import dsql from "@moduletrace/datasquirel";

type MysqlUser = {
    User: string;
    Host: string;
};

export default async function initSQLCheckDsqlUsers() {
    const readOnlyUser = await dsql.utils.connDbHandler<MysqlUser[]>(
        global.INIT_SQL_ROOT_DB_CONN,
        `SELECT user,host FROM mysql.user WHERE user=? AND host=?`,
        [
            process.env.DSQL_DB_READ_ONLY_USERNAME,
            process.env.DSQL_DB_TARGET_IP_ADDRESS,
        ]
    );

    if (!readOnlyUser?.[0]?.User) {
        console.log(`Read Only User Does not Exit.`);

        const createReadOnlyUser = await dsql.utils.connDbHandler(
            global.INIT_SQL_ROOT_DB_CONN,
            `CREATE USER IF NOT EXISTS \
            '${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \
            IDENTIFIED BY '${process.env.DSQL_DB_READ_ONLY_PASSWORD}'`
        );
    } else {
        console.log("Read Only User Exists");

        const grants = await dsql.utils.connDbHandler(
            global.INIT_SQL_ROOT_DB_CONN,
            `SHOW GRANTS FOR \
            '${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}'`
        );

        if (checkGrantsArrayForSSL(grants)) {
            const removeSSL = await dsql.utils.connDbHandler(
                global.INIT_SQL_ROOT_DB_CONN,
                `ALTER USER \
                '${process.env.DSQL_DB_READ_ONLY_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \
                REQUIRE NONE`
            );
        }
    }

    const fullAccessUser = await dsql.utils.connDbHandler<MysqlUser[]>(
        global.INIT_SQL_ROOT_DB_CONN,
        `SELECT user,host FROM mysql.user WHERE user=? AND host=?`,
        [
            process.env.DSQL_DB_FULL_ACCESS_USERNAME,
            process.env.DSQL_DB_TARGET_IP_ADDRESS,
        ]
    );

    if (!fullAccessUser?.[0]?.User) {
        console.log(`Read Only User Does not Exit.`);

        const createReadOnlyUser = await dsql.utils.connDbHandler(
            global.INIT_SQL_ROOT_DB_CONN,
            `CREATE USER IF NOT EXISTS \
            '${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \
            IDENTIFIED BY '${process.env.DSQL_DB_FULL_ACCESS_PASSWORD}'`
        );
    } else {
        console.log("Full Access User Exists");

        const grants = await dsql.utils.connDbHandler(
            global.INIT_SQL_ROOT_DB_CONN,
            `SHOW GRANTS FOR \
            '${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}'`
        );

        if (checkGrantsArrayForSSL(grants)) {
            const removeSSL = await dsql.utils.connDbHandler(
                global.INIT_SQL_ROOT_DB_CONN,
                `ALTER USER \
                '${process.env.DSQL_DB_FULL_ACCESS_USERNAME}'@'${process.env.DSQL_DB_TARGET_IP_ADDRESS}' \
                REQUIRE NONE`
            );
        }
    }
}

function checkGrantsArrayForSSL(array: any[]) {
    for (let i = 0; i < array.length; i++) {
        const element = array[i];
        const firstKey = Object.keys(element)[0];

        if (element[firstKey].match(/require ssl/i)) return true;
    }

    return false;
}