require 'buff/config/json'
require 'openssl'

module Berkshelf
  class Config < Buff::Config::JSON
    class << self
      # @return [String]
      def store_location
        File.join(Berkshelf.berkshelf_path, 'config.json')
      end

      # @return [String]
      def local_location
        ENV['BERKSHELF_CONFIG'] || File.join('.', '.berkshelf', 'config.json')
      end

      # @return [String]
      def path
        path = File.exists?(local_location) ? local_location : store_location
        File.expand_path(path)
      end

      # @param [Berkshelf::Config] config
      def set_config(config)
        @instance = config
      end

      # @param [String] new_path
      def set_path(new_path)
        @instance = nil
      end

      # @return [String, nil]
      #   the contents of the file
      def file
        File.read(path) if File.exists?(path)
      end

      # Instantiate and return or just return the currently instantiated Berkshelf
      # configuration
      #
      # @return [Config]
      def instance
        @instance ||= if file
          from_json file
        else
          new
        end
        coerce_ssl
      end

      # Reload the currently instantiated Berkshelf configuration
      #
      # @return [Config]
      def reload
        @instance = nil
        self.instance
      end
    
      # force proper X509 types from any configuration strings
      #
      # @return [Config]
      def coerce_ssl
        ssl = @instance.ssl
        ssl[:ca_cert] = OpenSSL::X509::Certificate.new(File.read(ssl[:ca_cert])) if ssl[:ca_cert] && ssl[:ca_cert].is_a?(String)
        ssl[:client_cert] = OpenSSL::X509::Certificate.new(File.read(ssl[:client_cert])) if ssl[:client_cert] && ssl[:client_cert].is_a?(String)
        ssl[:client_key] = OpenSSL::PKey::RSA.new(File.read(ssl[:client_key])) if ssl[:client_key] && ssl[:client_key].is_a?(String)
        @instance
      end
    end

    # @param [String] path
    # @param [Hash] options
    #   @see {Buff::Config::JSON}
    def initialize(path = self.class.path, options = {})
      super(path, options).tap do
        # Deprecation
        if !self.vagrant.omnibus.enabled.nil?
          Berkshelf.ui.warn "`vagrant.omnibus.enabled' is deprecated and " \
            "will be removed in a future release. Please remove the " \
            "`enabled' attribute from your Berkshelf config."
        end
        if !self.vagrant.vm.box_url.nil?
          Berkshelf.ui.warn "`vagrant.vm.box_url' is deprecated and " \
            "will be removed in a future release. Please remove the " \
            "`box_url' attribute from your Berkshelf config."
        end
      end
    end

    attribute 'api.timeout',
      type: String,
      default: '30'
    attribute 'chef.chef_server_url',
      type: String,
      default: Berkshelf.chef_config.chef_server_url
    attribute 'chef.validation_client_name',
      type: String,
      default: Berkshelf.chef_config.validation_client_name
    attribute 'chef.validation_key_path',
      type: String,
      default: Berkshelf.chef_config.validation_key
    attribute 'chef.client_key',
      type: String,
      default: Berkshelf.chef_config.client_key
    attribute 'chef.node_name',
      type: String,
      default: Berkshelf.chef_config.node_name
    attribute 'chef.trusted_certs_dir',
      type: String,
      default: Berkshelf.chef_config.trusted_certs_dir
    attribute 'cookbook.copyright',
      type: String,
      default: Berkshelf.chef_config.cookbook_copyright
    attribute 'cookbook.email',
      type: String,
      default: Berkshelf.chef_config.cookbook_email
    attribute 'cookbook.license',
      type: String,
      default: Berkshelf.chef_config.cookbook_license
    attribute 'allowed_licenses',
      type: Array,
      default: Array.new
    attribute 'raise_license_exception',
      type: Buff::Boolean,
      default: false
    attribute 'vagrant.vm.box',
      type: String,
      default: 'bento/ubuntu-14.04',
      required: true
    # @todo Deprecated, remove?
    attribute 'vagrant.vm.box_url',
      type: String,
      default: nil
    attribute 'vagrant.vm.forward_port',
      type: Hash,
      default: Hash.new
    attribute 'vagrant.vm.provision',
      type: String,
      default: 'chef_solo'
    # @todo Deprecated, remove. There's a really weird tri-state here where
    # nil is used to represent an unset value, just FYI
    attribute 'vagrant.omnibus.enabled',
      type: Buff::Boolean,
      default: nil
    attribute 'vagrant.omnibus.version',
      type: String,
      default: 'latest'
    attribute 'ssl.verify',
      type: Buff::Boolean,
      default: true,
      required: true
    attribute 'ssl.cert_store',
      type: Buff::Boolean,
      default: false,
      required: false
    attribute 'ssl.ca_file',
      type: String,
      default: nil,
      required: false
    attribute 'ssl.ca_path',
      type: String,
      default: nil,
      required: false
    attribute 'ssl.client_cert',
      type: String,
      default: nil,
      required: false
    attribute 'ssl.client_key',
      type: String,
      default: nil,
      required: false
    attribute 'github',
      type: Array,
      default: [],
      required: false
    attribute 'gitlab',
      type: Array,
      default: [],
      required: false
    attribute 'github_protocol',
      # :git, :ssh, or :https
      type: Symbol,
      default: :https,
      required: false
  end
end