#!/bin/python3
import os
import sys
import logging
import requests
import json
import argparse

from lib import digest
from lib.diffie_hellman import *
from subject import main

logging.basicConfig(format='%(levelname)s\t- %(message)s')
logger = logging.getLogger()
logger.setLevel(logging.INFO)

state = main(sys.argv)

BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/')

#session file - document name - +/- -  role - permission
def aclDoc(args):
    parser = argparse.ArgumentParser()

    parser.add_argument("-k", '--key', nargs=1, help="Path to the key file")
    parser.add_argument("-r", '--repo', nargs=1, help="Address:Port of the repository")
    parser.add_argument("-v", '--verbose', help="Increase verbosity", action="store_true")

    parser.add_argument('session', nargs='?', default=None)
    parser.add_argument('name', nargs='?',default=None)
    parser.add_argument('change', nargs='?',default=None)
    parser.add_argument('role', nargs='?',default=None)
    parser.add_argument('permission', nargs='?',default=None)

    args = parser.parse_args()

    #Check number of arguments
    if not args.session or not args.role or not args.permission or not args.change or not args.name:
        logger.error("Need session file, document name, +/- , role and permission.")
        sys.exit(1)

    # Check for session file
    if (not os.path.isfile(BASE_DIR + args.session)):
        logger.error("File '" + args.session + "' not found.")
        sys.exit(1)

    # Get session file content
    with open(BASE_DIR + args.session, 'r') as f:
        args.session = json.load(f)

    # Check permission
    if args.permission not in ['DOC_ACL', 'DOC_READ', 'DOC_DELETE']:
        logger.error("Permission is not valid.")
        sys.exit(1)

    # Check change operation
    if args.change == '+':
        change = 'add'
    elif args.change == '-':
        change = 'remove'
    else:
        logger.error("Invalid change operation (+ or -).")
        sys.exit(1)

    document_handle = digest.get_hash(bytes(args.name, encoding='utf-8'))

    derived_key = bytes.fromhex(args.session['derived_key'])
    payload = json.dumps({'role' : args.role, 'perm' : args.permission, 'operation' : change})
    try:
        payload = encrypt(payload, derived_key).hex()
    except Exception:
        logger.error("Failed to encrypt the content")
        sys.exit(-1)

    headers = {
        'Authorization': args.session['token'],
        'Content-Type': 'application/octet-stream'
    }

    try:
        req = requests.post(f'http://{state['REP_ADDRESS']}/file/acl/{document_handle}',
                            data=payload,
                            headers=headers)
        req.raise_for_status()
    except requests.exceptions.HTTPError:
        logger.error("%d: %s", req.status_code, req.json()['error'])
        sys.exit(-1)
    except requests.exceptions.RequestException as errex:
        logger.error("Failed to obtain response from server.")
        sys.exit(-1)

    # Operation success
    if req.status_code == 200:
        logger.info("ACL changed succesfully.")
        sys.exit(0)
    logger.error("Failed to change ACL")
    sys.exit(-1)

if __name__ == '__main__':
    aclDoc(sys.argv[1:])