#!/bin/bash

### Include ymclibnettools
. /usr/lib/lib-fliwi/ymc-networktools.bash


##########################
function ymc_script_help
{
  echo "" 1>&2
  echo "Get access-group-information in Fliwi" 1>&2
  echo "" 1>&2
  echo "Usage: $(basename $0) [OPTIONS] hostname|service" 1>&2
  echo "=====" 1>&2
  echo "" 1>&2
  echo "OPTIONS:" 1>&2
  echo "========" 1>&2
  echo "-c|--combined-lookup" 1>&2
  echo "  Get access-groups information for a host and all its assigned" 1>&2
  echo "  services. If not given, it is assumed to get strict host-based" 1>&2
  echo "  access-group-information." 1>&2
  echo "  Mutually exclusive with --service-based-lookup" 1>&2
  echo "" 1>&2
  echo "-s|--service-based-lookup" 1>&2
  echo "  Get access-groups for services. If not given, it is assumed to get" 1>&2
  echo "  host-based access-group-information." 1>&2
  echo "  Get access-groups information a service. If not given, it is" 1>&2
  echo "  assumed to get strict host-based access-group-information." 1>&2
  echo "  Mutually exclusive with --combined-lookup" 1>&2
  echo "" 1>&2
  echo "--show-[name|access-as-system-user|members]" 1>&2
  echo "  Only output a specific type of information. If not given, all available" 1>&2
  echo "  will be shown." 1>&2
  echo "" 1>&2
  echo "--limit=ACCESS_GROUP_NAME" 1>&2
  echo "  Limit to a specific access-group of a service or host." 1>&2
  echo "" 1>&2
  echo "" 1>&2
  echo "DEBUGGING OPTIONS:" 1>&2
  echo "==================" 1>&2
  echo "NOTE: The following are most likely only useful for debugging purposes." 1>&2
  echo "      Try not to use them on any productive environment!" 1>&2
  echo "" 1>&2
  echo "--nameserver=<someIP>" 1>&2
  echo "  Overrides the nameserver used in automatic detection of settings." 1>&2
  echo "  Default is to use the systems default nameserver." 1>&2
  echo "" 1>&2
}

dns_part="hosts.groups.access.fliwi"
dns_part_services="services.groups.access.fliwi"
dns_part_groups="groups.contacts.fliwi"
combined_lookup=0
service_based_lookup=0
show_all=1
show_name=0
show_access_as_system_user=0
show_members=0

TEMP=$(getopt -o hcs --long help,combined-lookup,service-based-lookup,nameserver:,limit:,show-name,show-access-as-system-user,show-members \
              -n "$(basename $0)" -q -- "$@")
if [ $? != 0 ]; then
  ymc_script_help
  exit 1
fi

eval set -- "$TEMP"

while true
do
  case "$1" in
    -h|--help)
      ymc_script_help
      exit 1
    ;;

    -c|--combined-lookup)
      combined_lookup=1
      shift 1
    ;;

    -s|--service-based-lookup)
      dns_part=$dns_part_services
      service_based_lookup=1
      shift 1
    ;;

    --nameserver)
      DEBUG_DNS=$2
      shift 2
    ;;

    --limit)
      limit_string=$2
      shift 2
    ;;

    --show-name)
      show_name=1
      show_all=0
      shift 1
    ;;

    --show-access-as-system-user)
      show_access_as_system_user=1
      show_all=0
      shift 1
    ;;

    --show-members)
      show_members=1
      show_all=0
      shift 1
    ;;

    --)
      shift
      break
    ;;

    *)
      ymc_script_help
      exit 1
    ;;
  esac
done

if [ $combined_lookup -eq 1 ] && \
   [ $service_based_lookup -eq 1 ]; then
  ymc_script_help
  exit 1
fi

what_to_lookup_for=$*
if [ "$what_to_lookup_for" == "" ] || \
   [ $(echo $what_to_lookup_for | wc -w) -ne 1 ]; then
  ymc_script_help
  exit 1
fi

process_found_access_groups()
{
  local found_access_group_names="$@"
  local access_group_name
  if [ -n "$found_access_group_names" ]; then
    for access_group_name in $found_access_group_names
    do
      if [ "$access_group_name" != '' ]; then
        if [ "$limit_string" != '' ]; then
          if [ "$limit_string" != "$access_group_name" ]; then
            continue
          fi
        fi
        echo $access_group_name
      fi
    done
  fi
}

access_group_names_to_print_details=$(process_found_access_groups $(ymc_get_hostname_from_dns_txt "$what_to_lookup_for" "$dns_part"))

if [ $combined_lookup -eq 1 ]; then
  temp_services=$(fliwi-get-services $what_to_lookup_for)
  for temp_service in $temp_services
  do
    access_group_names_to_print_details=$access_group_names_to_print_details' '$(process_found_access_groups $(ymc_get_hostname_from_dns_txt "$(echo $temp_service | sed -r 's/-[0-9]+$//')" "$dns_part_services"))
  done
fi

access_group_names_to_print_details=$(echo "$access_group_names_to_print_details" | sed -r 's/[[:space:]]+/\n/g' | sort -V -u)

if [ "$access_group_names_to_print_details" != "" ]; then
  for access_group_name_to_print_details in $access_group_names_to_print_details
  do
    output=""

    access_group_name=$(echo $access_group_name_to_print_details | cut -d '.' -f 1)

    if [ $show_all -eq 1 ] || \
       [ $show_name -eq 1 ]; then
      output=$output' '$access_group_name
    fi

    if [ $show_all -eq 1 ] || \
       [ $show_access_as_system_user -eq 1 ]; then
      output=$output' '$(ymc_get_hostname_from_dns_txt "access-as-system-user" $access_group_name_to_print_details.$dns_part_groups) || continue
    fi

    if [ $show_all -eq 1 ] || \
       [ $show_members -eq 1 ]; then
      output=$output' '$(ymc_get_hostname_from_dns_txt "members" $access_group_name_to_print_details.$dns_part_groups | sed -r 's/[[:space:]]+/,/g') || continue
    fi

    echo $(echo -n $output | sed -r 's/[[:space:]]+/ /g')
  done
  exit 0
else
  exit 1
fi
