#!/usr/bin/env python

import os, sys
import MySQLdb
import tempfile
from optparse import OptionParser

from deter import fedid

class opt_parser(OptionParser):
    def __init__(self):
	OptionParser.__init__(self, usage="%prog [opts] (--help for details)",
		version="0.1")
	self.add_option('-u', '--user', dest='users', action='append',
		default=[], help="Users to extract from DB")
	self.add_option('-p', '--project', dest='projects', action='append',
		default=[], help="Projects to extract from DB")
	self.add_option('-d', '--cert-dir', dest='cert_dir', 
		default=None, help='Directory to store copies of certificates')
	self.add_option('-t','--testbed', dest='tb', default=None,
		help='testbed from which attrs come (cert file)')

def cert_to_fid(cstr):
    fd, path = tempfile.mkstemp('.pem')
    try:
	try:
	    f = os.fdopen(fd, "w")
	    print >>f, cstr
	    f.close()
	except IOError, e:
	    print >>sys.stderr, "Error creating user %s" % u
	return fedid(file=path)
    finally:
	os.remove(path)


def add_list(l, field, prefix=''):
    str = ""
    for x in l:
	if str: str += " OR "
	else: str = " %s (" % prefix

	str += "%s='%s'" % (field, x)
    if str: str += ")"
    return str


fids = { }
q_start = """
SELECT
    g.uid, 
    CASE g.gid
	WHEN g.pid THEN g.pid
	ELSE CONCAT(g.pid, '/', g.gid)
    END
FROM group_membership g 
"""
q_end ="""
ORDER BY g.uid
"""

opts, args = opt_parser().parse_args()

if opts.users or opts.projects: q_start += '\nWHERE '
user_clause= add_list(opts.users, 'g.uid')
if user_clause: prefix = 'AND'
else: prefix = ''
project_clause= add_list(opts.projects, 'g.pid', prefix)

if opts.tb:
    try:
	tbc=fedid(file=opts.tb)
    except EnvironmentError, e:
	sys.exit('Cannot get testbed cert from %s: %s' % \
		(e.filename, e.strerror))
else:
    sys.exit('need a testbed (--testbed)')

if not opts.cert_dir:
    sys.exit('Need a certificate directory --cert-dir ')

query = q_start + user_clause + project_clause + q_end

db = MySQLdb.connect(db='tbdb')
c = db.cursor()
c.execute(query)

print "# users %s" % ','.join(opts.users)
print "# projects %s" % ','.join(opts.projects)
for u, p, in c.fetchall():
    print "(fedid:%s,%s,%s)-> access, (%s,%s,%s)" % \
	    (tbc, p, u, p, u, os.path.join(opts.cert_dir, "%s.pem" % u))