#!/bin/bash
#
#	PHP VOMS-Admin script to add new VO for serving
#
#    Copyright 2010 Andrii Salnikov
#
#   Licensed under the Apache License, Version 2.0 (the "License");
#   you may not use this file except in compliance with the License.
#   You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.
#
#
#################################################################################
#		Configuration hard-coded last-resort defaults			#
#################################################################################
# system pathes
LIBDIR="/usr/lib"
CONFDIR="/etc"
# general configuration defaults
MYSQL_USER="root"
VODBHOST="localhost"
#VODBUSER="voms"
#VODBPASS="commonpassword"
VOMSDDIR="${CONFDIR}/voms"
VOMSDCERT="${CONFDIR}/grid-security/hostcert.pem"
VOMSDKEY="${CONFDIR}/grid-security/hostkey.pem"
VOMSDCONF_OWNER="voms:voms"
PVACONFDIR="${CONFDIR}/pva/vomses"
PVACONF_OWNER="apache:apache"

#################################################################################
#			Pre-execution checks					#
#################################################################################

# Check for root account
if [ "x`id -u`" != "x0" ]; then
	echo "ERROR: You must to be a root to add new VO."
	exit 1
fi

# Source external config file if exists
ADDVOCONF=/etc/pva/addvo.conf
[ -n "${ADDVOCONF}" ] && [ -e "${ADDVOCONF}" ] && source ${ADDVOCONF}

# Check variable defaults 
if [ "x${VOHOST}" = "x" ]; then 
	VOHOST=`hostname`
	echo "INFO: Using default hostname \"$VOHOST\" for VOHOST value."
fi

#################################################################################
# 				Functions 					#
#################################################################################
# Show usage instruction and exit
usage () {
cat <<END
Usage: addvo [<file with variables to source>]
The following variables need to be set or specified in <file with variables to source>:
	VONAME		- name of VO to add	(required)
	ADMDN		- VO Admin DN		(required)
	ADMCA		- VO Admin cert CA	(required)
	ADMMAIL		- VO Admin e-mail	(required)
	RULES_URL	- VO usage rules	(required)
	VOPORT		- vomsd listen port	(required)
	HOMEPAGE	- VO homepage		(optional)
	DESCR		- VO description	(optional)
	DEFCA		- Default CA for users	(optional)
END
exit 1
}

# Generate config for PHP VOMS-Admin to serve VO
gen_pva_config () {
cat << END
<?php
    \$dbhost="${VODBHOST}";
    \$dbname="voms_${_VONAME}";
    \$dbuser="${VODBUSER}";
    \$dbpasswd="${VODBPASS}";
    \$vo_port="${VOPORT}";
    \$vo_host="${VOHOST}";
    \$vo_cert="${VOMSDCERT}";
    \$vo_rules_link="${RULES_URL}";
END
[ -n "$DEFCA" ] && cat << END
    \$defaultca="${DEFCA}";
END
[ -n "$DESCR" ] && cat << END
    \$vo_description="${DESCR}";
END
[ -n "$HOMEPAGE" ] && cat << END
    \$vo_mainurl="${HOMEPAGE}";
END
cat << END
?>
END
}

# Generate config for vomsd
gen_vomsd_config () {
cat << END
--code=$VOPORT
--contactstring=$VODBHOST
--dbname=voms_$_VONAME
--logfile=/var/log/voms/voms.$VONAME
--loglevel=4
--logtype=7
--passfile=${CONFDIR}/voms/$VONAME/voms.pass
--port=$VOPORT
--sqlloc=${LIBDIR}/voms/libvomsmysql.so
--username=$VODBUSER
--vo=$VONAME
--uri=$VOHOST:$VOPORT
--timeout=604800
--x509_user_cert=$VOMSDCERT
--x509_user_key=$VOMSDKEY
END
}

# Generate random password
genpasswd () {
    local MAXSIZE=${1:-8}
    local array1=(
        q w e r t y u i o p a s d f g h j k l z x c v b n m Q W E R T Y U I O P A S D
        F G H J K L Z X C V B N M 1 2 3 4 5 6 7 8 9 0
    )
    local MODNUM=${#array1[*]}
    local pwd_len=0
    while [ $pwd_len -lt $MAXSIZE ]
    do
        index=$(($RANDOM%$MODNUM))
        echo -n "${array1[$index]}"
        ((pwd_len++))
    done
}

# Generate SQL to create and fill database for VO
gensql () {
cat <<END
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";

CREATE DATABASE \`voms_${_VONAME}\` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci;

GRANT ALL ON \`voms_${_VONAME}\`.* to \`${VODBUSER}\`@localhost;
SET PASSWORD FOR \`${VODBUSER}\`@localhost = PASSWORD("${VODBPASS}");
FLUSH PRIVILEGES;

USE \`voms_${_VONAME}\`;

CREATE TABLE IF NOT EXISTS \`acl2\` (
  \`acl_id\` bigint(20) NOT NULL auto_increment,
  \`group_id\` bigint(20) NOT NULL default '0',
  \`defaultACL\` tinyint(1) NOT NULL default '0',
  \`role_id\` bigint(20) default NULL,
  PRIMARY KEY  (\`acl_id\`),
  UNIQUE KEY \`group_id\` (\`group_id\`,\`defaultACL\`,\`role_id\`),
  KEY \`role_id\` (\`role_id\`),
  KEY \`group_id_2\` (\`group_id\`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

INSERT INTO \`acl2\` (\`acl_id\`, \`group_id\`, \`defaultACL\`, \`role_id\`) VALUES
(1, 1, 0, NULL),
(2, 1, 0, 1);

CREATE TABLE IF NOT EXISTS \`acl2_permissions\` (
  \`acl_id\` bigint(20) NOT NULL default '0',
  \`permissions\` int(11) default NULL,
  \`admin_id\` bigint(20) NOT NULL default '0',
  PRIMARY KEY  (\`acl_id\`,\`admin_id\`),
  KEY \`admin_id\` (\`admin_id\`),
  KEY \`acl_id\` (\`acl_id\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

INSERT INTO \`acl2_permissions\` (\`acl_id\`, \`permissions\`, \`admin_id\`) VALUES
(1, 8191, 1),
(1, 8191, 2),
(1, 533, 4),
(1, 8191, 5),
(1, 3999, 6),
(2, 8191, 1),
(2, 8191, 2),
(2, 533, 3),
(2, 533, 4),
(2, 8191, 5),
(2, 3999, 6);

CREATE TABLE IF NOT EXISTS \`admins\` (
  \`adminid\` bigint(20) NOT NULL auto_increment,
  \`dn\` varchar(255) NOT NULL default '',
  \`email_address\` varchar(255) default NULL,
  \`ca\` smallint(6) NOT NULL default '0',
  PRIMARY KEY  (\`adminid\`),
  UNIQUE KEY \`dn\` (\`dn\`),
  KEY \`ca\` (\`ca\`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

INSERT INTO \`admins\` (\`adminid\`, \`dn\`, \`email_address\`, \`ca\`) VALUES
(1, '/O=VOMS/O=System/CN=Internal VOMS Process', NULL, 1),
(2, '/O=VOMS/O=System/CN=Local Database Administrator', NULL, 1),
(3, '/O=VOMS/O=System/CN=Absolutely Anyone', NULL, 1),
(4, '/O=VOMS/O=System/CN=Any Authenticated User', NULL, 1),
(5, '${ADMDN}', '${ADMMAIL}', ${CAID}),
(6, '/${VONAME}/Role=VO-Admin', NULL, 3);

CREATE TABLE IF NOT EXISTS \`admins_history\` (
  \`admin_h_id\` bigint(20) NOT NULL default '0',
  \`adminid\` bigint(20) NOT NULL default '0',
  \`dn\` varchar(255) NOT NULL default '',
  \`ca\` smallint(6) NOT NULL default '0',
  PRIMARY KEY  (\`admin_h_id\`),
  KEY \`ca\` (\`ca\`),
  KEY \`admin_h_id\` (\`admin_h_id\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS \`attributes\` (
  \`a_id\` bigint(20) NOT NULL auto_increment,
  \`a_name\` varchar(255) NOT NULL default '',
  \`a_desc\` text,
  \`a_uniq\` tinyint(1) default '0',
  PRIMARY KEY  (\`a_id\`),
  UNIQUE KEY \`a_name\` (\`a_name\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS \`ca\` (
  \`cid\` smallint(6) NOT NULL auto_increment,
  \`ca\` varchar(255) NOT NULL default '',
  \`cadescr\` varchar(255) default NULL,
  PRIMARY KEY  (\`cid\`),
  UNIQUE KEY \`ca\` (\`ca\`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

INSERT INTO \`ca\` (\`cid\`, \`ca\`, \`cadescr\`) VALUES
(1, '/O=VOMS/O=System/CN=Dummy Certificate Authority', 'A dummy CA for local org.glite.security.voms.admin.database mainteneance'),
(2, '/O=VOMS/O=System/CN=VOMS Group', 'A virtual CA for VOMS groups.'),
(3, '/O=VOMS/O=System/CN=VOMS Role', 'A virtual CA for VOMS roles.'),
(4, '/O=VOMS/O=System/CN=Authorization Manager Attributes', 'A virtual CA for authz manager attributes')${CALIST};

CREATE TABLE IF NOT EXISTS \`capabilities\` (
  \`cid\` bigint(20) NOT NULL auto_increment,
  \`capability\` varchar(255) NOT NULL default '',
  PRIMARY KEY  (\`cid\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS \`groups\` (
  \`gid\` bigint(20) NOT NULL auto_increment,
  \`dn\` varchar(255) NOT NULL default '',
  \`parent\` bigint(20) default NULL,
  \`must\` tinyint(1) NOT NULL default '0',
  PRIMARY KEY  (\`gid\`),
  UNIQUE KEY \`dn\` (\`dn\`),
  KEY \`parent\` (\`parent\`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;


INSERT INTO \`groups\` (\`gid\`, \`dn\`, \`parent\`, \`must\`) VALUES
(1, '/${VONAME}', 1, 1);

CREATE TABLE IF NOT EXISTS \`group_attrs\` (
  \`a_id\` bigint(20) NOT NULL default '0',
  \`g_id\` bigint(20) NOT NULL default '0',
  \`a_value\` varchar(255) default NULL,
  PRIMARY KEY  (\`a_id\`,\`g_id\`),
  KEY \`g_id\` (\`g_id\`),
  KEY \`a_id\` (\`a_id\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS \`history\` (
  \`h_id\` bigint(20) NOT NULL auto_increment,
  \`operation\` smallint(6) NOT NULL default '0',
  \`tstamp\` datetime NOT NULL default '0000-00-00 00:00:00',
  \`who\` bigint(20) NOT NULL default '0',
  PRIMARY KEY  (\`h_id\`),
  KEY \`who\` (\`who\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS \`m\` (
  \`mapping_id\` bigint(20) NOT NULL auto_increment,
  \`userid\` bigint(20) NOT NULL default '0',
  \`gid\` bigint(20) NOT NULL default '0',
  \`rid\` bigint(20) default NULL,
  \`cid\` bigint(20) default NULL,
  PRIMARY KEY  (\`mapping_id\`),
  UNIQUE KEY \`userid\` (\`userid\`,\`gid\`,\`rid\`),
  KEY \`fk_m_roles\` (\`rid\`),
  KEY \`fk_m_usr\` (\`userid\`),
  KEY \`fk_m_groups\` (\`gid\`),
  KEY \`fk_m_cap\` (\`cid\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS \`memb_req\` (
  \`id\` bigint(20) NOT NULL auto_increment,
  \`creation_date\` datetime NOT NULL default '0000-00-00 00:00:00',
  \`evaluation_date\` datetime default NULL,
  \`status\` int(11) NOT NULL default '0',
  \`confirm_id\` varchar(255) NOT NULL default '',
  \`dn\` varchar(255) NOT NULL default '',
  \`ca\` varchar(255) NOT NULL default '',
  \`cn\` varchar(255) default NULL,
  \`mail\` varchar(255) NOT NULL default '',
  \`institute\` varchar( 255 ) NOT NULL,
  \`phone\` varchar( 255 ) NOT NULL default '',
  \`comment\` varchar( 255 ) NOT NULL default '',
  PRIMARY KEY  (\`id\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS \`pva_authorized_updators\` (
  \`au_id\` smallint(6) NOT NULL AUTO_INCREMENT,
  \`status\` tinyint(4) NOT NULL,
  \`dn\` varchar(255) NOT NULL,
  \`cahash\` varchar(10) NOT NULL,
  \`ip\` varchar(16) NOT NULL,
  \`endpoint\` varchar(128) NOT NULL,
  \`auth_key\` varchar(64) NOT NULL,
  \`foreign_key\` varchar(64) NOT NULL,
  \`t_stamp\` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
  \`sync_time\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  PRIMARY KEY (\`au_id\`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;

INSERT INTO \`pva_authorized_updators\` (\`au_id\`, \`status\`, \`dn\`, \`ip\`, \`endpoint\`, \`auth_key\`, \`foreign_key\`, \`t_stamp\`, \`sync_time\`) VALUES (1, 9, '/O=VOMS/O=System/CN=Local PHP VOMS-Admin', '', '', '', '', CURRENT_TIMESTAMP, CURRENT_TIMESTAMP);

CREATE TABLE IF NOT EXISTS \`pva_id2uuid_map\` (
  \`id\` int(11) NOT NULL,
  \`table\` varchar(36) NOT NULL,
  \`uuid\` varchar(36) NOT NULL,
  PRIMARY KEY (\`uuid\`),
  KEY \`id\` (\`id\`),
  KEY \`table\` (\`table\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS \`pva_logs\` (
  \`id\` int(10) unsigned NOT NULL AUTO_INCREMENT,
  \`level\` char(1) NOT NULL,
  \`subsys\` smallint(5) unsigned NOT NULL,
  \`msg_code\` int(10) unsigned NOT NULL,
  \`msg_parms\` text NOT NULL,
  \`count\` int(10) unsigned NOT NULL DEFAULT '1',
  \`first_occured\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
  \`last_occured\` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
  PRIMARY KEY (\`id\`),
  KEY \`msg_code\` (\`msg_code\`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS \`pva_transactions\` (
  \`t_stamp\` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
  \`uuid\` char(36) NOT NULL,
  \`adminid\` varchar(255) NOT NULL,
  \`fname\` varchar(32) NOT NULL,
  \`args\` text NOT NULL,
  \`source_id\` int(11) NOT NULL,
  \`source_flavor\` VARCHAR (32) NOT NULL DEFAULT '',
  KEY \`t_stamp\` (\`t_stamp\`),
  UNIQUE KEY \`uuid\` (\`uuid\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS \`pva_variables\` (
  \`var\` VARCHAR(128) NOT NULL,
  \`value\` VARCHAR(255) NOT NULL, 
  UNIQUE KEY \`var\` (\`var\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

INSERT INTO \`pva_variables\` (\`var\`,\`value\`) VALUES
('pva_dbschema_version', '65');

CREATE TABLE IF NOT EXISTS \`roles\` (
  \`rid\` bigint(20) NOT NULL auto_increment,
  \`role\` varchar(255) NOT NULL default '',
  PRIMARY KEY  (\`rid\`),
  UNIQUE KEY \`role\` (\`role\`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

INSERT INTO \`roles\` (\`rid\`, \`role\`) VALUES
(1, 'VO-Admin');

CREATE TABLE IF NOT EXISTS \`role_attrs\` (
  \`a_id\` bigint(20) NOT NULL default '0',
  \`g_id\` bigint(20) NOT NULL default '0',
  \`r_id\` bigint(20) NOT NULL default '0',
  \`a_value\` varchar(255) default NULL,
  PRIMARY KEY  (\`a_id\`,\`g_id\`,\`r_id\`),
  KEY \`g_id\` (\`g_id\`),
  KEY \`r_id\` (\`r_id\`),
  KEY \`a_id\` (\`a_id\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS \`seqnumber\` (
  \`seq\` varchar(255) NOT NULL default '',
  PRIMARY KEY  (\`seq\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

INSERT INTO \`seqnumber\` (\`seq\`) VALUES
('0');

CREATE TABLE IF NOT EXISTS \`usr\` (
  \`userid\` bigint(20) NOT NULL auto_increment,
  \`dn\` varchar(255) NOT NULL default '',
  \`ca\` smallint(6) default NULL,
  \`cn\` varchar(255) default NULL,
  \`mail\` varchar(255) default NULL,
  \`cauri\` varchar(255) default NULL,
  PRIMARY KEY  (\`userid\`),
  KEY \`fk_usr_ca\` (\`ca\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

CREATE TABLE IF NOT EXISTS \`usr_attrs\` (
  \`a_id\` bigint(20) NOT NULL default '0',
  \`u_id\` bigint(20) NOT NULL default '0',
  \`a_value\` varchar(255) default NULL,
  PRIMARY KEY  (\`a_id\`,\`u_id\`),
  KEY \`u_id\` (\`u_id\`),
  KEY \`a_id\` (\`a_id\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS \`version\` (
  \`version\` int(11) NOT NULL default '0',
  PRIMARY KEY  (\`version\`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

INSERT INTO \`version\` (\`version\`) VALUES
(2);

ALTER TABLE \`acl2\`
  ADD CONSTRAINT \`acl2_ibfk_1\` FOREIGN KEY (\`group_id\`) REFERENCES \`groups\` (\`gid\`) ON DELETE CASCADE,
  ADD CONSTRAINT \`acl2_ibfk_2\` FOREIGN KEY (\`role_id\`) REFERENCES \`roles\` (\`rid\`) ON DELETE CASCADE;

ALTER TABLE \`acl2_permissions\`
  ADD CONSTRAINT \`acl2_permissions_ibfk_1\` FOREIGN KEY (\`acl_id\`) REFERENCES \`acl2\` (\`acl_id\`),
  ADD CONSTRAINT \`acl2_permissions_ibfk_2\` FOREIGN KEY (\`admin_id\`) REFERENCES \`admins\` (\`adminid\`);

ALTER TABLE \`admins\`
  ADD CONSTRAINT \`admins_ibfk_1\` FOREIGN KEY (\`ca\`) REFERENCES \`ca\` (\`cid\`);

ALTER TABLE \`admins_history\`
  ADD CONSTRAINT \`admins_history_ibfk_1\` FOREIGN KEY (\`admin_h_id\`) REFERENCES \`history\` (\`h_id\`),
  ADD CONSTRAINT \`admins_history_ibfk_2\` FOREIGN KEY (\`ca\`) REFERENCES \`ca\` (\`cid\`);

ALTER TABLE \`groups\`
  ADD CONSTRAINT \`groups_ibfk_1\` FOREIGN KEY (\`parent\`) REFERENCES \`groups\` (\`gid\`);

ALTER TABLE \`group_attrs\`
  ADD CONSTRAINT \`group_attrs_ibfk_1\` FOREIGN KEY (\`a_id\`) REFERENCES \`attributes\` (\`a_id\`),
  ADD CONSTRAINT \`group_attrs_ibfk_2\` FOREIGN KEY (\`g_id\`) REFERENCES \`groups\` (\`gid\`) ON DELETE CASCADE;

ALTER TABLE \`history\`
  ADD CONSTRAINT \`history_ibfk_1\` FOREIGN KEY (\`who\`) REFERENCES \`admins\` (\`adminid\`);

ALTER TABLE \`m\`
  ADD CONSTRAINT \`fk_m_cap\` FOREIGN KEY (\`cid\`) REFERENCES \`capabilities\` (\`cid\`),
  ADD CONSTRAINT \`fk_m_groups\` FOREIGN KEY (\`gid\`) REFERENCES \`groups\` (\`gid\`) ON DELETE CASCADE,
  ADD CONSTRAINT \`fk_m_roles\` FOREIGN KEY (\`rid\`) REFERENCES \`roles\` (\`rid\`) ON DELETE CASCADE,
  ADD CONSTRAINT \`fk_m_usr\` FOREIGN KEY (\`userid\`) REFERENCES \`usr\` (\`userid\`) ON DELETE CASCADE;

ALTER TABLE \`role_attrs\`
  ADD CONSTRAINT \`role_attrs_ibfk_1\` FOREIGN KEY (\`a_id\`) REFERENCES \`attributes\` (\`a_id\`),
  ADD CONSTRAINT \`role_attrs_ibfk_2\` FOREIGN KEY (\`r_id\`) REFERENCES \`roles\` (\`rid\`) ON DELETE CASCADE,
  ADD CONSTRAINT \`role_attrs_ibfk_3\` FOREIGN KEY (\`g_id\`) REFERENCES \`groups\` (\`gid\`);

ALTER TABLE \`usr\`
  ADD CONSTRAINT \`fk_usr_ca\` FOREIGN KEY (\`ca\`) REFERENCES \`ca\` (\`cid\`);

ALTER TABLE \`usr_attrs\`
  ADD CONSTRAINT \`usr_attrs_ibfk_1\` FOREIGN KEY (\`a_id\`) REFERENCES \`attributes\` (\`a_id\`),
  ADD CONSTRAINT \`usr_attrs_ibfk_2\` FOREIGN KEY (\`u_id\`) REFERENCES \`usr\` (\`userid\`) ON DELETE CASCADE;
END
}


#################################################################################
# 				Processsing 					#
#################################################################################
# Source parameter file if present
if [ -n "$1" ]; then
	[ -f $1 ] && source $1 || usage
fi

# Global variables 
export X509_CERT_DIR=${X509_CERT_DIR:-/etc/grid-security/certificates}

# Check for nececarry variables
[ -z "$VONAME" -o -z "$ADMDN" -o -z "$ADMCA" -o -z "$ADMMAIL" -o -z "$RULES_URL" -o -z "$VOPORT" ] && usage
[ -d ${VOMSDDIR} ] || mkdir -p ${VOMSDDIR}
if [ -n "`grep ${VOPORT} ${VOMSDDIR}/ -R`" ]; then
	echo "ERROR: VOPORT is allready in use by another VO."
	exit 1
fi

_VONAME=${VONAME//\./_}

[ -z "$VODBUSER" ] && VODBUSER="voms_${_VONAME}" || cat << END
WARNING!!! You are using user-defined database owner.
Please be carefull overriding password for existing database user 
causing another VO access crash.

END

[ -z "$VODBPASS" ] && VODBPASS=`genpasswd 32`

# Check for CA certificates directory
if [ ! -d ${X509_CERT_DIR} ]; then 
	echo "ERROR: Can not find CA certificates directory. Please check IGTF certificates installation and pathes in ${ADDVOCONF}."
	exit 1
fi

# Generate CA List
echo -en "INFO: Generating CA list from $X509_CERT_DIR...\t"
cacnt=5
CALIST=
for cacert in `ls -1 ${X509_CERT_DIR}/*.0`; do
	cadn=`openssl x509 -in ${cacert} -subject -noout | sed 's/subject=\s*//'`
	[ -n "`echo ${CALIST} | grep \"'${cadn}'\"`" ] && continue
	[ "x${cadn}" = "x${ADMCA}" ] && CAID=${cacnt}
	cadescr=`cat ${cacert%%.0}.info 2>/dev/null | grep alias | sed 's/alias\s*=\s*//'`
	CALIST="${CALIST}, (${cacnt},'${cadn}','${cadescr}')"
	cacnt=$((cacnt+1))
done

if [ "x${CAID}" = "x" ]; then 
	echo -e "\nERROR: Admin CA is not valid. Execution halted."
	exit 1
fi
echo "Done."

# Execute SQL
echo "INFO: Creating database and credentials..."
gensql | mysql -h ${VODBHOST} -u ${MYSQL_USER} -p

if [ "x${PIPESTATUS[1]}" = "x0" ]; then 
	# Generate config for vomsd

	mkdir -p "${VOMSDDIR}/${VONAME}"
	VOMSDCONF="${VOMSDDIR}/${VONAME}/voms.conf"
	VOMSDPASS="${VOMSDDIR}/${VONAME}/voms.pass"
	echo "INFO: Writting vomsd conf at: $VOMSDCONF"
	gen_vomsd_config > $VOMSDCONF
	echo "${VODBPASS}" > $VOMSDPASS
	chmod 644 $VOMSDCONF
	chown $VOMSDCONF_OWNER $VOMSDCONF 2>/dev/null
	# 640 because vomsd failed with "Initialization error: can't read password file!" on 400 or 600.
	# If you do not have this issue - change to comprehensive value
	chmod 640 $VOMSDPASS
	chown $VOMSDCONF_OWNER $VOMSDPASS 2>/dev/null

	# Generate config for PVA
	PVACONF="${PVACONFDIR}/${VONAME}.conf"
	echo "INFO: Writting PHP VOMS-Admin conf at: $PVACONF"
	gen_pva_config > $PVACONF
	chmod 600 $PVACONF
	chown ${PVACONF_OWNER} $PVACONF
	if [ -f "/etc/init.d/voms" ]; then
		echo "INFO: Restarting vomsd..."
		/etc/init.d/voms restart
	else 
		echo "INFO: Please restart vomsd to begin serving voms AC requests for VO $VONAME"
	fi
else 
	echo "ERROR: Operations with MySQL failed. Config creation was canceled."
	exit 1
fi

