#!/bin/bash
# t4 - 'trac' helper

set -e

source "/home/zwelch/src/mcf/mcsh-release/install/share/mcsh/mcsh.sh"

lib_load 'net/tool/trac'
lib_load "mcui"


######
# Site


t4_site() { trac_dispatch "$@"; }

t4_site_usage() {
	cat <<EOF
<cmd> [...]
Trac Site Setup Commands:
	init				Create the managed trac site
	apache ...			Commands to configure Apache support
	wsgi ...			Commands to configure WSGI support

Site Project Management:
	upgrade				Upgrades all site projects

EOF
}

t4_site_init() { trac_site_init "$@"; }
t4_site_delete() {
	local result
	mcui_yesno_warn result "$trac_root: delete entire site? "

	local msg="aborted..."
	if [ "$result" = yes ]; then
		trac_site_delete
		msg="done!"
	fi

	info "$trac_root: site delete: $msg"
}

######
# Global Project Support

t4_site_upgrade() {
	local -a groups
	groups=( $(trac_project_groups) )
	for_each t4_group_upgrade "${groups[@]}"
}

t4_group_upgrade() {
	local group=$1
	local -a projects
	projects=( $(trac_project_group_projects "$group") )
	for_each "t4_project_upgrade $1" "${projects[@]}"
}

######
# Apache Support

t4_site_apache() { cmd_dispatch "$@"; }
t4_site_apache_usage() {
	cat <<EOF
init
Commands:
	init 				Create the apache2.conf file
EOF
}

t4_site_apache_init() {
	warn "FIXME: refactor l4 core into new runtime library"
	warn "FIXME: refactor a6 core into new runtime library"
	error "command not implemented"

	local -u ldap_realm="$domain"
	# FIXME: ldap_realm=$(l4 config show ldap_realm)

	cat >conf/apache2.conf <<EOF
<VirtualHost *:80>
	ServerAdmin $trac_admin@$domain
	ServerName $trac_host

	ErrorLog $trac_root/logs/error-log
	CustomLog $trac_root/logs/access-log combined

	RewriteEngine on
	RewriteCond %{SERVER_NAME} =$trac_host
	RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

<VirtualHost *:443>
	ServerAdmin $trac_admin@$domain
	ServerName $trac_host

	ErrorLog $trac_root/logs/ssl-error-log
	CustomLog $trac_root/logs/ssl-access-log combined

	SSLEngine On
	SSLCertificateFile /etc/letsencrypt/live/$trac_host/fullchain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/$trac_host/privkey.pem
	Include /etc/letsencrypt/options-ssl-apache.conf

	WSGIScriptAliasMatch /([^/]+)/([^/]+) $trac_root/wsgi/\$1/\$2.py

	<Directory $trac_root/wsgi>
		WSGIApplicationGroup %{RESOURCE}
		Require all granted
	</Directory>

	<LocationMatch /[^/]+/[^/]+/login>
		AuthType basic
		AuthName "$ldap_realm"

		AuthBasicProvider ldap
		AuthLDAPURL "ldap://ldap.$domain/ou=People,dc=example,dc=com?uid"
		AuthLDAPGroupAttribute memberUid
		AuthLDAPGroupAttributeIsDN off

		# users must be members of this group
		#Require ldap-group cn=group,ou=Group,dc=example,dc=com
		# or all users
		Require valid-user

		Order allow,deny
		Allow from all
	</LocationMatch>
</VirtualHost>
EOF
}

t4_site_wsgi() { cmd_dispatch "$@"; }
t4_site_wsgi_usage() {
	cat <<EOF
init
Commands:
	init				Create the trac.wsgi file
EOF
}

t4_site_wsgi_init() {
	cat >"$trac_wsgi_script" <<EOF
#!/usr/bin/env python
import os
import sys

os.environ['PYTHON_EGG_CACHE'] = '$trac_root/eggs'

import trac.web.main
def application(environ, start_response):
  name = environ['SCRIPT_NAME']
  environ['trac.env_path'] = '$(trac_site_datadir)' + name
  return trac.web.main.dispatch_request(environ, start_response)
EOF
}


######
# Project

t4_project() { trac_dispatch "$@"; }

t4_project_usage() {
	cat <<EOF
<cmd> [...]
Commands:
	new <host> <name> <desc		Create a new project
	delete <host> <name>		Delete a project
	config <host> <name>		Configure a project
	log <host> <name>		Displays the project log

	enable <host> <name>		Enable a project
	disable <host> <name>		Disable a project

	perm ...			Commands to manage permissions

	upgrade				Performs an upgrade
EOF
}

t4_project_exists() { trac_project_exists "$@"; }

t4_project_new() { trac_project_new "$@"; }

t4_project_delete() {
	has_args 2 "$@"
	local host=$1
	local name=$2
	if ! t4_project_exists "$@"; then
		error "$host/$name: does not exists"
	fi

	local confirm=false
	read_yesno "$host/$name: delete this trac project (y/N)? " confirm
	local msg="cancelled"
	if $confirm; then
		trac_project_delete "$@"
		msg="deleted"
	fi
	app_echo "$host/$name: $msg"
}

t4_project_config() {
	has_args 2 "$@"
	[ "$EDITOR" ] || error "\$EDITOR must be set in the environment"
	run $EDITOR "$(trac_project_config_file "$@")"
}

t4_project_log() {
	local
	log=$(trac_project_log_file "$1" "$2" "$log")
	run_pager "$log"
}

t4_project_enable() { trac_project_enable "$@"; }
t4_project_disable() { trac_project_disable "$@"; }

t4_project_perm() { cmd_dispatch "$@"; }

t4_project_perm_usage() {
	cat <<USAGE
...
Project Permission Commands:
	add <group> <name> <user> <perm>+
					Grants permissions to project user
USAGE
}

t4_project_perm_add() { trac_project_perm_add "$@"; }

t4_project_groups() { trac_project_groups; }
t4_project_list() { trac_project_group_projects "$@"; }

t4_project_upgrade() {
	has_args 2 "$@"
	trac_project_run "$@" trac_admin upgrade
}

######
# Repositories

t4_project_repo() { cmd_dispatch "$@"; }

t4_project_repo_usage() {
	cat <<USAGE
...
Project Repository Commands:
	init <host> <project> <repo> <url>
					Clones and initializes repository
	sync <host> <project> <repo>	Synchronizes project repository
USAGE
	$verbose || return 0
	cat <<USAGE

Project Repository Hook Commands:
	post-commit <host> <project> <repo> <revision>
					Runs post commit actions
USAGE
}

t4_project_repo_init() {
	min_max_args 3 4 "$@"
	local thost=$1
	local tproj=$2
	local repo=$3
	local url=$4

	if ! trac_repo_exists "$thost" "$tproj" "$repo"; then
		[ "$repo" ] || error "no url provided; aborting..."
		trac_repo_clone "$thost" "$tproj" "$repo" "$url"
	fi

	trac_repo_hook_init "$thost" "$tproj" "$repo" post-commit <<EOF
#!/bin/bash
# post-commit hook - Synchronizes repository with Trac
# Generated by the "$script_name project repo" command
t4 project repo post-commit '$1' '$2' '$3' "\$REV"
EOF
	trac_repo_hook_init "$thost" "$tproj" "$repo" post-receive <<EOF
#!/bin/bash
# post-receive hook - Synchronizes repository with Trac
# Generated by the "$script_name project repo" command
t4 project repo post-receive '$1' '$2' '$3' "\$REV"
EOF
	t4_project_repo_update "$1" "$2" "$3"
}

t4_project_repo_update() { trac_repo_update "$@"; }
t4_project_repo_sync() { trac_repo_sync "$@"; }
t4_project_repo_post_commit() { trac_repo_post_commit "$@"; }
t4_project_repo_post_receive() { trac_repo_post_receive "$@"; }


######
# Check

t4_check() {
	if ! $intense; then
		app_help
		return
	fi

	ve_activate "$script_tempdir"

	local tmp="$(cmd_tempfile)"
	local trac_root="$tmp.d"
	local trac_host="localhost"
	t4 site init

	cd "$trac_root"
	t4 project new foo bar 'Test 1'
	t4 project enable foo bar
	t4 project delete foo bar

	echo "y" | t4 site delete
}

######
# Main

t4_desc() { echo "Trac site manager"; }

t4_usage() {
	cat <<USAGE
<cmd> ...
Command Groups:
	site ...			Manage the Trac site
	project ...			Manage a Trac project
USAGE
}

t4_help() {
	cat <<HELP
The $script_name tool manages sets of trac projects as an Apache, allowing the
easy creation and deployment of new projects based on existing templates.
HELP
}

app_run "$@"