#!/usr/bin/env bash
#
# Copyright (c) 2024 YunoHost Contributors
#
# This file is part of YunoHost (see https://yunohost.org)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#

# Exit hook on subcommand error or unset variable
set -eu

backup_dir="${1}/conf/ldap"

systemctl stop slapd

# Create a directory for backup
TMPDIR="/tmp/$(date +%s)"
mkdir -p "$TMPDIR"

die() {
    state=$1
    error=$2

    # Restore saved configuration and database
    [[ $state -ge 1 ]] \
        && (rm -rf /etc/ldap/slapd.d \
            && mv "${TMPDIR}/slapd.d" /etc/ldap/slapd.d)
    [[ $state -ge 2 ]] \
        && (rm -rf /var/lib/ldap \
            && mv "${TMPDIR}/ldap" /var/lib/ldap)
    chown -R openldap: /etc/ldap/slapd.d /var/lib/ldap

    systemctl start slapd
    rm -rf "$TMPDIR"

    # Print an error message and exit
    printf "%s" "$error" 1>&2
    exit 1
}

# Restore the configuration
mv /etc/ldap/slapd.d "$TMPDIR"
mkdir -p /etc/ldap/slapd.d
cp -a "${backup_dir}/ldap.conf" /etc/ldap/ldap.conf
# Legacy thing but we need it to force the regen-conf in case of it exist
[ ! -e "${backup_dir}/slapd.conf" ] \
    || cp -a "${backup_dir}/slapd.conf" /etc/ldap/slapd.conf
slapadd -F /etc/ldap/slapd.d -b cn=config \
    -l "${backup_dir}/cn=config.master.ldif" \
    || die 1 "Unable to restore LDAP configuration"
chown -R openldap: /etc/ldap/slapd.d

# Restore the database
mv /var/lib/ldap "$TMPDIR"
mkdir -p /var/lib/ldap
slapadd -F /etc/ldap/slapd.d -b dc=yunohost,dc=org \
    -l "${backup_dir}/dc=yunohost-dc=org.ldif" \
    || die 2 "Unable to restore LDAP database"
chown -R openldap: /var/lib/ldap

systemctl start slapd
rm -rf "$TMPDIR"
