#!/bin/bash
#
#  This file is part of TALER
#  Copyright (C) 2024, 2025 Taler Systems SA
#
#  TALER is free software; you can redistribute it and/or modify it under the
#  terms of the GNU General Public License as published by the Free Software
#  Foundation; either version 3, or (at your option) any later version.
#
#  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
#  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
#  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License along with
#  TALER; see the file COPYING.  If not, If not, see <http://www.gnu.org/license>
#

# Hard error reporting on.
set -eu


# Exit, with error message (hard failure)
function exit_fail() {
    echo " FAIL: " "$@" >&2
    EXIT_STATUS=1
    exit "$EXIT_STATUS"
}

CONF="$HOME/.config/taler-exchange.conf"
VERBOSE=0

while getopts 'ac:hirvV' OPTION;
do
    case "$OPTION" in
        a)
            exit 0
            ;;
        c)
            # shellcheck disable=SC2034
            CONF="$OPTARG"
            ;;
        h)
            echo "This is a KYC measure program that clears a measure from the rule set and continues with another AML program, all controlled via the context."
            echo 'Supported options:'
            echo '  -a           -- show required attributes'
            # shellcheck disable=SC2016
            echo '  -c $CONF     -- set configuration'
            echo '  -h           -- print this help'
            echo '  -i           -- show required inputs'
            echo '  -r           -- show required context'
            echo '  -v           -- show version'
            echo '  -V           -- be verbose'
            exit 0
            ;;
        i)
            # Need context and current_rules.
            echo "context"
            echo "current_rules"
            exit 0
            ;;
        r)
            # Context for AML program to run next
            echo "next_context"
            # Binary name of AML program to run next
            echo "exec_name"
            # Which measure to clear?
            echo "clear_measure"
            exit 0
            ;;
        v)
            echo "$0 v0.0.0"
            exit 0
            ;;
        V)
            VERBOSE=1
            ;;
        ?)
        exit_fail "Unrecognized command line option"
        ;;
    esac
done

if [ 1 = "$VERBOSE" ]
then
    echo "Running $0" 1>&2
fi

# See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlProgramInput
# for the full JSON with possible inputs.

# First, extract inputs we need
INPUTS=$(jq '{"current_rules":.current_rules,"attributes":.attributes,"context":.context}')

# Get current rules.
CURRENT_RULES=$(echo "$INPUTS" | jq '.current_rules // null')
# Get context values.
J_NEXT_CONTEXT=$(echo "$INPUTS" | jq '.context.next_context // {}')
EXEC_NAME=$(echo "$INPUTS" | jq -r '.context.exec_name')
CLEAR_MEASURE=$(echo "$INPUTS" | jq '.context.clear_measure // null')

# Remove matching measure from current rules.
J_NEW_RULES=$(echo "$CURRENT_RULES" | jq --argjson cm "$CLEAR_MEASURE" '(.rules[] |= if (.measures[0]==$cm) then del(.) else . end)')

echo "Passing new rules ${J_NEW_RULES} to ${EXEC_NAME}." 1>&2

# FIXME: we might want to restrict EXEC_NAME to binaries
# with a certain prefix and/or even validate that it is
# an AML program in some 'approved' list. Right now, an
# AML officer (reasonably trusted...) could basically
# run any binary on the server here...

# Finally, pass the new rules as input to the AML program '$EXEC_NAME'.
jq -n \
    --argjson nc "$J_NEXT_CONTEXT" \
    --argjson nr "$J_NEW_RULES" \
    '{"current_rules":$nr,"context":$nc}' \
    | exec "${EXEC_NAME}"
