#!/bin/bash

# @author Marcello Stanisci
# @brief Creates the directories hierarchy under $HOME/shared-data/.
#        Note: shared-data/ must already exist and give execute
#        permission to the group (test|demo).  Also note that any
#        program that creates files must set perms by its own!

set -e

if test -z $TALER_CONFIG_ENV; then
  echo Please run 'source ~/activate' first.
  exit 1
fi

SHARED_DATA=$(taler-config -s paths -o taler_deployment_shared -f)

# Check shared-data/ exists
if ! test -e $SHARED_DATA; then
  echo "Please bootstrap your setup first (run 'bootstrap-bluegreen' script?)."
  exit 1
fi

# Check if shared-data/ is clean.
if ls -L -1 $SHARED_DATA | grep -q [a-zA-Z]; then
  echo "$SHARED_DATA not empty, exiting"
  exit 0
fi

# Check if it's writeable.
if ! test -w $SHARED_DATA; then
  echo "Can't write under $SHARED_DATA, please ajdust permissions"
  exit 0
fi

# Check if shared-data/ has the right group (test|demo),
# and set the SETGID permission if so.
SHARED_DATA_GROUP=$(stat -L --format "%G" $SHARED_DATA)
if ! echo $SHARED_DATA_GROUP | grep -q "^$TALER_CONFIG_ENV$"; then
  echo "$SHARED_DATA has the wrong group ($SHARED_DATA_GROUP), please fix."
  exit 1
fi

# Double-check if setgid was set.
if stat -L --format "%a" $SHARED_DATA | grep -q -v "^[2367][0-9][0-9][0-9]$"; then
  echo "Please make sure $SHARED_DATA has setgid asserted"
  exit 1
fi

declare -A TALER_DIRS=(
  [MERCHANT_WIRE]=$(dirname $(taler-config -s account-merchant -o wire_response -f))
  [MERCHANT]=$(dirname $(taler-config -s instance-default -o keyfile -f))
  
  [EXCHANGE_WIREFEES]=$(taler-config -s exchangedb -o wirefee_base_dir -f)
  [EXCHANGE_AUDITOR_REQUEST]=$(taler-config -s exchangedb -o auditor_inputs -f)
  [EXCHANGE_WIRE]=$(basename $(taler-config -s account-1 -o wire_response -f))
  [EXCHANGE_OFFLINE_KEYS]=$(dirname $(taler-config -s exchange -o master_priv_file -f))
  [EXCHANGE_LIVE_KEYS]=$(taler-config -s -o keydir -f)
  [EXCHANGE_AUDITORS]=$(taler-config -s exchangedb -o auditor_base_dir -f)
  
  [AUDITOR_REPORTS]=$(taler-config -s auditor -o reports -f)
  [AUDITOR_OFFLINE_KEYS]=$(dirname $(taler-config -s auditor -o auditor_priv_file -f))
)

for dir in ${TALER_DIRS[@]}; do
  mkdir -p $dir
done
  
# All dirs will give only the group RWX perms.
chmod -R 770 $SHARED_DATA/*
touch $SHARED_DATA/hier.lock