# Copyright (c) 2014 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -e

export OS_AUTH_URL=http://localhost:35357/v2.0
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=password

export OS_TOKEN=ADMIN
export OS_URL=http://localhost:35357/v2.0

_get_id()
{
    awk '/ id / { print $4 }'
}

_add_user()
{
    local name=$1
    local tenant=$2
    local user=$3
    local password=$4
    local role=$5

    TENANT_ID=$(openstack project list | awk "/ $tenant / { print \$2 }")
    if [ "$TENANT_ID" == "" ]; then
	# create a new tenant
	TENANT_ID=$(openstack project create $tenant | _get_id)
    fi

    USER_ID=$(openstack user create $user --password=$password \
        --project $TENANT_ID | _get_id)

    if [ "$role" != "" ]; then
	ROLE_ID=$(openstack role list | awk "/ $role / { print \$2 }")
	if [ "$ROLE_ID" == "" ]; then
	    # create a new role
	    ROLE_ID=$(openstack role create $role | _get_id)
	fi

	openstack role add --user $USER_ID --project $TENANT_ID $ROLE_ID
    fi

    eval $(openstack ec2 credentials create --user $user --project $tenant \
	-f shell -c access -c secret)
    export ${name}_ACCESS_KEY=$access
    export ${name}_SECRET_KEY=$secret
}

_create_swift_accounts()
{
    _add_user SERVICE service swift password admin
    _add_user ADMIN test admin admin ResellerAdmin
    _add_user TESTER test tester testing admin
    _add_user TESTER2 test tester2 testing2 member

    SERVICE=$(openstack service create swift --type=object-store | _get_id)
    openstack endpoint create $SERVICE \
        --publicurl "http://localhost:8080/v1/AUTH_\$(tenant_id)s"
}

_setup_keystone()
{
    rm -f ${TEST_DIR}/keystone.db 2>&1

    local log_file="${LOG_DEST:-${TEST_DIR}/log}/keystone.log"
    mkdir -p "$(dirname "${log_file}")"

    keystone-all --config-file conf/keystone.conf --debug > "${log_file}" 2>&1 &
    export keystone_pid=$!

    keystone-manage --config-file conf/keystone.conf --debug db_sync
    keystone-manage --config-file conf/keystone.conf --debug pki_setup

    _create_swift_accounts
}

_setup_keystone

set +e
