#!/bin/sh

po_domain="alterator-kiosk"
alterator_api_version=1

. alterator-sh-functions

KIOSK=/usr/bin/kiosk
MODE=/etc/alterator/kiosk/mode
PROFILES=/etc/alterator/kiosk/profiles
PROFILES_ENABLED=/etc/alterator/kiosk/profiles_enabled
CACHE=/var/cache/alterator/kiosk


cache_reset(){
    rm -rf -- "$CACHE"
    mkdir -p -- "$CACHE"
}

prepare_changes(){
    $KIOSK --user-list | comm -23 - "$CACHE/userlist" >"$CACHE/userlist_remove"
}

send2kiosk(){
    for i in $(cat $2)
    do
        case "$1" in
        "remove")
            $KIOSK --user-list-remove $i
            ;;
        "append-safe")
            $KIOSK --user-list-append $i
            ;;
        "append-unsafe")
            $KIOSK --user-list-append $i --no-secureexec
            ;;
        esac
    done
}

apply_changes(){
    test -s "$CACHE/userlist_remove" && send2kiosk "remove" "$CACHE/userlist_remove"
    test -s "$CACHE/userlist_secure" && send2kiosk "append-safe" "$CACHE/userlist_secure"
    test -s "$CACHE/userlist_nosecure" && send2kiosk "append-unsafe" "$CACHE/userlist_nosecure"
}

profiles_to_cache(){
    grep -h "^U" $PROFILES_ENABLED/* | cut -d' ' -f2 | sort | uniq >"$CACHE/userlist_secure"
    grep -h "^u" $PROFILES_ENABLED/* | cut -d' ' -f2 | sort | uniq >"$CACHE/userlist_nosecure"
}

profile_read(){
    cat "$PROFILES/$1" | sed 's/ /:/'
}

profile_state_save(){
    rm -f $PROFILES_ENABLED/*
    for i in $(echo "$1" | sed "s/;/ /g")
    do
        ln -s "$PROFILES/$i" "$PROFILES_ENABLED/"
    done
}

mode_set(){
    [ -n "$1" ] || return
    echo "$1" > "$MODE"
    $KIOSK --set-mode "$1"
}

enable_service() {
    systemctl enable kiosk
}

cache_reset
profiles_to_cache

on_message() {
  case "$in_action" in
    read)
        $KIOSK --get-mode || {
                write_error "`_ "Kiosk is not functional"`"
                return
        }
        write_string_param kiosk_mode "$($KIOSK --get-mode)"
        write_string_param profiles_enabled "$(ls -m $PROFILES_ENABLED | sed 's/, /;/g')"
        ;;
    write)
        case "$in__objects" in
            save)
                mode_set "1"
                profile_state_save $in_profile_name
                profiles_to_cache
                prepare_changes
                apply_changes
                mode_set $in_kiosk_mode
                enable_service
            ;;
        esac
        ;;
    list)
        case "$in__objects" in
            profiles)
                ls $PROFILES | grep -v '~' | write_enum
            ;;
            profile_content)
                profile_read $in_profile_name | write_enum
            ;;
        esac
        ;;
  esac
}

message_loop
