/*
   Copyright (C) 2000 - 2007 Grid Systems, S.A.
   
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License, version 2, as
   published by the Free Software Foundation.
   
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  GNU General Public License for more details.
  
  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
  */
  
  package com.gridsystems.innergrid.kernel.ixos.usersystem;
  
  import java.io.File;
  import java.util.ArrayList;
  import java.util.Collection;
  import java.util.Iterator;
  import java.util.List;
  
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
  
  import com.gridsystems.utils.FileProperties;
  
  import com.gridsystems.innergrid.kernel.KernelException;
  import com.gridsystems.innergrid.kernel.genericutils.ApiUtils;
  import com.gridsystems.innergrid.kernel.server.KernelContext;
  
  import com.gridsystems.innergrid.kernel.ixos.Configuration;
  import com.gridsystems.innergrid.kernel.ixos.filesystem.FilePermissions;
  import com.gridsystems.innergrid.kernel.ixos.filesystem.IxosSecurityManager;
  import com.gridsystems.innergrid.kernel.ixos.filesystem.PermissionsManager;
  import com.gridsystems.innergrid.kernel.ixos.filesystem.RepositoryFileFilter;
  
  /**
   * Low-priority thread that cleans permission files of deleted user/roles. The thread can
   * be set to wait a certain delay after it has been created to start running; this way, if
   * many users/roles are deleted together, the first deletion will create the thread but
   * its execution will be delayed so it deals with some of the user/role changes in the
   * same run. The preferred way of using this thread (specially if a delay is to be set) is
   * calling ApiUserSystemImpl.cleanRepositoryPermissions(). This way, no new threads will
   * be created until the last one created starts working. Anyway, it can also be used
   * directly for initialization issues.
   *
   * @author SJM
   */
  public final class PermissionsCleanerThread extends Thread {
    /**
     * Logger of this class.
     */
    private static Log log = LogFactory.getLog(PermissionsCleanerThread.class);
  
    /**
     * Singleton instance.
     */
    private static PermissionsCleanerThread instance = null;
  
    /**
     * A boolean that is true if and only if the thread has started running.
     */
    private boolean launched = false;
  
    /**
     * A long with the time to sleep before starting to perform actual tasks.
     */
    private long sleep = 0L;
  
    /**
     * The object to get information of users and roles.
     */
    private ApiUserSystemImpl userSystem = ApiUserSystemImpl.getInstance();
  
    /**
     * The object to get information of the permissions of files.
     */
    private PermissionsManager permissionsManager = PermissionsManager.getInstance();
  
    /**
     * The filter of files to get the directories and the security files.
     */
    private RepositoryFileFilter filter = new RepositoryFileFilter(false, true, true);
  
    /**
     * The base path to start the cleaning. By default the value is set to the base of the
     * repository.
     */
    private File rootFile = Configuration.getRepositoryRoot();
  
    /**
     * Constructor.
     *
     * @param sleep
     *          a long with the time to sleep before start running the thread.
    */
   private PermissionsCleanerThread(long sleep) {
     this.sleep = sleep;
     this.setPriority(Thread.MIN_PRIORITY);
   }
 
   /**
    * Sets the base path to start the cleaning.
    *
    * @param rootFile
    *          the File to the base path to start the cleaning. If it is null, it does not
    *          exist or it does not belong to the repository, the previous value is not
    *          changed.
    */
   public void setRootFile(File rootFile) {
     if (rootFile != null && rootFile.exists()
         && IxosSecurityManager.inRepository(rootFile)) {
       this.rootFile = rootFile;
     }
   }
 
   /**
    * Gets the base path to start the cleaning.
    *
    * @return the File to the base path to start the cleaning.
    */
   public File getRootFile() {
     return this.rootFile;
   }
 
   /**
    * Tells if the thread has started running.
    *
    * @return a boolean that is true if and only if the thread has started running.
    */
   public boolean isLaunched() {
     return launched;
   }
 
   /**
    * Runs the logic that cleans the permissions of the users and roles deleted.
    *
    * @see java.lang.Thread#run()
    */
   public void run() {
     try {
       Thread.sleep(this.sleep);
 
       if (log.isInfoEnabled()) {
         log.info("Thread begins running");
       }
       // First of all, the thread acknowledges that it is already running. Any
       // user or role deletion after this point will cause a new
       // PermissionsCleanerThread to be launched.
       this.launched = true;
 
       // Switching to superuser mode. There is no need to switch back to the
       // current user (that has not been set) because after cleaning the
       // permissions the task stops.
       KernelContext.getContext().setEffectiveUser(Configuration.getPrivilegedUser());
 
       if (isUserSystemLoaded()) {
         this.cleanFilePermissions();
         this.cleanAllAclPermissions();
       } else {
         // If the user data was not correctly loaded, performing the cleaning
         // of permissions will cause losing all the security data, because all
         // the permissions would be cleaned.
         log.error("The UserSystem data was not correctly loaded");
         log.error("File and ACL permissions will not be cleaned");
       }
     } catch (InterruptedException ie) {
       // Nothing to do here, just exit the method
     } catch (KernelException ke) {
       log.warn("Could not switch to superuser mode.");
     }
   }
 
   /**
    * Starts the clening process of the repository permissions.
    */
   private void cleanFilePermissions() {
     // We check every file recursively.
     try {
       // If it is a repository file we find its security file.
       File fileToClean = null;
       if (this.rootFile.isDirectory()) {
         fileToClean = this.rootFile;
       } else {
         if (this.rootFile.getName().startsWith(IxosSecurityManager.SECURITY_PREFIX)) {
           // It is a security file.
           fileToClean = this.rootFile;
         } else {
           // It is a repository file. We try to find its security file
           fileToClean = IxosSecurityManager.findOwnSecurityFile(this.rootFile);
           if (!fileToClean.exists()) {
             // SJM: If the file does not have its own security file, we can not
             // be sure that changing its security properties will not affect
             // other files.
             return;
           }
         }
       }
       if (log.isInfoEnabled()) {
         log.info("Cleaning lost permisions of " + fileToClean);
       }
       cleanFilePermissions(fileToClean, true);
       if (log.isInfoEnabled()) {
         log.info("Permisions of " + this.rootFile + " successfully cleaned");
       }
     } catch (KernelException ke) {
       log.error("Controled exception happened while cleaning permissions of "
           + this.rootFile, ke);
     }
   }
 
   /**
    * Cleaning the Permissions of the deleted users and roles.
    *
    * @param f
    *          the File whose permissions are going to be cleaned. It can be eiter a
    *          security file or a directory. The security files and directories or a
    *          directories are recursively cleaned up. If it is a directory and
    *          <code>firstRecursion</code> is true, then its own security file is also
    *          searched and, if found, cleaned up (if it is false the security file of a
    *          directory would be modified by the previous recursive call).
    * @param firstRecursion
    *          a boolean that is true only at the first recursive call of this method.
    * @throws KernelException
    *           If an error occurs
    */
   private void cleanFilePermissions(File f, boolean firstRecursion)
     throws KernelException {
     // We only accept directories or security files
     if (f.isDirectory()) {
       if (log.isDebugEnabled()) {
         log.debug("Going to clean files in " + f);
       }
       if (firstRecursion) {
         File directorySecurityFile = IxosSecurityManager.findOwnSecurityFile(f);
         if (directorySecurityFile.exists()) {
           cleanFilePermissions(directorySecurityFile, false);
         }
       }
       File[] files = f.listFiles(this.filter);
       if (files != null) {
         for (int i = 0; i < files.length; i++) {
           cleanFilePermissions(files[i], false);
         }
       }
     } else {
       cleanFilePermissions(f);
     }
   }
 
   /**
    * Purges a security file from references to deleted users and/or roles.
    *
    * @param f
    *          a File to the security file to clean.
    * @throws KernelException
    *           in case of error.
    */
   private void cleanFilePermissions(File f) throws KernelException {
     // If it is not a directory, then it can only be a security file.
     this.permissionsManager.lock(f);
 
     boolean locked = true;
     try {
       FilePermissions[][] permissions;
       synchronized (FileProperties.synchronize) {
         FileProperties props = new FileProperties(f);
         permissions = this.permissionsManager.getPermissionsLists(props);
       }
       List<FilePermissions> newPermList = new ArrayList<FilePermissions>();
       boolean changed = false;
       // Checking if all the users with permissions do exist
       for (FilePermissions filePerms : permissions[0]) {
         if (this.userSystem.userExists(filePerms.getName())) {
           newPermList.add(filePerms);
         } else {
           changed = true;
         }
       }
       // Checking if all the roles with permissions do exist
       for (FilePermissions filePerms : permissions[1]) {
         if (this.userSystem.roleExists(filePerms.getName())) {
           newPermList.add(filePerms);
         } else {
           changed = true;
         }
       }
       if (changed) {
         // Some permissions have been deleted, we change the file
         log.debug("Changing mod file " + f.getName());
         FilePermissions[] newPermArray = new FilePermissions[newPermList.size()];
         newPermList.toArray(newPermArray);
         this.permissionsManager.quickChmod(f, newPermArray);
         // quickChmod deletes all the properties, including lock information.
         locked = false;
       }
     } catch (Exception e) {
       log.error("Exception catched when cleaning lost permissions of file system: ", e);
       throw ApiUtils.processException(e);
     } finally {
       if (locked) {
         this.permissionsManager.unlock(f);
       }
     }
   }
 
   /**
    * Cleans all the Acl of references to deleted users and/or roles.
    */
   private void cleanAllAclPermissions() {
     try {
       if (log.isInfoEnabled()) {
         log.info("Starting cleaning of ACLs");
       }
 
       AclList aclList = AclList.getInstance();
       String[] domains = aclList.getAllAclDomains();
       // Check every domain
       for (int i = 0; i < domains.length; i++) {
 
         // Check every ACL in a domain
         Collection acls = aclList.getAllAcls(domains[i]);
         Iterator it = acls.iterator();
         while (it.hasNext()) {
           Acl acl = (Acl) it.next();
           if (log.isDebugEnabled()) {
             log.debug("Going to clean Acl : " + acl.getName());
           }
           if (this.cleanAclPermission(acl)) {
             if (log.isDebugEnabled()) {
               log.debug("Saving modified Acl: " + acl.getName());
             }
             acl.store();
           }
         }
       }
       if (log.isInfoEnabled()) {
         log.info("Cleaning of ACLs successfully finished");
       }
     } catch (KernelException e) {
       log.error("Exception retrieved when cleaning ACLs", e);
     }
   }
 
   /**
    * Cleans an ACL of references to deleted users and/or roles.
    *
    * @param acl
    *          the Acl that is being cleaned.
    * @return a boolean that is true if the cleaning process has modified
    *           <code>acl</code>data.
    * @throws KernelException
    *           in case of error.
    */
   private boolean cleanAclPermission(Acl acl) throws KernelException {
     boolean modified = false;
 
     // Check every permission in an ACL.
     String[] permissions = acl.getPermissions();
     for (int i = 0; i < permissions.length; i++) {
 
       // Check every role for a permission
       String[] roles = acl.getRoles(permissions[i]);
       for (int j = 0; j < roles.length; j++) {
         if (!this.userSystem.roleExists(roles[j])) {
           modified = true;
           acl.revokeRole(permissions[i], roles[j]);
         }
       }
 
       // Check every user for a permission
       String[] users = acl.getDirectUsers(permissions[i]);
       for (int j = 0; j < users.length; j++) {
         if (!this.userSystem.userExists(users[j])) {
           modified = true;
           acl.revokeUser(permissions[i], users[j]);
         }
       }
     }
 
     // Check all roleOwners of the ACL.
     String[] roleOwners = acl.getRoleOwners();
     for (int i = 0; i < roleOwners.length; i++) {
       if (!this.userSystem.roleExists(roleOwners[i])) {
         modified = true;
         acl.removeRoleOwner(roleOwners[i]);
       }
     }
 
     // Check all userOwners of the ACL.
     String[] userOwners = acl.getUserOwners();
     for (int i = 0; i < userOwners.length; i++) {
       if (!this.userSystem.userExists(userOwners[i])) {
         modified = true;
         acl.removeUserOwner(userOwners[i]);
       }
     }
 
     // If the ACL has been modified, write it down to disk.
     return modified;
   }
 
   /**
    * Cleans the security files of permissions to deleted users and/or roles.
    * <p>
    * This task is done by launching a PermissionsCleanerThread using the repository root
    * as starting point. The task is launched with a delay so, if some users/roles are
    * deleted together, they can be deleted from the security files in just one execution.
    * <p>
    * If this method is called while a task is waiting to be launched, nothing is done.
    *
    * @param delay
    *          The delay for the new thread execution
    */
   public static void startCleaner(long delay) {
     // If a thread is waiting, the new request will be processed by that
     // when it begins running.
     if (instance != null && instance.isAlive()) {
       if (instance.isLaunched()) {
         // Only one working thread at a time, so this one is interrupted
         instance.interrupt();
       } else {
         // The current worker thread has not yet started, keep it
         return;
       }
     }
     instance = new PermissionsCleanerThread(delay);
     instance.start();
   }
 
   /**
    * Stops the current permissions cleaner thread. To be called from the plugin shutdown()
    * method.
    */
   public static void stopCleaner() {
     if (instance != null && instance.isAlive()) {
       instance.interrupt();
     }
   }
 
   /**
    * Tells if the User and Role data was correctly loaded.
    *
    * @return true if and only if at least an user and a role exist.
    * @throws KernelException
    *           in case of error.
    */
   private boolean isUserSystemLoaded() throws KernelException {
     ApiUserSystemImpl apiUserSystem = ApiUserSystemImpl.getInstance();
     String[] roleNames = apiUserSystem.getAllRoleNames();
     String[] userNames = apiUserSystem.getAllUserNames();
     return ((userNames != null) && (userNames.length > 0) && (roleNames != null)
         && (roleNames.length > 0));
   }
 }