#!/usr/bin/env python3
#
# Copyright (C) 2020 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import sys
import argparse
import json

from vyos.config import Config
from vyos.util import popen, run, DEVNULL
from tabulate import tabulate

occtl        = '/usr/bin/occtl'
occtl_socket = '/run/ocserv/occtl.socket'

def show_sessions():
    out, code = popen("sudo {0} -j -s {1} show users".format(occtl, occtl_socket),stderr=DEVNULL)
    if code:
        sys.exit('Cannot get openconnect users information')
    else:
        headers = ["interface", "username", "ip", "remote IP", "RX", "TX", "state", "uptime"]
        sessions = json.loads(out)
        ses_list = []
        for ses in sessions:
            ses_list.append([ses["Device"], ses["Username"], ses["IPv4"], ses["Remote IP"], ses["_RX"], ses["_TX"], ses["State"], ses["_Connected at"]])
        if len(ses_list) > 0:
            print(tabulate(ses_list, headers))
        else:
            print("No active openconnect sessions")

def is_ocserv_configured():
    if not Config().exists_effective('vpn openconnect'):
        print("vpn openconnect server is not configured")
        sys.exit(1)

def main():
    #parese args
    parser = argparse.ArgumentParser()
    parser.add_argument('--action', help='Control action', required=True)
    parser.add_argument('--selector', help='Selector username|ifname|sid', required=False)
    parser.add_argument('--target', help='Target must contain username|ifname|sid', required=False)
    args = parser.parse_args()


    # Check is Openconnect server configured
    is_ocserv_configured()

    if args.action == "restart":
        run("sudo systemctl restart ocserv.service")
        sys.exit(0)
    elif args.action == "show_sessions":
        show_sessions()

if __name__ == '__main__':
    main()