#!/usr/bin/python

# Copyright (c) 2009, Purdue University
# All rights reserved.
# 
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 
# Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
#
# Redistributions in binary form must reproduce the above copyright notice, this
# list of conditions and the following disclaimer in the documentation and/or
# other materials provided with the distribution.
# 
# Neither the name of the Purdue University nor the names of its contributors
# may be used to endorse or promote products derived from this software without
# specific prior written permission.
# 
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

"""Remove user tool for dnsmanagement"""


__copyright__ = 'Copyright (C) 2009, Purdue University'
__license__ = 'BSD'
__version__ = '0.5'


import os
import sys
import getpass

from optparse import OptionParser

from roster_user_tools import cli_common_lib
from roster_user_tools import roster_client_lib


def main(args):
  """Collects command line arguments, adds users/groups/assignments

  Inputs:
    args: list of arguments from the command line
  """
  parser = OptionParser()

  parser.add_option('-l', '--list', action='store_true', dest='list',
                    help='List users, apply -u flag to filter.',
                    default=False)
  parser.add_option('-n', '--user-name', action='store', dest='user_name',
                    help='String of the user to remove.',
                    metavar='<new-user>', default=None)
  parser.add_option('-g', '--group', action='store', dest='group',
                    help='String of the group name to remove.',
                    metavar='<group>', default=None)
  parser.add_option('-f', '--forward-zone-permission', action='store_true',
                    dest='forward_zone_permission', help='Make a forward zone '
                                                         'permission.',
                    default=False)
  parser.add_option('-r', '--reverse-range-permission', action='store_true',
                    dest='reverse_range_permission', help='Make a reverse range'
                                                          ' permission.',
                    default=False)
  parser.add_option('-z', '--zone', action='store', dest='zone',
                    help='String of the zone name (optional)', metavar='<zone>',
                    default=None)
  parser.add_option('--access-right', action='store', dest='access_right',
                    help='String of the access right (r/rw)', metavar='r|rw',
                    default=None)
  parser.add_option('-b', '--cidr-block', action='store', dest='cidr_block',
                    help='String of CIDR block.', metavar='<cidr-block>',
                    default=None)
  parser.add_option('-s', '--server', action='store', dest='server',
                    help='XML RPC Server address.', metavar='<server>',
                    default='https://localhost:8000')
  parser.add_option('-u', '--username', action='store', dest='username',
                    help='Run as a different username.', metavar='<username>',
                    default=unicode(getpass.getuser()))
  parser.add_option('-p', '--password', action='store', dest='password',
                    help='Password string, NOTE: It is insecure to use this '
                    'flag on the command line.', metavar='<password>',
                    default=None)
  parser.add_option('-c', '--cred-file', action='store', dest='credfile',
                    help='Location of credential file.', metavar='<cred-file>',
                    default=os.path.join(os.path.expanduser('~'), '.dnscred'))
  parser.add_option('--cred-string', action='store', dest='credstring',
                    help='String of credential.', metavar='<cred-string>',
                    default=None)
  parser.add_option('-q', '--quiet', action='store_true', dest='quiet',
                    help='Suppress program output.', default=False)

  (globals()["options"], args) = parser.parse_args(args)

  cli_common_lib.CheckCredentials(options)

  if( options.list ):
    users = roster_client_lib.RunFunction(
        u'ListUsers', options.username, credfile=options.credfile,
        credstring=options.credstring, server_name=options.server,
        kwargs={'user_name': options.user_name})['core_return']
    groups = roster_client_lib.RunFunction(
        u'ListUserGroupAssignments', options.username,
        credfile=options.credfile, credstring=options.credstring,
        server_name=options.server,
        kwargs={'user_name': options.user_name, 'group_name': options.group})[
             'core_return']
    print_list = []
    for user in users:
      group = ['--']
      if( user in groups ):
        group = groups[user]
      print_list.append([user, ','.join(group), users[user]])
    print cli_common_lib.PrintColumns(print_list)
  elif( options.user_name ):
    cli_common_lib.DisallowFlags([
        'group', 'forward_zone_permission', 'reverse_range_permission'],
        parser, options)
    roster_client_lib.RunFunction(u'RemoveUser', options.username,
                                  credfile=options.credfile,
                                  credstring=options.credstring,
                                  server_name=options.server,
                                  args=[options.user_name])
    if( not options.quiet ):
      print 'REMOVED USER: %s' % options.user_name
  elif( options.forward_zone_permission ):
    cli_common_lib.DisallowFlags(['reverse_range_permission'], parser, options)
    if( not options.access_right ):
      cli_common_lib.DnsError('An access right must be specified with the'
                          ' --access-right flag.', 1)
    if( not options.group ):
      cli_common_lib.DnsError('A group must be specified with the -g flag.', 1)

    access_rights = roster_client_lib.RunFunction(
        u'ListAccessRights', options.username, credfile=options.credfile,
        credstring=options.credstring, server_name=options.server)[
            'core_return']
    access_rights_string = '|'.join(access_rights)
    if( not options.access_right or options.access_right not in access_rights ):
      cli_common_lib.DnsError('An access right of either %s is required.' % (
          access_rights_string), 1)
    if( not options.zone ):
      cli_common_lib.DnsError('A zone must be specified with the -z flag.', 1)
    roster_client_lib.RunFunction(u'RemoveForwardZonePermission', options.username,
                                  credfile=options.credfile,
                                  credstring=options.credstring,
                                  server_name=options.server,
                                  args=[options.zone, options.group,
                                        options.access_right])
    if( not options.quiet ):
      print ('REMOVED FORWARD_ZONE_PERMISSION: zone_name: %s group: %s '
             'access_right: %s' % (options.zone, options.group,
                                   options.access_right))
  elif( options.reverse_range_permission ):
    cli_common_lib.DisallowFlags(['user_name'], parser,
                                 options)
    if( not options.cidr_block ):
      cli_common_lib.DnsError('A CIDR block must be specified with the '
                              '--cidr-block flag.', 1)
    if( not options.group ):
      cli_common_lib.DnsError('A group must be specified with the -g flag.', 1)
    access_rights = roster_client_lib.RunFunction(
        u'ListAccessRights', options.username, credfile=options.credfile,
        credstring=options.credstring, server_name=options.server)[
            'core_return']
    access_rights_string = '|'.join(access_rights)
    if( not options.access_right ):
      cli_common_lib.DnsError('An access right must be specified with the'
                              ' --access-right flag.', 1)
    if( not options.access_right or options.access_right not in access_rights ):
      cli_common_lib.DnsError('An access right of either %s is required.' % (
                            access_rights_string), 1)
    roster_client_lib.RunFunction(u'RemoveReverseRangePermission', options.username,
                                  credfile=options.credfile,
                                  credstring=options.credstring,
                                  server_name=options.server,
                                  args=[options.cidr_block, options.group,
                                        options.access_right])
    if( not options.quiet ):
      print ('REMOVED REVERSE_RANGE_PERMISSION: cidr_block: %s group: %s '
             'access_right: %s' % (options.cidr_block, options.group,
                                   options.access_right))
  elif( options.group ):
    roster_client_lib.RunFunction(u'RemoveGroup', options.username,
                                  credfile=options.credfile,
                                  credstring=options.credstring,
                                  server_name=options.server,
                                  args=[options.group])
    if( not options.quiet ):
      print 'REMOVED GROUP: %s' % options.group
  else:
    parser.print_help()
    cli_common_lib.DnsError('Need to specify an option.', 1)

if __name__ == "__main__":
    main(sys.argv[1:])
