#!/bin/bash

### Copyright 2017 Pixar

###
###    Licensed under the Apache License, Version 2.0 (the "Apache License")
###    with the following modification; you may not use this file except in
###    compliance with the Apache License and the following modification to it:
###    Section 6. Trademarks. is deleted and replaced with:
###
###    6. Trademarks. This License does not grant permission to use the trade
###       names, trademarks, service marks, or product names of the Licensor
###       and its affiliates, except as required to comply with Section 4(c) of
###       the License and to reproduce the content of the NOTICE file.
###
###    You may obtain a copy of the Apache License at
###
###        http://www.apache.org/licenses/LICENSE-2.0
###
###    Unless required by applicable law or agreed to in writing, software
###    distributed under the Apache License with the above modification is
###    distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
###    KIND, either express or implied. See the Apache License for the specific
###    language governing permissions and limitations under the Apache License.
###
###

# NOTE: Native bash doesn't have any easy way to parse JSON.
# Instead, you should really use a tool like 'jq' https://stedolan.github.io/jq/.
#
# If you have jq, set its correct path in the JQ variable below.
#
# If not, this script will use a hacky, VERY inappropriate and breakable
# way to parse JSON!
# But, it works enough to demonstrate the idea of using bash to write a handler.

# Enter your path to jq
JQ=/usr/local/bin/jq

# read all of stdin into a variable
while read line ; do JSON="$JSON $line" ; done

# use jq if we can
if [ -x "$JQ" ] ; then

  hookname=`echo $JSON | "$JQ" -r '.webhook.name'`
  authname=`echo $JSON | "$JQ" -r '.event.authorizedUsername'`
  otype=`echo $JSON | "$JQ" -r '.event.objectTypeName'`
  oname=`echo $JSON | "$JQ" -r '.event.objectName'`
  oid=`echo $JSON | "$JQ" -r '.event.objectID'`
  optype=`echo $JSON | "$JQ" -r '.event.restAPIOperationType'`

# otherwise, hacky bash parsing.
else

  # use a comma as the field separator for the for-loop
  IFS=','

  # loop thru comma-separated chunks
  for chunk in $JSON ; do
    hookre='"name": "(.+)"'
    [[ $chunk =~ $hookre ]] && hookname="${BASH_REMATCH[1]}"
    authunamere='"authorizedUsername": "(.+)"'
    [[ $chunk =~ $authunamere ]] && authname="${BASH_REMATCH[1]}"
    otypere='"objectTypeName": "(.+)"'
    [[ $chunk =~ $otypere ]] && otype="${BASH_REMATCH[1]}"
    onamere='"objectName": "(.+)"'
    [[ $chunk =~ $onamere ]] && oname="${BASH_REMATCH[1]}"
    oidre='"objectID": (.+)'
    [[ $chunk =~ $oidre ]] && oid="${BASH_REMATCH[1]}"
    optypere='"restAPIOperationType": "(.+)"'
    [[ $chunk =~ $optypere ]] && optype="${BASH_REMATCH[1]}"
  done

fi # if [ -x "$JQ" ] ; then

# make an 'action' out of the operation type
# or exit if we don't know or don't care.
case $optype in
  GET) exit 0 ;;
  PUT) action=create ;;
  POST) action=update ;;
  DELETE) action=delete ;;
  *) exit 15 ;;
esac

# output
echo "The JSS WebHook named '${hookname}' was just triggered.
It indicates that Casper user '${authname}' just used the JSS API to ${action}
the JSS ${otype}named '${oname}' (id ${oid})
"