/*
 *  Copyright (c) 1998 Denis Perchine <dyp@perchine.com>
 *  Copyright (c) 2004 Szombathelyi György <gyurco@freemail.hu>
 *  Former maintainer: Adriaan de Groot <groot@kde.org>
 *
 *  This program is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU General Public
 *  License version 2 as published by the Free Software Foundation.
 *
 *  This library is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  Library General Public License for more details.
 *
 *  You should have received a copy of the GNU Library General Public License
 *  along with this library; see the file COPYING.LIB.  If not, write to
 *  the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
 *  Boston, MA 02110-1301, USA.
 **/

#include "globals.h"
#include <errno.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <sys/types.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifdef HAVE_SHADOW
#include <shadow.h>
#endif

#include <tqstring.h>
#include <tqdir.h>

#include "kglobal_.h"
#include "kuserfiles.h"
#include "misc.h"
#include <kstandarddirs.h>
#include <tdemessagebox.h>
#include <kdebug.h>
#include "editDefaults.h"

KUserFiles::KUserFiles(KUserPrefsBase *cfg) : KUsers( cfg )
{
  pw_backuped = FALSE;
  pn_backuped = FALSE;
  s_backuped = FALSE;

  pwd_mode = 0644;
  pwd_uid = 0;
  pwd_gid = 0;

  sdw_mode = 0600;
  sdw_uid = 0;
  sdw_gid = 0;

  mUsers.setAutoDelete(TRUE);

  caps = Cap_Passwd;
#ifdef HAVE_SHADOW
  if ( !mCfg->shadowsrc().isEmpty() ) caps |= Cap_Shadow;
#endif
#if defined(__FreeBSD__) || defined(__bsdi__)
  caps |= Cap_BSD;
#endif

  reload();
}

KUserFiles::~KUserFiles()
{
}

bool KUserFiles::reload() {
  if (!loadpwd())
    return FALSE;

  if (!loadsdw())
    return FALSE;

  return TRUE;
}

// Load passwd file

bool KUserFiles::loadpwd()
{
  passwd *p;
  KU::KUser *tmpKU = 0;
  struct stat st;
  TQString filename;
  TQString passwd_filename;
  TQString nispasswd_filename;
  int rc = 0;
  int passwd_errno = 0;
  int nispasswd_errno = 0;
  char processing_file = '\0';
  #define P_PASSWD    0x01
  #define P_NISPASSWD 0x02
  #define MAXFILES 2

  // Read KUser configuration

  passwd_filename = mCfg->passwdsrc();
  nispasswd_filename = mCfg->nispasswdsrc();

  // Handle unconfigured environments

  if(passwd_filename.isEmpty() && nispasswd_filename.isEmpty()) {
    mCfg->setPasswdsrc( PASSWORD_FILE );
    mCfg->setGroupsrc( GROUP_FILE );
    passwd_filename = mCfg->passwdsrc();
    KMessageBox::error( 0, i18n("KUser sources were not configured.\nLocal passwd source set to %1\nLocal group source set to %2.").arg(mCfg->passwdsrc().arg(mCfg->groupsrc())) );
  }

  if(!passwd_filename.isEmpty()) {
    processing_file = processing_file | P_PASSWD;
    filename.append(passwd_filename);
  }

  // Start reading passwd file(s)

  for(int i = 0; i < MAXFILES; i++) {
    rc = stat(TQFile::encodeName(filename), &st);
    if(rc != 0) {
      KMessageBox::error( 0, i18n("Stat call on file %1 failed: %2\nCheck KUser settings.").arg(filename).arg(TQString::fromLocal8Bit(strerror(errno))) );
      if( (processing_file & P_PASSWD) != 0 ) {
        passwd_errno = errno;
        if(!nispasswd_filename.isEmpty()) {
          processing_file = processing_file & ~P_PASSWD;
          processing_file = processing_file | P_NISPASSWD;
          filename.truncate(0);
          filename.append(nispasswd_filename);
        }
        continue;
      }
      else{
        nispasswd_errno = errno;
        break;
      }
    }

    pwd_mode = st.st_mode & 0666;
    pwd_uid = st.st_uid;
    pwd_gid = st.st_gid;

    // We are reading our configuration specified passwd file
    TQString tmp;

#ifdef HAVE_FGETPWENT
    FILE *fpwd = fopen(TQFile::encodeName(filename), "r");
    if(fpwd == NULL) {
      KMessageBox::error( 0, i18n("Error opening %1 for reading.").arg(filename) );
      return FALSE;
    }

    while ((p = fgetpwent(fpwd)) != NULL) {
#else
    setpwent(); //This should be enough for BSDs
    while ((p = getpwent()) != NULL) {
#endif
      tmpKU = new KU::KUser();
      tmpKU->setCaps( KU::KUser::Cap_POSIX );
      tmpKU->setUID(p->pw_uid);
      tmpKU->setGID(p->pw_gid);
      tmpKU->setName(TQString::fromLocal8Bit(p->pw_name));
      tmp  = TQString::fromLocal8Bit( p->pw_passwd );
      if ( tmp != "x" && tmp != "*" && !tmp.startsWith("!") )
        tmpKU->setDisabled( false );
      else
        tmpKU->setDisabled( true );
      if ( tmp.startsWith("!") ) tmp.remove(0, 1);
      tmpKU->setPwd( tmp );
      tmpKU->setHomeDir(TQString::fromLocal8Bit(p->pw_dir));
      tmpKU->setShell(TQString::fromLocal8Bit(p->pw_shell));
#if defined(__FreeBSD__) || defined(__bsdi__)
      tmpKU->setClass(TQString::fromLatin1(p->pw_class));
      tmpKU->setLastChange(p->pw_change);
      tmpKU->setExpire(p->pw_expire);
#endif

      if ((p->pw_gecos != 0) && (p->pw_gecos[0] != 0))
        fillGecos(tmpKU, p->pw_gecos);
      mUsers.append(tmpKU);
    }

    // End reading passwd_filename

#ifdef HAVE_FGETPWENT
    fclose(fpwd);
#else
    endpwent();
#endif
    if((!nispasswd_filename.isEmpty()) && (nispasswd_filename != passwd_filename)) {
      processing_file = processing_file & ~P_PASSWD;
      processing_file = processing_file | P_NISPASSWD;
      filename.truncate(0);
      filename.append(nispasswd_filename);
    }
    else
      break;

  } // end of processing files, for loop

  if( (passwd_errno == 0) && (nispasswd_errno == 0) )
    return (TRUE);
  if( (passwd_errno != 0) && (nispasswd_errno != 0) )
    return (FALSE);
  else
    return(TRUE);
}

// Load shadow passwords

bool KUserFiles::loadsdw()
{
#ifdef HAVE_SHADOW
  TQString shadow_file,tmp;
  struct spwd *spw;
  KU::KUser *up = NULL;
  struct stat st;

  shadow_file = mCfg->shadowsrc();
  if ( shadow_file.isEmpty() )
    return TRUE;

  stat( TQFile::encodeName(shadow_file), &st);
  sdw_mode = st.st_mode & 0666;
  sdw_uid = st.st_uid;
  sdw_gid = st.st_gid;

#ifdef HAVE_FGETSPENT
  FILE *f;
  kdDebug() << "open shadow file: " << shadow_file << endl;
  if ((f = fopen( TQFile::encodeName(shadow_file), "r")) == NULL) {
    KMessageBox::error( 0, i18n("Error opening %1 for reading.").arg(shadow_file) );
    caps &= ~Cap_Shadow;
    return TRUE;
  }
  while ((spw = fgetspent( f ))) {     // read a shadow password structure
#else
  setspent();
  while ((spw = getspent())) {     // read a shadow password structure
#endif

    kdDebug() << "shadow entry: " << spw->sp_namp << endl;
    if ((up = lookup(TQString::fromLocal8Bit(spw->sp_namp))) == NULL) {
      KMessageBox::error( 0, i18n("No /etc/passwd entry for %1.\nEntry will be removed at the next `Save'-operation.").arg(TQString::fromLocal8Bit(spw->sp_namp)) );
      continue;
    }

    tmp = TQString::fromLocal8Bit( spw->sp_pwdp );
    if ( tmp.startsWith("!!") || tmp == "*" ) {
      up->setDisabled( true );
      tmp.remove( 0, 2 );
    } else
      up->setDisabled( false );

    up->setSPwd( tmp );        // cp the encrypted pwd
    up->setLastChange( daysToTime( spw->sp_lstchg ) );
    up->setMin(spw->sp_min);
    up->setMax(spw->sp_max);
#ifndef _SCO_DS
    up->setWarn(spw->sp_warn);
    up->setInactive(spw->sp_inact);
    up->setExpire( daysToTime( spw->sp_expire ) );
    up->setFlag(spw->sp_flag);
#endif
  }

#ifdef HAVE_FGETSPENT
  fclose(f);
#else
  endspent();
#endif

#endif // HAVE_SHADOW
  return TRUE;
}

// Save password file

#define escstr(a,b) tmp2 = user->a(); \
                    tmp2.replace(':',"_"); \
                    tmp2.replace(',',"_"); \
                    user->b( tmp2 );


bool KUserFiles::savepwd()
{
  FILE *passwd_fd = NULL;
  FILE *nispasswd_fd = NULL;
  uid_t minuid = 0;
  int nis_users_written = 0;
  uid_t tmp_uid = 0;
  TQString s;
  TQString s1;
  TQString tmp, tmp2;
  TQString passwd_filename;
  TQString nispasswd_filename;


  char errors_found = '\0';
    #define NOMINUID    0x01
    #define NONISPASSWD 0x02

  // Read KUser configuration info

  passwd_filename = mCfg->passwdsrc();
  nispasswd_filename = mCfg->nispasswdsrc();
  TQString new_passwd_filename =
    passwd_filename + TQString::fromLatin1(KU_CREATE_EXT);
  TQString new_nispasswd_filename =
    nispasswd_filename+TQString::fromLatin1(KU_CREATE_EXT);

  if( nispasswd_filename != passwd_filename ) {
    minuid = mCfg->nisminuid();
  }

  // Backup file(s)

  if(!passwd_filename.isEmpty()) {
    if (!pw_backuped) {
      if (!backup(passwd_filename)) return FALSE;
      pw_backuped = TRUE;
    }
  }
  if(!nispasswd_filename.isEmpty() &&
    (nispasswd_filename != passwd_filename)) {
    if (!pn_backuped) {
      if (!backup(nispasswd_filename)) return FALSE;
      pn_backuped = TRUE;
    }
  }

  // Open file(s)

  if(!passwd_filename.isEmpty()) {
    if ((passwd_fd =
      fopen(TQFile::encodeName(new_passwd_filename),"w")) == NULL)
        KMessageBox::error( 0, i18n("Error opening %1 for writing.").arg(passwd_filename) );
  }

  if(!nispasswd_filename.isEmpty() && (nispasswd_filename != passwd_filename)){
    if ((nispasswd_fd =
      fopen(TQFile::encodeName(new_nispasswd_filename),"w")) == NULL)
        KMessageBox::error( 0, i18n("Error opening %1 for writing.").arg(nispasswd_filename) );
  }

  TQPtrListIterator<KU::KUser> it( mUsers );
  KU::KUser *user;
  bool addok = false;
  user = (*it);
  while (true) {
    if ( user == 0 ) {
      if ( addok ) break;
      it = TQPtrListIterator<KU::KUser> ( mAdd );
      user = (*it);
      addok = true;
      if ( user == 0 ) break;
    };
    if ( mDel.containsRef( user ) ) {
      ++it;
      user = (*it);
      continue;
    }
    if ( mMod.contains( user ) ) user = &( mMod[ user ] );

    tmp_uid = user->getUID();
    if ( caps & Cap_Shadow )
      tmp = "x";
    else {
      tmp = user->getPwd();
      if ( user->getDisabled() && tmp != "x" && tmp != "*" )
        tmp = "!" + tmp;
    }

    escstr( getName, setName );
    escstr( getHomeDir, setHomeDir );
    escstr( getShell, setShell );
    escstr( getName, setName );
    escstr( getFullName, setFullName );
#if defined(__FreeBSD__) || defined(__bsdi__)
    escstr( getClass, setClass );
    escstr( getOffice, setOffice );
    escstr( getWorkPhone, setWorkPhone );
    escstr( getHomePhone, setHomePhone );
    s =
      user->getName() + ":" +
      tmp + ":" +
      TQString::number( user->getUID() ) + ":" +
      TQString::number( user->getGID() ) + ":" +
      user->getClass() + ":" +
      TQString::number( user->getLastChange() ) + ":" +
      TQString::number( user->getExpire() ) + ":";

    s1 =
      user->getFullName() + "," +
      user->getOffice() + "," +
      user->getWorkPhone() + "," +
      user->getHomePhone();
#else
    escstr( getOffice1, setOffice1 );
    escstr( getOffice2, setOffice2 );
    escstr( getAddress, setAddress );
    s =
      user->getName() + ":" +
      tmp + ":" +
      TQString::number( user->getUID() ) + ":" +
      TQString::number( user->getGID() ) + ":";

    s1 =
      user->getFullName() + "," +
      user->getOffice1() + "," +
      user->getOffice2() + "," +
      user->getAddress();

#endif
    for (int j=(s1.length()-1); j>=0; j--) {
      if (s1[j] != ',')
        break;
      s1.truncate(j);
    }

    s += s1 + ":" +
      user->getHomeDir() + ":" +
      user->getShell() + "\n";

    if( (nispasswd_fd != 0) && (minuid != 0) ) {
      if (minuid <= tmp_uid) {
        fputs(s.local8Bit().data(), nispasswd_fd);
        nis_users_written++;
        ++it;
        user = (*it);
        continue;
      }
    }

    if( (nispasswd_fd != 0) && (minuid == 0) ) {
      errors_found = errors_found | NOMINUID;
    }

    if( (nispasswd_fd == 0) && (minuid != 0) ) {
      errors_found = errors_found | NONISPASSWD;
    }
    kdDebug() << s << endl;
    fputs(s.local8Bit().data(), passwd_fd);

    ++it;
    user = (*it);
  }

  if(passwd_fd) {
    fclose(passwd_fd);
    chmod(TQFile::encodeName(new_passwd_filename), pwd_mode);
    chown(TQFile::encodeName(new_passwd_filename), pwd_uid, pwd_gid);
    rename(TQFile::encodeName(new_passwd_filename),
      TQFile::encodeName(passwd_filename));
  }

  if(nispasswd_fd) {
    fclose(nispasswd_fd);
    chmod(TQFile::encodeName(new_nispasswd_filename), pwd_mode);
    chown(TQFile::encodeName(new_nispasswd_filename), pwd_uid, pwd_gid);
    rename(TQFile::encodeName(new_nispasswd_filename),
      TQFile::encodeName(nispasswd_filename));
  }

  if( (errors_found & NOMINUID) != 0 ) {
    KMessageBox::error( 0, i18n("Unable to process NIS passwd file without a minimum UID specified.\nPlease update KUser settings (Files).") );
  }

  if( (errors_found & NONISPASSWD) != 0 ) {
    KMessageBox::error( 0, i18n("Specifying NIS minimum UID requires NIS file(s).\nPlease update KUser settings (Files).") );
  }

  // need to run a utility program to build /etc/passwd, /etc/pwd.db
  // and /etc/spwd.db from /etc/master.passwd
#if defined(__FreeBSD__) || defined(__bsdi__)
  if (system(PWMKDB) != 0) {
    KMessageBox::error( 0, i18n("Unable to build password database.") );
    return FALSE;
  }
#else
  if( (nis_users_written > 0) || (nispasswd_filename == passwd_filename) ) {
    if (system(PWMKDB) != 0) {
      KMessageBox::error( 0, i18n("Unable to build password databases.") );
      return FALSE;
    }
  }
#endif

  return TRUE;
}

#undef escstr

// Save shadow passwords file

bool KUserFiles::savesdw()
{
#ifdef HAVE_SHADOW
  bool addok = false;
  TQString tmp;
  FILE *f;
  struct spwd *spwp;
  struct spwd s;
  KU::KUser *up;
  TQString shadow_file = mCfg->shadowsrc();
  TQString new_shadow_file = shadow_file+TQString::fromLatin1(KU_CREATE_EXT);

  if ( shadow_file.isEmpty() )
    return TRUE;

  if (!s_backuped) {
    if (!backup(shadow_file)) return FALSE;
    s_backuped = TRUE;
  }

  if ((f = fopen(TQFile::encodeName(new_shadow_file), "w")) == NULL) {
    KMessageBox::error( 0, i18n("Error opening %1 for writing.").arg(new_shadow_file) );
    return FALSE;
  }

  s.sp_namp = (char *)malloc(200);
  s.sp_pwdp = (char *)malloc(200);

  TQPtrListIterator<KU::KUser> it( mUsers );
  up = (*it);
  while (true) {

    if ( up == 0 ) {
      if ( addok ) break;
      it = TQPtrListIterator<KU::KUser> ( mAdd );
      up = (*it);
      addok = true;
      if ( up == 0 ) break;
    };

    if ( mDel.containsRef( up ) ) {
      ++it;
      up = (*it);
      continue;
    }
    if ( mMod.contains( up ) ) up = &( mMod[ up ] );

    strncpy( s.sp_namp, up->getName().local8Bit(), 200 );
    if ( up->getDisabled() )
      strncpy( s.sp_pwdp, TQString("!!" + up->getSPwd()).local8Bit(), 200 );
    else
      strncpy( s.sp_pwdp, up->getSPwd().local8Bit(), 200 );

    s.sp_lstchg = timeToDays( up->getLastChange() );
    s.sp_min    = up->getMin();
    s.sp_max    = up->getMax();
#ifndef _SCO_DS
    s.sp_warn   = up->getWarn();
    s.sp_inact  = up->getInactive();
    s.sp_expire = timeToDays( up->getExpire() );
    s.sp_flag   = up->getFlag();
#endif
    spwp = &s;
    putspent(spwp, f);

    ++it;
    up = (*it);
  }
  fclose(f);

  chmod(TQFile::encodeName(new_shadow_file), sdw_mode);
  chown(TQFile::encodeName(new_shadow_file), sdw_uid, sdw_gid);
  rename(TQFile::encodeName(new_shadow_file),
    TQFile::encodeName(shadow_file));

  free(s.sp_namp);
  free(s.sp_pwdp);
#endif // HAVE_SHADOW
  return TRUE;
}


void KUserFiles::createPassword( KU::KUser *user, const TQString &password )
{
  if ( caps & Cap_Shadow ) {
    user->setSPwd( encryptPass( password, mCfg->md5shadow() ) );
    user->setPwd( TQString::fromLatin1("x") );
  } else
    user->setPwd( encryptPass( password, false ) );
}

bool KUserFiles::dbcommit()
{
  bool ret;
  mode_t mode;

  mAddSucc.clear();
  mDelSucc.clear();
  mModSucc.clear();
  if ( mDel.isEmpty() && mAdd.isEmpty() && mMod.isEmpty() )
    return true;

  mode = umask(0077);
  ret = savepwd();
  if ( ret && ( caps & Cap_Shadow ) ) ret = savesdw();
  umask( mode );
  if ( !ret ) return false;

  mDelSucc = mDel;
  mAddSucc = mAdd;
  mModSucc = mMod;
  mDel.clear();
  mAdd.clear();
  mMod.clear();
  return TRUE;
}