#!/usr/bin/python

# imports of modules
import optparse
import subprocess
import sys







if __name__ == "__main__":
    # create configparser instance
    config = AuthzConfigParser()
    # read config file
    config.read(AUTHZ_PATH)

    # command line interface:
    # no option: display info
    # -g         display users in a group
    # -a         add regular user
    # -r         add restricted user
    # -m         move to alumni
    # -p         reset user password
    parser = optparse.OptionParser(
                usage="usage: %prog [option] name",
                description="shows and manipulates svn access rights",
                epilog="to grant a restricted user access to another folder, you have to carefully edit the authz file")
    parser.add_option("-g", "--groupinfo", action="store_const", dest="what",
                      const="g", help="display users in a group")
    parser.add_option("-a", "--add", action="store_const", dest="what",
                      const="a", help="add a regular user")
    parser.add_option("-r", "--restricted", action="store_const", dest="what",
                      const="r", help="add a restricted user")
    parser.add_option("-m", "--move", action="store_const", dest="what",
                      const="m", help="move a user to alumni")
    parser.add_option("-p", "--password", action="store_const", dest="what",
                      const="p", help="reset a user password")
    options, args = parser.parse_args()

    if len(args)==0:
        # no arguments? then display all the users!
        groups = config.group_users()
        for name, usernames in groups.items():
            print "Users in group '%s':" % name
            for name in sorted(usernames):
                print "  " + name
        sys.exit()

    if len(args)>1:
        # more than one usename? not here, john boy
        sys.exit("please provide only one name")
    name = args[0]

    if options.what == "g":
        # show group information
        groups = config.group_users()
        if name not in groups:
            sys.exit("Group not found")
        print "Users in group '%s':" % name
        for usernamename in sorted(groups[name]):
            print "  " + usernamename
        sys.exit()

    if options.what in ("a", "r"):
        # add a user, restricted or regular
        if name in config.elab_users:
            sys.exit("Username '%s' already in use" % name)
        group = RESTRICTED if options.what == "r" else USERS
        config.add_journal_acl_for(name, group)
        create_new_repository(name)
        #subprocess.check_call(SVN_DIR_CREATOR + " " + name, shell=True)
        password = set_new_password(name)
        print "New password for :"
        print "username: " + name
        print "password: " + password
        print "url:      https://svn.cpi.imtek.uni-freiburg.de/" + name
        config.write_to_file()
        sys.exit()

    # from here downwards we need already existent usernames
    if name not in config.elab_users:
        sys.exit("User '%s' not found, use this without a name to get a list of users." % name)

    if options.what == "m":
        # move user to alumni
        user = config.elab_users[name]
        if user.group == ALUMNI:
            sys.exit("User '%s' is already in group '%s'" % (name, ALUMNI))
        if user.group == ADMINS:
            sys.exit("User '%s' is in group '%s', will not moved to '%s'" % (name, ADMINS, ALUMNI))
        config.move_user_to_alumni(name)
        config.write_to_file()
        delete_password(name)
        sys.exit()

    if options.what == "p":
        # reset a password
        password = set_new_password(name)
        print "New password for :"
        print "username: " + name
        print "password: " + password
        sys.exit()

    # no option, just a name:
    user = config.elab_users[name]
    print "User %s is in group '%s':" % (name, user.group)
    # print the write acls for a user
    if user.group == ADMINS:
        print "  Write access is granted to all journals."
    elif user.write_acl:
        write_acl = [ username + SVN_SUFFIX for username in user.write_acl ]
        print "  Write access is granted to '%s'. " % "', '".join(write_acl)
    else:
        print "  Write access is NOT granted to any journals"
    # print the read acls for a user
    if user.group == ADMINS:
        print "  Read access is granted to all journals."
    elif user.group == USERS:
        print "  Read access is granted to (nearly) all journals."
    elif user.read_acl:
        read_acl = [ username + SVN_SUFFIX for username in user.read_acl ]
        print "  Read access is granted to '%s'. " % "', '".join(read_acl)
    else:
        print "  Read access is NOT granted to any journals"

    info = config.get_journal_info(name)
    # print the write acls for a journal
    print "Labjournal %s%s" % (name, SVN_SUFFIX)
    if info[WRITE_ACL]:
        print "  Write access granted to: " + ", ".join(info[WRITE_ACL])
    else:
        print "  No write access granted to anybody"
    # print the read acls for a journal
    if info[READ_ACL]:
        print "  Read access granted to: " + ", ".join(info[READ_ACL])
    else:
        print "  No read access granted to anybody"