// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0

package command

import (
	"context"
	"fmt"
	"io"
	"os"
	"strings"

	"github.com/mitchellh/cli"
	"github.com/posener/complete"
)

var (
	_ cli.Command             = (*ReadCommand)(nil)
	_ cli.CommandAutocomplete = (*ReadCommand)(nil)
)

type ReadCommand struct {
	*BaseCommand

	testStdin io.Reader // for tests
}

func (c *ReadCommand) Synopsis() string {
	return "Read data and retrieves secrets"
}

func (c *ReadCommand) Help() string {
	helpText := `
Usage: vault read [options] PATH

  Reads data from Vault at the given path. This can be used to read secrets,
  generate dynamic credentials, get configuration details, and more.

  Read a secret from the static secrets engine:

      $ vault read secret/my-secret

  For a full list of examples and paths, please see the documentation that
  corresponds to the secrets engine in use.

` + c.Flags().Help()

	return strings.TrimSpace(helpText)
}

func (c *ReadCommand) Flags() *FlagSets {
	return c.flagSet(FlagSetHTTP | FlagSetOutputField | FlagSetOutputFormat)
}

func (c *ReadCommand) AutocompleteArgs() complete.Predictor {
	return c.PredictVaultFiles()
}

func (c *ReadCommand) AutocompleteFlags() complete.Flags {
	return c.Flags().Completions()
}

func (c *ReadCommand) Run(args []string) int {
	f := c.Flags()

	if err := f.Parse(args, ParseOptionAllowRawFormat(true)); err != nil {
		c.UI.Error(err.Error())
		return 1
	}

	args = f.Args()
	switch {
	case len(args) < 1:
		c.UI.Error(fmt.Sprintf("Not enough arguments (expected 1, got %d)", len(args)))
		return 1
	}

	client, err := c.Client()
	if err != nil {
		c.UI.Error(err.Error())
		return 2
	}

	// client.ReadRaw* methods require a manual timeout override
	ctx, cancel := context.WithTimeout(context.Background(), client.ClientTimeout())
	defer cancel()

	// Pull our fake stdin if needed
	stdin := (io.Reader)(os.Stdin)
	if c.testStdin != nil {
		stdin = c.testStdin
	}

	path := sanitizePath(args[0])

	data, err := parseArgsDataStringLists(stdin, args[1:])
	if err != nil {
		c.UI.Error(fmt.Sprintf("Failed to parse K=V data: %s", err))
		return 1
	}

	if Format(c.UI) != "raw" {
		secret, err := client.Logical().ReadWithDataWithContext(ctx, path, data)
		if err != nil {
			c.UI.Error(fmt.Sprintf("Error reading %s: %s", path, err))
			return 2
		}
		if secret == nil {
			c.UI.Error(fmt.Sprintf("No value found at %s", path))
			return 2
		}

		if c.flagField != "" {
			return PrintRawField(c.UI, secret, c.flagField)
		}

		return OutputSecret(c.UI, secret)
	}

	resp, err := client.Logical().ReadRawWithDataWithContext(ctx, path, data)
	if err != nil {
		c.UI.Error(fmt.Sprintf("Error reading: %s: %s", path, err))
		return 2
	}
	if resp == nil || resp.Body == nil {
		c.UI.Error(fmt.Sprintf("No value found at %s", path))
		return 2
	}
	defer resp.Body.Close()

	contents, err := io.ReadAll(resp.Body)
	if err != nil {
		c.UI.Error(fmt.Sprintf("Error reading: %s: %s", path, err))
		return 2
	}

	return OutputData(c.UI, contents)
}