#!/bin/bash

# Меню помощи
show_help() {
    echo "Usage: [sudo] mac-podman [-u USER] [-l LABEL] [-d HOME_DIR] [-t TMP_DIR] -- <container command>"
    echo
    echo "  -u, --user       - Username (optional, use sudo, default user of session)"
    echo "  -l, --label      - Mandatory labels (optional, use sudo, default labels of session, 2-4 numbers through ':', for example: 1:0:0)"
    echo "  -d, --home       - Home directory (optional, default /home/.pdp/<user>/lXiXcXxXtXxX)"
    echo "  -t, --tmp        - Tmp directory (optional, default /tmp_user_label)"
    echo "  --               - All written after this symbols would passed as a command to the container"
    exit 1
}

# ---- общая функция подготовки окружения ----
prepare_env() {
    local user="$1" label="$2"

    if [[ -n "$label" && -n "$user" ]]; then
        # Переменные для label из флага
        lev=$(pdp-exec -l "$label" pdp-id -l)
        ilev=$(pdp-exec -l "$label" pdp-id -i)
        cat=$(pdp-exec -l "$label" pdp-id -c)
        dlev=$(pdp-exec -l "$label" pdp-id -d)
        if [ -z "$dlev" ]; then
            dlev="0x0"
        fi
    else
        # Переменные для label из сессии
        lev=$(pdp-id -l)
        ilev=$(pdp-id -i)
        cat=$(pdp-id -c)
        dlev=$(pdp-id -d)
        if [ -z "$dlev" ]; then
                    dlev="0x0"
                fi
    fi


    # Проверка на соответствие lev и ilev
    if [[ "$ilev" -ne 0 && "$lev" -ne 0 ]]; then
        echo "Error: invalid set of labels" >&2
        exit 1
    fi

    pdp_label_new="${lev}_${ilev}_${cat}_${dlev}"

    # Установка runroot по умолчанию
    XDG_RUNTIME_DIR="/run/user/$(id -u "$USERNAME")z${pdp_label_new}"

    # Установка /tmp по умолчанию
    if [[ -z "$TMPDIR" ]]; then
        TMPDIR="$XDG_RUNTIME_DIR/tmp"
    fi
    # Установка /home по умолчанию
    if [[ -z "$HOMEDIR" ]]; then
        HOMEDIR="/home/.pdp/${USERNAME}/z${pdp_label_new}"
    fi

    # Выставление конфига
    CONTAINERS_CONF="/etc/containers/containers.conf"
    if [[ -n "$label" && -n "$user" ]] && [[ "$lev" -ne $(pdp-id -l) ]]; then
        CONTAINERS_CONF="/etc/containers/mac_containers.conf"
    fi

    # Проверка существования директорий
    missing_dirs=()  # Массив для сбора отсутствующих директорий
    for dir in "$XDG_RUNTIME_DIR" "$TMPDIR" "$HOMEDIR"; do
        if [[ ! -d "$dir" ]]; then
            missing_dirs+=("$dir")  # Добавляем отсутствующую директорию в массив
        fi
    done

    # Вывод всех отсутсвующих директорий
    if [[ ${#missing_dirs[@]} -gt 0 ]]; then
        echo "Warning: The following directories do not exist. Please run mac-podman-init from admin:"
        for missing in "${missing_dirs[@]}"; do
            echo " - $missing"
        done
    fi
}

# ---- парсинг аргументов ----
USERNAME="" LABEL=""
while [[ $# -gt 0 ]]; do
    case "$1" in
        -u|--user) USERNAME="$2"; shift 2 ;;
        -l|--label) LABEL="$2"; shift 2 ;;
        -d|--home) HOMEDIR="$2"; shift 2 ;;
        -t|--tmp) TMPDIR="$2"; shift 2 ;;
        -h|--help) show_help ;;
        --) shift; break ;;
        *) echo "Unknown parameter: $1" >&2; show_help ;;
    esac
done

if [[ $# -eq 0 ]]; then
    echo "Error: no command passed to container!" >&2
    show_help
fi
CONTAINER_CMD=("$@")

# Проверка: либо оба -u и -l, либо ни одного
if { [[ -n "$USERNAME" ]] && [[ -z "$LABEL" ]]; } || \
   { [[ -z "$USERNAME" ]] && [[ -n "$LABEL" ]]; }; then
    echo "Error: both username (-u) and label (-l) must be specified together" >&2
    exit 1
fi

# ❗ Запрет root/sudo без указания -u и -l
if [[ $(id -u) -eq 0 && -z "$USERNAME" && -z "$LABEL" ]]; then
    echo "Error: running as root or via sudo without -u and -l is not allowed" >&2
    exit 1
fi

# ❗ Запрет запуска с -u и -l без sudo/root
if [[ $(id -u) -ne 0 && -n "$USERNAME" && -n "$LABEL" ]]; then
    echo "Error: options -u and -l require running as root (sudo)" >&2
    exit 1
fi

if [[ -z "$USERNAME" ]]; then
    USERNAME="$USER"
fi

# ---- запуск ----
if [[ -n "$USERNAME" && -n "$LABEL" ]]; then
    if ! id "$USERNAME" &>/dev/null; then
        echo "Error: user '$USERNAME' does not exist." >&2
        exit 1
    fi
    if [[ ! "$LABEL" =~ ^([0-9]+:){1,3}[0-9]+$ ]]; then
        echo "Error: wrong format of levels!" >&2
        exit 1
    fi
    prepare_env "$USERNAME" "$LABEL"
    sudo systemctl start "user@$(systemd-escape "$(id -u "$USERNAME")z${pdp_label_new}")"
    if [[ ! -d "$TMPDIR" ]]; then
        mkdir -p "$TMPDIR"
    fi
    pdpl-file "$lev:0:$cat:ccnr" "$TMPDIR"
    chmod 1777 "$TMPDIR"
    chown "$USERNAME":"$USERNAME" "$TMPDIR"
    pdp-exec -u "$USERNAME" -l "$LABEL" -c 0x00100 -s -- \
        env CONTAINERS_CONF="$CONTAINERS_CONF" \
            HOME="$HOMEDIR" TMPDIR="$TMPDIR" XDG_RUNTIME_DIR="$XDG_RUNTIME_DIR" \
            DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u "$USERNAME")z${pdp_label_new}/bus" \
        bash -c 'cd "$HOME"; exec "$@"' _ "${CONTAINER_CMD[@]}"
else
    prepare_env "$USER" ""
    env CONTAINERS_CONF="$CONTAINERS_CONF" \
        HOME="$HOMEDIR" TMPDIR="$TMPDIR" XDG_RUNTIME_DIR="$XDG_RUNTIME_DIR" \
        DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(id -u "$USER")z${pdp_label_new}/bus" \
        bash -c 'cd "$HOME"; exec "$@"' _ "${CONTAINER_CMD[@]}"
fi
