#!/usr/bin/perl

# given a receiver identity, display all the queued stubs.

use strict;
use CGI qw/:standard/;
use HTML::Entities;
use File::Find;

my $NOTIFROOT = "/home/mengwong/stubmail/stubs";

my $path_info = $ENV{PATH_INFO};

my @path_parts = split /\//, $path_info;

if (not @path_parts) {
    print_homepage(); exit;
}

# defeat path escalation -- what if the bad guys enter "../../.."
for (@path_parts)  { s/\.\.//g; }
shift @path_parts if not length $path_parts[0];

my ($receiver_part) = @path_parts;


# 
# handle CGI parameters
# ---------------------
# 
# The client may specify a "since" parameter which is a unix
# timestamp against UTC; we pretend that anything whose 
# mtime is less than "since" does not exist.


my $since = param("since");

my @all_stubs;

# we DO NOT need to use SSL client side certificates to perform access control.
# instead, we encrypt everything against the receiver's public key.

if ($receiver_part and -d "$NOTIFROOT/$receiver_part") {

    # XXX TODO: encrypt the listing against the receiver's public key.
    print (header (-type=>"text/plain"),
	   encrypt_for(target  => $receiver_part,
		       content => show_all_stubs(root => "$NOTIFROOT/$receiver_part",
						 since => $since)));
}

else {
    print_homepage();
}

# all this moves into a utility library

sub encrypt_for {
    my %args = @_;

    my $pgp_public_key = get_public_key(target2emailaddress($args{target}));

    my $encrypted = encrypt_content(public_key => $pgp_public_key,
				    content => $args{content});

    return $encrypted;
}

sub target2emailaddress { return @_ }

sub get_public_key { return @_ }

sub encrypt_content {
    my %args = @_;
    return $args{content};
}

sub wanted {
    my $dirname = $File::Find::dir;
    my $yyyymmdd = substr($dirname, length($NOTIFROOT), 7);
    print STDERR "for file $_, yyyymmdd = $yyyymmdd\n";
    return if ((stat($_))[9] < $since);

    open STUBFILE, $_;
    push @all_stubs, <STUBFILE>, "\n";
    close STUBFILE;
}

sub show_all_stubs {
    my %args = @_;

    my @toreturn;

    @all_stubs = ();
    find (\&wanted, $args{root});

    return join "", @all_stubs;
}

sub print_homepage {
    print header,
    start_html,
    "hello, world.  Welcome to StubEmail.",
    end_html;

}

sub unable_to_open {
    my ($dir, $error) = @_;

    print header,
    start_html,
    encode_entities("sorry, I was unable to open $dir: $error"),
    end_html;

}

sub sorry_cant_help_ya {
    my ($error) = @_;
    $error ||= "";
    print header,
    start_html,
    encode_entities("sorry, I can't help you.  $error"),
    end_html;

}