#! /bin/bash

. /usr/src/m2/framework/bash_functions.sh

RED='\033[0;31m'
GREEN='\033[0;32m'
BLUE='\033[0;34m'
NC='\033[0m'
mysql_error_file="/tmp/mysql_query_err_exit_reason"
MYSQL_ERROR_FLAG=0

control_c() {
    echo ""
    echo "Don't do this!"
    echo "pcrack NOT terminated and still running"
}



trap control_c SIGINT
trap check_pass EXIT

killsub()
{

    kill -9 "${1}" 2>/dev/null
    wait "${1}" 2>/dev/null

}

wait_user2() { echo -e "\nPress enter to continue\n\n"; read -r; echo -e "\n\n"; }


wait_user3()
{
    print_progress &
    print_progress_pid=$!
    read -r -t 16; echo -e "\n\n";

    killsub ${print_progress_pid}


}

print_progress()
{
    for (( sleep_time=15; sleep_time>0; sleep_time-- ))
    do
        if ((sleep_time > 6)); then 
            echo -e "You have ${GREEN}$sleep_time${NC} seconds to login...[or press Enter]"
        elif ((sleep_time > 3)); then
            echo -e "You have ${BLUE}$sleep_time${NC} seconds to login...[or press Enter]"
        else
            echo -e "You have ${RED}$sleep_time${NC} seconds to login...[or press Enter]"
        fi
        sleep 1
    done
}

print_mysql_error(){
    MYSQL_ERROR_FLAG=1
    if [[ -e $mysql_error_file ]]; then
        echo "MySQL error message:"
        cat $mysql_error_file
    fi
} 

print_error_and_exit() {
    echo -e "${RED}$1${NC}"
    print_mysql_error
    exit 1
}

# Exits only if used directly, does not exit scrip if used from ``, $() and so on 
mysql_query_err_exit() {
    rm -f $mysql_error_file

    if ! MYSQL_PWD="$DB_PASSWORD" /usr/bin/mysql -h "$DB_HOST" -u "$DB_USERNAME" $P_OPT "$DB_NAME" "$@" 2> $mysql_error_file; then
        echo -e "mysql query 'MYSQL_PWD="$DB_PASSWORD" /usr/bin/mysql -h "$DB_HOST" -u "$DB_USERNAME" $P_OPT "$DB_NAME" "$@"' failed"
        print_mysql_error
        echo "Exiting"
        exit 1
    fi
}

mysql_query() {
    rm -f $mysql_error_file

    MYSQL_PWD="$DB_PASSWORD" /usr/bin/mysql -h "$DB_HOST" -u "$DB_USERNAME" $P_OPT "$DB_NAME" "$@" 2> $mysql_error_file
    
}

check_pass(){
    local admin_admin_pass=0
    local admin_hash="d033e22ae348aeb5660fc2140aec35850c4da997"
    local hash_file="/root/m2_gui_admin_pass_hash"

    admin_admin_pass=$(mysql_query -sNe "select count(*) from users where password = '$admin_hash' and id = 0")
    
    if [[ -e $hash_file ]]; then
        if [[ $(tail -n 1 $hash_file) != "$admin_hash" ]]; then
    
            if ((admin_admin_pass > 0)); then
                echo -e "Admin password is ${RED}admin${NC} after script exit."
                echo -e "If this is a mistake, restore it manually"
                echo -e "Original password should be here --> ${BLUE}$hash_file${NC}"
            fi
        fi
    fi
}


m2_admin_pass_tmp_change()
{
        if [ -f "/root/m2_gui_admin_pass_hash" ]; then echo -e "\E[31m/root/m2_gui_admin_pass_hash found, please correct your mistakes manually, I won't overwrite user's pass hash backup\E[37m]"; return 1; fi
        set_database_variables
        local two_fa_enabled_column_exist="0"

        #==================================
        if ! current_pass=$(mysql_query -sNe "select password from users where id='0';"); then
             print_error_and_exit "Failed to get current password. Exiting"
        fi

        if ! current_username=$(mysql_query -sNe "select username from users where id = '0';"); then
             print_error_and_exit "Failed to get current username. Exiting"
        fi
        
        if ! current_admin_ip_authorization_value=$(mysql_query -sNe "select value from conflines where name = 'admin_login_with_approved_ip_only' and owner_id = 0;"); then
             print_error_and_exit "Failed to get current username. Exiting"
        fi
        
        if ! two_fa_enabled_column_exist=$(MYSQL_PWD="$DB_PASSWORD" /usr/bin/mysql -h "$DB_HOST" -u "$DB_USERNAME" $P_OPT "$DB_NAME" -e "desc users" 2> $mysql_error_file | awk '{print $1}' | grep -c "^two_fa_enabled$"; test ${PIPESTATUS[0]} -eq 0); then
            print_error_and_exit "Failed to check if two_fa_enabled column exist. Exiting"

        fi
        
        if ((two_fa_enabled_column_exist == 1)); then 
            if ! current_two_fa_enabled_value=$(mysql_query -sNe "select two_fa_enabled from users where id = 0"); then
                print_error_and_exit "Failed to get two_fa_enabled value. Exiting"
            fi
        fi

        echo "$current_username" >> /root/m2_gui_admin_username || print_error_and_exit "Failed to save current username to /root/m2_gui_admin_username"
        echo "$current_pass" >> /root/m2_gui_admin_pass_hash || print_error_and_exit "Failed to save current pass to /root/m2_gui_admin_pass_hash"

        [[ "$current_admin_ip_authorization_value" != "1" ]] && current_admin_ip_authorization_value=0
        echo "$current_admin_ip_authorization_value" >> /root/m2_gui_admin_ip_authorization_value || print_error_and_exit "Failed to save current admin authorization value to /root/m2_gui_admin_ip_authorization_value"

        ((two_fa_enabled_column_exist == 1)) && { echo "$current_two_fa_enabled_value" >> /root/m2_gui_two_fa_enabled_value || print_error_and_exit "Failed to save current two_fa_enabled value to /root/m2_gui_two_fa_enabled_value"; }

        mysql_query_err_exit -e "update users set username = 'admin' where id = 0;"
        mysql_query_err_exit -e "update users set password = 'd033e22ae348aeb5660fc2140aec35850c4da997' where id = 0;"        #setting the default pass
        mysql_query_err_exit -e "update conflines set value = 0 where name = 'admin_login_with_approved_ip_only' and owner_id = 0;"
        ((two_fa_enabled_column_exist == 1)) && mysql_query_err_exit -e "update users set two_fa_enabled = 0 where id = 0;"

        
        # Waitting to enter admin/admin in GUI
        if [ "$1" == "WAIT" ] || [ "$1" == "wait" ]; then wait_user2; else wait_user3; fi
        # End of wait

        if ! mysql_query -e "update users set username = '$current_username' where id = 0;"; then
           echo -e "${RED}Failed to restore the original username${NC}, you can find it here --> ${BLUE}/root/m2_gui_admin_username${NC}"
           print_mysql_error
        fi

        if ! mysql_query  -e "update users set password = '$current_pass' where id = 0;"; then
            echo -e "${RED}Failed to restore the original password hash${NC}, you can find it here --> ${BLUE}/root/m2_gui_admin_pass_hash${NC}"
            print_mysql_error
        fi

        if ! mysql_query -e "update conflines set value = $current_admin_ip_authorization_value where name = 'admin_login_with_approved_ip_only' and owner_id = 0;"; then
            echo -e "${RED}Failed to restore original admin_login_with_approved_ip_only${NC}, you can find it here --> ${BLUE}/root/m2_gui_admin_ip_authorization_value${NC}"
            print_mysql_error
        fi

        if ((two_fa_enabled_column_exist == 1)); then
            if ! mysql_query  -e "update users set two_fa_enabled = $current_two_fa_enabled_value where id = 0;"; then
                echo -e "${RED}Failed to restore original current_two_fa_enabled_value${NC}, you can find it here --> ${BLUE}/root/m2_gui_two_fa_enabled_value${NC}"
                print_mysql_error
            fi
        fi
        
        if ((MYSQL_ERROR_FLAG == 0)); then
            echo "Original values has been restored"

            rm -f /root/m2_gui_admin_username
            rm -f /root/m2_gui_admin_pass_hash
            rm -f /root/m2_gui_admin_ip_authorization_value
            rm -f /root/m2_gui_two_fa_enabled_value

            echo "Cleaned the mess.."
        else
           echo -e "${RED} We got mysql error during exectuion, leaving files with original values in /root directory${NC}"
        fi 

        return 0
}

m2_admin_pass_tmp_change "$1"