#!/usr/bin/env node
const express = require('express')
const crypto = require('crypto')
const path = require('path')
const os = require('os')
const fs = require('fs')
const fsPromises = require('fs/promises')
const multer = require('multer')
const compression = require('compression')
const yargs = require('yargs')
const semverValid = require('semver/functions/valid')

const LOG_REQUESTS = false

const argv = yargs
    .usage(
        '$0',
        'Allows to host Enso libraries and editions from the local filesystem through HTTP.'
    )
    .option('port', {
        description: 'The port to listen on.',
        type: 'number',
        default: 8080,
    })
    .option('root', {
        description:
            'The root of the repository. It should contain a `libraries` or `editions` directory. See the documentation for more details.',
        type: 'string',
        default: '.',
    })
    .option('upload', {
        description:
            'Specifies whether to allow uploading libraries and which authentication model to choose.',
        choices: ['disabled', 'no-auth', 'constant-token'],
        default: 'disabled',
    })
    .help()
    .alias('help', 'h').argv

const libraryRoot = path.join(argv.root, 'libraries')

const app = express()
if (LOG_REQUESTS) {
    app.use((req, res, next) => {
        console.log(`Received [${req.method}] ${req.originalUrl}`)
        console.log(`  Headers: ${JSON.stringify(req.headers)}`)
        console.log(`  Query: ${JSON.stringify(req.query)}`)
        console.log(`  Body: ${JSON.stringify(req.body)}`)
        next()
    })
}

const tmpDir = path.join(os.tmpdir(), 'enso-library-repo-uploads')
const upload = multer({ dest: tmpDir })
app.use(compression({ filter: shouldCompress }))

/** The token to compare against for simple authentication.
 *
 * If it is not set, no authentication checks are made.
 */
let token = null
if (argv.upload == 'disabled') {
    console.log('Uploads are disabled.')
} else {
    app.post('/upload', upload.any(), handleUpload)

    if (argv.upload == 'constant-token') {
        const envVar = 'ENSO_AUTH_TOKEN'
        token = process.env[envVar]
        if (!token) {
            throw `${envVar} is not defined.`
        } else {
            console.log(`Checking the ${envVar} to authorize requests.`)
        }
    } else {
        console.log('WARNING: Uploads are enabled without any authentication.')
    }
}

app.get('/health', function (req, res) {
    res.status(200).send('OK')
})

app.use(express.static(argv.root))

let port = argv.port
if (process.env.PORT) {
    port = process.env.PORT
    console.log(`Overriding the port to ${port} set by the PORT environment variable.`)
}
console.log(`Serving the repository located under ${argv.root} on port ${port}.`)

const server = app.listen(port)

function handleShutdown() {
    console.log('Received a signal - shutting down.')
    server.close(() => {
        console.log('Server terminated.')
    })
}
process.on('SIGTERM', handleShutdown)
process.on('SIGINT', handleShutdown)

/// Specifies if a particular file can be compressed in transfer, if supported.
function shouldCompress(req, res) {
    if (req.path.endsWith('.yaml')) {
        return true
    }

    return compression.filter(req, res)
}

/** Handles upload of a library. */
async function handleUpload(req, res) {
    function fail(code, message) {
        res.status(code).json({ error: message })
        if (req.files !== undefined) {
            cleanFiles(req.files)
        }
    }

    if (token !== null) {
        const userToken = req.get('Auth-Token')
        if (userToken != token) {
            return fail(403, 'Authorization failed.')
        }
    }

    const version = req.query.version
    const namespace = req.query.namespace
    const name = req.query.name

    if (version === undefined || namespace == undefined || name === undefined) {
        return fail(400, 'One or more required fields were missing.')
    }

    if (!isVersionValid(version)) {
        return fail(400, `Invalid semver version string [${version}].`)
    }

    if (!isNamespaceValid(namespace)) {
        return fail(400, `Invalid username [${namespace}].`)
    }

    if (!isNameValid(name)) {
        return fail(400, `Invalid library name [${name}].`)
    }

    for (var i = 0; i < req.files.length; ++i) {
        const filename = req.files[i].originalname
        if (!isFilenameValid(filename)) {
            return fail(400, `Invalid filename: ${filename}.`)
        }
    }

    const libraryBasePath = path.join(libraryRoot, namespace, name)
    const libraryPath = path.join(libraryBasePath, version)

    /** Finds a name for a temporary directory to move the files to,
      so that the upload can then be committed atomically by renaming
      a single directory. */
    function findRandomTemporaryDirectory() {
        const randomName = crypto.randomBytes(32).toString('hex')
        const temporaryPath = path.join(libraryBasePath, randomName)
        if (fs.existsSync(temporaryPath)) {
            return findRandomTemporaryDirectory()
        }

        return temporaryPath
    }

    if (fs.existsSync(libraryPath)) {
        return fail(
            409,
            'A library with the given name and version ' +
                'combination already exists. Versions are immutable, so you must ' +
                'bump the library version when uploading a newer version.'
        )
    }

    const temporaryPath = findRandomTemporaryDirectory()
    await fsPromises.mkdir(libraryBasePath, { recursive: true })
    await fsPromises.mkdir(temporaryPath, { recursive: true })

    console.log(`Uploading library [${namespace}.${name}:${version}].`)
    try {
        await putFiles(temporaryPath, req.files)
        await fsPromises.rename(temporaryPath, libraryPath)
    } catch (error) {
        console.log(`Upload failed: [${error}].`)
        console.error(error.stack)
        return fail(500, 'Upload failed due to an internal error.')
    }

    console.log('Upload complete.')
    res.status(200).json({ message: 'Successfully uploaded the library.' })
}

/// Checks if a version complies with the semver specification.
function isVersionValid(version) {
    return semverValid(version) !== null
}

/// Checks if the namespace/username is valid.
function isNamespaceValid(namespace) {
    return /^[A-Za-z][a-z0-9]*$/.test(namespace) && namespace.length >= 3
}

/** Checks if the library name is valid.
 *
 * It may actually accept more identifiers as valid than Enso would, the actual
 * check should be done when creating the library. This is just a sanity check
 * for safety.
 */
function isNameValid(name) {
    return /^[A-Za-z0-9_]+$/.test(name)
}

// TODO [RW] for now slashes are not permitted to avoid attacks; later on at least the `meta` directory should be allowed, but not much besides that
/// Checks if the uploaded filename is valid.
function isFilenameValid(name) {
    return /^[A-Za-z0-9][A-Za-z0-9\._\-]*$/.test(name)
}

/// Schedules to remove the files, if they still exist.
function cleanFiles(files) {
    files.forEach(file => {
        if (fs.existsSync(file.path)) {
            fs.unlink(file.path, err => {
                if (err) {
                    console.error(
                        `Failed to remove ${file.path} ($file.originalname) from a failed upload: ${err}.`
                    )
                }
            })
        }
    })
}

/// Moves the files to the provided destination directory.
async function putFiles(directory, files) {
    for (var i = 0; i < files.length; ++i) {
        const file = files[i]
        const filename = file.originalname
        const destination = path.join(directory, filename)
        await fsPromises.copyFile(file.path, destination)
        await fsPromises.unlink(file.path)
    }
}