#!/usr/bin/env python

# -*- coding: utf-8 -*-

"""ospi-client: performs operation for opsi clients on opsi server via JSON-RPC."""

from __future__ import print_function

__author__ = "Joerg Steffens"
__copyright__ = "Copyright 2012-2018, dass IT GmbH"
__license__ = "GPL"
__version__ = "1.2"
__email__ = "joerg.steffens@dass-it.de"

#self.command("opsi-admin -d method host_createOpsiClient "+ \
        #computername + " null " + "\\'"+description+"\\'" + \
        #" \\'created by dassadmin\\' " + mac_address + " " + \
        #ip_address)
#self.command("opsi-admin -d method configState_create clientconfig.depot.id " + \
        #computername + " " + depotName)

import argparse
from   datetime import datetime, timedelta
from   dateutil import parser as dateparser
import logging
import os
from   pprint import pprint, pformat
import sys
import ssl
import time

try:
    import jsonrpc
except ImportError:
    import jsonrpclib


UrlJsonRpc="https://<username>:<password>@opsi:4447/rpc"

HelpEpilog="WARNING: python-json-rpc is known to have problems with HTTP proxies. In case of problems, make sure, the environment variables http_proxy and/or https_proxy are *not* set. It might also be neccesary to set variable PYTHONHTTPSVERIFY=0"

class Nrpe:
    OK = 0
    WARNING = 1
    CRITICAL = 2
    UNKNOWN = 3
    
    def toString(self, status):
        if status == self.OK:
            return 'OK'
        elif status == self.WARNING:
            return 'WARNING'
        elif status == self.CRITICAL:
            return 'CRITICAL'
        else:
            return 'UNKNOWN'

class Output(Nrpe):
    def __init__(self, nagios=False):
        self.nagios = nagios
        self.result = Nrpe.UNKNOWN
        self.message = ''

    def setStatus(self, status, message = None):
        self.result = status
        if message is not None:
            self.setMessage(message)

    def setMessage(self, string):
        self.message = string

    def finalize(self):
        if self.nagios:
            print('{0} - {1}'.format(self.toString(self.result), self.message))
            sys.exit(self.result)
        else:
            print('{0} - {1}'.format(self.toString(self.result), self.message))
            return (self.result == Nrpe.OK)

class OpsiRpc:

    UrlJsonRpcDefault="https://opsi:4447/rpc"

    ProductAttributesCopy = ['actionRequest','actionResult','installationStatus','packageVersion','productVersion']

    def __init__(self, urlJsonRpc = UrlJsonRpcDefault, debug=False, nagios=False):
        self.logger=logging.getLogger(__name__)
        self.debug=debug
        self.nagios=nagios
        self.urlJsonRpc=urlJsonRpc
        if 'jsonrpc' in sys.modules:
            self.rpc=jsonrpc.ServiceProxy(self.urlJsonRpc)
        else:
            self.rpc=jsonrpclib.ServerProxy(self.urlJsonRpc)
        self.logger.debug( "initialized: " + self.urlJsonRpc )
        self.logger.debug(dir(self.rpc))


    def list(self):
        exceptions = []
        if 'jsonrpc' in sys.modules:
            exceptions = [ jsonrpc.json.JSONDecodeException ]
        try:
            print( "\n".join( self.rpc.getClientIds_list() ) )
        except exceptions as e:
            self.logger.debug( pformat(self.rpc.getClientIds_list()) )
            self.logger.exception( "failed" )
            return True


    def getClientsWithProduct( self, product ):
        return self.rpc.productOnClient_getObjects( [], { "productId": product, "installationStatus": "installed" } )

    def getHardwareSerialNumber(self, src):
        serialNumbers  = self.rpc.auditHardwareOnHost_getHashes( [], {"hostId":src, "hardwareClass":"BIOS", "serialNumber":"*"} )
        serialNumbers += self.rpc.auditHardwareOnHost_getHashes( [], {"hostId":src, "hardwareClass":"CHASSIS", "serialNumber":"*"} )
        result = set()
        for i in serialNumbers:
            if i['serialNumber']:
                result.add(i['serialNumber'])
        if len(result) == 1:
            return result.pop()
        elif len(result) > 1:
            self.logger.warning("found more then one serial number")
            return list(result)

    def listClients( self, product ):
        if product:
            for client in self.getClientsWithProduct( product ):
                print(client['clientId'])
        else:
            return self.list()
        return True

    def exists(self, src):
        return len( self.rpc.host_getObjects( [], {"id":src} ) ) == 1

    def info(self, src):
        if not self.exists( src ):
            print("failed: opsi client", src, "does not exist")
            return False
        print(src + ":")
        host = self.rpc.host_getHashes( [], {"id":src} )[0]
        print("  IP:", host["ipAddress"])
        print("  MAC:", host["hardwareAddress"])
        print("  inventory:", host["inventoryNumber"])
        print("  serial number:", self.getHardwareSerialNumber(src))
        print("  last seen:", host["lastSeen"])
        print("  notes:", host["notes"])
        print("  depot:", self.clientGetDepot(src))

        print("  products:")
        products = self.getProductOnClient( src, [] )
        for i in products:
            print("    " + i['productId'] + ":")
            print("      " + i['installationStatus'], "(", end='')
            if i['actionRequest']:
                print(i['actionRequest'], end='')
                if i['actionProgress']:
                    print(i['actionProgress'], end='')
            print(")")
            print("      ", end='')
            pprint( i, indent=8 )
        return True

    def clean(self, src):
        if not self.exists( src ):
            return False
        products = self.rpc.productOnClient_getObjects( [], { 'clientId': src } )
        self.rpc.productOnClient_deleteObjects( products )

        products = self.rpc.productPropertyState_getObjects( [], { 'objectId': src } )
        self.rpc.productPropertyState_deleteObjects( products )

        if self.debug:
            pprint( self.getProductOnClient( src ) )
        return True

    def getOpsiConfigserverId(self):
        # there should always be only one OpsiConfigserver
        opsiConfigservers=self.rpc.host_getHashes( [], { "type": "OpsiConfigserver" } )
        try:
            return opsiConfigservers[0]['id']
        except (KeyError,IndexError) as e:
            self.logger.error( "failed to retreive OpsiConfigserver" )

    def createClient(self, name, opsiHostKey, description, notes, hardwareAddress, ipAddress):
        #    self.rpc.host_createOpsiClient( name, opsiHostKey, description, notes, hardwareAddress, ipAddress )
        self.updateClient( name, opsiHostKey, description, notes, None, hardwareAddress, ipAddress )

    def deleteClient(self, name):
        self.rpc.host_delete( name )

    def updateClient(self, src, opsiHostKey = None, description = None, notes = None, inventoryNumber = None, hardwareAddress = None, ipAddress = None, depot = None ):
        obj = {
          "id" : src,
          "type" : "OpsiClient",
        }
        if opsiHostKey:
            obj['opsiHostKey'] = opsiHostKey
        if description:
            obj['description'] = description
        if notes:
            obj['notes'] = notes
        if inventoryNumber:
            obj['inventoryNumber'] = inventoryNumber
        if hardwareAddress:
            obj['hardwareAddress'] = hardwareAddress
        if ipAddress:
            obj['ipAddress'] = ipAddress

        if self.exists( src ):
            self.rpc.host_updateObject(obj)
        else:
            self.rpc.host_insertObject(obj)

        if depot:
            self.clientSetDepot(src,depot)
        return True

    def clientGetDepot(self, name):
        depot = self.rpc.configState_getHashes( [], {
            "configId": "clientconfig.depot.id",
            "objectId": name } )
        try:
            return depot[0]["values"][0]
        except (IndexError,KeyError):
            return self.getOpsiConfigserverId()

    def clientSetDepot(self, name, depot):
        self.rpc.configState_create( "clientconfig.depot.id", name, depot )

    def copyClient( self, src, dst, ipAddress = None, hardwareAddress = None, depot = None, description = "", copyProperties = True ):

        print("create/update", dst, "from template", src + ":", end='')
        obj = {
          "id" : dst,
          "type" : "OpsiClient",
          "notes" : "copy of " + src,
          "description" : description,
          #"inventoryNumber" : "",
        }
        if hardwareAddress:
            obj['hardwareAddress'] = hardwareAddress
        if ipAddress:
            obj['ipAddress'] = ipAddress

        if self.exists( dst ):
            self.rpc.host_updateObject(obj)
        else:
            self.rpc.host_insertObject(obj)

        if depot:
            self.clientSetDepot(dst,depot)

        if self.debug:
            pprint( self.getProductOnClient( src ) )
        self.copyProductOnClient( src, dst )
        if copyProperties:
            if self.debug:
                print("copy product properties")
            if not depot:
                # get default Properties from Master Depot Server (OpsiConfigserver)
                depot = self.getOpsiConfigserverId()
            self.copyProductPropertyState( src, dst, depot )
        print("done")
        return True

    def getProductOnClient( self, client, attributes = ProductAttributesCopy ):
        return self.rpc.productOnClient_getHashes( [], { 'clientId': client } )

    def copyProductOnClient( self, src, dst, attributes = ProductAttributesCopy ):
        products_src = self.rpc.productOnClient_getHashes( attributes, { 'clientId': src } )
        products_dst = []
        for i in products_src:
            if self.debug: 
                print(i['productId'])
                pprint( i )
            i['clientId'] = dst
            products_dst.append(i)
        self.rpc.productOnClient_createObjects( products_dst )
        if self.debug:
            pprint( self.getProductOnClient( dst ) )


    def getProductPropertyState( self, client, attributes = [] ):
        return self.rpc.productPropertyState_getHashes( [], { 'objectId': client } )


    def copyProductPropertyState( self, src, dst, default = None, attributes = [] ):
        if default:
            productProperties_default = self.getProductPropertyState( default, attributes )
        else:
            productProperties_default = []
        productProperties_src = self.getProductPropertyState( src, attributes )
        productProperties_dst = []
        for i in productProperties_src:
            use_default=False
            default_value=None
            for j in productProperties_default:
                if i['productId'] == j['productId'] and i["propertyId"] == j["propertyId"]:
                    default_value = j['values']
                    if i['values'] == j['values']:
                        use_default=True
            if self.debug:
                print(i['productId'], "-", i["propertyId"] + ": ", pformat(i["values"]), end='')
                if use_default:
                    print("(use default)")
                else:
                    print("(set, default:", default_value, ")")
            if not use_default:
                i['objectId'] = dst
                productProperties_dst.append(i)
        self.rpc.productPropertyState_createObjects( productProperties_dst )
        if self.debug:
            pprint( self.getProductPropertyState( dst ) )


    def getClientProductProperty( self, client, product ):
        return self.rpc.getProductProperties_hash( product, [ client ] )

    def setProductPropertiesOnClient( self, dst, product, properties ):
        self.rpc.setProductProperties(product,properties,dst)

    def setProductPropertyOnClient( self, dst, product, prop, value):
        self.rpc.setProductProperty(product,prop,value,dst)



    def write_value_conf(self, fd, key, properties, default=None):
        value = None
        comment = ''
        try:
            value = properties[key.lower()]
        except KeyError:
            pass
        if not value and default:
            value = default
        if not value:
            # prevent a None to be written
            value = ''
            comment = '# '
        fd.write('  {}{} = "{}"\n'.format(comment, key, value))



    def write_client_conf( self, fd, client, properties ):
        #Client {
        #Name = ting-fd
        #Address = ting.dass-it
        #FDPort = 9102
        #Password = "D5w2V5w6B8a9H5Z"
        #Catalog = MyCatalog
        #File Retention = 6 months
        #Job Retention = 6 months
        #AutoPrune = yes
        #}
        params = [ 'catalog', "FDPort", "FileRetention", "JobRetention", "AutoPrune" ]
        fd.write( "Client {\n" )
        fd.write( '  Name     = "' + properties['filedaemon_full_name'] + '"' + "\n" )
        fd.write( '  Address  = "' + properties['filedaemon_client_address'] + '"' + "\n" )
        # ipAddress: method host_getObjects [] '{"id":client['clientId']}'
        #print("  # Address =", ipAddress)
        fd.write( '  Password = "' + properties['filedaemon_full_password'] + '"' + "\n" )
        for i in params:
            self.write_value_conf(fd, i, properties)
        fd.write( "}\n")
        fd.write( "\n" )


    def write_job_conf(self, fd, client, properties, defaultjobdefs, defaultfileset):
        #Job {
        #FileSet = "tingfileset"
        #Name = "ting"
        #Client = ting-fd
        #JobDefs = "LaptopJob"
        ## Write Bootstrap = "/var/lib/bacula/ting.bsr"
        #}
        params = [ "JobDefs", "FileSet" ]
        fd.write( "Job {" + "\n" )
        fd.write( '  Name    = "' + client['clientId'] + '-job"' + "\n" )
        fd.write( '  Client  = "' + properties['filedaemon_full_name'] + '"' + "\n" )
        self.write_value_conf(fd, 'JobDefs', properties, defaultjobdefs)
        self.write_value_conf(fd, 'FileSet', properties, defaultfileset)
        fd.write( "}" + "\n" )
        fd.write( "\n" )


    def write_config_file_header( self, fd ):
        try:
            fd.write( "#\n" )
            fd.write( "# automatically generated at {0}\n".format( time.asctime() ) )
            fd.write( "#\n\n" )
        except BaseException as e:
            self.logger.exception( "failed to create files" )
            return False
        return True



    def createBareosConfigFiles(self, defaultjobdefs, defaultfileset):
        bareosDirConfigPath = '/etc/bareos/bareos-dir.d/'
        clientsWithBacula=self.getClientsWithProduct('winbareos')
        if clientsWithBacula:
            try:
                configfile = bareosDirConfigPath + 'client/opsi-clients-generated.conf'
                file_opsi_clients = open(configfile, 'w')
                self.write_config_file_header( file_opsi_clients )
            except (BaseException, IOError) as e:
                self.logger.exception( "failed to create configuration file {}".format(configfile) )
                return False

            try:
                configfile = bareosDirConfigPath + 'job/opsi-jobs-generated.conf'
                file_opsi_jobs = open(configfile, 'w')
                self.write_config_file_header( file_opsi_jobs )
            except (BaseException, IOError) as e:
                self.logger.exception( "failed to create configuration file {}".format(configfile) )
                return False

            for client in clientsWithBacula:
                clientId = client['clientId']
                try:
                    clientBaculaProperties=self.getClientProductProperty( clientId, 'winbareos' )
                except ValueError as e:
                    self.logger.warn( "%s: no valid information found: %s" %(clientId, e) )
                else:
                    if clientBaculaProperties:
                        #pprint( clientBaculaProperties )
                        self.write_client_conf(file_opsi_clients, client, clientBaculaProperties)
                        self.write_job_conf(file_opsi_jobs, client, clientBaculaProperties, defaultjobdefs, defaultfileset)
                        self.logger.info( "%s: OK" % clientId )
                    else:
                        self.logger.warn( "%s: failed: no product properties defined" %(clientId) )
            return True

    def __getVersionString(self, product):
        return '{productVersion}-{packageVersion}'.format(**product)

    def getProductCurrentVersion(self, productId):
        products = self.rpc.product_getHashes( [], { 'id': productId } )
        if products:
            return self.__getVersionString(products[0])
        else:
            return None

    def __getClientId(self, d):
        return d.get("clientId")

    def listInstalled(self, productId):
        productVersion = self.getProductCurrentVersion(productId)
        self.logger.debug('version: {0}'.format(productVersion))
        products = self.rpc.productOnClient_getHashes( [], { 'productId': productId } )
        for i in sorted(products, key=self.__getClientId):
            i['version'] = self.__getVersionString(i)
            if i.get('installationStatus') == 'installed':
                if productVersion != i['version']:
                    i['proposedAction'] = 'update'
                else:
                    i['proposedAction'] = 'None'
                print('{clientId}: {version} (proposed action={proposedAction})'.format(**i))
            else:
                i['proposedAction'] = 'install'
                print('{clientId}: (proposed action={proposedAction})'.format(**i))
                self.logger.debug('{clientId}: {actionRequest} {installationStatus} {version}'.format(**i))
            #pprint( i, indent=8 )
        return True

    def isInstalled(self, clientId, productId):
        """
        CRITICAL: not installed
        WARNING: installed, but not current version
        OK: current version is installed
        UNKNOWN: otherwise
        """
        output = Output(self.nagios)
        if not self.exists(clientId):
            output.setMessage("failed: opsi client {0} does not exist".format(clientId))
            return output.finalize()
        productVersion = self.getProductCurrentVersion(productId)
        if not productVersion:
            output.setMessage("failed: product {0} does not exist".format(productId))
            return output.finalize()
        self.logger.debug('version: {0}'.format(productVersion))
        products = self.rpc.productOnClient_getHashes( [], { "clientId": clientId,'productId': productId } )
        if len(products) != 1:
            print("failed: opsi client ({0}) product ({1}) combination does not exist".format(clientId, productId))
            return False            
        for i in sorted(products, key=self.__getClientId):
            i['version'] = self.__getVersionString(i)
            if i.get('installationStatus') == 'installed':
                if productVersion != i['version']:
                    i['proposedAction'] = 'update'
                    output.setStatus(Nrpe.WARNING)
                else:
                    i['proposedAction'] = 'None'
                    output.setStatus(Nrpe.OK)
                output.setMessage('{version} (proposed action={proposedAction})'.format(**i))
            else:
                i['proposedAction'] = 'install'
                output.setStatus(Nrpe.CRITICAL, 'not installed (proposed action={proposedAction})'.format(**i))
                self.logger.debug('{clientId}: {actionRequest} {installationStatus} {version}'.format(**i))
        return output.finalize()


    def clientLastSeen(self, clientId):
        """
        < 1 day: OK
        < 2 days: WARNING
        otherwise: CRITICAL
        """
        output = Output(self.nagios)
        if not self.exists(clientId):
            output.setMessage("failed: opsi client {0} does not exist".format(clientId))
            return output.finalize()
        host = self.rpc.host_getHashes( [], {"id":clientId} )[0]
        lastSeen = dateparser.parse(host["lastSeen"])
        output.setMessage(str(lastSeen))
        diff = datetime.now() - lastSeen
        output.setMessage('{0} ({1} ago)'.format(str(lastSeen), diff))
        if diff < timedelta(1):
            output.setStatus(Nrpe.OK)
        elif diff < timedelta(2):
            output.setStatus(Nrpe.WARNING)
        else:
            output.setStatus(Nrpe.CRITICAL)
        return output.finalize()



if __name__ == '__main__':
    logging.basicConfig(format='%(message)s')
    logger = logging.getLogger(__name__)
    logger.setLevel(logging.INFO)
    
    parser = argparse.ArgumentParser(
        description='Command line tool for OPSI configuration.',
        epilog=HelpEpilog
    )

    parser.add_argument( '--debug', action='store_true', help="enable debugging output" )
    parser.add_argument('--nagios', action='store_true', help='output in Nagios NRPE format')

    parser_url = parser.add_mutually_exclusive_group(required=True)
    parser_url.add_argument( '--url', help="OPSI Server JSON-RPC url, in following format: " + UrlJsonRpc )
    
    parser_url.add_argument( '--server', help="OPSI Server (instead of URL)" )
    username_default=os.getlogin()
    
    parser.add_argument( '--username', help="username (instead of URL), default: " + username_default, default=username_default )
    parser.add_argument( '--password', help="password (instead of URL)" )
    
    subparsers = parser.add_subparsers(title='subcommands',
        description='valid subcommands',
        help='additional help',
        dest='subcommand' )

    parser_clean = subparsers.add_parser('clean', help='remove all product states from a opsi client' )
    parser_clean.add_argument( 'src', help="source opsi client to clean" )

    parser_copy = subparsers.add_parser('copy', help='copy/create a opsi client from a template opsi client')
    parser_copy.add_argument( 'src', help="source/template opsi client" )
    parser_copy.add_argument( 'dst', help="opsi client to be created" )
    parser_copy.add_argument( '--ip', help="IP address of the new opsi client" )
    parser_copy.add_argument( '--mac', help="MAC address of the new opsi client" )
    parser_copy.add_argument( '--depot', help="depot server the new opsi client should be located" )
    #parser_copy.add_argument( '--no-properties', action='store_false', help="don't copy product properties" )

    parser_createBareosConfigFiles = subparsers.add_parser(
        'createBareosConfigFiles',
        help='create Bareos config files for all clients that have winbareos installed',
        formatter_class=argparse.ArgumentDefaultsHelpFormatter
    )
    parser_createBareosConfigFiles.add_argument(
        '--defaultjobdefs',
        metavar='JobDefs',
        default='DefaultJob',
        help="use this JobDefs if no other is defined for a client"
    )
    parser_createBareosConfigFiles.add_argument(
        '--defaultfileset',
        metavar='FileSet',
        help="use this FileSet if no other is defined for a client"
    )

    parser_exists = subparsers.add_parser('exists', help='check, if a opsi clients exists' )
    parser_exists.add_argument( 'src', help="source opsi client" )
    #parser_list = subparsers.add_parser('list', help='list all opsi clients' )

    parser_listClients = subparsers.add_parser('listClients', help='list opsi clients')
    parser_listClients.add_argument( '--product', help="only list clients, that have product installed" )

    parser_info = subparsers.add_parser('info', help='print information about a opsi client' )
    parser_info.add_argument( 'src', help="opsi client" )
    
    parser_clientLastSeen = subparsers.add_parser('clientLastSeen', help='print information about a opsi client' )
    parser_clientLastSeen.add_argument( 'client', help="opsi client" )

    parser_listInstalled = subparsers.add_parser('listInstalled', help='check if product is installed on client')
    parser_listInstalled.add_argument('product', help='opsi product')

    parser_isInstalled = subparsers.add_parser('isInstalled', help='check if product is installed on client')
    parser_isInstalled.add_argument('client', help='opsi client')
    parser_isInstalled.add_argument('product', help='opsi product')

    parser_update = subparsers.add_parser('update', help='update/create a opsi client')
    parser_update.add_argument( 'src', help="opsi client to be created/updated" )
    parser_update.add_argument( '--ip', help="IP address of the opsi client" )
    parser_update.add_argument( '--mac', help="MAC address of the opsi client" )
    parser_update.add_argument( '--description', help="a description of the client" )
    parser_update.add_argument( '--notes', help="notes about the client" )
    parser_update.add_argument( '--inventory', help="inventory number" )
    parser_update.add_argument( '--depot', help="depot server the opsi client should be located" )

    args = parser.parse_args()

    if args.debug:
        logger.setLevel(logging.DEBUG)

    url=args.url
    if (not url):
        if args.server:
            account=""
            if args.username and args.password:
                account=args.username + ":" + args.password + "@"
            elif args.username:
                account=args.username + "@"
            url="https://" + account + args.server + ":4447/rpc"
        else:
            parser.error( "argument --url is required" )

    opsi=OpsiRpc(url, args.debug, args.nagios)

    result = True

    try:
        if args.subcommand == "clean":
            result = opsi.clean( args.src )
        elif args.subcommand == "copy": 
            result = opsi.copyClient( args.src, args.dst, args.ip, args.mac, args.depot )
        elif args.subcommand == "createBareosConfigFiles": 
            result = opsi.createBareosConfigFiles(args.defaultjobdefs, args.defaultfileset)
        elif args.subcommand == "exists":
            result = opsi.exists( args.src )
        elif args.subcommand == "list":
            result = opsi.list()
        elif args.subcommand == "listClients":
            result = opsi.listClients( args.product )
        elif args.subcommand == "info":
            result = opsi.info( args.src )
        elif args.subcommand == "update": 
            result = opsi.updateClient( args.src, None, args.description, args.notes, args.inventory, args.mac, args.ip, args.depot )
        elif args.subcommand == 'listInstalled': 
            result = opsi.listInstalled(args.product)
        elif args.subcommand == 'isInstalled': 
            result = opsi.isInstalled(args.client, args.product)
        elif args.subcommand == 'clientLastSeen': 
            result = opsi.clientLastSeen(args.client)
        else:
            print("not yet implemented")
    except IOError as e:
        result = False
        # connection refused
        print("failed:", e)

    if args.debug: print(result)

    if result:
        exit(0)
    else:
        exit(1)
