#!/usr/bin/python2.6
# -*- coding: iso-8859-15 -*-
# $Id$
"MediaWiki communication functions"
import datetime
import re

from authkit.users import UsersReadOnly, md5, AuthKitError
import formencode, formencode.national

import logging
log = logging.getLogger(__name__)

import wradmin.model as model
import wradmin.model.validators


# User management
# ---------------

class MediaWikiUsers(UsersReadOnly):
    def __init__(self, data=None, encrypt=None):
        UsersReadOnly.__init__(self, data, encrypt)

        # Initialize class fields
        self.usernames = []
        self.passwords = {}
        self.roles = {}
        self.groups = {}
        self.user_ids = {} # MediaWiki user_id field of the database
        self.real_names = {} # Real names of the users
        self.emails = {} # E-Mail addresses of the users
        
        # Query database
        con = model.meta.engine.connect()
        sql = "SELECT user_id, user_name, user_real_name, user_password, user_email FROM user, user_groups WHERE ug_user=user_id AND ug_group='beauftragte'"
        result = con.execute(sql)
        for row in result:
            user_id, username, real_name, password, email = row
            username = username.lower()
            role = []
            group = None
            
            self.usernames.append(username)
            self.passwords[username] = password
            self.roles[username] = role
            self.groups[username] = group
            self.user_ids[username] = user_id
            self.real_names[username] = real_name
            self.emails[username] = email
        con.close()
        log.info("%d users loaded from the MediaWiki database" % len(self.usernames))
    
    
    def user_has_password(self, username, password):
        """
        Passwords are case sensitive.
        Returns ``True`` if the user has the password specified, ``False`` otherwise. 
        Raises an exception if the user doesn't exist.
        
        See http://www.winterrodeln.org/trac/wiki/MediaWikiAuthorization
        """
        pwd = self.user_password(username)
        # Example: pwd = ':B:d25b2886:41e46c952790b1b442aac4f24f7ea7a8'
        pwd_parts = pwd.split(':') # password_parts = ['', 'B', 'd25b2886', '41e46c952790b1b442aac4f24f7ea7a8']
        if len(pwd_parts) == 4 and pwd_parts[1] == 'B':
            salt, pwd_md5 = tuple(pwd_parts[2:4]) # salt = 'd25b2886'; pwd_md5 = '41e46c952790b1b442aac4f24f7ea7a8'
        else:
            raise AuthKitError("Password in the MediaWiki database format has an unexpected format ('%s' instead of e.g. ':B:d25b2886:41e46c952790b1b442aac4f24f7ea7a8')" % pwd)
        # log.info("user: '%s'; md5 of salt+' '+entered_pwd: '%s'; md5-part of DB-pwd: %s" % (username, md5(salt + '-' + md5(password)), pwd_md5))
        return md5(salt + '-' + md5(password)) == pwd_md5