#!/usr/bin/env bash

# yadm - Yet Another Dotfiles Manager
# Copyright (C) 2015-2019 Tim Byrne and Martin Zuther

# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.


YADM_DIRECTORY=$(dirname "$YADM_HOOK_REPO")
YADM_CHECKSUMS=$YADM_DIRECTORY/files.checksums

# unpack exported array; filenames including a newline character (\n)
# are NOT supported
OLD_IFS="$IFS"
IFS=$'\n'
YADM_ENCRYPT_INCLUDE_FILES=( $YADM_ENCRYPT_INCLUDE_FILES )
IFS="$OLD_IFS"

CHECKSUM_ALGORITHM="512"
CHECKSUM_ALGORITHM_NAME="SHA-512"
WARNING_MESSAGE="Checksums were not verified."


function print_warning_and_exit {
    MESSAGE=$1

    # set output color to yellow
    echo -e "\033[1;33m"
    echo "WARNING: $MESSAGE  $WARNING_MESSAGE"

    # reset output color
    echo -e "\033[0m"

    exit "$YADM_HOOK_EXIT"
}


function ensure_command {
    COMMAND_NAME=$1

    # check if command exists
    if ! command -v "$COMMAND_NAME" > /dev/null; then
        print_warning_and_exit "command \"$COMMAND_NAME\" not found."
    fi
}


function ensure_algorithm {
    # check if "shasum" supports algorithm by hashing an empty string
    echo -n | shasum --algorithm "$CHECKSUM_ALGORITHM" &> /dev/null

    if [ $? -ne 0 ]; then
        print_warning_and_exit "\"shasum\" does not support $CHECKSUM_ALGORITHM_NAME."
    fi
}


# check whether file with checksums exists
if [ ! -f "$YADM_CHECKSUMS" ]; then
    # return exit status of the yadm command
    exit "$YADM_HOOK_EXIT"
fi

# check if "shasum" exists and supports algorithm
ensure_command shasum
ensure_algorithm

# check encrypted files for differences and capture output
YADM_CHECKSUM_OUTPUT=$(shasum --algorithm "$CHECKSUM_ALGORITHM" --check "$YADM_CHECKSUMS" 2> /dev/null)
ERROR_CODE=$?

# some checksums do not match
if [ $ERROR_CODE -ne 0 ]; then
    echo
    echo "Some $CHECKSUM_ALGORITHM_NAME sums do not match:"

    # set output color to red
    echo -e "\033[0;31m"

    # display mismatching files
    while IFS= read -r line; do
        # try to beautify output
        if command -v grep > /dev/null && command -v sed > /dev/null; then
            echo "$line" | grep -iv "\sok$" | sed 's/^/        / ; s/: FAILED$//'
        else
            echo "$line"
        fi
    done <<< "$YADM_CHECKSUM_OUTPUT"

    # reset output color
    echo -e "\033[0m"
    echo "Consider running either \"yadm encrypt\" or \"yadm decrypt\"."

    # signal error
        exit $ERROR_CODE
fi