#!/usr/bin/python2.7
#
# Copyright 2011-2014 Univention GmbH
#
# http://www.univention.de/
#
# All rights reserved.
#
# The source code of this program is made available
# under the terms of the GNU Affero General Public License version 3
# (GNU AGPL V3) as published by the Free Software Foundation.
#
# Binary versions of this program provided by Univention to you as
# well as other copyrighted, protected or trademarked materials like
# Logos, graphics, fonts, specific documentations and configurations,
# cryptographic keys etc. are subject to a license agreement between
# you and Univention and not subject to the GNU AGPL V3.
#
# In the case you use this program under the terms of the GNU AGPL V3,
# the program is provided in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License with the Debian GNU/Linux or Univention distribution in file
# /usr/share/common-licenses/AGPL-3; if not, see
# <http://www.gnu.org/licenses/>.

'''Univention Directory Manager Tools
remove the old UMC LDAP objects'''

import optparse
import ldap
import sys
import univention.uldap

ACTIONS = ( 'test', 'remove' )

action = None
lo = univention.uldap.getAdminConnection()

def remove( ldap_dn ):
	global action, lo
	print 'Deleting object %s ' % ldap_dn,
	if action == 'remove':
		lo.delete( ldap_dn )
		print 'done'
	else:
		print '(testing mode)'

def remove_ref( ref_dn, pol_dn ):
	global action, lo
	print 'Deleting policy reference %s at %s' % ( pol_dn, ref_dn ),
	if action == 'remove':
		lo.lo.modify_s( ref_dn, [ ( ldap.MOD_DELETE, 'univentionPolicyReference', pol_dn ) ] )
		print 'done'
	else:
		print '(testing mode)'

def run():
	global lo

	# find operation objects
	op_objects = lo.searchDn( filter = 'objectClass=univentionConsoleOperations' )
	for dn in op_objects:
		remove( dn )

	acl_objects = lo.searchDn( filter = 'objectClass=univentionConsoleACL' )
	for dn in acl_objects:
		remove( dn )

	policy_objects = lo.searchDn( filter = 'objectClass=univentionPolicyConsoleAccess' )
	for pol_dn in policy_objects:
		ref_objects = lo.searchDn( filter = 'univentionPolicyReference=%s' % pol_dn )
		for ref_dn in ref_objects:
			remove_ref( ref_dn, pol_dn )
		remove( pol_dn )


if __name__ == '__main__':
	#parse arguments and options
	parser = optparse.OptionParser( usage = 'Usage: %%prog [options] (%s)\nremove the old UMC LDAP objects' % '|'.join( ACTIONS ) )
	(options, args, ) = parser.parse_args()

	# check argument (action)
	if not args:
		print >>sys.stderr, 'warning: no action given. default is test'
		args = [ 'test' ]

	if args[ 0 ] not in ( 'test', 'remove' ):
		print >>sys.stderr, 'error: unknown action %s' % args[ 0 ]
		parser.print_help()
		sys.exit( 3 )

	# action!
	action = args[ 0 ]
	run()

