;;
;; This script is written with the expectation that it is an embedded
;; newlisp executable invked via .cgi links from within the
;; subdirectory www
;;
;; Its (main-args 0) has a final path component X.cgi that links to
;; this file as a packnl embedding that will use that X part of its
;; name to determine th actual script.

;(write-line 2 (string (date-value) " " (main-args)))
(unless (ends-with (main-args 0) ".cgi")
  (load "siteconfig.lsp")
  (if (exists file? (list (main-args 1)
                          (string (main-args 1) ".lsp")))
      (load $it)
    (write-line 2 (string "Unknown command " (main-args 1))))
  (exit 0))

;; This script is executed in (protected) subdirectory www
(change-dir "..")

(load "siteconfig.lsp")

;; Needs an HTTP_AUTHORIZATION environment variable
(when (empty? (setf AUTH (env "HTTP_AUTHORIZATION")))
  ;(write-line 2 "needs auth")
  (write-line 1 (read-file "tmpl/unauthorized.http"))
  (exit 0))

;; Must find that value in wui.passwd
(constant 'PASSWD SITE:wui.passwd)
(unless (ref (6 AUTH) (parse (read-file PASSWD) "\n"))
  (write-line 1 (read-file "tmpl/unauthorized.http"))
  (exit 0))

;; Determine actual script name respecting given role, if any.
(define (role-script (ROLE "."))
  (let ((CMD (and (regex "([^/]*).cgi$" (main-args 0) 0) $1)))
    (if (= "." ROLE) (string CMD ".lsp") (format "%s/%s.lsp" ROLE CMD))))

(setf
 REMOTE_USER (and (regex "([^:]+):" (base64-dec (6 AUTH)) 0) $1)
 SCRIPT (role-script)
 )
(env "REMOTE_USER" REMOTE_USER)
;(env "ROLE" ROLE)

(unless (file? SCRIPT)
  (write 1 "\nBroken.\n")
  (exit 0))

;(write-line 2 (string (list "script" SCRIPT)))
(load SCRIPT)
(exit 0)