#!/usr/bin/python3 -cimport os, sys; os.execv(os.path.dirname(sys.argv[1]) + "/../common/pywrap", sys.argv)

# This file is part of Cockpit.
#
# Copyright (C) 2013 Red Hat, Inc.
#
# Cockpit is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Cockpit is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with Cockpit; If not, see <http://www.gnu.org/licenses/>.

import testlib


class TestRoles(testlib.MachineCase):

    @testlib.nondestructive
    def testBasic(self):
        m = self.machine
        b = self.browser

        # Create a user without any role
        m.execute("useradd user -s /bin/bash -c User")
        m.execute("echo user:foobar | chpasswd")

        # Give name to admin account
        m.execute("usermod -c Administrator admin")

        m.start_cockpit()

        def login(user, password):
            b.set_val("#login-user-input", user)
            b.set_val("#login-password-input", password)
            b.click('#login-button')

        # login
        b.open("/system")
        b.wait_visible("#login")
        login("user", "foobar")
        b.enter_page("/system")
        b.switch_to_top()
        b.wait_text('#current-username', 'user')
        b.set_layout("mobile")
        b.click("#hosts-sel button")
        b.wait_in_text(".view-hosts .pf-m-current", "user @")
        b.click("#hosts-sel button")
        b.set_layout("desktop")

        b.go("/users#/user")
        b.enter_page("/users")

        admin_role_sel = f'.pf-v5-c-label:contains({m.get_admin_group()})'

        b.wait_text("#account-user-name", "user")
        b.wait_visible("#account-locked[disabled]")
        b.wait_visible('output#account-real-name')
        b.wait_visible("#account-set-password:not([disabled])")
        b.wait_not_present("#account-delete")
        b.wait_not_present("#account-logout")
        b.wait_not_present(admin_role_sel + f" > button:contains(Close {m.get_admin_group()})")

        # Check permissions for admin account
        b.go("/users")
        b.wait_visible("#accounts-list tbody tr:contains(admin) td[data-label='Group'] .pf-v5-c-label.pf-m-cyan:contains(admin)")
        b.go("#/admin")
        b.wait_text("#account-user-name", "admin")
        b.wait_visible("#account-locked")
        b.wait_visible('output#account-real-name')
        b.wait_not_present("#account-set-password")
        b.wait_not_present("#account-delete")
        b.wait_not_present("#account-logout")
        b.wait_not_present("#account-groups")
        b.wait_visible(admin_role_sel)

        # Add admin role from the outside (and wait for it to stick)
        b.go("#/user")
        b.wait_text("#account-user-name", "user")

        b.wait_not_present(admin_role_sel)
        m.execute(f"usermod -a -G {m.get_admin_group()} user")
        b.wait_visible(admin_role_sel)

        b.relogin("/users", "user", superuser=True)
        b.wait_text("#account-user-name", "user")

        # Check permissions for admin again
        b.go("#/admin")
        b.wait_text("#account-user-name", "admin")
        b.wait_visible("#account-locked:not([disabled])")
        b.wait_visible("input#account-real-name")
        b.wait_visible("#account-set-password:not([disabled])")
        b.wait_visible("#account-delete:not([disabled])")
        # admin is not logged in, thus still disabled
        b.wait_visible("#account-logout[disabled]")
        b.wait_visible(admin_role_sel)
        b.wait_visible("#account-groups")

    @testlib.nondestructive
    def testDynamic(self):
        m = self.machine
        b = self.browser

        self.addCleanup(m.execute, "groupdel docker || true")
        m.execute("getent group docker >/dev/null || groupadd docker")

        self.login_and_go("/users")
        b.go("#/admin")

        b.click("#account-groups")
        b.wait_visible(".pf-v5-c-select__menu li:contains(docker)")

        m.execute("groupdel docker")
        b.wait_not_present(".pf-v5-c-select__menu li:contains(docker)")


if __name__ == '__main__':
    testlib.test_main()
