#!/bin/sh
# ---------------------------------------------------------------------------
# tilde - manage user-submitted scripts and apps

# Copyright 2018, Ben Harris <ben@tilde.team>

# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.

# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License at <http://www.gnu.org/licenses/> for
# more details.

# Usage: tilde [-h|--help]

# ---------------------------------------------------------------------------

PROGNAME=${0##*/}
VERSION="0.1.0"
user=$(whoami)
hostname=$(hostname -f)

# check coreutils and wrap stat for portability
if stat -c"%U" /dev/null >/dev/null 2>/dev/null ; then
    # GNU environment
    stat_func () {
        stat -c '%U' "$1"
    }
else
    # BSD environment
    stat_func () {
        stat -f %Su "$1"
    }
fi

isroot() {
    [ "$(id -u)" = "0" ]
}

error_exit() {
    printf "%s\n" "${1:-"unknown Error"}" >&2
    exit 1
}

signal_exit() { # Handle trapped signals
    case $1 in
        INT)
            error_exit "program interrupted by user"
            ;;
        TERM)
            printf "\n%s: program terminated" "$PROGNAME" >&2
            exit
            ;;
        *)
            error_exit "$PROGNAME: terminating on unknown signal"
            ;;
    esac
}

prompt_confirm() {
    while true; do
        printf "%s [y/n]: " "${1:-continue?}"
        read -r REPLY
        case $REPLY in
            [yY]) printf "\n" ; return 0 ;;
            [nN]) printf "\n" ; return 1 ;;
            *) printf " \033[31m %s \n\033[0m" "invalid input" ;;
        esac
    done
}

help_message() {
    cat <<-EOF
Usage: $PROGNAME [options] [command]

Options:
  -h, --help         Show this help message and exit
  -v, --version      Show version information

Commands:
  list               Show a list of approved user scripts
  submit             Start the submission flow for your own script
  about <script>     Show description and details of a specific script
  approve            Enter the approval queue for pending scripts (requires root)
  revoke <script>    Revoke a previously approved script (requires root)
  run <script>       Run an approved script

Please add /tilde/bin to your PATH to use approved scripts without this wrapper.
EOF
}

verify_script_name() {
    if [ -z "$1" ]; then
        error_exit "please enter a script name"
    fi

    if command -v "$1"; then
        if [ "$(command -v "$1")" != "/home/$user/bin/$1" ]; then
            error_exit "$1 already exists. rename your script and try again."
        fi
    fi

    if [ -x "/tilde/bin/$1" ]; then
        error_exit "$1 is already taken. rename your script and try again."
    fi

    case $1 in
        about|description|list|ls|submit|about|help|apropos|submit|approve)
            error_exit "$1 is a subcommand of tilde. rename your script and try again."
            ;;
        *)
            return
            ;;
    esac
}

submission_checklist() {
    cat <<- _EOF_
Requirements for submitting a user script or program:

  - Placed in your ~/bin
  - Executable
  - Responds to help or --help
  - No name collisions with existing scripts or $PROGNAME subcommands

_EOF_
}

mail_body() {
    cat <<- _EOF_
Subject: tilde script submission from ${user}
From: ${user}@${hostname}
To: root@${hostname}

tilde script submission from ${user}

script name: $1

description:
-----------------------------------------------------------------------

$2

-----------------------------------------------------------------------
You'll find the script and description in: /tilde/pending-submissions/$user/$1

Run this to see the approval queue:
sudo tilde approve
_EOF_
}

# Trap signals
trap "signal_exit TERM" TERM HUP
trap "signal_exit INT"  INT

# Parse command-line
case $1 in
    -h | --help)
        help_message
        exit 0
        ;;

    -v | --version)
        printf "%s\n" "$VERSION"
        exit 0
        ;;

    list)
        # List approved scripts
        printf "Available scripts:\n\n"
        for scr in /tilde/bin/*; do
            if [ -f "$scr" ]; then
                script_name=$(basename "$scr")
                target=$(readlink -f "$scr")
                printf "%s by %s\n" "$script_name" "$(stat_func "$target")"
                cat "/tilde/descriptions/$script_name"
                printf "\n"
            fi
        done
        ;;

    about | description)
        # Show details about a specific script
        if [ -z "$2" ]; then
            printf "Please provide a script name.\n"
            exit 1
        fi

        if [ -f "/tilde/descriptions/$2" ]; then
            cat "/tilde/descriptions/$2"
        else
            printf "%s not found. Use '%s list' to see available user scripts.\n" "$2" "$PROGNAME"
            exit 1
        fi
        ;;

    submit)
        # Submit a user script
        printf "Hello, %s! Ready to submit your script?\n" "$user"
        submission_checklist
        prompt_confirm "Are you ready to continue?" || exit

        printf "Enter the name of your script: "
        read -r script_name
        verify_script_name "$script_name"

        if [ ! -x "$HOME/bin/$script_name" ]; then
            error_exit "$script_name not found in ~/bin"
        fi

        printf "Enter a description for your script: \n"
        read -r description
        printf "\nYour script and description will be sent to the admins for approval.\n"
        prompt_confirm "Ready to submit?" || exit

        # Submit now
        mkdir -p "/tilde/pending-submissions/$user/$script_name"
        ln -s "$HOME/bin/$script_name" "/tilde/pending-submissions/$user/$script_name/$script_name"
        printf "%s\n" "$description" > "/tilde/pending-submissions/$user/$script_name/description.txt"
        mail_body "$script_name" "$description" | /usr/sbin/sendmail root
        printf "Script submitted. Thank you! :)\n"
        ;;

    approve)
        # Approve pending scripts (requires root)
        isroot || \
            error_exit "Re-run this as root to access the approval queue."
        printf "Welcome to the approval queue\n\n"

        for user_submission in /tilde/pending-submissions/*; do
            user=$(basename "$user_submission")
            for script in "$user_submission"/*; do
                script_name=$(basename "$script")
                [ -f "$script/approved" ] && continue

                printf "Script name: %s\n" "$script_name"
                cat "$script/description.txt"
                prompt_confirm "Approve?" || continue

                ln -s "$(readlink -f "$script/$script_name")" "/tilde/bin/$script_name"
                cp "$script/description.txt" "/tilde/descriptions/$script_name"
                touch "$script/approved"
                chmod 664 "/tilde/descriptions/$script_name"
                printf "Your submission of %s has been approved and is now available at /tilde/bin/%s\n" "$script_name" "$script_name" \
                    | sendmail "$user"
            done
        done
        printf "~~Done for now~~\n"
        ;;

    revoke)
        # Revoke an approved script (requires root)
        isroot || \
            error_exit "Re-run this as root to access the revoke menu."
        [ -f "/tilde/bin/$2" ] || \
            error_exit "$2 isn't an approved script"

        prompt_confirm "revoke $2?"
        printf "please provide a reason: "
        read -r reason

        original_script=$(readlink -f "/tilde/bin/$2")
        author=$(stat_func "$original_script")
        rm "/tilde/bin/$2"
        rm "/tilde/descriptions/$2"
        rm -rf "/tilde/pending-submissions/$author/$2"

        printf "your script %s has been returned because: %s\nfeel free to resubmit\n" "$2" "$reason" \
            | sendmail "$author"

        printf "%s revoked and returned to author" "$2"
        ;;

    run)
        # Run an approved script
        if [ -z "$2" ]; then
            printf "Please provide a script name.\n"
            help_message
            exit 1
        fi

        if [ -x "/tilde/bin/$2" ]; then
            prog="/tilde/bin/$2"
            shift
            exec "$prog" "$@"
        else
            printf "%s not found or not approved yet. Use '%s list' to see available user scripts.\n" "$2" "$PROGNAME"
            exit 1
        fi
        ;;

    "")
        help_message
        exit 0
        ;;

    *)
        printf "Invalid command: %s\n" "$1"
        help_message
        exit 1
        ;;
esac
