<?php

namespace traits;

trait linux_core {
  
  public static bool $linuxRoot = false;
  
  private static function _doRoot(): string {
      if (self::$linuxRoot === false) {
          return "";
      }
      $root = \neato::becomeRoot();
      if ($root === true) {
          return "";
      }
      if ($root === false) {
          throw new \Exception("Unable to su as root");
      }
      return $root . " ";
  }  
   
  public static function removeStickyBits(string $file) {
    if (! file_exists($file)) {
      return true;
    }
    exec(self::_doRoot().self::get_user_bin . 'chmod -s ' . safeCmd($file), $output, $exit_code);
    checkForError($exit_code, "Unable to remove sticky bit with chmod: {$file}");
    return $exit_code;
  }

  public static function removeSUID_Bit(string $file) {
    if (! file_exists($file)) {
      return true;
    }
    exec(self::_doRoot().self::get_user_bin . 'chmod u-s ' . safeCmd($file), $output, $exit_code);
    checkForError($exit_code, "Unable to remove sticky bit with chmod: {$file}");
    return $exit_code;
  }
  
  public static function chmod_on_folders(string $dir, $kind) {
    if (!is_dir($dir)) {
      $exit_code = false;
    } else {
      $perm = getPerms($kind);
      exec(self::_doRoot().self::get_user_bin . 'find ' . safeCmd($dir) . ' -type d -exec ' . self::get_bin . 'chmod ' . $perm . ' {} \;', $output, $exit_code);
    }
    checkForError($exit_code, "Unable to chmod folders in: {$dir}");
    return $exit_code;
  }

  public static function chmod_on_files(string $dir, $kind) {
    if (!is_dir($dir)) {
      $exit_code = false;
    } else {
      $perm = getPerms($kind);
      exec(self::_doRoot().self::get_user_bin . 'find ' . safeCmd($dir) . ' -type f -exec ' . self::get_bin . 'chmod ' . $perm . ' {} \;', $output, $exit_code);
    }
    checkForError($exit_code, "Unable to chmod files in: {$dir}");
    return $exit_code;
  }

  public static function write_protect_file(string $file) {
    if (!is_file($file)) {
      $exit_code = false;
    } else {
      exec(self::_doRoot().self::get_user_bin . 'chattr +i ' . safeCmd($file), $output, $exit_code);
    }
    checkForError($exit_code, "Unable to write protect: {$file}");
    return $exit_code;
  }

  public static function unwrite_protect_file(string $file) {
    if (!is_file($file)) {
      $exit_code = false;
    } else {
      exec(self::_doRoot().self::get_user_bin . 'chattr -i ' . safeCmd($file), $output, $exit_code);
    }
    checkForError($exit_code, "Unable to un-write protect: {$file}");
    return $exit_code;
  }

  public static function groupadd(string $groupname, int $gid = 0) {
    $group_id = ($gid > 0) ? "-g {$gid} " : "";
    exec(self::_doRoot().self::get_super_user_bin . 'groupadd '. $group_id . safeCmd($groupname), $output, $exit_code);
    if ($exit_code === 0) {
        display(getTermColors("Added new group named: $groupname", ['color'=>'green']));
    }
    checkForError($exit_code, "Unable to add new group: {$groupname}");
    return $exit_code;
  }
 
  public static function userdel(string $username) {
    exec(self::_doRoot().self::get_super_user_bin . 'userdel ' . safeCmd($username), $output, $exit_code);
    if ($exit_code === 0) {
        display(getTermColors("Deleted user account named: $username", ['color'=>'green']));
    }
    checkForError($exit_code, "Unable to delete user: {$username}");
    return $exit_code;
  }
  
  public static function useradd(string $username, int $uid = 0, string $shell="/bin/bash", string $comment = "", string $groups="", string $homedir="") {
    $user_id = ($uid > 0) ? "-u {$uid} " : "";
    $dir = (empty($homedir)) ? " -m " : " -d " . safeCmd($homedir);
    exec(self::_doRoot().self::get_super_user_bin . 'useradd '. $user_id . '-s '. safeCmd($shell) . $dir . ' -c '. safeCmd($comment) .'-G'. safeCmd($groups) . ' ' . safeCmd($username), $output, $exit_code);
    if ($exit_code === 0) {
        display(getTermColors("Added new user account named: $username", ['color'=>'green']));
    }
    checkForError($exit_code, "Unable to add new user: {$username}");
    return $exit_code;
  }
  
  public static function lock_status(string $username) {
    exec(self::_doRoot().self::get_user_bin . 'passwd -S ' . safeCmd($username) . " | awk '{print $2}'", $output, $exit_code);
    $sw = $output[0] ?? "";
    switch ($sw) {
        case "P": echo "Account is not locked"; break;
        case "NP": echo "Account has no password"; break;
        case "L": echo "Account is Locked"; break;
        default: echo "Account does not exist?!"; break;
    }
    checkForError($exit_code, "Unable to view account: {$username}");
    return $exit_code;
  }
  
  public static function passwd(string $username) {
    exec(self::_doRoot().self::get_user_bin . 'passwd ' . safeCmd($username), $output, $exit_code);
    checkForError($exit_code, "Unable to set user password: {$username}");
    return $exit_code;
  }

  // Details about age of passwords
  public static function chage(string $username) {
    exec(self::_doRoot().self::get_user_bin . 'chage -l ' . safeCmd($username), $output, $exit_code);
    checkForError($exit_code, "Unable to view user password changes: {$username}");
    return $exit_code;
  }
  // yyyy-mm-dd      
  public static function lock(string $username, string $expires_on="") {
    $exp = (! empty($expires_on)) ? "--expiredate ". safeCmd($expires_on) . " " : "";
    exec(self::_doRoot().self::get_super_user_bin . 'usermod -L '. $exp . safeCmd($username), $output, $exit_code);
    checkForError($exit_code, "Unable to Lock user account: {$username}");
    return $exit_code;
  }
  
  public static function unlock(string $username, string $expires_on="") {
    $exp = (! empty($expires_on)) ? "--expiredate ". safeCmd($expires_on) . " " : "--expiredate '' ";
    exec(self::_doRoot().self::get_super_user_bin . 'usermod -U ' . $exp . safeCmd($username), $output, $exit_code);
    checkForError($exit_code, "Unable to Unlock user account: {$username}");
    return $exit_code;
  }

}