#!/usr/bin/python

# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type

DOCUMENTATION = r'''
---
module: zephir_variante

short_description: This is a module to automate edition of zephir configuration

# If this is part of a collection, you need to use semantic versioning,
# i.e. the version is of the form "2.5.0" and not "2.4".
version_added: "1.0.0"

description: This is my longer description explaining my test module.

options:
    zephir_user:
        description: zephir user authorized to perform action
        required: true
        type: str
    zephir_user_password:
        description: zephir user password
        required: true
        type: str
    user:
        description: User name
        required: true
        type: str
    user_password:
        description: user password
        required: true
        type: str
    permissions:
        description: permissions given to user
        required: true
        type: str
    state:
        description: wether data have to be added or deleted from the database
        required: false
        type: str
# Specify this value according to your collection
# in format of namespace.collection.doc_fragment_name
extends_documentation_fragment:
    - cadoles.eole.zephir_user

author:
    - Cadoles
'''

EXAMPLES = r'''
# Pass in a message
- libelle: Test with a message
  cadoles.eole.zephir_user:
    zephir_user: admin_zephir
    zephir_user_password: eole
    user: admin
    user_password: admin
    permissions:
      - "Lecture"
'''

RETURN = r'''
# These are examples of possible return values, and in general should use other names for return values.
permissions:
    description: permissions list after edition
    type: list
    returned: always
    sample: [1]
user:
    description: user name.
    type: str
    returned: always
    sample: admin
'''

from ansible.module_utils.basic import AnsibleModule

from zephir.eolerpclib import EoleProxy
from zephir.web import config
from zephir.utils.ldap_user import add_user, encrypt_passwd

def run_module():
    # define available arguments/parameters a user can pass to the module
    key_mapping = {
            "Lecture": 1,
            "Ecriture": 2,
            "Configuration et actions sur les serveurs": 3,
            "Gestion des permissions": 4,
            "Fonction des clients": 5,
            "Export de variantes": 6,
            "Configuration vpn": 7,
            "Enregistrement": 8,
            "Ajout/Modification de serveur (enregistrement)": 9,
            "Enregistrement des sondes prelude": 10,
            "Migration de serveur (enregistrement)": 11,
            "Gestion des identifiants ENT": 12,
            "Gestion de la réplication LDAP": 13,
            "Gestion de la synchronisation AAF": 14,
            "Ecriture (serveurs)": 21,
            "Ecriture (modules)": 22,
            "Ecriture (etablissements)": 23,
            "Actions sans modification de configuration": 31,
            "Mise à jour du mot de passe (annuaire local)": 40,
            }
    mapped_keys = {value: key for key, value in key_mapping.items()}

    module_args = dict(
            zephir_user=dict(type='str', required=True),
            zephir_user_password=dict(type='str', required=True),
            user=dict(type='str', required=True),
            user_password=dict(type='str', required=True),
            permissions=dict(type='list', required=True),
            state=dict(type='str', required=False, default='present'),
    )

    # seed the result dict in the object
    # we primarily care about changed and state
    # changed is if this module effectively modified the target
    # state will include any data that you want your module to pass back
    # for consumption, for example, in a subsequent task
    result = dict(
        changed=False,
        permissions=[],
        user=None,
    )

    # the AnsibleModule object will be our abstraction working with Ansible
    # this includes instantiation, a couple of common attr would be the
    # args/params passed to the execution, as well as if the module
    # supports check mode
    module = AnsibleModule(
        argument_spec=module_args,
        supports_check_mode=True
    )

    if module.check_mode:
        module.exit_json(**result)
        #module.fail_json(**result)
        #module.params['module']

    port_zephir = int(config.PORT_ZEPHIR) + 1
    proxy_addr = "http://{0}:{1}@localhost:{2}/".format(module.params['zephir_user'], module.params['zephir_user_password'], port_zephir)
    proxy = EoleProxy(proxy_addr)

    add_user(module.params['user'], encrypt_passwd(module.params['user_password']))

    return_code, permissions = proxy.get_permissions(module.params['user'])
    if return_code:
        result['user'] = module.params['user']
        result['permissions'] = [mapped_keys[p] for p in permissions]

    new_permissions = [key_mapping[p] for p in module.params['permissions']]
    if module.params['state'] == 'exact':
        permissions = new_permissions
    else:
        old_permissions = set(permissions)
        if module.params['state'] == 'present':
            permissions = old_permissions.union(set(new_permissions))
        elif module.params['state'] == 'absent':
            permissions = old_permissions.difference(set(new_permissions))

    return_code, proxy_msg = proxy.save_permissions(module.params['user'], str(list(permissions)))
    if return_code:
        result['changed'] = True
        result['permissions'] = [mapped_keys[p] for p in permissions]
        module.exit_json(**result)
    else:
        module.fail_json(**result)


def main():
    run_module()


if __name__ == '__main__':
    main()