#!/usr/bin/perl -w
#
#
# vomrs2gridmap - fetches Member DNs from a VOMRS server and adds them
#                 to the system's Globus Toolkit Grid-mapfile, creating 
#                 the system accounts being mapped to on the fly.
#
#
# Author: Martin Haase / DAASI International GmbH / Gap-SLC
#
# History:
# version 0.1 2010-12-17 first poc
# version 0.2 2011-01-04 configuration using DAASIlib and documentation
#


use Data::Dump qw(dump);
use Set::Scalar;

use DAASIlib::CONF qw (is_debug);
use DAASIlib::Data;
# these two need: IO::Prompt, Log::Log4perl, DBI, DAASIlib::Gettext, Config::General


### configuration management 
my $data = new DAASIlib::Data;
my ($progname, $progpath, $etcdir, $sysconfig) = $data->getProgramFiles($0);

my $conf = new DAASIlib::CONF;
$conf->loadConfig($sysconfig, $progpath, $etcdir);


###### CONSTANTS

$DRY_RUN = 1;
if (defined $conf->{data}->{write_to_system} && $conf->{data}->{write_to_system}) { $DRY_RUN = 0 }

$vomrsfetchprogram = $conf->{data}->{vomrsfetchprogram};
$vomsurl = $conf->{data}->{vomsurl};
$gridmapfilepath = $conf->{data}->{gridmapfilepath};
$accountprefix = $conf->{data}->{accountprefix};

###### Main Logic
$vomsDNs = fetch_from_vomrs($vomrsfetchprogram,$vomsurl);
%previousgridmap = parse_gridmap ( $gridmapfilepath );
$previousDNs = new Set::Scalar(keys %previousgridmap);
$newDNs = $vomsDNs->difference($previousDNs);
$highestsuffix = find_last_account($accountprefix, values %previousgridmap);

open F, ">>$gridmapfilepath";
foreach $dn ($newDNs->members) {
    $highestsuffix++;
    my $newaccount = sprintf ("$accountprefix%04d", $highestsuffix);
    if ($DRY_RUN) {
	print STDOUT "Would be adding '$dn' to grid-mapfile and $newaccount to system.\n";
    } else {
	print F "\"$dn\" $newaccount\n";
	system "useradd --comment 'Account created by Pseudo-DGridMap-Script in TextGrid/Gap-SLC project for DN ($dn)' --create-home $newaccount";
    }
}
close F;
print STDOUT ($DRY_RUN?"Would have written ":"Wrote ").$newDNs->size." entries.\n";
if ($DRY_RUN) {
    print STDOUT "This has been a DRY RUN, did NOT alter anything on the system nor write grid-mapfile. After verifying from the logs that everything is correct, you can force this with -w.\n";
}


######################## SUBs

### find out what the highest account assigned so far is (e.g. sltx0003 yields 3)
sub find_last_account {
    my $accountprefix = shift;
    my @previousaccounts = @_;

    my @previousprefixedaccounts = sort (grep {m/^$accountprefix/;} @previousaccounts);
    my $highestsuffix = -1;
    if (scalar @previousprefixedaccounts > 0) {
	$previousprefixedaccounts[-1] =~ m/$accountprefix(\d+)/;
	$highestsuffix = $1;
    }
    return $highestsuffix;
}



sub fetch_from_vomrs {
    my ($vomrsfetchprogram,$vomsurl) =@_;
    
    open VOMSDNS, "$vomrsfetchprogram $vomsurl|";
    # skip first two lines
    <VOMSDNS>;
    <VOMSDNS>;
    
    $vomsDNs = new Set::Scalar();
    $i = 0;
    while (<VOMSDNS>) {
	$i++;
	if ($i % 2 == 1) { # only odd lines contain user DNs, and even lines yield CA DNs for the user in the line before
	    chomp;
	    $vomsDNs->insert($_);
	} 
    }
    close VOMSDNS;
    return $vomsDNs;
}

sub parse_gridmap {
    my ($path) = @_;

    my %h = ();
    open F, $path;
    while (<F>) {
	# Format: 
	# "/C=DE/O=DFN-Verein/OU=DFN-PKI/OU=SLCS/OU=DAASI International GmbH/CN=Tanja Test - tanja.test@idp01.nds.daasi.de" ttest
	m/"([^"]+)\" (\S+)/;
	$h{$1} = $2; # dn => uid
    }
    close F;
    return %h;
}