#!/bin/bash

LOG_FILE="/home/jelastic/add-sftp-user-addon/logs/script_output.log"
DEBUG=${4:-0}  # Set to 1 to enable debug logging, controlled by 4th argument

log() {
    local level=${1:-INFO}
    local message=${2}
    local timestamp=$(date +"%Y-%m-%d %H:%M:%S")
    echo "$timestamp [$level] $message" | tee -a $LOG_FILE
}

log_error() {
    log "ERROR" "$1"
}

log_warning() {
    log "WARNING" "$1"
}

log_debug() {
    if [ "$DEBUG" -eq 1 ]; then
        log "DEBUG" "$1"
    fi
}

# Validate username format
validate_username() {
    local username=$1
    if ! [[ $username =~ ^[a-zA-Z0-9_]{3,32}$ ]]; then
        log_error "Invalid username format. Username must be 3-32 characters long and contain only letters, numbers, and underscores."
        return 1
    fi
    return 0
}

USERNAME=$1
PASSWORD=$2
SSH_ENABLED=$3

log "Script started"

# Validate username format
if ! validate_username "$USERNAME"; then
    exit 1
fi

# Check if user already exists
if id "$USERNAME" &>/dev/null; then
    log_error "Username $USERNAME already exists. Please choose a different username."
    exit 1
fi

USER_HOME="/home/sftpusers/$USERNAME"
ROOT_DIRECTORY="/var/www/webroot/ROOT"
ROOT_GROUP=$(stat -c '%G' $ROOT_DIRECTORY)

# Create the wp-admins group if it doesn't exist
if ! grep -q "^wp-admins:" /etc/group; then
    if groupadd wp-admins; then
        log "Group wp-admins created successfully."
    else
        log_error "Failed to create group wp-admins."
        exit 1
    fi
fi

# Ensure the parent directory for user home directories exists
if [ ! -d "/home/sftpusers" ]; then
    mkdir -p /home/sftpusers
    if [ $? -ne 0 ]; then
        log_error "Failed to create directory /home/sftpusers."
        exit 1
    else
        log "Directory /home/sftpusers created successfully."
    fi
fi

if ! useradd -d $USER_HOME $USERNAME; then
    log_error "Failed to create user $USERNAME."
    exit 1
fi

# Ensure WP-CLI is installed
if ! command -v wp &> /dev/null; then
    if curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar; then
        log "WP-CLI phar file downloaded successfully."
    else
        log_error "Failed to download WP-CLI phar file."
        exit 1
    fi
    
    if chmod +x wp-cli.phar; then
        log "Permissions set on WP-CLI phar file."
    else
        log_error "Failed to set execute permissions on WP-CLI phar file."
        exit 1
    fi
    
    if mv wp-cli.phar /usr/local/bin/wp; then
        log "WP-CLI installed successfully."
    else
        log_error "Failed to move WP-CLI phar file to /usr/local/bin/wp."
        exit 1
    fi
else
    log "WP-CLI is already installed."
fi

[ ! -d "$ROOT_DIRECTORY" ] && { log_error "ROOT_DIRECTORY $ROOT_DIRECTORY does not exist."; exit 2; }

mkdir -p $USER_HOME
echo "$USERNAME:$PASSWORD" | chpasswd

log "User $USERNAME created with home directory $USER_HOME"

ln -s $ROOT_DIRECTORY $USER_HOME/ROOT
log "Symlink created for $USERNAME pointing to $ROOT_DIRECTORY"

usermod -aG $ROOT_GROUP $USERNAME
log "$USERNAME added to group $ROOT_GROUP"

chown $USERNAME:$ROOT_GROUP $USER_HOME
chmod 750 $USER_HOME

chown -R :$ROOT_GROUP /var/www/webroot/ROOT/
find /var/www/webroot/ROOT/ -type d -exec chmod 770 {} \;
find /var/www/webroot/ROOT/ -type f -exec chmod 660 {} \;

chmod g+s $ROOT_DIRECTORY

log "Script completed for user $USERNAME"

# Output the created username and password
echo "export CREATED_USERNAME=$USERNAME" >> /etc/profile
echo "export CREATED_PASSWORD=$PASSWORD" >> /etc/profile