// ALR - Any Linux Repository
// Copyright (C) 2025 Евгений Храмов
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package utils

import (
	"errors"
	"log/slog"
	"os"
	"os/user"
	"strconv"
	"syscall"

	"github.com/leonelquinteros/gotext"
	"github.com/urfave/cli/v2"
)

func GetUidGidAlrUserString() (string, string, error) {
	u, err := user.Lookup("alr")
	if err != nil {
		return "", "", err
	}

	return u.Uid, u.Gid, nil
}

func GetUidGidAlrUser() (int, int, error) {
	strUid, strGid, err := GetUidGidAlrUserString()
	if err != nil {
		return 0, 0, err
	}

	uid, err := strconv.Atoi(strUid)
	if err != nil {
		return 0, 0, err
	}
	gid, err := strconv.Atoi(strGid)
	if err != nil {
		return 0, 0, err
	}

	return uid, gid, nil
}

func DropCapsToAlrUser() error {
	uid, gid, err := GetUidGidAlrUser()
	if err != nil {
		return err
	}
	err = syscall.Setgid(gid)
	if err != nil {
		return err
	}
	err = syscall.Setuid(uid)
	if err != nil {
		return err
	}
	newUid := syscall.Getuid()
	if newUid != uid {
		return errors.New("new uid don't matches requested")
	}
	newGid := syscall.Getgid()
	if newGid != gid {
		return errors.New("new gid don't matches requested")
	}
	return nil
}

// Returns cli.Exit to
func ExitIfCantDropCapsToAlrUser() error {
	err := DropCapsToAlrUser()
	if err != nil {
		slog.Debug("dropping capabilities error", "err", err)
		return cli.Exit(gotext.Get("Error dropping capabilities"), 1)
	}
	return nil
}

func ExitIfNotRoot() error {
	if os.Getuid() != 0 {
		return cli.Exit(gotext.Get("You need to be root to perform this action"), 1)
	}
	return nil
}