $response = $g_ua->post( $config->api_url . "/auth/logout",
+ [ "session" => $session ] );
+ die("HTTP error") unless $response->is_success;
+ undef $session; undef $auth_key;
+}
+