### Copyright 1999-2015. Parallels IP Holdings GmbH. All Rights Reserved.

import subprocess, sys, os, shutil, StringIO
import os.path
from contextlib import closing
from plesk_atomic import create_include_conf, comment_plesk_managed_directives, TORTIX_WAF_FILENAME, \
    run_aum_plesk_installer, prepare_ruleset_layout, fix_asl_config, deactivate_00_mod_security_conf,\
    run_aum, ASL_LICENSE, ASL_LICENSE_SAVED

unpaid_asl_license = "/var/lib/plesk/modsec/tortix-unpaid-license.key"
yum_conf_path = "/etc/yum.conf"
yum_conf_backup = yum_conf_path + ".saved_by_plesk_modsecurity"

def check_asl_license():
    if os.path.isfile(ASL_LICENSE):
        return
    if not os.path.isdir("/etc/asl"):
        os.makedirs("/etc/asl", 0755)
    if os.path.isfile(ASL_LICENSE_SAVED):
        os.rename(ASL_LICENSE_SAVED, ASL_LICENSE)
    else:
        shutil.copyfile(unpaid_asl_license, ASL_LICENSE)

def yum_hold_modsecurity_package():
    modsec_package = "mod_security"
    if not os.path.isfile(yum_conf_path):
        return
    shutil.copyfile(yum_conf_path, yum_conf_backup)
    with open(yum_conf_path, "a") as f:
        f.write("\n\n[main]\nexclude=%s\n" % modsec_package)

def yum_unhold_modsecurity_package():
    if os.path.isfile(yum_conf_backup):
        shutil.move(yum_conf_backup, yum_conf_path)

def main():
    try:
        target_archive_path = sys.argv[1]
        ruleset_dir = sys.argv[2]

        yum_hold_modsecurity_package() # tempfix for PPP-11007
        check_asl_license()
        run_aum_plesk_installer()
        prepare_ruleset_layout(ruleset_dir)
        fix_asl_config(os.path.join(ruleset_dir, "modsec"))
        run_aum()
        comment_plesk_managed_directives(os.path.join(ruleset_dir, "modsec", TORTIX_WAF_FILENAME))

        deactivate_00_mod_security_conf()
    except Exception as ex:
        sys.stderr.write("%s\n" % ex)
        sys.exit(1)
    finally:
        yum_unhold_modsecurity_package() # tempfix for PPP-11007

if __name__ == "__main__":
    main()

# vim: ts=4 sts=4 sw=4 et :
