//
// Automated Testing Framework (atf)
//
// Copyright (c) 2007 The NetBSD Foundation, Inc.
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
// are met:
// 1. Redistributions of source code must retain the above copyright
//    notice, this list of conditions and the following disclaimer.
// 2. Redistributions in binary form must reproduce the above copyright
//    notice, this list of conditions and the following disclaimer in the
//    documentation and/or other materials provided with the distribution.
//
// THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND
// CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
// INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS BE LIABLE FOR ANY
// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
// GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
// IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
// OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
// IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//

extern "C" {
#include <sys/param.h>
#include <sys/sysctl.h>
}

#include <cassert>
#include <cerrno>
#include <cstdlib>
#include <cstring>
#include <stdexcept>

#include "config.hpp"
#include "env.hpp"
#include "fs.hpp"
#include "requirements.hpp"
#include "text.hpp"
#include "user.hpp"

namespace impl = tools;

namespace {

typedef std::map< std::string, std::string > vars_map;

static
bool
has_program(const tools::fs::path& program)
{
    bool found = false;

    if (program.is_absolute()) {
        found = tools::fs::is_executable(program);
    } else {
        if (program.str().find('/') != std::string::npos)
            throw std::runtime_error("Relative paths are not allowed "
                                     "when searching for a program (" +
                                     program.str() + ")");

        const std::vector< std::string > dirs = tools::text::split(
            tools::env::get("PATH"), ":");
        for (std::vector< std::string >::const_iterator iter = dirs.begin();
             !found && iter != dirs.end(); iter++) {
            const tools::fs::path& p = tools::fs::path(*iter) / program;
            if (tools::fs::is_executable(p))
                found = true;
        }
    }

    return found;
}

static
std::string
check_arch(const std::string& arches)
{
    const std::vector< std::string > v = tools::text::split(arches, " ");

    for (std::vector< std::string >::const_iterator iter = v.begin();
         iter != v.end(); iter++) {
        if ((*iter) == tools::config::get("atf_arch"))
            return "";
    }

    if (v.size() == 1)
        return "Requires the '" + arches + "' architecture";
    else
        return "Requires one of the '" + arches + "' architectures";
}

static
std::string
check_config(const std::string& variables, const vars_map& config)
{
    const std::vector< std::string > v = tools::text::split(variables, " ");
    for (std::vector< std::string >::const_iterator iter = v.begin();
         iter != v.end(); iter++) {
        if (config.find((*iter)) == config.end())
            return "Required configuration variable '" + (*iter) + "' not "
                "defined";
    }
    return "";
}

static
std::string
check_files(const std::string& progs)
{
    const std::vector< std::string > v = tools::text::split(progs, " ");
    for (std::vector< std::string >::const_iterator iter = v.begin();
         iter != v.end(); iter++) {
        const tools::fs::path file(*iter);
        if (!file.is_absolute())
            throw std::runtime_error("Relative paths are not allowed when "
                "checking for a required file (" + file.str() + ")");
        if (!tools::fs::exists(file))
            return "Required file '" + file.str() + "' not found";
    }
    return "";
}

static
std::string
check_machine(const std::string& machines)
{
    const std::vector< std::string > v = tools::text::split(machines, " ");

    for (std::vector< std::string >::const_iterator iter = v.begin();
         iter != v.end(); iter++) {
        if ((*iter) == tools::config::get("atf_machine"))
            return "";
    }

    if (v.size() == 1)
        return "Requires the '" + machines + "' machine type";
    else
        return "Requires one of the '" + machines + "' machine types";
}

static
std::string
check_memory(const std::string& raw_memory)
{
    const int64_t needed = tools::text::to_bytes(raw_memory);

    int64_t available;
    std::size_t available_length = sizeof(available);
    if (::sysctlbyname("hw.usermem64", &available, &available_length,
                       NULL, 0) == -1) {
        const char* e = std::strerror(errno);
        return "Failed to get sysctl(hw.usermem64) value: " + std::string(e);
    }

    if (available < needed) {
        return "Not enough memory; needed " + tools::text::to_string(needed) +
            ", available " + tools::text::to_string(available);
    } else
        return "";
}

static
std::string
check_progs(const std::string& progs)
{
    const std::vector< std::string > v = tools::text::split(progs, " ");
    for (std::vector< std::string >::const_iterator iter = v.begin();
         iter != v.end(); iter++) {
        if (!has_program(tools::fs::path(*iter)))
            return "Required program '" + (*iter) + "' not found in the PATH";
    }
    return "";
}

static
std::string
check_user(const std::string& user, const vars_map& config)
{
    if (user == "root") {
        if (!tools::user::is_root())
            return "Requires root privileges";
        else
            return "";
    } else if (user == "unprivileged") {
        if (tools::user::is_root()) {
            const vars_map::const_iterator iter = config.find(
                "unprivileged-user");
            if (iter == config.end())
                return "Requires an unprivileged user and the "
                    "'unprivileged-user' configuration variable is not set";
            else {
                const std::string& unprivileged_user = (*iter).second;
                try {
                    (void)tools::user::get_user_ids(unprivileged_user);
                    return "";
                } catch (const std::runtime_error& e) {
                    return "Failed to get information for user " +
                        unprivileged_user;
                }
            }
        } else
            return "";
    } else
        throw std::runtime_error("Invalid value '" + user + "' for property "
                                 "require.user");
}

} // anonymous namespace

std::string
impl::check_requirements(const vars_map& metadata,
                         const vars_map& config)
{
    std::string failure_reason = "";

    for (vars_map::const_iterator iter = metadata.begin();
         failure_reason.empty() && iter != metadata.end(); iter++) {
        const std::string& name = (*iter).first;
        const std::string& value = (*iter).second;
        assert(!value.empty()); // Enforced by application/X-atf-tp parser.

        if (name == "require.arch")
            failure_reason = check_arch(value);
        else if (name == "require.config")
            failure_reason = check_config(value, config);
        else if (name == "require.files")
            failure_reason = check_files(value);
        else if (name == "require.machine")
            failure_reason = check_machine(value);
        else if (name == "require.memory")
            failure_reason = check_memory(value);
        else if (name == "require.progs")
            failure_reason = check_progs(value);
        else if (name == "require.user")
            failure_reason = check_user(value, config);
        else {
            // Unknown require.* properties are forbidden by the
            // application/X-atf-tp parser.
            assert(failure_reason.find("require.") != 0);
        }
    }

    return failure_reason;
}

std::pair< int, int >
impl::get_required_user(const vars_map& metadata,
                        const vars_map& config)
{
    const vars_map::const_iterator user = metadata.find(
        "require.user");
    if (user == metadata.end())
        return std::make_pair(-1, -1);

    if ((*user).second == "unprivileged") {
        if (tools::user::is_root()) {
            const vars_map::const_iterator iter = config.find(
                "unprivileged-user");
            try {
                return tools::user::get_user_ids((*iter).second);
            } catch (const std::exception& e) {
                std::abort();  // This has been validated by check_user.
            }
        } else {
            return std::make_pair(-1, -1);
        }
    } else
        return std::make_pair(-1, -1);
}