#
# Copyright:: Copyright (c) 2015 GitLab Inc.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

require_relative 'account_helper'

class LogfilesHelper < AccountHelper
  def default_logdir_ownership # rubocop:disable  Metrics/AbcSize
    # TODO: Make log directory creation in all service recipes use this method
    # instead of directly using `node` values. This will ensure we don't miss
    # to add a service here.
    # https://gitlab.com/gitlab-org/omnibus-gitlab/issues/4606
    {
      'alertmanager' => { username: prometheus_user, group: prometheus_user },
      'consul' => { username: consul_user, group: consul_group, mode: '0755' },
      'crond' => { username: 'root', group: 'root' },
      'geo-logcursor' => { username: gitlab_user, group: gitlab_group },
      'geo-postgresql' => { username: postgresql_user, group: postgresql_group },
      'gitaly' => { username: gitlab_user, group: gitlab_group },
      'gitlab-exporter' => { username: gitlab_user, group: gitlab_group },
      'gitlab-pages' => { username: gitlab_user, group: gitlab_group },
      'gitlab-kas' => { username: gitlab_user, group: gitlab_group },
      'gitlab-rails' => { username: gitlab_user, group: gitlab_group },
      'gitlab-shell' => { username: gitlab_user, group: gitlab_group },
      'gitlab-sshd' => { username: gitlab_user, group: gitlab_group },
      'gitlab-workhorse' => { username: gitlab_user, group: gitlab_group },
      'logrotate' => { username: 'root', group: 'root' },
      'mailroom' => { username: gitlab_user, group: gitlab_group },
      'mattermost' => { username: mattermost_user, group: mattermost_group, mode: '0755' },
      'nginx' => { username: 'root', group: 'root' },
      'node-exporter' => { username: prometheus_user, group: prometheus_group },
      'patroni' => { username: postgresql_user, group: postgresql_group },
      'pgbouncer' => { username: postgresql_user, group: postgresql_group },
      'pgbouncer-exporter' => { username: postgresql_user, group: postgresql_group },
      'postgres-exporter' => { username: postgresql_user, group: postgresql_group },
      'postgresql' => { username: postgresql_user, group: postgresql_group },
      'praefect' => { username: gitlab_user, group: gitlab_group },
      'prometheus' => { username: prometheus_user, group: prometheus_group },
      'puma' => { username: gitlab_user, group: gitlab_group },
      'redis' => { username: redis_user, group: redis_group },
      'redis-exporter' => { username: redis_user, group: redis_group },
      'registry' => { username: registry_user, group: registry_group },
      'remote-syslog' => { username: 'root', group: 'root' },
      'sidekiq' => { username: gitlab_user, group: gitlab_group },
      'storage-check' => { username: gitlab_user, group: gitlab_group },
      'sentinel' => { username: redis_user, group: redis_group },
      'spamcheck' => { username: gitlab_user, group: gitlab_group },
      'spam-classifier' => { username: gitlab_user, group: gitlab_group }
    }
  end

  def service_parent(service)
    available_settings = Gitlab.settings
    setting_name = SettingsDSL::Utils.node_attribute_key(service)

    raise "Service #{service} is not a valid service." unless available_settings.include?(setting_name)

    available_settings[setting_name][:parent]
  end

  def service_settings(service)
    case service
    when 'spam-classifier'
      # special case for `spam-classifier`
      if parent = service_parent('spamcheck')
        node[parent]['spamcheck']['classifier']
      else
        node['spamcheck']['classifier']
      end
    else
      node_attribute_key = SettingsDSL::Utils.node_attribute_key(service)
      if parent = service_parent(service)
        node[parent][node_attribute_key]
      else
        node[node_attribute_key]
      end
    end
  end

  def logdir(service)
    case service
    when 'gitaly'
      service_settings('gitaly')['configuration']['logging']['dir']
    when 'mattermost'
      # mattermost uses 'log_file_directory' instead of 'log_directory'
      service_settings('mattermost')['log_file_directory']
    else
      service_settings(service)['log_directory']
    end
  end

  def logging_options(service)
    node['gitlab']['logging'].to_hash.merge(service_settings(service).to_hash)
  end

  def log_group(service)
    if log_group = service_settings(service)['log_group']
      log_group
    else
      node['gitlab']['logging']['log_group']
    end
  end

  def logdir_owner(service)
    unless default_logdir_ownership.dig(service, :username)
      Chef::Log.warn("#{service} does not have a default set for the log directory user. Setting to root.")
      return 'root'
    end

    default_logdir_ownership[service][:username]
  end

  # Does not change the group on the log_directory unless the service
  # is nginx or a log_group is explicitly configured for the service
  def logdir_group(service)
    if log_directory_group = log_group(service)
      log_directory_group
    elsif service == 'nginx'
      # special case to use web_server_group
      web_server_group
    end
    # implicitly returns nil
  end

  def runit_owner(service)
    # currently hardcoded as 'root'
    'root'
  end

  def logrotate_group(service)
    if configured_log_group = log_group(service)
      configured_log_group
    elsif default_logdir_ownership.key?(service)
      default_logdir_ownership[service][:group] || 'root'
    else
      Chef::Log.warn("#{service} does not have a default group set for logrotate. Setting to root.")
      'root'
    end
  end

  def logdir_mode(service)
    if logdir_group(service)
      # log_group is set - make mode 0750
      '0750'
    elsif default_logdir_ownership.key?(service) && default_logdir_ownership[service][:mode]
      default_logdir_ownership[service][:mode]
    else
      Chef::Log.warn("#{service} does not have a log_group or default logdir mode defined. Setting to 0700.")
      '0700'
    end
  end

  def logging_settings(service)
    # Ensure we are using the hyphenated form of the service name as that is
    # expected by various methods being called here
    service = SettingsDSL::Utils.service_name(service)
    {
      log_directory: logdir(service),
      log_directory_owner: logdir_owner(service),
      log_directory_group: logdir_group(service),
      log_directory_mode: logdir_mode(service),
      runit_owner: runit_owner(service),
      runit_group: log_group(service),
      logrotate_group: logrotate_group(service),
      options: logging_options(service)
    }
  end

  def logrotate_services_list
    services = {}

    logrotate_services = node['logrotate']['services']
    available_settings = Gitlab.settings

    logrotate_services.each do |svc|
      # In `Gitlab.settings`, settings aren't hyphenated, but use underscores.
      setting_name = svc.tr('-', '_')

      raise "Service #{svc} was specified in logrotate['services'], but is not a valid service." unless available_settings.include?(setting_name)

      services[svc] = logging_settings(svc)
    end

    services
  end
end