require 'jenkins_util/command_line_script'
require 'jenkins_util/logger_util'

module KeychainUtil
  include LoggerUtil

  @security_executable = '/usr/bin/security'
  @identity_regex = /\d+\)\s+.*? "(.*)"/
  @provisioning_profile_regex = /SHA-1.*: (.*)/

  def self.unlock_keychain(keychain, password, code_signing_identities)
    unless File.exist?(@security_executable) && File.exist?(keychain)
      LoggerUtil.log.fatal('security executable or keychain is not found')
      abort
    end

    if password.nil? || password.to_s.empty?
      LoggerUtil.log.fatal('Password is empty')
      abort
    end

    exec_unlock_keychain(keychain, password)
    exec_code_sign_identities(code_signing_identities)
  end

  def self.exec_unlock_keychain(keychain, password)
    # This command registers keychain in keychain tool
    CommandLineScript.new("#{@security_executable} list-keychain -s #{keychain}")

    # Unlock key-chain
    CommandLineScript.new("#{@security_executable} unlock-keychain -p #{password} #{keychain}")

    # Change default timeout
    CommandLineScript.new("#{@security_executable} set-keychain-settings -lut 7200 #{keychain}")
  end

  def self.exec_code_sign_identities(desired_identities)
    code_sign_command = CommandLineScript.new("#{@security_executable} find-identity -p codesigning -v")

    validate_identities(code_sign_command.stdout, desired_identities)
  end

  # TODO: implment and pass desired_profiles
  def self.exec_provisioning_profiles
    CommandLineScript.new("#{@security_executable} find-certificate -a -Z")
    # check_provisioning_profiles
  end

  def self.validate_identities(output, code_signing_identities)
    found_code_signing_identities = []
    code_signing_identities = Array(code_signing_identities)

    output.each do |identity_string|
      match = identity_string.to_s.match(@identity_regex)
      found_code_signing_identities.push(match[1]) unless match.nil?
    end

    log_identities(code_signing_identities, found_code_signing_identities)
  end

  def self.log_identities(desired_identities, found_identities)
    log_message = "Identities passed: #{desired_identities}\nIdentities found: #{found_identities}"
    if (desired_identities.uniq - found_identities.uniq).empty?
      LoggerUtil.log.info('All passed identities were found')
      LoggerUtil.log.debug(log_message)
    else
      LoggerUtil.log.fatal('Not all code signing identities were found')
      LoggerUtil.fatal(log_message)
    end
  end

  # TODO: implement and use in unlockKeychain
  def self.check_provisioning_profiles # (find_certificate_output, provisioning_profiles)
    LoggerUtil.log.debug('Checking Provisioning profiles is not yet implemented')
    # provisioning_profiles = Array(provisioning_profiles)
    # cleaned_provisioning_profiles = Array.new
    # found_provisioning_profiles = Array.new
    #
    # # Remove '-' from passed profiles
    # provisioning_profiles.uniq.each do |provisioning_profile|
    #   cleaned_provisioning_profiles.push(provisioning_profile.to_s.gsub('-', ''))
    # end
    #
    # find_certificate_output.each do |line|
    #   match = line.to_s.match(@provisioning_profile_regex)
    #   unless match.nil?
    #     found_provisioning_profiles.push(match[1])
    #   end
    # end
    #
    # unless (cleaned_provisioning_profiles.uniq - found_provisioning_profiles.uniq).empty?
    #   LoggerUtil.logger.fatal('Not all provisioning profiles were found')
    #   LoggerUtil.logger.fatal("Profiles passed: #{provisioning_profiles}")
    #   LoggerUtil.logger.fatal("Profiles found: #{found_provisioning_profiles}")
    #   abort
    # else
    #   LoggerUtil.logger.info('All passed provisioning profiles were found')
    #   LoggerUtil.logger.debug("Profiles passed: #{provisioning_profiles}")
    #   LoggerUtil.logger.debug("Profiles found: #{found_provisioning_profiles}")
    # end
  end

  private_class_method :validate_identities, :check_provisioning_profiles, :log_identities
end