#
# Author:: Jay Mundrawala(<jdm@chef.io>)
# Copyright:: Copyright 2015 Chef Software
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

require 'chef/win32/api/net'
require 'chef/win32/error'
require 'chef/mixin/wide_string'

class Chef
  module ReservedNames::Win32
    class Net
      include Chef::ReservedNames::Win32::API::Error
      extend Chef::ReservedNames::Win32::API::Error

      include Chef::ReservedNames::Win32::API::Net
      extend Chef::ReservedNames::Win32::API::Net

      include Chef::Mixin::WideString
      extend Chef::Mixin::WideString

      def self.default_user_info_3
        ui3 = USER_INFO_3.new.tap do |s|
          { usri3_name: nil,
            usri3_password: nil,
            usri3_password_age: 0,
            usri3_priv: 0,
            usri3_home_dir: nil,
            usri3_comment: nil,
            usri3_flags: UF_SCRIPT|UF_DONT_EXPIRE_PASSWD|UF_NORMAL_ACCOUNT,
            usri3_script_path: nil,
            usri3_auth_flags: 0,
            usri3_full_name: nil,
            usri3_usr_comment: nil,
            usri3_parms: nil,
            usri3_workstations: nil,
            usri3_last_logon: 0,
            usri3_last_logoff: 0,
            usri3_acct_expires: -1,
            usri3_max_storage: -1,
            usri3_units_per_week: 0,
            usri3_logon_hours: nil,
            usri3_bad_pw_count: 0,
            usri3_num_logons: 0,
            usri3_logon_server: nil,
            usri3_country_code: 0,
            usri3_code_page: 0,
            usri3_user_id: 0,
            usri3_primary_group_id: DOMAIN_GROUP_RID_USERS,
            usri3_profile: nil,
            usri3_home_dir_drive: nil,
            usri3_password_expired: 0
          }.each do |(k,v)|
            s.set(k, v)
          end
        end
      end

      def self.net_api_error!(code)
        msg = case code
        when NERR_InvalidComputer
          "The user does not have access to the requested information."
        when NERR_NotPrimary
          "The operation is allowed only on the primary domain controller of the domain."
        when NERR_SpeGroupOp
          "This operation is not allowed on this special group."
        when NERR_LastAdmin
          "This operation is not allowed on the last administrative account."
        when NERR_BadUsername
          "The user name or group name parameter is invalid."
        when NERR_BadPassword
          "The password parameter is invalid."
        when NERR_UserNotFound
          raise Chef::Exceptions::UserIDNotFound, code
        when NERR_PasswordTooShort
          <<END
The password is shorter than required. (The password could also be too
long, be too recent in its change history, not have enough unique characters,
or not meet another password policy requirement.)
END
        when NERR_GroupNotFound
          "The group name could not be found."
        when ERROR_ACCESS_DENIED
          "The user does not have access to the requested information."
        else
          "Received unknown error code (#{code})"
        end

        raise Chef::Exceptions::Win32NetAPIError.new(msg, code)
      end

      def self.net_local_group_add(server_name, group_name)
        server_name = wstring(server_name)
        group_name = wstring(group_name)

        buf = LOCALGROUP_INFO_0.new
        buf[:lgrpi0_name] = FFI::MemoryPointer.from_string(group_name)

        rc = NetLocalGroupAdd(server_name, 0, buf, nil)
        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_local_group_del(server_name, group_name)
        server_name = wstring(server_name)
        group_name = wstring(group_name)

        rc = NetLocalGroupDel(server_name, group_name)
        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_local_group_get_members(server_name, group_name)
        server_name = wstring(server_name)
        group_name = wstring(group_name)

        buf = FFI::MemoryPointer.new(:pointer)
        entries_read_ptr = FFI::MemoryPointer.new(:long)
        total_read_ptr = FFI::MemoryPointer.new(:long)
        resume_handle_ptr = FFI::MemoryPointer.new(:pointer)

        rc = ERROR_MORE_DATA
        group_members = []
        while rc == ERROR_MORE_DATA
          rc = NetLocalGroupGetMembers(
            server_name, group_name, 0, buf, -1,
            entries_read_ptr, total_read_ptr, resume_handle_ptr
          )

          nread = entries_read_ptr.read_long
          nread.times do |i|
            member = LOCALGROUP_MEMBERS_INFO_0.new(buf.read_pointer +
                       (i * LOCALGROUP_MEMBERS_INFO_0.size))
            member_sid = Chef::ReservedNames::Win32::Security::SID.new(member[:lgrmi0_sid])
            group_members << member_sid.to_s
          end
          NetApiBufferFree(buf.read_pointer)
        end

        if rc != NERR_Success
          net_api_error!(rc)
        end

        group_members
      end

      def self.net_user_add_l3(server_name, args)
        buf = default_user_info_3

        args.each do |k, v|
          buf.set(k, v)
        end

        server_name = wstring(server_name)

        rc = NetUserAdd(server_name, 3, buf, nil)
        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_user_get_info_l3(server_name, user_name)
        server_name = wstring(server_name)
        user_name = wstring(user_name)

        ui3_p = FFI::MemoryPointer.new(:pointer)

        rc = NetUserGetInfo(server_name, user_name, 3, ui3_p)

        if rc != NERR_Success
          net_api_error!(rc)
        end

        ui3 = USER_INFO_3.new(ui3_p.read_pointer).as_ruby

        rc = NetApiBufferFree(ui3_p.read_pointer)

        if rc != NERR_Success
          net_api_error!(rc)
        end

        ui3
      end

      def self.net_user_set_info_l3(server_name, user_name, info)
        buf = default_user_info_3

        info.each do |k, v|
          buf.set(k, v)
        end

        server_name = wstring(server_name)
        user_name = wstring(user_name)

        rc = NetUserSetInfo(server_name, user_name, 3, buf, nil)
        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_user_del(server_name, user_name)
        server_name = wstring(server_name)
        user_name = wstring(user_name)

        rc = NetUserDel(server_name, user_name)
        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_local_group_add_member(server_name, group_name, domain_user)
        server_name = wstring(server_name)
        group_name = wstring(group_name)
        domain_user = wstring(domain_user)

        buf = LOCALGROUP_MEMBERS_INFO_3.new
        buf[:lgrmi3_domainandname] = FFI::MemoryPointer.from_string(domain_user)

        rc = NetLocalGroupAddMembers(server_name, group_name, 3, buf, 1)

        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.members_to_lgrmi3(members)
        buf = FFI::MemoryPointer.new(LOCALGROUP_MEMBERS_INFO_3, members.size)
        members.size.times.collect do |i|
          member_info = LOCALGROUP_MEMBERS_INFO_3.new(
            buf + i * LOCALGROUP_MEMBERS_INFO_3.size)
          member_info[:lgrmi3_domainandname] = FFI::MemoryPointer.from_string(wstring(members[i]))
          member_info
        end
      end

      def self.net_local_group_add_members(server_name, group_name, members)
        server_name = wstring(server_name)
        group_name = wstring(group_name)

        lgrmi3s = members_to_lgrmi3(members)
        rc = NetLocalGroupAddMembers(
          server_name, group_name, 3, lgrmi3s[0], members.size)

        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_local_group_set_members(server_name, group_name, members)
        server_name = wstring(server_name)
        group_name = wstring(group_name)

        lgrmi3s = members_to_lgrmi3(members)
        rc = NetLocalGroupSetMembers(
          server_name, group_name, 3, lgrmi3s[0], members.size)

        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_local_group_del_members(server_name, group_name, members)
        server_name = wstring(server_name)
        group_name = wstring(group_name)

        lgrmi3s = members_to_lgrmi3(members)
        rc = NetLocalGroupDelMembers(
          server_name, group_name, 3, lgrmi3s[0], members.size)

        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_use_del(server_name, use_name, force=:use_noforce)
        server_name = wstring(server_name)
        use_name = wstring(use_name)
        force_const = case force
                      when :use_noforce
                        USE_NOFORCE
                      when :use_force
                        USE_FORCE
                      when :use_lots_of_force
                        USE_LOTS_OF_FORCE
                      else
                        raise ArgumentError, "force must be one of [:use_noforce, :use_force, or :use_lots_of_force]"
                      end

        rc = NetUseDel(server_name, use_name, force_const)
        if rc != NERR_Success
          net_api_error!(rc)
        end
      end

      def self.net_use_get_info_l2(server_name, use_name)
        server_name = wstring(server_name)
        use_name = wstring(use_name)
        ui2_p = FFI::MemoryPointer.new(:pointer)

        rc = NetUseGetInfo(server_name, use_name, 2, ui2_p)
        if rc != NERR_Success
          net_api_error!(rc)
        end

        ui2 = USE_INFO_2.new(ui2_p.read_pointer).as_ruby
        NetApiBufferFree(ui2_p.read_pointer)

        ui2
      end

      def self.net_use_add_l2(server_name, ui2_hash)
        server_name = wstring(server_name)
        group_name = wstring(group_name)

        buf = USE_INFO_2.new

        ui2_hash.each do |(k,v)|
          buf.set(k,v)
        end

        rc = NetUseAdd(server_name, 2, buf, nil)
        if rc != NERR_Success
          net_api_error!(rc)
        end
      end
    end
    NetUser = Net # For backwards compatibility
  end
end