#!/usr/bin/perl

use strict;
use warnings;
use lib (qw(lib));

use CGI (':cgi');
use CGI::Carp (qw(fatalsToBrowser));
use URI::Escape;
use Data::Dumper;

use Person;

our $Debug = 0;
our %Config = ();

our @MultiFields = (qw(address homephone cellphone officephone fax mail uri group));

our %FieldNames = 
(
	address		=> 'Address',
	homephone	=> 'Home Phone',
	cellphone	=> 'Cell Phone',
	officephone	=> 'Office Phone',
	fax		=> 'FAX',
	mail		=> 'E-Mail',
	uri		=> 'URI (Homepage)',
	group		=> 'Group'
);

our $MySelf = $ENV{'SCRIPT_NAME'};

our $Action = param ('action');
$Action ||= 'default';

our %Actions =
(
	browse	=> [\&html_start, \&action_browse, \&html_end],
	default	=> [\&html_start, \&action_browse, \&html_end],
	detail	=> [\&html_start, \&action_detail,  \&html_end],
	edit	=> [\&html_start, \&action_edit,    \&html_end],
	save	=> [\&html_start, \&action_save,    \&html_end],
	search	=> [\&html_start, \&action_search,  \&html_end],
	vcard	=> \&action_vcard
);

read_config ();

# make sure AuthLDAPRemoteUserIsDN is enabled.
die unless ($ENV{'REMOTE_USER'});
$Config{'base_dn'} = $ENV{'REMOTE_USER'};

Person->connect
(
	uri	=> $Config{'uri'},
	base_dn => $Config{'base_dn'},
	bind_dn => $Config{'bind_dn'},
	password => $Config{'password'}
) or die;

our ($UserCN, $UserID) = Person->get_user ($Config{'base_dn'});

if (!$UserID and $Action ne 'save')
{
	$Action = 'edit';
}

if (!$UserCN)
{
	die;
}

if (!defined ($Actions{$Action}))
{
	die;
}

if (ref ($Actions{$Action}) eq 'CODE')
{
	$Actions{$Action}->();
}
elsif (ref ($Actions{$Action}) eq 'ARRAY')
{
	for (@{$Actions{$Action}})
	{
		$_->();
	}
}

#print qq#<div>Authenticated as ($UserCN, $UserID, #, $Config{'base_dn'}, qq#)</div>\n#;

Person->disconnect ();

exit (0);

###

sub action_browse
{
	my $group = param ('group');
	$group = shift if (@_);
	$group ||= '*';

	my @all = Person->search ([[group => $group]]);

	if ($group eq '*')
	{
		my %groups = ();
		for (@all)
		{
			my $person = $_;
			my @g = $person->get ('group');

			$groups{$_} = 1 for (@g);
		}

		print qq(\t<h2>Contact Groups</h2>\n\t<ul class="groups">\n);
		for (sort (keys (%groups)))
		{
			my $group = $_;
			my $group_esc = uri_escape ($group);

			print qq(\t\t<li><a href="$MySelf?action=browse&group=$group_esc">$group</a></li>\n);
		}
		if (!%groups)
		{
			print qq(\t\t<li class="empty">There are no groups yet.</li>\n);
		}
		print qq(\t</ul>\n);
	}
	else
	{
		print qq(\t<h2>Contact Group &quot;$group&quot;</h2>\n\t<ul class="results">\n);
		for (@all)
		{
			my $person = $_;
			my $cn = $person->name ();
			my $cn_esc = uri_escape ($cn);

			print qq(\t\t<li><a href="$MySelf?action=detail&cn=$cn_esc">$cn</a></li>\n);
		}
		print qq(\t</ul>\n);
	}
}

sub action_detail
{
	my $cn = param ('cn');
	$cn = shift if (@_);
	die unless ($cn);

	my $person = Person->load ($cn);
	if (!$person)
	{
		print qq(\t<div>Entry &quot;$cn&quot; could not be loaded from DB.</div>\n);
		return;
	}

	print qq(\t<h2>Details for $cn</h2>\n);

	my $cn_esc = uri_escape ($cn);

	print <<EOF;
	<table class="detail">
		<tr>
			<th>Name</th>
			<td>$cn</td>
		</tr>
EOF
	for (@MultiFields)
	{
		my $field = $_;
		my $values = $person->get ($field);
		my $num = scalar (@$values);
		my $print = defined ($FieldNames{$field}) ? $FieldNames{$field} : $field;

		next unless ($num);

		print "\t\t<tr>\n";
		if ($num > 1)
		{
			print qq(\t\t\t<th rowspan="$num">$print</th>\n);
		}
		else
		{
			print qq(\t\t\t<th>$print</th>\n);
		}

		for (my $i = 0; $i < $num; $i++)
		{
			my $val = $values->[$i];
			print "\t\t<tr>\n" if ($i);
			print "\t\t\t<td>$val</td>\n",
			"\t\t</tr>\n";
		}
	}
	print <<EOF;
	</table>
	<div class="detail menu">
		[<a href="$MySelf?action=edit&cn=$cn_esc">edit</a>]
		[<a href="$MySelf?action=vcard&cn=$cn_esc">vCard</a>]
	</div>
EOF
}

sub action_search
{
	my $search = param ('search');

	$search ||= '';
	$search =~ s/[^\s\w]//g;

	if (!$search)
	{
		print qq(\t<div class="error">Sorry, the empty search is not allowed.</div>\n);
		action_default ();
		return;
	}

	my @patterns = split (m/\s+/, $search);
	my @filter = ();

	for (@patterns)
	{
		my $pattern = "$_*";
		push (@filter, [[lastname => $pattern], [firstname => $pattern]]);
	}

	my @matches = Person->search (@filter);

	if (!@matches)
	{
		print qq(\t<div>No entries matched your search.</div>\n);
		return;
	}

	if (scalar (@matches) == 1)
	{
		my $person = shift (@matches);
		my $cn = $person->name ();
		action_detail ($cn);
		return;
	}

	print qq(\t<ul class="result">\n);
	for (@matches)
	{
		my $person = $_;
		my $cn = $person->name ();
		my $cn_esc = uri_escape ($cn);

		print qq(\t\t<li><a href="$MySelf?action=detail&cn=$cn_esc">$cn</a></li>\n);
	}
	print qq(\t</ul>\n);
}

sub action_edit
{
	my %opts = @_;

	my $cn = param ('cn');

	$cn = $opts{'cn'} if (defined ($opts{'cn'}));
	$cn ||= '';

	if (!$UserID)
	{
		$cn = $UserCN;
	}

	my $person;

	my $lastname;
	my $firstname;

	my $contacts = {};
	$contacts->{$_} = [] for (@MultiFields);

	if ($cn)
	{
		$person = Person->load ($cn);

		if (!$person)
		{
			print qq(\t<div class="error">Unable to load CN &quot;$cn&quot;. Sorry.</div>\n);
			return;
		}
	
		$lastname    = $person->lastname ();
		$firstname   = $person->firstname ();

		for (@MultiFields)
		{
			$contacts->{$_} = $person->get ($_);
		}
	}

	$lastname    = param ('lastname')    if (param ('lastname')  and $UserID);
	$firstname   = param ('firstname')   if (param ('firstname') and $UserID);

	for (@MultiFields)
	{
		my $field = $_;
		my @values = grep { $_ } (param ($field));
		$contacts->{$field} = [@values] if (@values);
	}
	
	$lastname    =   $opts{'lastname'}     if (defined ($opts{'lastname'}));
	$firstname   =   $opts{'firstname'}    if (defined ($opts{'firstname'}));
	for (@MultiFields)
	{
		my $field = $_;
		@{$contacts->{$field}} = @{$opts{$field}} if (defined ($opts{$field}));
	}

	if ($cn)
	{
		print "\t\t<h2>Edit contact $cn</h2>\n";
	}
	else
	{
		print "\t\t<h2>Create new contact</h2>\n";
	}

	print <<EOF;
		<form action="$MySelf" method="post">
		<input type="hidden" name="action" value="save" />
		<input type="hidden" name="cn" value="$cn" />
		<table class="edit">
			<tr>
				<td>Lastname</td>
EOF
	if ($UserID)
	{
		print qq(\t\t\t\t<td><input type="text" name="lastname" value="$lastname" /></td>\n);
	}
	else
	{
		print qq(\t\t\t\t<td>$lastname</td>\n);
	}
	print <<EOF;
			</tr>
			<tr>
				<td>Firstname</td>
EOF
	if ($UserID)
	{
		print qq(\t\t\t\t<td><input type="text" name="firstname" value="$firstname" /></td>\n);
	}
	else
	{
		print qq(\t\t\t\t<td>$firstname</td>\n);
	}
	
	print "\t\t\t</tr>\n";

	for (@MultiFields)
	{
		my $field = $_;
		my $print = defined ($FieldNames{$field}) ? $FieldNames{$field} : $field;
		my @values = @{$contacts->{$field}};

		push (@values, '');
		
		for (@values)
		{
			my $value = $_;

			print <<EOF;
			<tr>
				<td>$print</td>
				<td><input type="text" name="$field" value="$value" /></td>
			</tr>
EOF
		}
	}

	print <<EOF;
			<tr>
				<td colspan="2">
EOF
	print qq(\t\t\t\t\t<input type="submit" name="button" value="Update" />\n) if ($UserID);
	print <<EOF;
					<input type="submit" name="button" value="Save" />
				</td>
			</tr>
		</table>
		</form>
EOF
}

sub action_save
{
	my $cn = $UserID ? param ('cn') : $UserCN;

	if ($cn)
	{
		action_update ();
		return;
	}

	die unless ($UserID);

	if (!param ('lastname') or !param ('firstname'))
	{
		print qq(\t<div class="error">You have to give both, first and lastname, to identify this record.</div>\n);
		action_edit (cn => '');
		return;
	}

	my $lastname  = param ('lastname');
	my $firstname = param ('firstname');

	my $contacts = {};
	for (@MultiFields)
	{
		my $field = $_;
		my @values = grep { $_ } (param ($field));
		$contacts->{$field} = [@values] if (@values);
	}

	my $person = Person->create (lastname => $lastname, firstname => $firstname, %$contacts);

	if (!$person)
	{
		print qq(\t<div class="error">Unable to save entry. Sorry.</div>\n);
		return;
	}
	
	$cn = $person->name ();

	if (param ('button') eq 'Update')
	{
		action_edit (cn => $cn);
	}
	else
	{
		action_detail ($cn);
	}
}

sub action_update
{
	my $cn = $UserID ? param ('cn') : $UserCN;
	my $person = Person->load ($cn);

	die unless ($person);

	if ($UserID)
	{
		my $lastname  = param ('lastname');
		my $firstname = param ('firstname');

		$person->lastname  ($lastname)  if ($lastname  and $lastname  ne $person->lastname ());
		$person->firstname ($firstname) if ($firstname and $firstname ne $person->firstname ());

		$cn = $person->name ();
	}

	my $contacts = {};
	for (@MultiFields)
	{
		my $field = $_;
		my @values = grep { $_ } (param ($field));
		$contacts->{$field} = [@values] if (@values);
	}

	for (@MultiFields)
	{
		my $field = $_;
		
		if (defined ($contacts->{$field}))
		{
			my $values = $contacts->{$field};
			$person->set ($field, $values);
		}
		else
		{
			$person->set ($field, []);
		}
	}

	if (param ('button') eq 'Update' or !$UserID)
	{
		action_edit (cn => $cn);
	}
	else
	{
		action_detail ($cn);
	}
}

sub action_vcard
{
	my $cn = param ('cn');
	$cn = shift if (@_);
	die unless ($cn);

	my $person = Person->load ($cn);
	die unless ($person);

	my %vcard_types =
	(
		homephone	=> 'TEL;TYPE=home,voice',
		cellphone	=> 'TEL;TYPE=cell',
		officephone	=> 'TEL;TYPE=work,voice',
		fax		=> 'TEL;TYPE=fax',
		mail		=> 'EMAIL',
		uri		=> 'URL',
		group		=> 'ORG'
	);

	my $sn = $person->lastname ();
	my $gn = $person->firstname ();
	my $cn_esc = uri_escape ($cn);

	print <<EOF;
Content-Type: text/x-vcard
Content-Disposition: attachment; filename="$cn.vcf"

BEGIN:VCARD
VERSION:3.0
FN: $cn
N: $sn;$gn
EOF

	for (@MultiFields)
	{
		my $field = $_;
		my $vc_fld = $vcard_types{$field};
		my $values = $person->get ($field);

		for (@$values)
		{
			my $value = $_;
			print "$vc_fld:$value\n";
		}
	}
	print "END:VCARD\n";
}

sub html_start
{
	my $title = shift;
	$title = q(octo's Lightweight Address Book) unless ($title);

	print <<EOF;
Content-Type: text/html; charset=UTF-8

<html>
	<head>
		<title>$title</title>
		<style type="text/css">
		<!--
body
{
	color: black;
	background-color: white;
}

div.error
{
	color: red;
	background-color: yellow;
	
	font-weight: bold;
	padding: 1ex;
	border: 2px solid red;
}

div.foot
{
	color: gray;
	background-color: white;

	position: absolute;
	top: auto;
	right: 0px;
	bottom: 0px;
	left: 0px;
	
	font-size: x-small;
	text-align: right;
	border-top: 1px solid black;
	width: 100%;
}

div.menu form
{
	display: inline;
	margin-right: 5ex;
}

img
{
	border: none;
}

td
{
	color: black;
	background-color: #cccccc;
}

th
{
	color: black;
	background-color: #999999;
	padding: 0.3ex;
	text-align: left;
	vertical-align: top;
}
		//-->
		</style>
	</head>

	<body>
EOF
	if ($UserID)
	{
		my $search = param ('search') || '';
		print <<EOF;
		<div class="menu">
			<form action="$MySelf" method="post">
				<input type="hidden" name="action" value="browse" />
				<input type="submit" name="button" value="Browse" />
			</form>
			<form action="$MySelf" method="post">
				<input type="hidden" name="action" value="search" />
				<input type="text" name="search" value="$search" />
				<input type="submit" name="button" value="Search" />
			</form>
			<form action="$MySelf" method="post">
				<input type="hidden" name="action" value="edit" />
				<input type="hidden" name="dn" value="" />
				<input type="submit" name="button" value="Add New" />
			</form>
		</div>
		<hr />
EOF
	}
	print "\t\t<h1>octo's Lightweight Address Book</h1>\n";
}

sub html_end
{
	print <<EOF;
		<div class="foot">octo's Lightweight Address Book &lt;octo at verplant.org&gt;</div>
	</body>
</html>
EOF
}

sub read_config
{
	my $file = '/var/www/html/cgi.verplant.org/address/book.conf';
	my $fh;

	open ($fh, "< $file") or die ("open ($file): $!");
	for (<$fh>)
	{
		chomp;
		my $line = $_;

		if ($line =~ m/^(\w+):\s*"(.+)"\s*$/)
		{
			my $key = lc ($1);
			my $val = $2;

			$Config{$key} = $val;
		}
	}

	close ($fh);

	for (qw(uri bind_dn password))
	{
		die ("Not defined: $_") unless (defined ($Config{$_}));
	}
}