#!/usr/share/ucs-test/runner python3
## desc: Create a usertemplate object and remove it
## roles: [domaincontroller_master]
## exposure: careful
## bugs: [42765,43428,29672]

from __future__ import print_function
import univention.testing.utils as utils
from univention.testing.udm import UCSTestUDM
from univention.testing.strings import random_name, random_int
from univention.testing.umc import Client
from univention.admin.uldap import getAdminConnection
import univention.admin.modules as udm_modules


PASSWORD = 'Univention@99'
MOD_TMPL = 'settings/usertemplate'
MOD_USER = 'users/user'

MAIL_DOMAIN = '%s.%s' % (random_name(), random_name())


def email():
	return '%s.%s' % (random_name(), MAIL_DOMAIN)


if __name__ == '__main__':
	template_name = random_name()

	with UCSTestUDM() as udm:
		dn_mail = udm.create_object('mail/domain', wait_for_replication=False, name=MAIL_DOMAIN)

		dn_secretary = udm.create_user(wait_for_replication=False)[0]

		dn_group = udm.create_group(wait_for_replication=False)[0]
		dn_group1 = udm.create_group(wait_for_replication=False)[0]
		dn_group2 = udm.create_group(wait_for_replication=False)[0]

		host = random_name()
		path = '/%s' % (random_name(),)
		dn_share = udm.create_object('shares/share', wait_for_replication=False, name=random_name(), path=path, host=host)

		properties = dict(
			name=template_name,
			_options=['pki'],
			title=random_name(),
			description=random_name(),
			mailPrimaryAddress='<firstname>.<lastname>@%s' % (MAIL_DOMAIN,),
			mailAlternativeAddress=['<username>@%s' % (MAIL_DOMAIN,), '<lastname>@%s' % (MAIL_DOMAIN,)],
			displayName='<lastname>, <firstname>',
			organisation=random_name(),
			employeeNumber=random_int(),
			employeeType=random_name(),
			secretary=dn_secretary,
			primaryGroup=dn_group,
			groups=[dn_group1, dn_group2],
			disabled='1',
			pwdChangeNextLogin='1',
			homedrive='H:',
			sambahome='//%s/<username>' % (host,),
			scriptpath='//%s/scripts/<username>' % (host,),
			profilepath='//%s/profile/<username>' % (host,),
			unixhome='/home/<username>[0]/<username>',
			shell='/bin/false',
			homeShare=dn_share,
			homeSharePath='<username>[0]/<username>',
			# serviceprovider=FIXME,
			phone='+49-421-22232-0',
			roomNumber=random_int(),
			departmentNumber=random_int(),
			street=random_name(),
			postcode=random_int(),
			city=random_name(),
			country='DE',
			# FIXME: CTX...
		)
		properties['e-mail'] = email()
		dn_template = udm.create_object(MOD_TMPL, wait_for_replication=False, **properties)
		utils.verify_ldap_object(dn_template, {
			'univentionObjectType': [MOD_TMPL],
			'cn': [template_name],
			'title': [properties['title']],
			'description': [properties['description']],
			'o': [properties['organisation']],
			'displayName': [properties['displayName']],
			'postalCode': [properties['postcode']],
			# 'shadowMax': [properties['userexpiry']],  # BUG: no prop
			# 'shadowExpire': [properties['passwordexpiry']],  # BUG: no prop
			'mail': [properties['e-mail']],
			'homeDirectory': [properties['unixhome']],
			'loginShell': [properties['shell']],
			'sambaHomePath': [properties['sambahome']],
			'sambaLogonScript': [properties['scriptpath']],
			'sambaProfilePath': [properties['profilepath']],
			'sambaHomeDrive': [properties['homedrive']],
			'st': [properties['country']],
			'telephoneNumber': [properties['phone']],
			'roomNumber': [properties['roomNumber']],
			'employeeNumber': [properties['employeeNumber']],
			'employeeType': [properties['employeeType']],
			'secretary': [properties['secretary']],
			'departmentNumber': [properties['departmentNumber']],
			'street': [properties['street']],
			'l': [properties['city']],
			'userDisabledPreset': [properties['disabled']],
			'userPwdMustChangePreset': [properties['pwdChangeNextLogin']],
			'userHomeSharePreset': [properties['homeShare']],
			'userHomeSharePathPreset': [properties['homeSharePath']],
			'userPrimaryGroupPreset': [properties['primaryGroup']],
			'userGroupsPreset': properties['groups'],
			'mailPrimaryAddress': [properties['mailPrimaryAddress']],
			'mailAlternativeAddress': properties['mailAlternativeAddress'],
			'userOptionsPreset': properties['_options'],
		})

		user_properties = {
			'lastname': random_name(),
			'firstname': random_name(),
			'password': PASSWORD,
			'username': random_name(),
		}
		if False:  # FIXME: UMC does the template in JS at the frontend
			umc = Client.get_test_connection()
			options = [{
				'object': user_properties,
				'options': {
					'container': 'cn=users,' + udm.LDAP_BASE,
					'objectType': MOD_USER,
					'objectTemplate': dn_template,
				},
			}]
			request = umc.umc_command('udm/add', options, MOD_USER)
			dn_user = request.result[0]['$dn$']
		else:
			co = None
			lo, po = getAdminConnection()

			udm_modules.update()
			mod_tmpl = udm_modules.get(MOD_TMPL)
			udm_modules.init(lo, po, mod_tmpl)
			obj_tmpl = mod_tmpl.object(co, lo, po, dn=dn_template)

			mod_user = udm_modules.get(MOD_USER)
			udm_modules.init(lo, po, mod_user, template_object=obj_tmpl)
			obj_user = mod_user.object(None, lo, po)
			obj_user.open()
			obj_user.info.update(user_properties)
			dn_user = obj_user.create()

		udm._cleanup.setdefault(MOD_USER, []).append(dn_user)
		print('dn_user=%s' % (dn_user,))

		utils.verify_ldap_object(dn_user, {
			'univentionObjectType': [MOD_USER],
			'title': [properties['title']],
			# 'description': [properties['description']],  # BUG udm.python filters out, while umc.JS does not
			'o': [properties['organisation']],
			# 'displayName': [properties['displayName']],
			'postalCode': [properties['postcode']],  # BUG #43428
			'mail': [properties['e-mail']],
			'homeDirectory': ['/home/%s/%s' % (user_properties['username'][0], user_properties['username'])],
			'loginShell': [properties['shell']],
			'sambaHomePath': ['//%s/%s' % (host, user_properties['username'])],
			'sambaLogonScript': ['//%s/scripts/%s' % (host, user_properties['username'])],
			'sambaProfilePath': ['//%s/profile/%s' % (host, user_properties['username'])],
			'sambaHomeDrive': [properties['homedrive']],
			'st': [properties['country']],
			'telephoneNumber': [properties['phone']],
			'roomNumber': [properties['roomNumber']],
			'employeeNumber': [properties['employeeNumber']],
			'employeeType': [properties['employeeType']],
			'secretary': [properties['secretary']],
			'departmentNumber': [properties['departmentNumber']],
			'street': [properties['street']],
			'l': [properties['city']],
			# 'userDisabledPreset': [properties['disabled']],  # TODO
			# 'userPwdMustChangePreset': [properties['pwdChangeNextLogin']],  # TODO
			'automountInformation': ['-rw %s:%s/%s/%s' % (host, path, user_properties['username'][0], user_properties['username']), ],
			# 'gidNumber': [properties['primaryGroup']],  # TODO
			# 'userGroupsPreset': properties['groups'],  # TODO
			'mailPrimaryAddress': ['%s.%s@%s' % (user_properties['firstname'], user_properties['lastname'], MAIL_DOMAIN)],
			'mailAlternativeAddress': ['%s@%s' % (user_properties['username'], MAIL_DOMAIN), '%s@%s' % (user_properties['lastname'], MAIL_DOMAIN)],
			# 'krb5PrincipalName': [],
			# 'krb5PasswordEnd': [],
			# 'krb5Key': [],
			'krb5MaxRenew': ['604800'],
			'krb5KDCFlags': ['254'],
			'krb5KeyVersionNumber': ['1'],
		})
