/*******************************************************************************
 * Copyright (c) 2010 Oracle.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * and Apache License v2.0 which accompanies this distribution. 
 * The Eclipse Public License is available at
 *     http://www.eclipse.org/legal/epl-v10.html
 * and the Apache License v2.0 is available at 
 *     http://www.opensource.org/licenses/apache2.0.php.
 * You may elect to redistribute this code under either of these licenses.
 *
 * Contributors:
 *     Hal Hildebrand - Initial JMX support 
 ******************************************************************************/

package org.eclipse.gemini.mgmt.useradmin;

import java.io.IOException;
import java.util.ArrayList;

import javax.management.openmbean.CompositeData;
import javax.management.openmbean.OpenDataException;
import javax.management.openmbean.TabularData;

import org.osgi.framework.InvalidSyntaxException;
import org.eclipse.gemini.mgmt.internal.OSGiProperties;
import org.eclipse.gemini.mgmt.useradmin.internal.OSGiAuthorization;
import org.eclipse.gemini.mgmt.useradmin.internal.OSGiGroup;
import org.eclipse.gemini.mgmt.useradmin.internal.OSGiRole;
import org.eclipse.gemini.mgmt.useradmin.internal.OSGiUser;
import org.osgi.jmx.service.useradmin.UserAdminMBean;
import org.osgi.service.useradmin.Group;
import org.osgi.service.useradmin.Role;
import org.osgi.service.useradmin.User;
import org.osgi.service.useradmin.UserAdmin;

/** 
 * 
 */
public final class UserManager implements UserAdminMBean {

	private UserAdmin admin;

	public UserManager(UserAdmin admin) {
		this.admin = admin;
	}

	/**
	 * {@inheritDoc}
	 */
	@SuppressWarnings("unchecked")
	public void addCredential(String key, byte[] value, String username) throws IOException {
		if (username == null) {
			throw new IOException("User name must not be null");
		}
		if (key == null) {
			throw new IOException("Credential key must not be null");
		}
		User user;
		try {
			user = (User) admin.getRole(username);
		} catch (ClassCastException e) {
			throw new IOException("Not a User: " + username);
		}
		if (user == null) {
			throw new IOException("Not a User: " + username);
		}
		user.getCredentials().put(key, value);
	}

	/**
	 * {@inheritDoc}
	 */
	@SuppressWarnings("unchecked")
	public void addCredentialString(String key, String value, String username) throws IOException {
		if (username == null) {
			throw new IOException("User name must not be null");
		}
		if (key == null) {
			throw new IOException("Credential key must not be null");
		}
		User user;
		try {
			user = (User) admin.getRole(username);
		} catch (ClassCastException e) {
			throw new IOException("Not a User: " + username);
		}
		if (user == null) {
			throw new IOException("Not a User: " + username);
		}
		user.getCredentials().put(key, value);
	}

	/**
	 * {@inheritDoc}
	 */
	public boolean addMember(String groupname, String rolename) throws IOException {
		if (groupname == null) {
			throw new IOException("Group name must not be null");
		}
		if (rolename == null) {
			throw new IOException("Role name must not be null");
		}
		Role group = admin.getRole(groupname);
		if (group == null) {
			throw new IOException("Group does not exist: " + groupname);
		}
		Role role = admin.getRole(rolename);
		if (role == null) {
			throw new IOException("Role does not exist: " + rolename);
		}
		return group.getType() == Role.GROUP && ((Group) group).addMember(role);
	}

	/**
	 * {@inheritDoc}
	 */
	@SuppressWarnings("unchecked")
	public void addProperty(String key, byte[] value, String rolename) throws IOException {
		if (rolename == null) {
			throw new IOException("Role name must not be null");
		}
		if (key == null) {
			throw new IOException("Credential key must not be null");
		}
		Role role = admin.getRole(rolename);
		if (role == null) {
			throw new IOException("Role does not exist: " + rolename);
		}
		role.getProperties().put(key, value);
	}

	/**
	 * {@inheritDoc}
	 */
	@SuppressWarnings("unchecked")
	public void addPropertyString(String key, String value, String rolename) throws IOException {
		if (rolename == null) {
			throw new IOException("Role name must not be null");
		}
		if (key == null) {
			throw new IOException("Credential key must not be null");
		}
		Role role = admin.getRole(rolename);
		if (role == null) {
			throw new IOException("Role does not exist: " + rolename);
		}
		role.getProperties().put(key, value);
	}

	/**
	 * {@inheritDoc}
	 */
	public boolean addRequiredMember(String groupname, String rolename) throws IOException {
		if (groupname == null) {
			throw new IOException("Group name must not be null");
		}
		Role group = admin.getRole(groupname);
		if (group == null) {
			throw new IOException("Group does not exist: " + rolename);
		}
		Role role = admin.getRole(rolename);
		if (role == null) {
			throw new IOException("Role does not exist: " + rolename);
		}
		return group.getType() == Role.GROUP && ((Group) group).addRequiredMember(role);
	}

	/**
	 * {@inheritDoc}
	 */
	public void createGroup(String name) throws IOException {
		if (name == null) {
			throw new IOException("Name must not be null");
		}
		admin.createRole(name, Role.GROUP);
	}

	/**
	 * {@inheritDoc}
	 */
	public void createUser(String name) throws IOException {
		if (name == null) {
			throw new IOException("Name must not be null");
		}
		admin.createRole(name, Role.USER);
	}

	/**
	 * {@inheritDoc}
	 */
	public void createRole(String name) throws IOException {
		throw new UnsupportedOperationException("This method is deprecated and does not work");
	}

	/**
	 * {@inheritDoc}
	 */
	public CompositeData getAuthorization(String u) throws IOException {
		if (u == null) {
			throw new IOException("User name must not be null");
		}
		User user;
		try {
			user = (User) admin.getRole(u);
		} catch (ClassCastException e) {
			throw new IOException("Not a user: " + u);
		}
		try {
			return new OSGiAuthorization(admin.getAuthorization(user)).asCompositeData();
		} catch (OpenDataException e) {
			throw new IOException("Unable to create open data type: " + e);
		}
	}

	/**
	 * {@inheritDoc}
	 */
	@SuppressWarnings("unchecked")
	public TabularData getCredentials(String username) throws IOException {
		if (username == null) {
			throw new IOException("User name must not be null");
		}
		User user;
		try {
			user = (User) admin.getRole(username);
		} catch (ClassCastException e) {
			throw new IOException("Not a user: " + username);
		} 
		if (user == null) {
			throw new IOException("Not a user: " + username);
		}
		return OSGiProperties.tableFrom(user.getCredentials());
	}

	/**
	 * {@inheritDoc}
	 */
	public CompositeData getGroup(String groupname) throws IOException {
		if (groupname == null) {
			throw new IOException("Group name must not be null");
		}
		Group group;
		try {
			group = (Group) admin.getRole(groupname);
		} catch (ClassCastException e) {
			throw new IOException("Not a group: " + groupname);
		}
		try {
			return new OSGiGroup(group).asCompositeData();
		} catch (OpenDataException e) {
			throw new IOException("Cannot encode open data for group: " + e);
		}
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] listGroups() throws IOException {
		Role[] roles;
		try {
			roles = admin.getRoles(null);
		} catch (InvalidSyntaxException e) {
			throw new IllegalStateException("Cannot use null filter, apparently: " + e);
		}
		ArrayList<String> groups = new ArrayList<String>();
		for (Role role : roles) {
			if (role.getType() == Role.GROUP) {
				groups.add(role.getName());
			}
		}
		return groups.toArray(new String[groups.size()]);
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] getGroups(String filter) throws IOException {
		Role[] roles;
		try {
			roles = admin.getRoles(filter);
		} catch (InvalidSyntaxException e) {
			throw new IOException("Invalid filter: " + e);
		}
		ArrayList<String> groups = new ArrayList<String>();
		for (Role role : roles) {
			if (role.getType() == Role.GROUP) {
				groups.add(role.getName());
			}
		}
		return groups.toArray(new String[groups.size()]);
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] getImpliedRoles(String username) throws IOException {
		if (username == null) {
			throw new IOException("Name must not be null");
		}
		Role role = admin.getRole(username);
		if (role.getType() == Role.USER && role instanceof User) {
			return admin.getAuthorization((User) role).getRoles();
		} else {
			return new String[0];
		}
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] getMembers(String groupname) throws IOException {
		if (groupname == null) {
			throw new IOException("Name must not be null");
		}
		Group group;
		try {
			group = (Group) admin.getRole(groupname);
		} catch (ClassCastException e) {
			throw new IOException("Not a group: " + groupname);
		}
		Role[] members = group.getMembers();
		if (members == null) {
			return new String[0];
		}
		String[] names = new String[members.length];
		for (int i = 0; i < members.length; i++) {
			names[i] = members[i].getName();
		}
		return names;
	}

	/**
	 * {@inheritDoc}
	 */
	@SuppressWarnings("unchecked")
	public TabularData getProperties(String rolename) throws IOException {
		if (rolename == null) {
			throw new IOException("Name must not be null");
		}
		Role role = admin.getRole(rolename);
		if (role == null) {
			return null;
		}
		return OSGiProperties.tableFrom(role.getProperties());
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] getRequiredMembers(String groupname) throws IOException {
		if (groupname == null) {
			throw new IOException("Name must not be null");
		}
		Group group;
		try {
			group = (Group) admin.getRole(groupname);
		} catch (ClassCastException e) {
			throw new IOException("Not a group: " + groupname);
		}
		Role[] members = group.getRequiredMembers();
		if (members == null) {
			return new String[0];
		}
		String[] names = new String[members.length];
		for (int i = 0; i < members.length; i++) {
			names[i] = members[i].getName();
		}
		return names;
	}

	/**
	 * {@inheritDoc}
	 */
	public CompositeData getRole(String name) throws IOException {
		if (name == null) {
			throw new IOException("Name must not be null");
		}
		Role role = admin.getRole(name);
		try {
			return role == null ? null : new OSGiRole(role).asCompositeData();
		} catch (OpenDataException e) {
			throw new IOException("Unable to create open data: " + e);
		}
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] listRoles() throws IOException {
		Role[] roles;
		try {
			roles = admin.getRoles(null);
		} catch (InvalidSyntaxException e) {
			throw new IllegalStateException("Cannot use null filter, apparently: " + e);
		}
		String[] result = new String[roles.length];
		for (int i = 0; i < roles.length; i++) {
			result[i] = roles[i].getName();
		}
		return result;
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] getRoles(String filter) throws IOException {
		Role[] roles;
		try {
			roles = admin.getRoles(filter);
		} catch (InvalidSyntaxException e) {
			throw new IOException("Invalid filter: " + e);
		}
		String[] result = new String[roles.length];
		for (int i = 0; i < roles.length; i++) {
			result[i] = roles[i].getName();
		}
		return result;
	}

	/**
	 * {@inheritDoc}
	 */
	public CompositeData getUser(String username) throws IOException {
		if (username == null) {
			throw new IOException("Name must not be null");
		}
		User user;
		try {
			user = (User) admin.getRole(username);
		} catch (ClassCastException e) {
			throw new IOException("Not a user: " + username);
		}
		try {
			return user == null ? null : new OSGiUser(user).asCompositeData();
		} catch (OpenDataException e) {
			throw new IOException("Unable to create open data: " + e);
		}
	}

	/**
	 * {@inheritDoc}
	 */
	public String getUserWithProperty(String key, String value) throws IOException {
		if (key == null) {
			throw new IOException("Name must not be null");
		}
		User user = admin.getUser(key, value);
		return user == null ? null : user.getName();
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] listUsers() throws IOException {
		Role[] roles;
		try {
			roles = admin.getRoles(null);
		} catch (InvalidSyntaxException e) {
			throw new IllegalStateException("Cannot use null filter, apparently: " + e);
		}
		ArrayList<String> groups = new ArrayList<String>();
		for (Role role : roles) {
			if (role.getType() == Role.USER) {
				groups.add(role.getName());
			}
		}
		return groups.toArray(new String[groups.size()]);
	}

	/**
	 * {@inheritDoc}
	 */
	public String[] getUsers(String filter) throws IOException {
		Role[] roles;
		try {
			roles = admin.getRoles(filter);
		} catch (InvalidSyntaxException e) {
			throw new IOException("Invalid filter: " + e);
		}
		ArrayList<String> groups = new ArrayList<String>();
		for (Role role : roles) {
			if (role.getType() == Role.USER) {
				groups.add(role.getName());
			}
		}
		return groups.toArray(new String[groups.size()]);
	}

	/**
	 * {@inheritDoc}
	 */
	public void removeCredential(String key, String username) throws IOException {
		if (username == null || username.length() == 0) {
			throw new IOException("Name must not be null or empty");
		}
		if (key == null) {
			throw new IOException("Credential key must not be null");
		}
		User user;
		try {
			user = (User) admin.getRole(username);
		} catch (ClassCastException e) {
			throw new IOException("Not a user: " + username);
		}
		if (user == null) {
			return;
		}
		user.getCredentials().remove(key);
	}

	/**
	 * {@inheritDoc}
	 */
	public boolean removeMember(String groupname, String rolename) throws IOException {
		if (groupname == null) {
			throw new IOException("Group name must not be null");
		}
		if (rolename == null) {
			throw new IOException("Role name must not be null");
		}
		Group group;
		try {
			group = (Group) admin.getRole(groupname);
		} catch (ClassCastException e) {
			throw new IOException("Not a group: " + groupname);
		}
		if (group == null) {
			return false;
		}
		Role role = admin.getRole(rolename);
		if (role == null) {
			return false;
		}
		return group.removeMember(role);
	}

	/**
	 * {@inheritDoc}
	 */
	public void removeProperty(String key, String rolename) throws IOException {
		if (rolename == null) {
			throw new IOException("Name must not be null");
		}
		Role role = admin.getRole(rolename);
		if (role == null) {
			return;
		}
		role.getProperties().remove(key);
	}

	/**
	 * {@inheritDoc}
	 */
	public boolean removeRole(String name) throws IOException {
		if (name == null) {
			throw new IOException("Name must not be null");
		}
		return admin.removeRole(name);
	}

	/**
	 * {@inheritDoc}
	 */
	public boolean removeUser(String name) throws IOException {
		if (name == null) {
			throw new IOException("Name must not be null");
		}
		return admin.removeRole(name);
	}

	/**
	 * {@inheritDoc}
	 */
	public boolean removeGroup(String name) throws IOException {
		if (name == null) {
			throw new IOException("Name must not be null");
		}
		return admin.removeRole(name);
	}

}