-- @@SHEBANG
-- -*- Lua -*-
-- command cgi
--
-- Git (with) Augmented network operations -- User authentication wrapper
--
-- Copyright 2014 Codethink Ltd
--
--

-- @@GITANO_LUA_PATH

local gitano = require "gitano"
local gall = require "gall"
local luxio = require "luxio"
local sio = require "luxio.simple"

-- @@GITANO_BIN_PATH
-- @@GITANO_SHARE_PATH
-- @@GITANO_PLUGIN_PATH

local stdout = sio.stdout

function url_decode(str)
  str = string.gsub (str, "+", " ")
  str = string.gsub (str, "%%(%x%x)",
      function(h) return string.char(tonumber(h,16)) end)
  str = string.gsub (str, "\r\n", "\n")
  return str
end

if os.getenv("QUERY_STRING") then
   local query_string = url_decode(os.getenv("QUERY_STRING"))
   local cmdline = query_string

   local _, e = string.find(query_string, "cmd=")

   if not e then
      stdout:write("Status: 400 Bad request\r\n\r\n")
      stdout:write("Malformed command line, format: ?cmd=arg0 arg1 ... argn\n")
      return
   end

   cmdline = string.sub(query_string, e + 1, #query_string)

   if cmdline == '' then
      stdout:write("Status: 400 Bad request\r\n\r\n")
      stdout:write("Malformed command line, format: ?cmd=arg0 arg1 ... argn\n")
      return
   end

   local user = os.getenv("REMOTE_USER") or "gitano/anonymous"

   gitano.log.buffer_output()

   local authorized, cmd, parsed_cmdline, config, env, repo =
      gitano.auth.is_authorized(user, "http", cmdline, os.getenv("GITANO_ROOT"))

   if authorized then
      local exit = gitano.util.run_command(cmd, cmdline, parsed_cmdline,
			       user, config, env, repo)

      stdout:write("Status: " .. (exit == 0 and "200 OK" or "400 Bad request")
         .. "\r\n\r\n")
      stdout:write(gitano.log.get_buffered_output() or "")
   else
      stdout:write("Status: 403 Forbidden\r\n\r\n")
      stdout:write(gitano.log.get_buffered_output() or "")
   end
else
   stdout:write("Status: 400 Bad request\r\n\r\n")
   stdout:write("Malformed command line, format: ?cmd=arg0 arg1 ... argn\n")
end