# -*- mode: shell-script -*-

## This place is not accessible from container on purpose: container
## don't need that. This should be stored in /var/lib/compose/ in a
## project, service directory a little like relation data.
PASSWORD_FILE="$SERVICE_CONFIGSTORE/etc/$SERVICE_NAME/pass"


has_user() {
    local user="$1"
    if ! out=$(occ user:info "$user"); then
        if [ "$out" == "user not found" ]; then
            return 1
        else
            if [ -n "$out" ]; then
                err "Command 'occ user:info $user' failed with this output:"
                echo "$out" | prefix "  | " >&2
            else
                err "Command 'occ user:info $user' failed with no output."
            fi
            return 2
        fi
    fi
    return 0
}


set_admin_user_password() {
    local user="$1" password="$2" errlvl

    [ -z "$password" ] && {
        err "Refusing to set admin user an empty password."
        return 3
    }

    has_user "$user"
    errlvl=$?
    [[ "$errlvl" -gt 1 ]] && {
        err "'has_user $user' failed. Bailing out."
        return "$errlvl"
    }
    if [[ "$errlvl" == 1 ]]; then
        info "User $user not found. Creating it in default 'admin' group."
        (
            occ_docker_run_opts=("-e" "OC_PASS=$password")
            occ user:add --group=admin --password-from-env --display-name="$user" "$user"
        ) || return 1
    else
        info "User $user found. Resetting password."
        (
            occ_docker_run_opts=("-e" "OC_PASS=$password")
            occ user:resetpassword "$user" "--password-from-env"
        ) || {
            err "'occ user:resetpassword' failed," \
                "common reason include password too simple."
            return 1
        }
    fi
    ## XXXvlab: DRY violation: init does the same thing
    mkdir -p "$(dirname "$PASSWORD_FILE")"
    p0 "$user" "$password" > "$PASSWORD_FILE"
}


get_admin_user_password() {
    if [ -e "$PASSWORD_FILE" ]; then
        cat "$PASSWORD_FILE"
    else
        return 1
    fi
}


create_occ_if_not_exists() {

    if ! [ -e "$SERVICE_DATASTORE/var/www/html/occ" ]; then
        ## Here we use a nasty trick to launch only the initialisation
        ## part of the ``entrypoint.sh``. By setting 'apache' as first
        ## call argument, we satisfy the big first 'if' condition
        ## triggering the installation if necessary, and will fail to
        ## launch any apache

        ## Last, we do not want the relation web-proxy to run in this
        ## bare-minimum nextcloud run AND we will use occ to set some info
        ## in this very same relation.

        ## Note also that ``init`` is required as it sets
        ## NEXTCLOUD_ADMIN_{USER,PASSWORD} that is required to trigger
        ## a full installation

        export COMPOSE_IGNORE_ORPHANS=true
        compose --debug --without-relation="$SERVICE_NAME":web-proxy run \
                --rm --entrypoint /entrypoint.sh "$SERVICE_NAME" apache >&2 || true
        if ! [ -e "$SERVICE_DATASTORE/var/www/html/occ" ]; then
            err "Expected last command to create /var/www/html/occ"
            return 1
        fi
    fi
}


occ() {

    create_occ_if_not_exists || return 1

    ## occ.batch will require /var/www/html to be populated ('occ' is
    ## supposed to exist). For that we need to make sure nextcloud have
    ## be ran and setup prior to running this next command.
    export COMPOSE_IGNORE_ORPHANS=true
    compose --debug -q --no-init --no-relations run \
           "${occ_docker_run_opts[@]}" \
            -v "$HOST_CHARM_STORE/${CHARM_REL_PATH#${CHARM_STORE}/}/src/occ.batch:/var/www/html/occ.batch" \
            -T --rm -u www-data "$SERVICE_NAME" /var/www/html/occ.batch "$@" | cat

    return "${PIPESTATUS[0]}"
}