#!/usr/bin/python2.7
# coding: utf-8

from __future__ import print_function

import random
import string
import urllib
import ldap.dn
import ldap.filter
import subprocess
import univention.config_registry
from univention.config_registry.frontend import ucr_update
import univention.uldap as uldap

configRegistry = univention.config_registry.ConfigRegistry()
configRegistry.load()


def s4_connection():
	path = configRegistry.get("connector/s4/ldap/socket")
	ldap_uri = "{}://{}".format("ldapi", urllib.quote(path, safe=""))
	ldap_base = configRegistry.get("connector/s4/ldap/base")

	arguments = {"uri": ldap_uri, "base": ldap_base, "binddn": None, "bindpw": None,
		"follow_referral": True, "ca_certfile": configRegistry.get("connector/s4/ldap/certificate"),
		"start_tls": 2 if configRegistry.is_true("connector/s4/ldap/ssl") else 0}

	s4 = uldap.access(**arguments)
	(ldap_dn_correct_case, ) = s4.getAttr(ldap_base, "distinguishedName", required=True)
	s4.base = ldap_dn_correct_case
	return s4


def random_name():
	return ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(10))


def create_s4_user():
	username = 's4_testuser_{}_#'.format(random_name())
	subprocess.check_call(["samba-tool", "user", "create", username, "Univention123"])
	return username


def create_ucs_user():
	base = configRegistry.get("ldap/base")
	username = 'ucs_testuser_{}_#"'.format(random_name())
	subprocess.check_call(["udm", "users/user", "create", "--position",
		"cn=users,{}".format(base), "--set", 'username={}'.format(username),
		"--set", "lastname=testuser", "--set", "password=univention"])
	return username


def normalize_dn(dn):
	return ldap.dn.dn2str(ldap.dn.str2dn(dn))


if __name__ == "__main__":
	username_key = "directory/manager/web/modules/users/user/properties/username/syntax"
	subprocess.call(["service", "univention-s4-connector", "stop"])
	ucr_update(configRegistry, {username_key: "string"})
	subprocess.call(["pkill", "-f", "univention-cli-server"])

	print("Testing with S4")
	username = create_s4_user()
	access = s4_connection()
	fexp = ldap.filter.filter_format("(cn=%s)", (username,))
	for (dn, _) in access.search(fexp, attr=["dn"]):
		if dn is not None:
			print("s4           ", dn)
			print("s4 normalized", normalize_dn(dn))

	print("Testing with UCS")
	username = create_ucs_user()
	access = uldap.getAdminConnection()
	fexp = ldap.filter.filter_format("(uid=%s)", (username,))
	for (dn, _) in access.search(fexp, attr=["dn"]):
		if dn is not None:
			print("ucs           ", dn)
			print("ucs normalized", normalize_dn(dn))