#!/bin/bash -e
#
# Copyright 2018 Red Hat, Inc. and/or its affiliates
# and other contributors as indicated by the @author tags.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

source "logging"

force=${FORCE_SEED_ACL:-"true"}
config=${ES_CONF}/elasticsearch.yml
index=$(python -c "import yaml; print yaml.load(open('${config}'))['searchguard']['config_index_name']" | xargs -i sh -c "echo {}")

if [ "${force}" = "false" ] ; then
  docs=(roles rolesmapping actiongroups internalusers config)
  for d in $docs; do
    resp=$(es_util --query=${index}/$d/0 -w %{response_code} --output /dev/null)
    #re-seed acls if any of them are missing
    if [ "${resp}" != "200" ]; then
      info "Missing ACL document '${d}'. Reseeding all ACL documents"
      force="true"
      break
    fi
  done
else
  info "Forcing the seeding of ACL documents"
fi

if [ "${force}" = "true" ] ; then
  es_seed_acl
fi
