#!/usr/local/bin/php
<?php

$root = dirname(dirname(dirname(__FILE__)));
require_once $root.'/scripts/__init_script__.php';

// Get user's heys and put them to the configuration
function handleSingleUserPHID(
  $viewer, $userPHID, $repository, &$authfile, &$access) {
  $user = id(new PhabricatorPeopleQuery())
    ->setViewer($viewer)
    ->withPHIDs(array($userPHID))
    ->executeOne();

  $user_name = $user->getUserName();
  if (!array_key_exists($user_name, $authfile)) {
    $field_list = PhabricatorCustomField::getObjectFields(
      $user,
      PhabricatorCustomField::ROLE_APPLICATIONTRANSACTIONS);
    $field_list
      ->setViewer($user)
      ->readFieldsFromStorage($user);
    $fields = $field_list->getFields();
    $htaccess_field = idx($fields, 'std:user:htaccess_passowrd_hash');
    if ($htaccess_field) {
      $password_hash = $htaccess_field->getValueForStorage();
      $authfile[$user_name] = $password_hash;
    }
  }

  $uri = $repository->getRemoteURI();
  $repository_name = preg_replace(
    '/https?\:\/\/svn.blender.org\/svnroot\/([^\/]+)\/?.*/', '$1', $uri);
  if (!array_key_exists($repository_name, $access)) {
    $access[$repository_name] = array();
  }
  $access[$repository_name][] = $user_name;
}

// Parse repository and put it's members to the config file
function handleSingleRepository(
  $viewer, $repository, &$authfile, &$access) {
  $policies = PhabricatorPolicyQuery::loadPolicies(
    $viewer,
    $repository);

  $pushable = $policies[DiffusionCapabilityPush::CAPABILITY];
  $type = phid_get_type($pushable->getPHID());

  if ($type == PhabricatorProjectPHIDTypeProject::TYPECONST) {
    $project = id(new PhabricatorProjectQuery())
      ->setViewer($viewer)
      ->needMembers(true)
      ->withPHIDs(array($pushable->getPHID()))
      ->executeOne();

    $memberPHIDs = $project->getMemberPHIDs();
    foreach ($memberPHIDs as $memberPHID) {
      handleSingleUserPHID(
        $viewer, $memberPHID, $repository, $authfile, $access);
    }
  } else if ($type == PhabricatorPeoplePHIDTypeUser::TYPECONST) {
    handleSingleUserPHID(
      $viewer, $pushable->getPHID(), $repository, $authfile, $access);
  } else if ($type == PhabricatorPolicyPHIDTypePolicy::TYPECONST) {
    /* pass */
  } else {
    /* pass */
  }
}

function rebuildConfiguration($what) {
  $viewer = id(new PhabricatorUser())
    ->loadOneWhere('username = %s', 'sergey');

  $repositories = id(new PhabricatorRepositoryQuery())
    ->setViewer($viewer)
    ->execute();

  $authfile = array();
  $access = array();
  foreach ($repositories as $repository_id => $repository) {
    $type = $repository->getVersionControlSystem();
    if ($type == PhabricatorRepositoryType::REPOSITORY_TYPE_SVN) {
      handleSingleRepository(
        $viewer, $repository, $authfile, $access);
    }
  }
  if ($what == 'AUTHFILE') {
    foreach ($authfile as $user => $hash) {
      print("$user:$hash\n");
    }
  }
  else if ($what == 'ACCESS') {
    foreach ($access as $repository => $users) {
      print("[$repository:/]\n");
      foreach ($users as $user) {
        print("$user = rw\n");
      }
      print("anonsvn = r\n");
      print("* = r\n");
    }
  }
  return true;
}

if (count($argv) != 2 ||
    ($argv[1] != 'ACCESS' && $argv[1] != 'AUTHFILE')) {
  print("Usage: {$argv[0]} ACCESS|AUTHFILE\n");
  exit(1);
}

rebuildConfiguration($argv[1]);
?>