#!/bin/bash

# Copyright (C) 2016 by Mike Gabriel <mike.gabriel@it-zukunft-schule.de>

# This script is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This script is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.

if [ $(id -u) -gt 0 ]; then
	echo "ERROR: This script has to run as super-user root."
	exit 1
fi

set -e

unset http_proxy
unset https_proxy
unset ftp_proxy

BLACKLIST_URL="http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_dansguardian.tar.gz"

function update_blacklists() {
	mkdir -p /var/lib/e2guardian/
	curl "${BLACKLIST_URL}" 1> /var/lib/e2guardian/blacklists.tar.gz 2>/dev/null

	if [ -e /var/lib/e2guardian/.blacklists.new ]; then
		rm -Rf /var/lib/e2guardian/.blacklists.new
	fi

	mkdir -p /var/lib/e2guardian/.blacklists.new

	cd /var/lib/e2guardian/.blacklists.new
	tar xzf /var/lib/e2guardian/blacklists.tar.gz

	mv blacklists/* .
	rmdir blacklists/

	cd - 1>/dev/null

	if [ -e /var/lib/e2guardian/blacklists.old ]; then
		rm -Rf /var/lib/e2guardian/blacklists.old
	fi

	if [ -d /var/lib/e2guardian/blacklists ]; then
		mv /var/lib/e2guardian/blacklists /var/lib/e2guardian/blacklists.old
	fi

	if [ ! -e /var/lib/e2guardian/blacklists ]; then
		mv /var/lib/e2guardian/.blacklists.new /var/lib/e2guardian/blacklists

		LANG=C date 1> /var/lib/e2guardian/last-updated.txt

		chown root:root -Rf /var/lib/e2guardian/blacklists
		chmod -Rf a+r /var/lib/e2guardian/blacklists
		cd /var/lib/e2guardian/blacklists
		find * -type d | while read dir; do
			chmod a+x "${dir}"
		done
		cd - 1> /dev/null

	fi

	if [ -e /var/lib/e2guardian/blacklists.tar.gz ]; then
		rm -f /var/lib/e2guardian/blacklists.tar.gz
	fi
}

function update_whitelists() {
	if [ -d /var/lib/e2guardian/whitelists.old ]; then
		rm -Rf /var/lib/e2guardian/whitelists.old
	fi
	if [ -d /var/lib/e2guardian/whitelists ]; then
		mv /var/lib/e2guardian/whitelists /var/lib/e2guardian/whitelists.old
	fi

	mkdir -p /var/lib/e2guardian/whitelists
	find /var/lib/e2guardian/blacklists/*/usage | while read usage; do
		# skip symlinked dirs
		if [ -h "$(dirname "${usage}")" ]; then
			continue
		fi
		if grep -q "white" < "${usage}" && ! grep -q "black" < "${usage}"; then
			mv "$(dirname "${usage}")" /var/lib/e2guardian/whitelists
		fi
	done
}

function init_config() {
	if [ ! -e "/etc/debian-edu/e2guardian_blacklisted_categories" ]; then
		find  /var/lib/e2guardian/blacklists/* -maxdepth 1  -type d| cut -d "/" -f6 >> /etc/debian-edu/e2guardian_blacklisted_categories
	fi
	if [ ! -e "/etc/debian-edu/e2guardian_whitelisted_categories" ]; then
		find  /var/lib/e2guardian/whitelists/* -maxdepth 1  -type d| cut -d "/" -f6 >> /etc/debian-edu/e2guardian_whitelisted_categories
	fi
}

function rearrange_lists() {
	cat "/etc/debian-edu/e2guardian_whitelisted_categories" | while read whitelisted; do
		if [ -d "/var/lib/e2guardian/blacklists/${whitelisted}" ] && \
		   [ ! -h "/var/lib/e2guardian/blacklists/${whitelisted}" ]; then
			mv "/var/lib/e2guardian/blacklists/${whitelisted}" /var/lib/e2guardian/whitelists
		fi
	done

	cat "/etc/debian-edu/e2guardian_blacklisted_categories" | while read blacklisted; do
		if [ -d "/var/lib/e2guardian/whitelists/${blacklisted}" ] && \
		   [ ! -h "/var/lib/e2guardian/whitelists/${blacklisted}" ]; then
			mv "/var/lib/e2guardian/whitelists/${blacklisted}" /var/lib/e2guardian/blacklists
		fi
	done
}

function update_lists() {
	action=${1}
	type="${2}"
	list="${3}"

	sed -i "/etc/e2guardian/lists/${list}" -Ee "/(#|).Include<.*\/${action}s\/.*>$/d"

	find /var/lib/e2guardian/${action}s/*/${type} -type f -maxdepth 1 2>/dev/null | sort | while read path; do
		# ignore symlinks pointing to another category dir
		if [ ! -h "$(echo $path | cut -d "/" -f 1-6)" ]; then
			echo "#.Include<${path}>" >> "/etc/e2guardian/lists/${list}"
		fi
	done

	cat /etc/debian-edu/e2guardian_${action}ed_categories | grep -v "^#" | while read category; do
		sed -i "/etc/e2guardian/lists/${list}" -Ee "s/#(.Include<.*\/${category}\/${type})/\1/"
	done
}

update_blacklists
update_whitelists
init_config
rearrange_lists
update_lists blacklist domains bannedsitelist
update_lists blacklist urls bannedurllist
update_lists blacklist expressions bannedregexpurllist
update_lists whitelist domains exceptionsitelist
update_lists whitelist urls exceptionurllist
#invoke-rc.d e2guardian restart 1>/dev/null 2>/dev/null