#!/usr/bin/env sh
# SPDX-FileCopyrightText: Daniel Pätzold
# SPDX-License-Identifier: AGPL-3.0-or-later
#
# Sofwareinstallation script for Nextcloud Desktop
#
# Hint: No check for installed Nextcloud needed, because it will be installed by calling script sync_client_software.sh
# before as it is needed there already

echo "Setup Nextcloud- Sync"

#Local Vars
BASECMD="/usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloud com.nextcloud.desktopclient.nextcloud"

#Check Token
if [ "${DAVTOKEN_USER}." = "." ]; then
    # Todo: Move all task to some function to logon as user and get all vars, call it and proceed here
    echo "Error: Script cannot be executed standalone and needs a prereserved Environment. Quit."
    exit 1
fi

#Remove Nextcloud from autostart anyway! Must be started by this script manually, because if it was started befor the ecrypted mount,
#it will never sync and always throw an error that the local dir is missing
if [ -f "$HOME/.config/autostart/com.nextcloud.desktopclient.nextcloud.desktop" ]; then
    echo "Remove Autostart Nextcloud (old)"
    rm $HOME/.config/autostart/com.nextcloud.desktopclient.nextcloud.desktop
fi
# Same for NCs nuild-in autostart
if [ -f "$HOME/.config/autostart/Nextcloud.desktop" ]; then
    echo "Remove Autostart Nextcloud (from installed binary)"
    rm $HOME/.config/autostart/Nextcloud.desktop
fi

NC_PID=$( pgrep -u $USER nextcloud )
if [ -n "${NC_PID}" ]; then
    echo "Stopping Nextcloud with PID ${NC_PID}"
    /usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloud com.nextcloud.desktopclient.nextcloud --quit >/dev/null
    if [ $? -ne 0 ]; then
        echo "Service could not be stopped, please check why."
        exit 1
    fi
    sleep 0.5
fi

NC_PID=$( pgrep -u $USER nextcloud )
if [ -n "${NC_PID}" ]; then
    echo "Nextcloud still running with PID ${NC_PID}. Force stop"
    # Kill does not remove lockfiles in ~/.var/app/com.nextcloud.desktopclient.nextcloud/cache/tmp/ which will prevent next start
    kill ${NC_PID}
    if [ $? -ne 0 ]; then
        echo "Service could not be stopped, please check why."
        exit 1
    fi
    sleep 0.5
    rm -rif ${HOME}/.var/app/com.nextcloud.desktopclient.nextcloud/cache/temp/*
fi

#Check if Option is Configured to use Nextcloud Desktop Data- Sync
declare -p CLIENT_DATA_SYNC_DECLARE >/dev/null
eval "${CLIENT_DATA_SYNC_DECLARE}"
declare -p CLIENT_DATA_SYNC_DECLARE CLIENT_DATA_SYNC >/dev/null
eval "${CLIENT_DATA_SYNC}"
if [ "${#CLIENT_DATA_SYNC[@]}" -eq 0 ]; then
    echo "CLIENT_DATA_SYNC not set, skipping setup of Nextcloud Desktop sync"
    exit 0
fi

#Check for leftover .bak directories from previous failed setups
_nc_bak_list=$(
    for CLIENT_DATA_DECLARE_LINE in "${CLIENT_DATA_SYNC[@]}"; do
        eval "${CLIENT_DATA_DECLARE_LINE}"
        find "$(dirname "${CLIENT_DATA_SYNC_LINE[0]}")" -maxdepth 1 -type d -name "*.bak" 2>/dev/null
    done | sort -u
)
if [ -n "${_nc_bak_list}" ]; then
    echo "The following old backup folders were found and should be removed:"
    echo "${_nc_bak_list}" | while IFS= read -r _nc_d; do
        [ -n "${_nc_d}" ] && echo "  $(du -sh "${_nc_d}" 2>/dev/null | cut -f1)  ${_nc_d}"
    done
    read -r -p "Delete these backup folders? [y/N]: " _nc_del
    if [ "${_nc_del}" = "y" ] || [ "${_nc_del}" = "Y" ]; then
        echo "${_nc_bak_list}" | while IFS= read -r _nc_d; do
            if [ -n "${_nc_d}" ]; then
                rm -rf "${_nc_d}"
                echo "Deleted: ${_nc_d}"
            fi
        done
    fi
fi

#Loop through all Entries
_nc_first=1
_nc_wipe_done=0
for CLIENT_DATA_DECLARE_LINE in "${CLIENT_DATA_SYNC[@]}"; do
    eval "${CLIENT_DATA_DECLARE_LINE}"
    # echo "DEBUG user_run.sh(0020)_2: ${CLIENT_DATA_SYNC_LINE[@]}"
    # Now, CLIENT_DATA_SYNC_LINE[0] contains the local path and CLIENT_DATA_SYNC_LINE[1] contains the remote path
    if grep -q "localPath=${CLIENT_DATA_SYNC_LINE[0]}" "/${HOME}/.var/app/com.nextcloud.desktopclient.nextcloud/config/Nextcloud/nextcloud.cfg"; then
        echo "Already found configured local folder ${CLIENT_DATA_SYNC_LINE[0]} syncing with ${CLIENT_DATA_SYNC_LINE[1]} . Leaving it unchanged."
        _nc_first=0
    else
        echo "Setup new sync from remote ${CLIENT_DATA_SYNC_LINE[1]} to local ${CLIENT_DATA_SYNC_LINE[0]}"
        if [ "${_nc_first}" -eq 0 ]; then
            echo "Due to Bug in Nextcloud Client, more than one synced Folder cannot be setup currently. Maybe in the Future."
            continue
        fi
        _nc_first=0
        if [ -d "${CLIENT_DATA_SYNC_LINE[0]}" ]; then
            _nc_bak="${CLIENT_DATA_SYNC_LINE[0]}_$(date '+%Y%m%d%H%M%S').bak"
            echo "Old unsynced Folder ${CLIENT_DATA_SYNC_LINE[0]} was found, renaming to ${_nc_bak}."
            mv "${CLIENT_DATA_SYNC_LINE[0]}" "${_nc_bak}"
        fi
        mkdir -p ${CLIENT_DATA_SYNC_LINE[0]}
        SYNCCMD="$BASECMD --userid ${DAVTOKEN_USER} --apppassword ${DAVTOKEN_PASS} --localdirpath ${CLIENT_DATA_SYNC_LINE[0]} --remotedirpath ${CLIENT_DATA_SYNC_LINE[1]} --serverurl https://${SERVERFQDN_NC}"
        SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" )
        echo "Exec: ${SYNCCMD_HIDDENPW}"
        if [ "${_nc_wipe_done}" -eq 0 ]; then
            # Autoprovisioning only works when no configuration is existent — wipe once before first new setup
            rm -rif ${HOME}/.var/app/com.nextcloud.desktopclient.nextcloud/data/Nextcloud
            rm -rif ${HOME}/.var/app/com.nextcloud.desktopclient.nextcloud/config/Nextcloud
            _nc_wipe_done=1
        fi
        #Now, execute Nextcloud autoprovisionig
        ${SYNCCMD} && sleep 0.5
        if [ $? -ne 0 ]; then
            echo "=========== !!! ========================"
            echo "Error: It looks like this did not work!"
            echo "Please check the above output!"
            exit 1
        fi
    fi
done

# The Flatpak autoprovisioning may not successfully write the apppassword to
# KWallet from inside the sandbox, so write it directly via D-Bus.
# Nextcloud stores HTTP credentials in folder "Nextcloud" with keys:
#   user:url/:0            (legacy password entry)
#   user_app-password:url/:0  (app password entry, used for auth)
NC_WALLET_URL="https://${SERVERFQDN_NC}/"
NC_WALLET_APPID="logon_script"
NC_QB_CMD="qdbus-qt6"
if ! command -v ${NC_QB_CMD} >/dev/null 2>&1; then NC_QB_CMD="qdbus"; fi
# Only attempt KWallet on KDE: check that the service is registered on the session bus.
if command -v "${NC_QB_CMD}" >/dev/null 2>&1 && \
   "${NC_QB_CMD}" 2>/dev/null | grep -q "org.kde.kwalletd"; then
    NC_QB_SVC="org.kde.kwalletd"
    NC_QB_PATH="/modules/kwalletd6"
    if ! ( ${NC_QB_CMD} "${NC_QB_SVC}" | grep -q "${NC_QB_PATH}" ); then
        NC_QB_PATH="/modules/kwalletd5"
    fi
    echo "Checking Nextcloud app password in KWallet via D-Bus (${NC_QB_PATH})"
    NC_WALLET_HANDLE=$(${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.open "kdewallet" 0 "${NC_WALLET_APPID}")
    if [ -n "${NC_WALLET_HANDLE}" ] && [ "${NC_WALLET_HANDLE}" != "-1" ]; then
        HAS_FOLDER=$(${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.hasFolder "${NC_WALLET_HANDLE}" "Nextcloud" "${NC_WALLET_APPID}")
        if [ "${HAS_FOLDER}" != "true" ]; then
            ${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.createFolder "${NC_WALLET_HANDLE}" "Nextcloud" "${NC_WALLET_APPID}" >/dev/null
        fi
        HAS_PW1=$(${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.hasEntry "${NC_WALLET_HANDLE}" "Nextcloud" "${DAVTOKEN_USER}:${NC_WALLET_URL}:0" "${NC_WALLET_APPID}")
        HAS_PW2=$(${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.hasEntry "${NC_WALLET_HANDLE}" "Nextcloud" "${DAVTOKEN_USER}_app-password:${NC_WALLET_URL}:0" "${NC_WALLET_APPID}")
        if [ "${HAS_PW1}" = "true" ] && [ "${HAS_PW2}" = "true" ]; then
            echo "Nextcloud app password already present in KWallet — no change needed."
        else
            ${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.writePassword "${NC_WALLET_HANDLE}" "Nextcloud" "${DAVTOKEN_USER}:${NC_WALLET_URL}:0" "${DAVTOKEN_PASS}" "${NC_WALLET_APPID}" >/dev/null
            ${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.writePassword "${NC_WALLET_HANDLE}" "Nextcloud" "${DAVTOKEN_USER}_app-password:${NC_WALLET_URL}:0" "${DAVTOKEN_PASS}" "${NC_WALLET_APPID}" >/dev/null
            echo "Nextcloud app password written to KWallet successfully."
        fi
        ${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.sync "${NC_WALLET_HANDLE}" "${NC_WALLET_APPID}" >/dev/null
        ${NC_QB_CMD} ${NC_QB_SVC} ${NC_QB_PATH} org.kde.KWallet.close "${NC_WALLET_HANDLE}" false "${NC_WALLET_APPID}" >/dev/null
    else
        echo "Warning: Could not open KWallet (handle: ${NC_WALLET_HANDLE}). Nextcloud may prompt for credentials on next start."
    fi
else
    echo "KWallet not available (non-KDE desktop) — skipping credential storage."
fi

# Now start Nextcloud
echo "Starting Nextcloud Client in Background"
systemd-run --user --no-block --unit=nextcloud-client.service --setenv=SESSION_MANAGER= ${BASECMD} >>${TEMPDIR}/nc_desktop_client.log 2>&1
sleep 2
echo "Done Setup of Nextcloud."
exit 0