#!/bin/ksh

###############################################
# Sourcing macros
###############################################
DIRNAME=/usr/bin/dirname
. `$DIRNAME $0`/../lib/psmacros

####################################################################################
# Defines.
####################################################################################

BELL_CHAR='\a'

PS_STATE_FILE="$PS_CONFIG_DIR/PSConfig.properties"

WEBNFS_PKGINFO_FILE="/var/sadm/pkg/SUNWebnfs/pkginfo"
JCIFS_PKGINFO_FILE="/var/sadm/pkg/SUNWjcifs/pkginfo"


####################################################################################
# Get configuration from file
####################################################################################

GrabConfig() {

  GRABCONFIG_FILE=$1
  GRABCONFIG_KEY=$2
  GRABCONFIG_SEPARATOR=$3

  ANSWER=`$GREP "^$GRABCONFIG_KEY$GRABCONFIG_SEPARATOR" $GRABCONFIG_FILE | $UNIQ | $SED -e "s/$GRABCONFIG_KEY$GRABCONFIG_SEPARATOR//"`

}

####################################################################################
# Make sure that the user is root.
####################################################################################

CheckUser() {

    if [ `$ID | $AWK '{print $1}'` != "uid=0(root)" ]; then
      $ECHO "You must be root user. $BELL_CHAR"
      exit 1
    fi

}

####################################################################################
# Make sure required state files are present.
####################################################################################

CheckStateFiles() {

    if [ ! -f $PS_STATE_FILE ]; then
      $ECHO "Error: $PS_STATE_FILE does not exist. $BELL_CHAR"
      exit 1
    fi

}

####################################################################################
# Initialize all global variables.
####################################################################################

Initialize() {

    # Portal server base directory.
    GrabConfig $PS_STATE_FILE "BASEDIR" "="
    if [ "$ANSWER" != "" ]; then
      PS_BASEDIR=$ANSWER
    else
      $ECHO "Error: Cannot determine BASEDIR. $BELL_CHAR"
      exit 1
    fi
    
    # JDK directory.
    GrabConfig $PS_STATE_FILE "DEPLOY_JDK_DIR" "="
    if [ "$ANSWER" != "" ]; then
      DEPLOY_JDK_DIR=$ANSWER
    else
      GrabConfig $PS_STATE_FILE "JDK_DIR" "="
      DEPLOY_JDK_DIR=$ANSWER
    fi
    
    # Deploy type.
    GrabConfig $PS_STATE_FILE "DEPLOY_TYPE" "="
    if [ "$ANSWER" != "" ]; then
      DEPLOY_TYPE=$ANSWER
    else
      $ECHO "Error: Cannot determine DEPLOY_TYPE. $BELL_CHAR"
      exit 1
    fi
    
    if [ "$DEPLOY_TYPE" = "SUNONE" ]; then

      # Deploy domain
      GrabConfig $PS_STATE_FILE "DEPLOY_DOMAIN" "="
      if [ "$ANSWER" != "" ]; then
        DEPLOY_DOMAIN=$ANSWER
      else
        $ECHO "Error: Cannot determine DEPLOY_DOMAIN. $BELL_CHAR"
        exit 1
      fi
      
      # Deploy instance 
      GrabConfig $PS_STATE_FILE "DEPLOY_INSTANCE" "="
      if [ "$ANSWER" != "" ]; then
        DEPLOY_INSTANCE=$ANSWER
      else
        $ECHO "Error: Cannot determine DEPLOY_INSTANCE. $BELL_CHAR"
        exit 1
      fi

    fi

    if [ "$DEPLOY_TYPE" = "SUNONE8" ]; then
      GrabConfig $PS_STATE_FILE "DEPLOY_INSTANCE_DIR" "="
      if [ "$ANSWER" != "" ]; then
        DEPLOY_INSTANCE_DIR=$ANSWER
      else
        $ECHO "Error: Cannot determine DEPLOY_INSTANCE_DIR. $BELL_CHAR"
        exit 1
      fi
    fi

    # Deploy directory.
    GrabConfig $PS_STATE_FILE "DEPLOY_DIR" "="
    if [ "$ANSWER" != "" ]; then
      DEPLOY_DIR=$ANSWER
    else
      $ECHO "Error: Cannot determine DEPLOY_DIR. $BELL_CHAR"
      exit 1
    fi
    
    # Identity server base directory.
    GrabConfig $PS_STATE_FILE "IDSAME_BASEDIR" "="
    if [ "$ANSWER" != "" ]; then
      IDSAME_BASEDIR=$ANSWER
    else
      $ECHO "Error: Cannot determine IDSAME_BASEDIR. $BELL_CHAR"
      exit 1
    fi
    
    # Others.
    FILE="$IDSAME_CONFIG_DIR/config/AMConfig.properties"
    ADMIN_DN=`$GREP "^com.sun.identity.authentication.super.user=" $FILE | $SED -e "s/com.sun.identity.authentication.super.user=//"`
    DPADMIN="$PS_BASEDIR/$PS_PRODUCT_DIR/bin/dpadmin"

}

####################################################################################
# Add netlet provider to display profile.
####################################################################################

AddNetletProviderToDP() {

    $ECHO "Adding Netlet provider to display profile..."
    $DPADMIN add -u "$ADMIN_DN" -w "${IDSAME_ADMIN_PASSWORD}" -g $PS_BASEDIR/$PS_PRODUCT_DIR/samples/netlet/netletProvider.xml

}

####################################################################################
# Copy netletevalpac.jar to JDK directory.
####################################################################################

CopyNetletEvalPactoJDKDir() {

    $ECHO "Copying netletevalpac.jar to JDK directory..."
    $CP $PS_BASEDIR/$PS_PRODUCT_DIR/web-src/WEB-INF/lib/netletevalpac.jar $JDK_DIR/jre/lib/ext
    if [ "$OSTYPE" = "SunOS" ]; then
      $INSTALLF -f "SUNWpsnl"
    fi
}

####################################################################################
# Link webnfs.jar to portal web-src.
####################################################################################

AddWebNFSToPortal() {

    $ECHO "Creating softlink for WebNFS..."
    if [ "$OSTYPE" = "SunOS" ]; then
      if [ -f $WEBNFS_PKGINFO_FILE ]; then
         GrabConfig $WEBNFS_PKGINFO_FILE "BASEDIR" "="
         $LN -s $ANSWER/SUNWebnfs/webnfs.zip $PS_BASEDIR/$PS_PRODUCT_DIR/web-src/WEB-INF/lib/webnfs.jar
         $INSTALLF "SUNWpsnf" $PS_BASEDIR/$PS_PRODUCT_DIR/web-src/WEB-INF/lib/webnfs.jar
      fi
      $INSTALLF -f "SUNWpsnf"
    fi
    if [ "$OSTYPE" = "Linux" ]; then
        WEBNFS_RPM="sun-webnfs"
        rpm -q --quiet $WEBNFS_RPM
        if [ $? -eq 0 ]; then
          ANSWER=`rpm -q --queryformat "%{INSTALLPREFIX}" $WEBNFS_RPM`
          $LN -s $ANSWER/webnfs/webnfs.zip $PS_BASEDIR/$PS_PRODUCT_DIR/web-src/WEB-INF/lib/webnfs.jar
        fi
    fi
}

####################################################################################
# Link jcifs.jar to portal web-src.
####################################################################################

AddJCIFSToPortal() {

    $ECHO "Creating softlink for JCIFS..."
    if [ "$OSTYPE" = "SunOS" ]; then
        if [ -f $JCIFS_PKGINFO_FILE ]; then
            GrabConfig $JCIFS_PKGINFO_FILE "BASEDIR" "="
            $LN -s $ANSWER/jcifs/lib/jcifs-0.7.3.jar $PS_BASEDIR/$PS_PRODUCT_DIR/web-src/WEB-INF/lib/jcifs-0.7.3.jar
            $INSTALLF "SUNWpsnf" $PS_BASEDIR/$PS_PRODUCT_DIR/web-src/WEB-INF/lib/jcifs-0.7.3.jar
        fi
        $INSTALLF -f "SUNWpsnf"
    fi
    if [ "$OSTYPE" = "Linux" ]; then
        JCIFS_RPM="sun-jcifs"
        rpm -q --quiet $JCIFS_RPM
        if [ $? -eq 0 ]; then
          ANSWER=`rpm -q --queryformat "%{INSTALLPREFIX}" $JCIFS_RPM`
          $LN -s $ANSWER/jcifs/lib/jcifs-0.7.3.jar $PS_BASEDIR/$PS_PRODUCT_DIR/web-src/WEB-INF/lib/jcifs-0.7.3.jar
        fi
    fi
}

####################################################################################
# Put .so files in LD_LIBRRAY_PATH for netfile.
####################################################################################

CopyLibraryFilesForNetfile() {

    $ECHO "Placing Netfile .so file in library path..."
    PS_LIB_DIR=$PS_BASEDIR/$PS_PRODUCT_DIR/lib
    if [ "$DEPLOY_TYPE" = "IWS" ]; then
      $CP $PS_LIB_DIR/libgetpwnam.so $DEPLOY_DIR/bin/https/lib
      $CP $PS_LIB_DIR/libgetpwnam2.so $DEPLOY_DIR/bin/https/lib
    fi

}

####################################################################################
# Add netfile pam(Pluggable Authentication Module) for linux
# since on linux by default pemissions are set as pam_deny
####################################################################################

AddNetFilePAMIfLinux() {
    if [ "$OSTYPE" = "Linux" ]; then
        PAM_FILE="/etc/pam.d/netfile"
        if [ -f $PAM_FILE ]; then
          $ECHO "NetFile PAM already exists ..."
        else
          $ECHO "Adding NetFile PAM ..."
          $ECHO "auth        required    /lib/security/pam_unix.so" > $PAM_FILE
          $ECHO "account     required    /lib/security/pam_unix.so" >> $PAM_FILE
          $ECHO "password    required    /lib/security/pam_unix.so" >> $PAM_FILE
          $ECHO "session     required    /lib/security/pam_unix.so" >> $PAM_FILE
        fi
    fi
}

####################################################################################
# Add SocketPermission & NetPermission to server.policy of S1AS needed for NetFile 
####################################################################################

AddNetFilePermissionsToServerPolicy() {

    if [ "$DEPLOY_TYPE" = "SUNONE" ]; then
      FILE="$DEPLOY_DOMAIN/$DEPLOY_INSTANCE/config/server.policy"
      $ECHO "Adding required netfile permissions to $FILE ..."
      $CAT >> $FILE << EOF

// S1PS - SRA NetFile
grant {
      permission java.net.SocketPermission    "*", "connect,accept,listen,resolve";
      permission java.net.NetPermission "*", "specifyStreamHandler";
};
// END OF S1PS - SRA NetFile

EOF
    fi

    if [ "$DEPLOY_TYPE" = "SUNONE8" ]; then
      FILE="$DEPLOY_INSTANCE_DIR/config/server.policy"
      $ECHO "Adding required netfile permissions to $FILE ..."
      $CAT >> $FILE << EOF

// S1PS - SRA NetFile
grant {
      permission java.net.SocketPermission    "*", "connect,accept,listen,resolve";
      permission java.net.NetPermission "*", "specifyStreamHandler";
};
// END OF S1PS - SRA NetFile

EOF
    fi
}

####################################################################################
# Add proxylet provider to display profile.
####################################################################################

AddProxyletProviderToDP() {

    $ECHO "Adding Proxylet provider to display profile..."
    $DPADMIN add -u "$ADMIN_DN" -w "${IDSAME_ADMIN_PASSWORD}" -g $PS_BASEDIR/$PS_PRODUCT_DIR/samples/proxylet/proxyletProvider.xml

}

####################################################################################
# Main
####################################################################################

# Make sure that the user is root.
CheckUser

# Make sure that the required state files are present.
CheckStateFiles

# Initialize all global variables.
Initialize

# Add netlet provider to display profile.
AddNetletProviderToDP

# Copy netletevalpac.jar to JDK directory.
# CopyNetletEvalPactoJDKDir

# Link webnfs.jar to portal web-src.
AddWebNFSToPortal

# Link jcifs.jar to portal web-src.
AddJCIFSToPortal

# Put .so files in LD_LIBRRAY_PATH for netfile.
CopyLibraryFilesForNetfile

#Add netfile pam(Pluggable Authentication Module) if linux
#since on linux by default pemissions are set as pam_deny
AddNetFilePAMIfLinux

# Add SocketPermission & NetPermission to server.policy of S1AS needed for NetFile 
AddNetFilePermissionsToServerPolicy

# Add proxylet provider to display profile.
AddProxyletProviderToDP

exit 0
