# -*- coding: utf-8 -*-

"""

 (c) 2014 - Copyright Red Hat Inc

 Authors:

   Pierre-Yves Chibon <pingou@pingoured.fr></pingou@pingoured.fr>

"""

from functools import wraps

import flask

import progit.forms

from progit import (APP, SESSION, LOG, cla_required, authenticated,

                    generate_gitolite_acls, generate_authorized_key_file,

                    is_admin)

def admin_required(function):

    """ Flask decorator to retrict access to admins of progit.

    """

    @wraps(function)

    def decorated_function(*args, **kwargs):

        """ Decorated function, actually does the work. """

        if not authenticated():

            return flask.redirect(

                flask.url_for('auth_login', next=flask.request.url))

        elif not is_admin():

            flask.flash('Access restricted', 'error')

            return flask.redirect(flask.url_for('.index'))

        return function(*args, **kwargs)

    return decorated_function

# Application

@APP.route('/admin')

@admin_required

def admin_index():

    """ Front page of the admin section of the application.

    """

    form = progit.forms.ConfirmationForm()

    return flask.render_template(

        'admin_index.html', form=form,

    )

@APP.route('/admin/gitolite', methods=['POST'])

@admin_required

def admin_generate_acl():

    """ Regenerate the gitolite ACL file. """

    form = progit.forms.ConfirmationForm()

    if form.validate_on_submit():

        generate_gitolite_acls()

        flask.flash('Gitolite ACLs updated')

    return flask.redirect(flask.url_for('admin_index'))

@APP.route('/admin/ssh', methods=['POST'])

@admin_required

def admin_refresh_ssh():

    """ Regenerate the gitolite ACL file. """

    form = progit.forms.ConfirmationForm()

    if form.validate_on_submit():

        generate_authorized_key_file()

        flask.flash('Authorized file updated')

    return flask.redirect(flask.url_for('admin_index'))