# $Id$
#
# Copyright (c) 2001-2012 NetApp, Inc., All Rights Reserved
#   Any use, modification, or distribution is prohibited
#   without prior written consent from NetApp, Inc.
#
## @summary SecurityLoginRole ComponentState Module
## @author dl-nacl-dev@netapp.com
## @status shared
## @pod here

=head1 NAME

NACL::CS::SecurityLoginRole

=head1 DESCRIPTION

C<NACL::CS::SecurityLoginRole> is a derived class of
L<NACL::CS::ComponentState::ONTAP|lib-NACL-CS-ComponentState-ONTAP-pm>. It represents the
state of an ONTAP SecurityLoginRole.  A related class is
L<NACL::C::SecurityLoginRole|lib-NACL-C-SecurityLoginRole-pm>, which represents access
to an ONTAP SecurityLoginRole.

=head1 ATTRIBUTES

The individual pieces of data that are part of the  state of the SecurityLoginRole
element are the attributes of the SecurityLoginRole ComponentState.

=over

=item C<< "query" >>

Filled in for CMode CLI/ZAPI.

Maps to:

CMode ZAPI:

For "requested_fields", "filter" and Output mapping:

 <security-login-role-info>
	<role-query>$value</role-query>
 </security-login-role-info>

=item C<< "vserver" >>

Filled in for CMode CLI/ZAPI.

Maps to:

CMode ZAPI:

For "requested_fields", "filter" and Output mapping:

 <security-login-role-info>
	<vserver>$value</vserver>
 </security-login-role-info>

=item C<< "access" >>

Filled in for CMode CLI/ZAPI.

Maps to:

CMode ZAPI:

For "requested_fields", "filter" and Output mapping:

 <security-login-role-info>
	<access-level>$value</access-level>
 </security-login-role-info>

=item C<< "cmddirname" >>

Filled in for CMode CLI/ZAPI, 7Mode CLI.

Maps to:

CMode ZAPI:

For "requested_fields", "filter" and Output mapping:

 <security-login-role-info>
	<command-directory-name>$value</command-directory-name>
 </security-login-role-info>

7Mode CLI:

For "filter":
Applicable, Filtering will be done by Components.

For "requested_fields",
Not applicable, but the field will be populated in the CS object.

=item C<< "isFromCluster" >>

Filled in for CMode CLI.

=item C<< "role" >>

Filled in for CMode CLI/ZAPI, 7Mode CLI.

Maps to:

CMode ZAPI:

For "requested_fields", "filter" and Output mapping:

 <security-login-role-info>
	<role-name>$value</role-name>
 </security-login-role-info>

7Mode CLI:

For "filter": role name (Programmatic name:role-name)

For "requested_fields",
Not applicable, but the field will be populated in the CS object.

=item C<< "profilename" >>

Filled in for CMode CLI.

=back

=cut

package NACL::CS::SecurityLoginRole;
use strict;
use warnings;
use Params::Validate qw(validate);
use NACL::ComponentUtils qw(_dump_one);
use NATE::Log qw(log_global);
my $Log = log_global();
my $may_enter = $Log->may_enter();
my $may_exit  = $Log->may_exit();
use Data::Dumper;
use NACL::Exceptions::NoElementsFound qw(:try);
use base 'NACL::CS::ComponentState::ONTAP';
use Class::MethodMaker [
    scalar => 'query',
    scalar => 'vserver',
    scalar => 'access',
    scalar => 'cmddirname',
    scalar => 'isFromCluster',
    scalar => 'role',
    scalar => 'profilename',
];

=head1 METHODS

=head2 fetch

    my $SecurityLoginRole_state   = NACL::CS::SecurityLoginRole->fetch(command_interface => $ci, ...);
    my @SecurityLoginRole_states = NACL::CS::SecurityLoginRole->fetch(command_interface => $ci, ...);

(Class method)
Discovers which elements are present and returns their state in ComponentState
objects. Called in scalar context it returns only one state object, in list
context it returns all state objects.
See L<NACL::CS::ComponentState|lib-NACL-CS-ComponentState-pm/fetch> for a
more detailed description along with a complete explanation of the options
it accepts.

Uses a CMode CLI/ZAPI (supports both iter and non-iter), 7Mode CLI.

Invokes "security-login-role-get-iter" API for iter CMode ZAPI.

Invokes "security-login-role-get" API for non-iter CMode ZAPI.

Invokes "useradmin role list" command for 7Mode CLI.

=over

=item Exceptions

=over

=item C<NACL::Exceptions::NoElementsFound>

When there are no elements matching the query specified or elements of that type
doesn't exist, then this exception will be thrown.

=back

=back

=cut

sub fetch {
    $Log->enter() if $may_enter;
    my $pkg        = shift;
    my @state_objs = $pkg->SUPER::fetch(
        @_,
        show_cmd => 'security login role show',
        choices  => [
            {   method    => '_fetch_7mode_cli',
                interface => 'CLI',
                set       => '7Mode',
                zapi_type => 'none',
            },
            {   method    => '_fetch_cmode_cli',
                interface => 'CLI',
                set       => 'CMode',
                zapi_type => 'none',
            },
            {   method    => '_fetch_cmode_zapi',
                interface => 'ZAPI',
                set       => 'CMode',
                zapi_type => 'iter',
            },
            {   method    => '_fetch_cmode_zapi_non_iter',
                interface => 'ZAPI',
                set       => 'CMode',
                zapi_type => 'non-iter',
                check     => '_base_check_non_iter',
            },
        ],
        exception_text => 'No matching security login role(s) found'
    );
    $Log->exit() if $may_exit;
    return wantarray ? @state_objs : $state_objs[0];
} ## end sub fetch

sub _fetch_cmode_cli {
    $Log->enter() if $may_enter;
    my $pkg        = shift;
    my @state_objs = $pkg->SUPER::_fetch_cmode_cli(@_,
        api => 'security_login_role_show');
    $Log->exit() if $may_exit;
    return @state_objs;
} ## end sub _fetch_cmode_cli

sub _fetch_cmode_zapi {
    $Log->enter() if $may_enter;
    my $pkg = shift;

    my @states = $pkg->SUPER::_fetch_cmode_zapi(
        @_,
        api  => "security_login_role_get_iter",
        copy => [qw(vserver)],
        map  => {
            "role"       => ['role-name'],
            "query"      => ['role-query'],
            "access"     => ['access-level'],
            "cmddirname" => ['command-directory-name'],
        },
    );
    foreach my $state (@states) {
        foreach my $key (%$state) {
            if (ref($state->{$key}) eq "HASH"
                && keys(%{$state->{$key}}) == 0)
            {
                $state->{$key} = '""';
            }
        } ## end foreach my $key (%$state)
    } ## end foreach my $state (@states)
    $Log->exit() if $may_exit;
    return @states;
} ## end sub _fetch_cmode_zapi

sub _fetch_7mode_cli {
    my $pkg = shift;
    my %opts = validate @_, $pkg->_fetch_backend_validate_spec();
    my %api_opts;
    my @state_objs;
    my $apiset            = delete $opts{apiset};
    my $command_interface = delete $opts{command_interface};
    my %cmd_opts;
    my %copy_filter           = %{$opts{filter}};
    my @copy_requested_fields = @{$opts{requested_fields}};
    my $deleted_filter        = $pkg->_remove_relational_regex_filters(
        filter           => \%copy_filter,
        requested_fields => \@copy_requested_fields
    );
    my $filter           = \%copy_filter;
    my $requested_fields = \@copy_requested_fields;

    if ($filter->{role}) {
        $cmd_opts{'role-name'} = $filter->{'role'};
    }

    my $response = $apiset->useradmin_role_list(%cmd_opts);
    my $output   = $response->get_parsed_output();
    foreach my $list_output (@$output) {
        my $target = $pkg->_hash_copy(
            source => $list_output,
            map    => {
                'Name'                 => 'role',
                'Allowed Capabilities' => 'cmddirname',
            },
        );
        my $obj = $pkg->new(command_interface => $command_interface);
        $obj->_set_fields(row => $target);
        push @state_objs, $obj;
    } ## end foreach my $list_output (@$output)
    return @state_objs;
} ## end sub _fetch_7mode_cli

sub _fetch_cmode_zapi_non_iter {
    $Log->enter() if $may_enter;
    my ($pkg, @args) = @_;

    my $zapi_map = {
        "role"       => ['role-name'],
        "query"      => ['role-query'],
        "access"     => ['access-level'],
        "cmddirname" => ['command-directory-name'],
    };

    my $zapi_copy = [qw (vserver)];

    my $obj = $pkg->SUPER::_fetch_cmode_zapi_non_iter(
        @args,
        api          => 'security-login-role-get',
        copy         => $zapi_copy,
        map          => $zapi_map,
        primary_keys => [qw(vserver cmddirname role)]
    );

    $Log->exit() if $may_exit;
    return $obj;
} ## end sub _fetch_cmode_zapi_non_iter

1;