#!/usr/bin/env python
# © Copyright EnterpriseDB UK Limited 2015-2023 - All rights reserved.

import argparse
from os import getcwd
from posixpath import basename, join

from ansible.cli import CLI
from ansible.parsing.dataloader import DataLoader
from ansible import constants as C

from tpaexec.exceptions import PasswordReadError

prog = "show-password"
p = argparse.ArgumentParser(
    prog=prog,
    description="""
            Shows the password stored in the local inventory for the given user.
            """,
)
p.add_argument(
    "user",
    help="user name associated to the password",
)
p.add_argument(
    "--vault_password_file",
    help="path to vault password file",
)

args = vars(p.parse_args())

cluster_name = basename(getcwd())
cluster_tag = "tag_Cluster_" + cluster_name
password_filename = args.get("user") + "_password"
password_file = join(
    getcwd(), "inventory/group_vars", cluster_tag, "secrets", password_filename + ".yml"
)

try:
    loader = DataLoader()
    vault_secret = CLI.setup_vault_secrets(
        loader=loader,
        vault_ids=C.DEFAULT_VAULT_IDENTITY_LIST,
        vault_password_files=[join(getcwd(), args.get("vault_password_file"))],
    )
except:
    raise PasswordReadError("vault_password_file: {} not found".format(args.get("vault_password_file")))

try:
    data = loader.load_from_file(password_file)
    print(data[password_filename])
except:
    raise PasswordReadError("password not found for {} at {}".format(args.get("user"), password_file))
