#!/usr/bin/env python

import sys
import os, os.path

from federation.util import file_expanding_opts
from federation.authorizer import abac_authorizer

class Parser(file_expanding_opts):
    def __init__(self):
	file_expanding_opts.__init__(self, usage='%prog [options]')
	self.add_option('--cert', dest='cert', 
		action='callback', callback=self.expand_file, type='str',
		help='Identity certificate')
	self.add_option('--key', dest='key',
		action='callback', callback=self.expand_file, type='str',
		help='Identity key')
	self.add_option('--policy', dest='policy', 
		action='callback', callback=self.expand_file, type='str',
		help='ABAC policy certificates')
	self.add_option('--dir', dest='out_dir',
		action='callback', callback=self.expand_file, type='str',
		help='directory to save into')

parser = Parser()
opts, args = parser.parse_args()

if any([ not x for x in (opts.cert, opts.policy, opts.out_dir)]):
    parser.print_help()
    sys.exit(1)

try:
    for path, dirs, files in os.walk(opts.out_dir, topdown=False):
	for f in files: os.unlink(os.path.join(path, f))
	for d in dirs: os.rmdir(os.path.join(path, d))
except EnvironmentError, e:
    sys.exit("Can't remove %s: %s" % ( e.filename, e.strerror))

try:
    a = abac_authorizer(key=opts.key, me=opts.cert, certs=opts.policy,
	    save=opts.out_dir)
    a.save(opts.out_dir)
except EnvironmentError, e:
    sys.exit("Can't create or write %s: %s" % (e.filename, e.strerror))
except abac_authorizer.bad_cert_error, e:
    sys.exit("Error creating authorizer: %s" % e)