# Copyright (c) 2015 NetApp, Inc., All Rights Reserved
#   Any use, modification, or distribution is prohibited
#   without prior written consent from NetApp, Inc.
#

## @summary VserverCifsUsersAndGroupsPrivilege Task Module
## @author ng-ptefit-automation-core@netapp.com
## @status shared
## @pod here

package NACL::STask::VserverCifsUsersAndGroupsPrivilege;

use strict;
use warnings;
use base qw(NACL::C::VserverCifsUsersAndGroupsPrivilege NACL::STask::STask);

use NATE::Log qw( log_global );
my $Log = log_global();
my $may_enter = $Log->may_enter();
my $may_exit  = $Log->may_exit();
use Params::Validate qw(validate SCALAR BOOLEAN SCALARREF);
use NACL::ComponentUtils qw (_optional_scalars Dumper);
use NACL::Exceptions::VerifyFailure                     ();
use NATE::Exceptions::Argument qw(:try);
use NACL::APISet::Exceptions::ResponseException ();

=head1 NAME

NACL::STask::VserverCifsUsersAndGroupsPrivilege

=head1 DESCRIPTION

C<NACL::STask::VserverCifsUsersAndGroupsPrivilege> provides a number of well-defined but potentially
complex or multi-step methods related to VserverCifsUsersAndGroupsPrivilege in ONTAP.

It is created on top of C<NACL::C::VserverCifsUsersAndGroupsPrivilege> component
Since it is derived class of C<NACL::C::VserverCifsUsersAndGroupsPrivilege>,
we can use all the methods of C<NACL::C::VserverCifsUsersAndGroupsPrivilege>
from the object of this task.

=head1 ATTRIBUTES

=head2 command_interface

(Required) A component object that represents the node to which to send commands
See L<NACL::C::Component::command_interface|lib-NACL-C-Component-pm/command_interface>.

=head2 vserver

(Required) The name of the vserver.

=head2 user-or-group-name

(Required) The name of the local or Active Directory user or group.

=head1 METHODS

=head2 add-privilege

   my $VserverCifsUsersAndGroupsPrivilege = NACL::STask::VserverCifsUsersAndGroupsPrivilege->add_privilege(
                                'command_interface'  => $command_interface,
                                'vserver'            => $vserver,
                                'user-or-group-name' => $user_or_group_name,
                                'privileges'         => [ $privilege1, $privilege2, ... ]
                                %other_options,
                    );

(Class Method) This method is used to add-privileges to a user/group.

Uses CMode CLI/ZAPI APISet.

=over

=item Options

=over

=item C<< command_interface => $command_interface >>

(Required) See L<NACL::C::Component|lib-NACL-C-Component-pm/command_interface>

=item C<< 'vserver' => $vserver >>

(Required) Name of the vserver.

=item C<< 'user-or-group-name' => $user-or-group-name >>

(Required) Name of the local or Active Directory user or group.

=item C<< 'privileges' => [ $privilege1, $privilege2, ... ]

(Required) An Arrayref of privileges

(Optional) See L<NACL::C::Component|lib-NACL-C-Component-pm/apiset_must>

=item C<< apiset_should => $ruleset >>

(Optional) See L<NACL::C::Component|lib-NACL-C-Component-pm/apiset_should>

=item C<< "nacltask_verify => $action" >>

(Optional) The user of this library can specify to verify whether the schedule
is created or not. If the action is 0, which is default, it wont
verify the creation. If the user sets the action to 1, it will verify the
it using the component state of this library.

=item C<< nacltask_to_cleanup => 0|1 >>

(Optional, defaults to 0(no to cleanup))
Flag indicating if this operation is to be cleaned up or not.

=item C<< nacltask_cleanup_manager >>

Cleanup manager to use for registering.
Default : Will use the default cleanup manager.

command_interface, apiset_must, apiset_should, mode, etc.
All of the other various options to
L<< NACL::C::VserverCifsUsersAndGroupsPrivilege->add_privilege|lib-NACL-C-VserverCifsUsersAndGroupsPrivilege-pm/privilege >>

=back

=over

=item Exceptions

=over

=item C<NACL::Exceptions::VerifyFailure>

This type of exception is thrown when verification fails for the added privilege.

=back

=back

=back

=cut

sub add_privilege {
    $Log->enter() if $may_enter;
    my $pkg  = shift;
    my %opts = $pkg->_common_validate_with(
        params          => \@_,
        additional_spec => {
            nacltask_verify    => { type => BOOLEAN, default => 0 },
            $pkg->_cleanup_validate_spec(),
        },
        allow_extra     => 1
    );

    # Transform %opts from the options we received into the options to
    # pass to the base class method.
    my ( $self, %common_opts, %nacltask_opts );
    $pkg->_copy_common_component_params_with_ci(
        source => \%opts,
        target => \%common_opts
    );

    my ( %opts_for_cleanup, %opts_for_register, $nacltask_to_cleanup );
    $pkg->_move_common_cleanup_opts(
        source => \%opts,
        target => \%opts_for_cleanup,
    );

    $pkg->_move_nacltask_options(
        source => \%opts,
        target => \%nacltask_opts
    );

    my $verify    = $nacltask_opts{'nacltask_verify'};
    $pkg->SUPER::add_privilege(%opts);
    if ($verify) {
        $pkg->verify_state(%opts);
    }
    # Register this resource with the Cleanup Manager for cleanup
    $pkg->_copy_common_opts_for_cleanup(
        'source'              => {%opts, %opts_for_cleanup},
        'target'              => \%opts_for_register,
        'nacltask_to_cleanup' => \$nacltask_to_cleanup,
        'to_cleanup'          => 'reset_privilege'
    );

    $pkg->_register_for_cleanup(%opts_for_register)
        if ($nacltask_to_cleanup);

    $Log->exit() if $may_exit;
    return $self;
} ## end sub add_privilege

=head2 reset_privilege

    NACL::STask::VserverCifsUsersAndGroupsPrivilege->reset_privilege(
            'command_interface' => $command_interface,
            'vserver'              => $vserver,
            'user-or-group-name' => $user_or_group_name,
            'nacltask_verify'   => 1,
    );

(Class or instance method)
This method is used to delete the cron schedule.

Uses a CMode CLI/ZAPI APISet.

=over

=item Options

=over

=item C<< command_interface => $command_interface >>

(Required for class method, Not Applicable for instance method)
A component object that represents the host which to send commands.
See NACL::C::Component::command_interface

=item C<< 'vserver' => $vserver >>

(Required) Name of the vserver.

=item C<< 'user-or-group-name' => $user-or-group-name >>

(Required) Name of the local or Active Directory user or group.

=item C<< nacltask_verify => $nacltask_verify_boolean >>

(Optional)
If '0' (default), verification will not be performed.
If '1', verification will be performed to ensure that the reset did happen
successfully.

=back

=over

=item Exceptions

=over

=item C<NACL::Exceptions::VerifyFailure>

This type of exception is thrown when verification fails for reset privileges.

=back

=cut

sub reset_privilege {
    $Log->enter() if $may_enter;
    my ($pkg_or_obj, @args) = @_;
    my $additional_spec = {
        nacltask_verify    => { type => BOOLEAN, default => 0 },
    };

    my %opts = $pkg_or_obj->_common_validate_with(
        params          => \@args,
        additional_spec => $additional_spec,
        allow_extra => 1,
    );

    my %nacltask_opts;
    $pkg_or_obj->_move_nacltask_options(
        source => \%opts,
        target => \%nacltask_opts,
    );

    my %common_opts;
    $pkg_or_obj->_copy_common_component_params_with_ci(
        source => \%opts,
        target => \%common_opts
    );

    $pkg_or_obj->SUPER::reset_privilege(%common_opts, %opts );

    if ( $opts{nacltask_verify} ) {
        $pkg_or_obj->verify_state(%opts);
    }

    $Log->exit() if $may_exit;
} ## end sub reset_privilege

1;