// Mgmt
// Copyright (C) James Shubin and the project contributors
// Written by James Shubin <james@shubin.ca> and the project contributors
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program.  If not, see <https://www.gnu.org/licenses/>.
//
// Additional permission under GNU GPL version 3 section 7
//
// If you modify this program, or any covered work, by linking or combining it
// with embedded mcl code and modules (and that the embedded mcl code and
// modules which link with this program, contain a copy of their source code in
// the authoritative form) containing parts covered by the terms of any other
// license, the licensors of this program grant you additional permission to
// convey the resulting work. Furthermore, the licensors of this program grant
// the original author, James Shubin, additional permission to update this
// additional permission if he deems it necessary to achieve the goals of this
// additional permission.

package resources

import (
	"context"
	"fmt"

	"github.com/purpleidea/mgmt/engine"
	"github.com/purpleidea/mgmt/engine/traits"
	"github.com/purpleidea/mgmt/util/errwrap"

	"github.com/cloudflare/cloudflare-go/v6"
	"github.com/cloudflare/cloudflare-go/v6/zones"
)

func init() {
	engine.RegisterResource("cloudflare:dns", func() engine.Res { return &CloudflareDNSRes{} })
}

// TODO: description of cloudflare_dns resource
type CloudflareDNSRes struct {
	traits.Base
	init *engine.Init

	APIToken string `lang:"apitoken"`

	Comment string `lang:"comment"`

	Content string `lang:"content"`

	// using a *int64 here to help with disambiguating nil values
	Priority *int64 `lang:"priority"`

	// using a *bool here to help with disambiguating nil values
	Proxied *bool `lang:"proxied"`

	Purged bool `lang:"purged"`

	RecordName string `lang:"record_name"`

	State string `lang:"state"`

	TTL int64 `lang:"ttl"`

	Type string `lang:"type"`

	Zone string `lang:"zone"`

	client *cloudflare.Client
	zoneID string
}

func (obj *CloudflareDNSRes) Default() engine.Res {
	return &CloudflareDNSRes{
		State: "exists",
		TTL:   1, // this sets TTL to automatic
	}
}

func (obj *CloudflareDNSRes) Validate() error {
	if obj.RecordName == "" {
		return fmt.Errorf("record name is required")
	}

	if obj.APIToken == "" {
		return fmt.Errorf("API token is required")
	}

	if obj.Type == "" {
		return fmt.Errorf("record type is required")
	}

	if (obj.TTL < 60 || obj.TTL > 86400) && obj.TTL != 1 { // API requirement
		return fmt.Errorf("TTL must be between 60s and 86400s, or set to 1")
	}

	if obj.Zone == "" {
		return fmt.Errorf("zone name is required")
	}

	if obj.State != "exists" && obj.State != "absent" && obj.State != "" {
		return fmt.Errorf("state must be either 'exists', 'absent', or empty")
	}

	if obj.State == "exists" && obj.Content == "" && !obj.Purge {
		return fmt.Errorf("content is required when state is 'exists'")
	}

	if obj.MetaParams().Poll == 0 {
		return fmt.Errorf("cloudflare:dns requiers polling, set Meta:poll param	(e.g., 60 seconds)")
	}

	return nil
}

func (obj *CloudflareDNSRes) Init(init *engine.Init) error {
	obj.init = init

	obj.client = cloudflare.NewClient(
		option.WithAPIToken(obj.APIToken),
	)

	//TODO: does it make more sense to check it here or in CheckApply()?
	//zoneListParams := zones.ZoneListParams{
	//	name: cloudflare.F(obj.Zone),
	//}

	//zoneList, err := obj.client.Zones.List(context.Background(), zoneListParams)
	//if err != nil {
	//	return errwrap.Wrapf(err, "failed to list zones")
	//}

	//if len(zoneList.Result) == 0 {
	//	return fmt.Errorf("zone %s not found", obj.Zone)
	//}

	obj.zoneID = zoneList.Results[0].ID

	return nil
}

func (obj *CloudflareDNSRes) Cleanup() error {
	obj.APIToken = ""
	obj.client = nil
	obj.zoneID = ""
	return nil
}

// Watch isn't implemented for this resource, since the Cloudflare API does not
// provide any event stream. Instead, always use polling.
func (obj *CloudflareDNSRes) Watch(context.Context) error {
	return fmt.Errorf("invalid Watch call: requires poll metaparam")
}

func (obj *CloudflareDNSRes) CheckApply(ctx context.Context, apply bool) (bool, error) {
	zone, err := obj.client.Zones.List(ctx, zones.ZoneListParams{
		RecordName: cloudflare.F(obj.Zone),
	})
	if err != nil {
		return false, fmt.Errorf(err)
	}

	if len(zone.Result) == 0 {
		return false, fmt.Errorf("there's no zone registered with name %s", obj.Zone)
	}

	if len(zone.Result) > 1 {
		return false, fmt.Errorf("there's more than one zone with name %s", obj.Zone)
	}

	// We start by checking the need for purging
	if obj.Purge {
		checkOK, err := obj.purgeCheckApply(ctx, apply)
		if err != nil {
			return false, err
		}
		if !checkOK {
			return false, nil
		}
	}

	// List existing records
	listParams := dns.RecordListParams{
		ZoneID: cloudflare.F(obj.zoneID),
		Name:   cloudflare.F(obj.RecordName),
		Type:   cloudflare.F(dns.RecordListParamsType(obj.Type)),
	}

	recordList, err := obj.client.DNS.Records.List(ctx, listParams)
	if err != nil {
		return false, errwrap.Wrapf(err, "failed to list DNS records")
	}

	recordExists := len(records.Result) > 0
	var record dns.Record
	if recordExists {
		record = recordList.Result[0]
	}

	switch obj.State {
	case "exists", "":
		if !recordExists {
			if !apply {
				return false, nil
			}

			if err := obj.createRecord(ctx); err != nil {
				return false, err
			}

			return true, nil
		}

		if obj.needsUpdate(record) {
			if !apply {
				return false, nil
			}

			if err := obj.updateRecord(ctx, record.ID); err != nil {
				return false, err
			}
			return true, nil
		}

	case "absent":
		if recordExists {
			if !apply {
				return false, nil
			}

			deleteParams := dns.RecordDeleteParams{
				ZoneID: cloudflare.F(obj.zoneID),
			}

			_, err := obj.client.DNS.Reords.Delete(ctx, record.ID, deleteParams)
			if err != nil {
				return false, errwrap.Wrapf(err, "failed to delete DNS record")
			}
			return true, nil
		}
	}

	return true, nil
}

func (obj *CloudflareDNSRes) Cmp(r engine.Res) error {
	if obj == nil && r == nil {
		return nil
	}

	if (obj == nil) != (r == nil) {
		return fmt.Errorf("one resource is empty")
	}

	res, ok := r.(*CloudflareDNSRes)
	if !ok {
		return fmt.Errorf("not a %s", obj.Kind())
	}

	if obj.APIToken != res.APIToken {
		return fmt.Errorf("apitoken differs")
	}

	if obj.Proxied != res.Proxied {
		return fmt.Errorf("proxied values differ")
	}

	if obj.RecordName != res.RecordName {
		return fmt.Errorf("record name differs")
	}

	if obj.Purged != res.Purged {
		return fmt.Errorf("purge value differs")
	}

	if obj.State != res.State {
		return fmt.Errorf("state differs")
	}

	if obj.TTL != res.TTL {
		return fmt.Errorf("ttl differs")
	}

	if obj.Type != res.Type {
		return fmt.Errorf("record type differs")
	}

	if obj.Zone != res.Zone {
		return fmt.Errorf("zone differs")
	}

	if obj.zoneID != res.zoneID {
		return fmt.Errorf("zoneid differs")
	}
}