#!/bin/sh
###########################################################################
#
# Copyright (c) 2021-2023 Diality Inc. - All Rights Reserved.
#
# THIS CODE MAY NOT BE COPIED OR REPRODUCED IN ANY FORM, IN PART OR IN
# WHOLE, WITHOUT THE EXPLICIT PERMISSION OF THE COPYRIGHT OWNER.
#
# @file    ssh_access.sh
#
# @author  (last)      Behrouz NematiPour
# @date    (last)      23-aug-2023
# @author  (original)  Behrouz NematiPour
# @date    (original)  23-aug-2023
#
############################################################################

TERM=dumb

ECHO_STRING="ssh connection"
SSHD_CONFIG="/etc/ssh/sshd_config"
ERR_EXECUTION=201

_enable=1
_disable=0

#TODO   Move to globals.sh
function check_num() {
  if [ $1 != 0 ]; then
    echo "execution failed"
    exit $ERR_EXECUTION
  fi
}


function sshd_set() {
    if [ $_enable == $1 ]; then
        sudo systemctl start sshd.socket
        check_num $? ", started"
    else
        # is is always disabled but to make sure and be backward compatible will do it again.
        sudo systemctl disable  sshd.socket
        check_num $? ", disabled"
        # stop the ssh service
        sudo systemctl stop     sshd.socket
        check_num $? ", stopped"
    fi
}

function sshd_get() {
    out=$(sudo systemctl status sshd.socket | grep "Active: active (listening)")
    if [ -n "$out" ]; then
      echo $_enable
    else
      echo $_disable
    fi
}

function root_set() {
    if [ $_enable == $1 ]; then
        sudo sed -i '/PermitRootLogin/c\PermitRootLogin yes' $SSHD_CONFIG
        check_num $? " enalbed"
    else
        sudo sed -i '/PermitRootLogin/c\PermitRootLogin no'  $SSHD_CONFIG
        check_num $? " disalbed"
    fi
}

function root_get() {
    if [ "$(grep -ir "^PermitRootLogin" $SSHD_CONFIG | tr -s ' ' | cut -f2 -d' ')" == "yes" ]; then
        echo $_enable
    else
        echo $_disable
    fi
}

function handleCommand() {
    local state=$1
                            # sshd and root
    local sshd_disable=0    #   0       0
    local sshd_enable=1     #   1       0
    local root_enable=2     #   1       1

    case $1 in
        $sshd_disable)
            sshd_set  $_disable
            root_set  $_disable
        ;;
        $sshd_enable)
            sshd_set  $_enable
            root_set  $_disable
        ;;
        $root_enable)
            sshd_set  $_enable
            root_set  $_enable
        ;;
    esac
}

function toCheckState() {
    local sshd=$(sshd_get)
    local root=$(root_get)
    case $sshd in
        $_disable)
            echo 0
        ;;
        $_enable)
            echo $(( $sshd + $root ))
        ;;
    esac
}

case "$#" in
    0)
        echo $(toCheckState)
    ;;
    1)
        handleCommand $1
    ;;
esac

echo ""
exit 0