#!/usr/bin/env bash
# delnoobz <user1> [user2 ...]
# Non-interaktif: hapus user NoobzVPN, bersihkan scheduler & schedule JSON,
# dan kirim notif Telegram kalau SEMUA sukses.

set -euo pipefail

# --- paths & deps ---
TG_CONF="/etc/gegevps/bin/telegram_config.conf"
DOMAIN_FILE="/root/domain"
NOOBZ_CONF="/etc/noobzvpns/config.toml"
SCHED_DIR="/etc/noobzvpns/schedules"
UNIT_DIR="/etc/systemd/system"

need(){ command -v "$1" >/dev/null 2>&1 || { echo "Need: $1"; exit 1; }; }

if [[ $EUID -ne 0 ]]; then echo "Run as root."; exit 1; fi
if [[ $# -lt 1 ]]; then
  echo "Usage: $0 <user1> [user2 ...]"
  exit 1
fi

need noobzvpns
command -v jq   >/dev/null 2>&1 || { apt-get update -y >/dev/null 2>&1 || true; apt-get install -y jq   >/dev/null 2>&1 || { echo "Install jq."; exit 1; }; }
command -v curl >/dev/null 2>&1 || { apt-get update -y >/dev/null 2>&1 || true; apt-get install -y curl >/dev/null 2>&1 || { echo "Install curl."; exit 1; }; }
command -v systemctl >/dev/null 2>&1 || { echo "Need: systemctl"; exit 1; }

USERS=( "$@" )

# helper: bentuk nama instance timer
inst_name(){ local u="$1" m="$2"; local safe="${u//[^a-zA-Z0-9_.-]/_}"; printf '%s__%s' "$safe" "$m"; }
# helper: hapus satu instance timer (silent)
remove_instance(){
  local inst="$1"
  local unit_timer="noobz-reset@${inst}.timer"
  systemctl disable --now "$unit_timer" >/dev/null 2>&1 || true
  rm -f "${UNIT_DIR}/${unit_timer}" 2>/dev/null || true
}

# --- info tambahan (opsional, hanya buat ringkasan) ---
if [[ -s "$DOMAIN_FILE" ]]; then DOMAIN="$(tr -d ' \t\r\n' < "$DOMAIN_FILE")"; else DOMAIN="$(hostname -f 2>/dev/null || hostname)"; fi
IDENTIFIER="$(grep -E '^\s*identifier\s*=' "$NOOBZ_CONF" 2>/dev/null | head -n1 | sed -E 's/.*=\s*"([^"]+)".*/\1/')"
[[ -n "$IDENTIFIER" ]] || IDENTIFIER="noobz"
TS="$(date '+%Y-%m-%d %H:%M:%S %Z')"

# --- eksekusi remove sekali untuk semua user ---
set +e
JSON_OUT="$(noobzvpns -j remove "${USERS[@]}" 2>&1)"
RET=$?
set -e

# validasi output JSON
if ! echo "$JSON_OUT" | jq . >/dev/null 2>&1; then
  echo "Gagal: output bukan JSON. Raw:"
  echo "$JSON_OUT"
  exit 1
fi

# cek sukses/gagal per user
LEN="$(echo "$JSON_OUT" | jq 'length')"
OK_USERS=()
FAIL_REPORT=()

for (( i=0; i<LEN; i++ )); do
  ACTION="$(echo "$JSON_OUT" | jq -r ".[$i] | keys[0]")"
  USERNAME="$(echo "$JSON_OUT" | jq -r ".[$i][\"$ACTION\"].username // empty")"
  ERRVAL="$(echo "$JSON_OUT" | jq -r ".[$i][\"$ACTION\"].error // empty")"
  [[ -z "$USERNAME" ]] && USERNAME="<unknown>"
  if [[ -z "$ERRVAL" || "$ERRVAL" == "null" ]]; then
    OK_USERS+=( "$USERNAME" )
  else
    FAIL_REPORT+=( "$(printf "%s: %s" "$USERNAME" "$ERRVAL")" )
  fi
done

# --- bersihkan rule scheduler & file schedule.json utk user yang sukses ---
if [[ ${#OK_USERS[@]} -gt 0 ]]; then
  for u in "${OK_USERS[@]}"; do
    # timer per mode
    for mode in daily monthly yearly; do
      inst="$(inst_name "$u" "$mode")"
      remove_instance "$inst"
    done
    # hapus schedule JSON
    rm -f "${SCHED_DIR}/${u}.json" 2>/dev/null || true
  done
  # reload systemd sekali saja
  systemctl daemon-reload
fi

# tampilkan ringkasan ke terminal
echo "=== Delete result @ ${TS} ==="
echo "Domain     : ${DOMAIN}"
echo "Identifier : ${IDENTIFIER}"
echo "Requested  : ${USERS[*]}"
if [[ ${#OK_USERS[@]} -gt 0 ]]; then
  echo "Success    : ${OK_USERS[*]}"
fi
if [[ ${#FAIL_REPORT[@]} -gt 0 ]]; then
  echo "Failed     :"
  printf '  - %s\n' "${FAIL_REPORT[@]}"
fi

# --- kirim Telegram hanya jika semua sukses ---
if [[ ${#FAIL_REPORT[@]} -eq 0 ]]; then
  if [[ -f "$TG_CONF" ]]; then
    # shellcheck disable=SC1090
    . "$TG_CONF" || true
    TG_TOKEN="${TELEGRAM_BOT_TOKEN:-}"
    TG_CHAT_ID="${TELEGRAM_CHAT_ID:-}"

    if [[ -n "$TG_TOKEN" && -n "$TG_CHAT_ID" ]]; then
      # HTML escape
      esc_html() {
        local s="$1"
        s="${s//&/&amp;}"
        s="${s//</&lt;}"
        s="${s//>/&gt;}"
        printf '%s' "$s"
      }

      TITLE="NoobzVPN - Delete Success"
      BODY=$(
        cat <<EOF
Time   : ${TS}
Domain : ${DOMAIN}
IDs    : ${IDENTIFIER}

Deleted:
- $(printf "%s\n" "${OK_USERS[@]}" | paste -sd $'\n- ' -)
EOF
      )

      TITLE_E="$(esc_html "$TITLE")"
      BODY_E="$(esc_html "$BODY")"
      TEXT="<b>${TITLE_E}</b>"$'\n'"<pre>${BODY_E}</pre>"

      curl -sS -G "https://api.telegram.org/bot${TG_TOKEN}/sendMessage" \
        --data-urlencode "chat_id=${TG_CHAT_ID}" \
        --data-urlencode "parse_mode=HTML" \
        --data-urlencode "disable_web_page_preview=true" \
        --data-urlencode "text=${TEXT}" >/dev/null \
        || echo "Warning: gagal kirim Telegram (di-skip)."
    else
      echo "Note: TELEGRAM_BOT_TOKEN/TELEGRAM_CHAT_ID kosong—skip Telegram."
    fi
  else
    echo "Note: $TG_CONF tidak ditemukan—skip Telegram."
  fi
fi

# exit code mencerminkan error
if [[ ${#FAIL_REPORT[@]} -gt 0 || $RET -ne 0 ]]; then
  exit 1
fi
