#!/usr/bin/ruby

# -------------------------------------------------------------------------- #
# Copyright 2002-2025, OpenNebula Project, OpenNebula Systems                #
#                                                                            #
# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
# not use this file except in compliance with the License. You may obtain    #
# a copy of the License at                                                   #
#                                                                            #
# http://www.apache.org/licenses/LICENSE-2.0                                 #
#                                                                            #
# Unless required by applicable law or agreed to in writing, software        #
# distributed under the License is distributed on an "AS IS" BASIS,          #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
# See the License for the specific language governing permissions and        #
# limitations under the License.                                             #
#--------------------------------------------------------------------------- #

ONE_LOCATION = ENV['ONE_LOCATION']

if !ONE_LOCATION
    RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
    GEMS_LOCATION     = '/usr/share/one/gems'
else
    RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby'
    GEMS_LOCATION     = ONE_LOCATION + '/share/gems'
end

# %%RUBYGEMS_SETUP_BEGIN%%
require 'load_opennebula_paths'
# %%RUBYGEMS_SETUP_END%%

$LOAD_PATH << RUBY_LIB_LOCATION
$LOAD_PATH << RUBY_LIB_LOCATION + '/cli'

require 'command_parser'
require 'one_helper/onesecgroup_helper'

CommandParser::CmdParser.new(ARGV) do
    usage '`onesecgroup` <command> [<args>] [<options>]'
    version OpenNebulaHelper::ONE_VERSION

    helper = OneSecurityGroupHelper.new

    before_proc do
        helper.set_client(options)
    end

    ########################################################################
    # Global Options
    ########################################################################
    set :option, CommandParser::OPTIONS + OpenNebulaHelper::CLIENT_OPTIONS

    list_options  = CLIHelper::OPTIONS
    list_options += OpenNebulaHelper::FORMAT
    list_options << OpenNebulaHelper::NUMERIC
    list_options << OpenNebulaHelper::DESCRIBE

    ########################################################################
    # Formatters for arguments
    ########################################################################
    set :format, :groupid, OpenNebulaHelper.rname_to_id_desc('GROUP') do |arg|
        OpenNebulaHelper.rname_to_id(arg, 'GROUP')
    end

    set :format, :userid, OpenNebulaHelper.rname_to_id_desc('USER') do |arg|
        OpenNebulaHelper.rname_to_id(arg, 'USER')
    end

    set :format, :secgroupid, OneSecurityGroupHelper.to_id_desc do |arg|
        helper.to_id(arg)
    end

    set :format,
        :secgroupid_list,
        OneSecurityGroupHelper.list_to_id_desc do |arg|
        helper.list_to_id(arg)
    end

    set :format,
        :filterflag,
        OneSecurityGroupHelper.filterflag_to_i_desc do |arg|
        helper.filterflag_to_i(arg)
    end

    ########################################################################
    # Commands
    ########################################################################

    create_desc = <<-EOT.unindent
        Creates a new Security Group from the given description
    EOT

    command :create, create_desc, :file do
        helper.create_resource(options) do |obj|
            begin
                if args[0]
                    template = File.read(args[0])
                elsif !(stdin = OpenNebulaHelper.read_stdin).empty?
                    template = stdin
                else
                    STDERR.puts 'No Security Group description provided'
                    exit(-1)
                end

                obj.allocate(template)
            rescue StandardError => e
                STDERR.puts e.message
                exit(-1)
            end
        end
    end

    clone_desc = <<-EOT.unindent
        Creates a new Security Group from an existing one
    EOT

    command :clone, clone_desc, :secgroupid, :name do
        helper.perform_action(args[0], options, 'cloned') do |obj|
            res = obj.clone(args[1])

            if !OpenNebula.is_error?(res)
                puts "ID: #{res}"
            else
                puts res.message
            end
        end
    end

    delete_desc = <<-EOT.unindent
        Deletes the given Security Group
    EOT

    command :delete, delete_desc, [:range, :secgroupid_list] do
        helper.perform_actions(args[0], options, 'deleted') do |obj|
            obj.delete
        end
    end

    chgrp_desc = <<-EOT.unindent
        Changes the Security Group's group
    EOT

    command :chgrp, chgrp_desc, [:range, :secgroupid_list], :groupid do
        helper.perform_actions(args[0], options, 'Group changed') do |obj|
            obj.chown(-1, args[1].to_i)
        end
    end

    chown_desc = <<-EOT.unindent
        Changes the Security Group's owner and group
    EOT

    command :chown, chown_desc, [:range, :secgroupid_list], :userid,
            [:groupid, nil] do
        args[2].nil? ? gid = -1 : gid = args[2].to_i
        helper.perform_actions(args[0], options, 'Owner/Group changed') do |obj|
            obj.chown(args[1].to_i, gid)
        end
    end

    chmod_desc = <<-EOT.unindent
        Changes the Security Group permissions
    EOT

    command :chmod, chmod_desc, [:range, :secgroupid_list], :octet do
        helper.perform_actions(args[0], options, 'Permissions changed') do |t|
            t.chmod_octet(OpenNebulaHelper.to_octet(args[1]))
        end
    end

    update_desc = <<-EOT.unindent
        Update the template contents. If a path is not provided the editor will
        be launched to modify the current content.
    EOT

    command :update, update_desc, :secgroupid, [:file, nil],
            :options => OpenNebulaHelper::APPEND do
        helper.perform_action(args[0], options, 'modified') do |obj|
            if options[:append]
                str = OpenNebulaHelper.append_template(args[0], obj, args[1])
            else
                str = OpenNebulaHelper.update_template(args[0], obj, args[1])
            end

            helper.set_client(options)
            obj = helper.retrieve_resource(obj.id)

            obj.update(str, options[:append])
        end
    end

    rename_desc = <<-EOT.unindent
        Renames the Security Group
    EOT

    command :rename, rename_desc, :secgroupid, :name do
        helper.perform_action(args[0], options, 'renamed') do |o|
            o.rename(args[1])
        end
    end

    commit_desc = <<-EOT.unindent
        Commit SG changes to associated VMs. This command is to propagate
        security group rules to VMs when they are updated. This operation takes
        time to iterate over all VMs in the security group, progress can be
        checked through the outdated, updating and error VM sets.
    EOT

    command :commit, commit_desc, :secgroupid,
            :options => [OneSecurityGroupHelper::RECOVER] do
        helper.perform_action(args[0], options, 'commit') do |o|
            o.commit(options[:recover] == true)
        end
    end

    list_desc = <<-EOT.unindent
        Lists Security Group in the pool. #{OneSecurityGroupHelper.list_layout_help}
    EOT

    command :list, list_desc, [:filterflag, nil], :options => list_options do
        helper.list_pool(options, false, args[0])
    end

    show_desc = <<-EOT.unindent
        Shows information for the given Security Group
    EOT

    command :show,
            show_desc,
            :secgroupid,
            :options => OpenNebulaHelper::FORMAT do
        helper.show_resource(args[0], options)
    end
end
