package cgroups

import (
	"fmt"
	"io/ioutil"
	"os"
	"path/filepath"

	specs "github.com/opencontainers/runtime-spec/specs-go"
)

const (
	allowDeviceFile = "devices.allow"
	denyDeviceFile  = "devices.deny"
	wildcard        = -1
)

func NewDevices(root string) *devicesController {
	return &devicesController{
		root: filepath.Join(root, string(Devices)),
	}
}

type devicesController struct {
	root string
}

func (d *devicesController) Name() Name {
	return Devices
}

func (d *devicesController) Path(path string) string {
	return filepath.Join(d.root, path)
}

func (d *devicesController) Create(path string, resources *specs.LinuxResources) error {
	if err := os.MkdirAll(d.Path(path), defaultDirPerm); err != nil {
		return err
	}
	for _, device := range resources.Devices {
		file := denyDeviceFile
		if device.Allow {
			file = allowDeviceFile
		}
		if err := ioutil.WriteFile(
			filepath.Join(d.Path(path), file),
			[]byte(deviceString(device)),
			defaultFilePerm,
		); err != nil {
			return err
		}
	}
	return nil
}

func (d *devicesController) Update(path string, resources *specs.LinuxResources) error {
	return d.Create(path, resources)
}

func deviceString(device specs.LinuxDeviceCgroup) string {
	return fmt.Sprintf("%c %s:%s %s",
		&device.Type,
		deviceNumber(device.Major),
		deviceNumber(device.Minor),
		&device.Access,
	)
}

func deviceNumber(number *int64) string {
	if number == nil || *number == wildcard {
		return "*"
	}
	return fmt.Sprint(*number)
}