#!/usr/bin/perl

use warnings;
use strict;
use POSIX;
use Getopt::Long qw(:config pass_through);

our $opt_user  = '__APACHEUSER__';
our $opt_group = '__APACHEGROUP__';
GetOptions(
    "user=s"  => \$opt_user,
    "group=s" => \$opt_group
) or die("Error in command line arguments\n");

my $action;

eval {
    POSIX::setgid( scalar( getgrnam($opt_group) ) );
    POSIX::setuid( scalar( getpwnam($opt_user) ) );
};

for ( my $i = 0 ; $i < @ARGV ; $i++ ) {
    if ( $ARGV[$i] =~ /^-/ ) {
        $i++;
        next;
    }
    $action = $ARGV[$i];
    last;
}

$action ||= "help";

if ( $action =~
    /^(?:[gs]et|del|(?:add|del)Key|(?:add|del)PostVars|save|restore|rollback)$/
  )
{
    eval { require Lemonldap::NG::Manager::Cli; };
    die "Manager libraries not available, aborting ($@)" if ($@);
    Lemonldap::NG::Manager::Cli->run(@ARGV);
}
elsif ( $action =~ /^(?:info|update-cache|test-email)$/ ) {
    eval { require Lemonldap::NG::Common::Cli; };
    die "Lemonldap::NG common libraries not available, aborting ($@)" if ($@);
    Lemonldap::NG::Common::Cli->run(@ARGV);
}
else {
    help();
}

sub help {
    print STDERR qq{Usage: $0 <options> action <parameters>

Available actions:
 - help                                      : print this
 - info                                      : get currentconfiguration info
 - update-cache                              : force configuration cache to be updated
 - test-email <destination>                  : send a test email
 - get <key>                                 : get values of parameters
 - set <key> <value>                         : set parameter(s) value(s)
 - del <key>                                 : delete parameters
 - addKey <key> <subkey> <value>             : add or set a subkey in a parameter
 - delKey <key> <subkey>                     : delete subkey of a parameter
 - addPostVars <host> <uri> <key> <value>    : add post vars for form replay
 - delPostVars <host> <uri> <key>            : delete post vars for form replay
 - save                                      : export configuration to STDOUT
 - restore -                                 : import configuration from STDIN
 - restore <file>                            : import configuration from file
 - rollback                                  : restore previous configuration

Options:
 - yes <0|1>                     : accept confirmation prompt automatically
 - log <msg>                     : set configuration log message
 - safe <0|1>                    : fail in case the requested configuration is invalid
 - force <0|1>                   : allow overwrite of existing config number
 - cfgNum <num>                  : set new configuration number (requires -force 1)
 - sep <char>                    : separator of hierarchical values (by default: /)
 - iniFile <file>                : path to an alternate lemonldap-ng.ini file

Additional options:
 - --user=<user>    : change user running the script
 - --group=<group>  : change group running the script

See Lemonldap::NG::Manager::Cli(3) for more
};
}
__END__

=head1 NAME

=encoding utf8

lemonldap-ng-cli - Command-line manager for Lemonldap::NG web-SSO system.

=head1 SYNOPSIS

Get information about current configuration

  $ lemonldap-ng-cli info

Update local configuration cache

  $ lemonldap-ng-cli update-cache

Send a test email

  $ lemonldap-ng-cli test-email dwho@badwolf.org

Save configuration

  $ lemonldap-ng-cli save >conf.json
  $ lemonldap-ng-cli -cfgNum 19 save >conf-19.json

Restore configuration

  $ lemonldap-ng-cli restore conf.json
  # OR
  $ lemonldap-ng-cli restore - <conf.json

Cancel the last configuration change

  $ lemonldap-ng-cli rollback

Get a configuration parameter value

  $ lemonldap-ng-cli get portal domain cookieName

Set some values

  $ lemonldap-ng-cli set portal http://auth.e.com/ domain e.com
  # add or set a key
  $ lemonldap-ng-cli addKey macro fullname '$givenName." ".$lastName'

  # without changing the version number
  $ lemonldap-ng-cli -force 1 -cfgNum 1 set portal http://auth.e.com/ domain e.com

  # without asking for confirmation
  $ lemonldap-ng-cli -yes 1 set portal http://auth.e.com/ domain e.com

=head1 DESCRIPTION

lemonldap-ng-cli is a command line interface to interact with Lemonldap::NG
configuration. Commands are described in L<Lemonldap::NG::Manager::Cli>
and L<Lemonldap::NG::Common::Cli>

=head2 Available commands

=over

=item info

=item update-cache

=item test-email

=item save

=item restore

=item get

=item set

=item addKey

=item delKey

=back

=head2 Available options

=over

=item -yes

Confirm modification automatically (default: 0)

=item -log

Allows you to set the log message that will be displayed in the manager

=item -safe

The configuration change will be aborted if it contains errors (default: 0)

=item -force

Allows you to force overwriting an existing configuration (default: 0)

=item -cfgNum

Choose a particular configuration number (default: latest)

=item -sep 

Allows you to define hierarchical separator

=item -iniFile

Allows you to set an alternative ini file

=back

=head1 SEE ALSO

L<Lemonldap::NG::Manager::Cli>, L<Lemonldap::NG::Common::Cli>
L<http://lemonldap-ng.org/>

=head1 AUTHORS

=over

=item Clement Oudot, E<lt>clement@oodo.netE<gt>

=item Xavier Guimard, E<lt>yadd@debian.orgE<gt>

=item Maxime Besson, E<lt>maxime.besson@worteks.comE<gt>

=item Christophe Maudoux, E<lt>chrmdx@gmail.comE<gt>

=back

=head1 BUG REPORT

Use OW2 system to report bug or ask for features:
L<https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>

=head1 DOWNLOAD

Lemonldap::NG is available at
L<https://release.ow2.org/lemonldap/>

=head1 COPYRIGHT AND LICENSE

=over

=item Copyright (C) 2016 by Xavier Guimard, E<lt>x.guimard@free.frE<gt>

=item Copyright (C) 2016 by Clément Oudot, E<lt>clem.oudot@gmail.comE<gt>

=back

This library is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see L<http://www.gnu.org/licenses/>.

=cut
