#!/bin/python
from env import *
import requests
import json

# === Konfiguration ===
CONFIG_ID = "prod"

# Proxy Templates – nur einen aktiv lassen
PROXY_TEMPLATE = "f4bf25a205a5"
# PROXY_TEMPLATE = "andere_template_id"

# Security Policies – nur einen aktiv lassen, diese dient als
# Vorlage für die neu erstellte Security Policy
SECURITY_POLICY = "secpol-shop022-jtl-hosting-de"  # z. B. Shop022


# === Header für alle Requests ===
HEADERS = {
    "Authorization": f"Bearer {API_TOKEN}",
    "Content-Type": "application/json"
}

def domain_to_id(domain):
    return domain.replace(".", "-")

def domain_to_secpol_id(domain):
    return f"secpol-{domain_to_id(domain)}"

def domain_to_backend_id(domain):
    return f"backend-{domain_to_id(domain)}"

def create_security_policy(domain):
    # Zuerst die SECURITY_POLICY abrufen, diese wird als Vorlage genutzt
    url = f"https://jtlwaap.app.reblaze.io/api/v4.0/conf/{CONFIG_ID}/security-policies/{SECURITY_POLICY}"

    response = requests.get(url, headers=HEADERS,)

    if response.status_code == 200:
        print(f"[✓] Abfrage von Security policy '{SECURITY_POLICY}' erfolgreich.")
    else:
        print(f"[✗] Fehler bei ({SECURITY_POLICY}): {response.status_code} → {response.text}")
    #print(response.text)
    res=json.loads(response.text)

    backendservice = domain_to_backend_id(domain)

    # Neuen Backend-Service in allen Pfaden der Security Policy setzen
    for mapitem in res['map']:
        if (mapitem['id'] != "__site_level__"):
            mapitem['backend_service'] = backendservice

    #print (res['map'])
    # Neuen Namen und ID setzen
    entry_id = domain_to_secpol_id(domain)
    res['id']   = entry_id
    res['name'] = domain

    '''
    for key,value in res.items():
        if ( key != "map" ):
            print (key, value, "\n")
        else:
            print(key)
            for items in value:
                for key2, value2 in items.items():
                    print(key2, value2)
    '''

    # Nun die angepasste Security Policy als neue speichern
    url = f"https://jtlwaap.app.reblaze.io/api/v4.3/conf/{CONFIG_ID}/security-policies/{entry_id}"

    print(f"\n📦 creating Security Policy  {entry_id}")

    response = requests.post(url, headers=HEADERS, data=json.dumps(res))

    if response.status_code == 201:
        print(f"[✓] Security Policy '{entry_id}' erfolgreich erstellt.")
    else:
        print(f"[✗] Fehler bei {entry_id}: {response.status_code} → {response.text} {response.json()}")


def main():
    #create_security_policy('shop020.jtl-hosting.de')
    #create_security_policy('shop022.jtl-hosting.de')
    #create_security_policy('shop000.jtl-hosting.de')
    #create_security_policy('shop051.jtl-hosting.de')
    create_security_policy('shop009.jtl-hosting.de')


if __name__ == "__main__":
    main()