// ALR - Any Linux Repository
// Copyright (C) 2025 Евгений Храмов
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package build

import (
	"log/slog"
	"sync"
	"syscall"

	"gitea.plemya-x.ru/Plemya-x/ALR/internal/utils"
	"gitea.plemya-x.ru/Plemya-x/ALR/pkg/manager"
)

func NewMainBuilder(
	cfg Config,
	mgr manager.Manager,
	repos PackageFinder,
) (*Builder, func(), error) {
	var err error

	var safeInstallerClose, safeScriptExecutorClose func()

	var cleanupOnce sync.Once
	cleanup := func() {
		cleanupOnce.Do(func() {
			if safeScriptExecutorClose != nil {
				safeScriptExecutorClose()
			}
			if safeInstallerClose != nil {
				safeInstallerClose()
			}
		})
	}

	defer func() {
		if err != nil {
			slog.Debug("close executors")
			cleanup()
		}
	}()

	installerExecutor, safeInstallerClose, err := GetSafeInstaller()
	if err != nil {
		return nil, nil, err
	}

	// It is very important!
	// See https://stackoverflow.com/questions/47296408/cannot-open-uid-map-for-writing-from-an-app-with-cap-setuid-capability-set
	if err = utils.NoNewPrivs(); err != nil {
		return nil, nil, err
	}

	s, safeScriptExecutorClose, err := GetSafeScriptExecutor()
	if err != nil {
		return nil, nil, err
	}

	builder := &Builder{
		scriptExecutor: s,
		cacheExecutor: &Cache{
			cfg,
		},
		scriptResolver: &ScriptResolver{
			cfg,
		},
		scriptViewerExecutor: &ScriptViewer{
			config: cfg,
		},
		checkerExecutor: &Checker{
			mgr,
		},
		installerExecutor: installerExecutor,
		sourceExecutor: &SourceDownloader{
			cfg,
		},
		repos: repos,
	}

	slog.Warn("uid", "uid", syscall.Getuid(), "gid", syscall.Getgid())

	return builder, cleanup, nil
}