#!/bin/sh
set -e

branch_version=4
branch_priority=250

warn() {
	fmt -60 | sed 's/^/**WARNING**  /' 1>&2
}

warn <<eof

If you are using mod_perl or any form of persistent perl process
such as FastCGI, you will need to restart your web server and any
persistent processes now.

For mod_perl this means

invoke-rc.d apache2 stop && invoke-rc.d apache2 start

eof

find /var/cache/request-tracker$branch_version/mason_data -type f -print0 |xargs -r0 rm -f

alts() {
    for x in "/usr/bin/rt-crontool 1" "/usr/sbin/rt-setup-database 8" \
             "/usr/sbin/rt-dump-metadata 8" "/usr/sbin/update-rt-siteconfig 8" \
             "/usr/sbin/rt-email-digest 8" "/usr/sbin/rt-email-dashboards 8" \
             "/usr/sbin/rt-clean-sessions 8" "/usr/sbin/rt-shredder 8" \
             "/usr/sbin/rt-email-group-admin 8" "/usr/sbin/rt-attributes-viewer 8" \
             "/usr/sbin/rt-fulltext-indexer 8" "/usr/sbin/rt-setup-fulltext-index 8" \
             "/usr/sbin/rt-validator 8" "/usr/sbin/rt-session-viewer 8" \
             "/usr/sbin/rt-preferences-viewer 8" \
             "/usr/sbin/rt-validate-aliases 8"; do
        set -- $x; alt=$1; manext=$2; base=`basename $alt`
        update-alternatives \
	  --install $alt $base $alt-$branch_version $branch_priority \
          --slave /usr/share/man/man$manext/$base.$manext.gz \
	          $base.$manext.gz \
                  /usr/share/man/man$manext/$base-$branch_version.$manext.gz
    done
}

create_debconf_snippet () {
    # create a configuration snippet from the debconf database
    # and handle it with ucf
    tfile=$(mktemp -t request-tracker4-config.XXXXXXXX) || exit 1
    for i in rtname organization correspondaddress commentaddress \
             webpath webbaseurl
    do
        db_get "request-tracker4/$i"
        echo "$i=$RET"
    done | /usr/share/request-tracker4/debian/write-siteconfig \
           /usr/share/request-tracker4/debian/siteconfig.template > $tfile
    ucf --debconf-ok $tfile /etc/request-tracker4/RT_SiteConfig.d/50-debconf
    rm $tfile
}

run_dbconfig () {
    dbc_generate_include=template:/etc/request-tracker4/RT_SiteConfig.d/51-dbconfig-common
    dbc_generate_include_args="-o template_infile=/usr/share/request-tracker4/debian/dbconfig.template"
    if [ "$HANDLE_PERMISSIONS" = "true" ]
    then
        # hint the SQLite code for the database file permissions
        dbc_dbfile_owner="root:www-data"
        dbc_dbfile_perms=0660
    fi

    ROOT_PASSWORD="password"
    db_get request-tracker4/dbconfig-install
    DBC_INSTALL=$RET
    if [ -n "$2" ]; then
        DBC_INSTALL="false"
    fi
    db_get request-tracker4/dbconfig-reinstall
    DBC_REINSTALL=$RET
    if [ "$DBC_INSTALL" = "true" -o "$DBC_REINSTALL" = "true" ]; then
        db_get request-tracker4/initial-root-password
        if [ -n "$RET" ]; then
            ROOT_PASSWORD="$RET"
        fi
    fi
    ROOT_PASSWORD_FILE=`mktemp`
    export ROOT_PASSWORD_FILE
    echo $ROOT_PASSWORD > $ROOT_PASSWORD_FILE
    unset ROOT_PASSWORD
    . /usr/share/dbconfig-common/dpkg/postinst 
    dbc_go request-tracker4 $@
    if [ "$DBC_INSTALL" = "true" -o "$DBC_REINSTALL" = "true" ]; then
        db_reset request-tracker4/initial-root-password
        db_fset request-tracker4/initial-root-password seen true
        rm -f $ROOT_PASSWORD_FILE
    fi
}

maybe_handle_permissions () {
    if [ "$HANDLE_PERMISSIONS" = "true" ]
    then
        chown root:www-data /etc/request-tracker4/RT_SiteConfig.pm
        chmod 640           /etc/request-tracker4/RT_SiteConfig.pm
    fi
}

ucf_register () {
    # Add the generated files into the ucf registry
    if which ucfr >/dev/null 2>&1
    then
        ucfr request-tracker4 /etc/request-tracker4/RT_SiteConfig.d/50-debconf
        ucfr request-tracker4 /etc/request-tracker4/RT_SiteConfig.pm
        ucfr request-tracker4 /etc/cron.d/request-tracker4
        # this should probably be registered by dbconfig-generate-include,
        # but ucfr is idempotent so it doesn't hurt here anyway.
        ucfr request-tracker4 /etc/request-tracker4/RT_SiteConfig.d/51-dbconfig-common
    fi
}

setup_cronjobs () {
    tfile=$(mktemp -t request-tracker4-config.XXXXXXXX) || exit 1
    chmod 0755 $tfile
    if [ "$INSTALL_CRONJOBS" = "true" ]
    then
        cat > $tfile <<EOF
0 0 * * * www-data [ -x /usr/sbin/rt-email-digest-4 ] && /usr/sbin/rt-email-digest-4 -m daily
0 0 * * 0 www-data [ -x /usr/sbin/rt-email-digest-4 ] && /usr/sbin/rt-email-digest-4 -m weekly
0 * * * * www-data [ -x /usr/sbin/rt-email-dashboards-4 ] && /usr/sbin/rt-email-dashboards-4
EOF
    else
        cat > $tfile <<EOF
#0 0 * * * www-data [ -x /usr/sbin/rt-email-digest-4 ] && /usr/sbin/rt-email-digest-4 -m daily
#0 0 * * 0 www-data [ -x /usr/sbin/rt-email-digest-4 ] && /usr/sbin/rt-email-digest-4 -m weekly
#0 * * * * www-data [ -x /usr/sbin/rt-email-dashboards-4 ] && /usr/sbin/rt-email-dashboards-4
EOF
    fi
    mkdir -p /etc/cron.d
    ucf --debconf-ok $tfile /etc/cron.d/request-tracker4
    rm $tfile
    if [ -f /etc/cron.d/request-tracker40 ]; then
        mv /etc/cron.d/request-tracker40 /etc/cron.d/request-tracker40.request-tracker4.0
    fi
}

fix_vulnerable_passwords() {
    if [ "$1" = "configure" ] && [ -n "$2" ] && \
        dpkg --compare-versions "$2" lt 4.0.5-3
    then
        if su -s /bin/sh -c "RTHOME=/usr/share/request-tracker4 /usr/share/request-tracker4/etc/upgrade/vulnerable-passwords --fix" www-data; then
            echo "rt-vulnerable-passwords-4 invoked successfully on upgrade"
        else
            echo "rt-vulnerable-passwords-4 exited with an error but the"
            echo "package post-installation will continue. We recommend that"
            echo "you check the above error and take corrective action to"
            echo "ensure the privacy of your user's passwords."
        fi
    fi
}

move_gpg_data() {
    if [ "$1" = "configure" ] && [ -n "$2" ] && \
        dpkg --compare-versions "$2" lt 4.0.7-5
    then
        if [ -d /var/cache/request-tracker4/data/gpg ]; then
            echo "Moving GPG data from /var/cache to /var/lib"
            # This should be part of the package, but make sure
            if [ ! -d /var/lib/request-tracker4/data ]; then
                mkdir -p /var/lib/request-tracker4/data
                chown www-data:root /var/lib/request-tracker4/data
                chown 2750 /var/lib/request-tracker4/data
            fi
            mv -vu /var/cache/request-tracker4/data/gpg/* \
                   /var/lib/request-tracker4/data/gpg
            rmdir --ignore-fail-on-non-empty /var/cache/request-tracker4/data/gpg
        fi
    fi
}

# The actual work starts here
. /usr/share/debconf/confmodule

# this is used for the SiteConfig.pm file and the possible SQLite database file
db_get request-tracker4/handle-siteconfig-permissions
HANDLE_PERMISSIONS="$RET"

db_get request-tracker4/install-cronjobs
INSTALL_CRONJOBS="$RET"

create_debconf_snippet
run_dbconfig $@

# the snippets should be ready, update the actual configuration
update-rt-siteconfig-4

maybe_handle_permissions
setup_cronjobs
ucf_register
fix_vulnerable_passwords $@
move_gpg_data $@

case "$1" in
    configure)
        alts
        ;;
    abort-upgrade)
        alts
        ;;
esac


#DEBHELPER#
