require "mongo"

class UsersPermissionsUpdater
  attr_reader :users_collection

  def initialize(config)
    db = config[:db] || "devops"
    host = config[:host] || "localhost"
    port = config[:port] || 27017
    user = config[:user]
    password = config[:password]

    @db = Mongo::MongoClient.new(host, port).db(db)
    @db.authenticate(user, password)
    @users_collection = @db.collection('users')
  end

  # returns users who have rwx in permissions.server field
  def admins
    users_collection.find('privileges.server' => 'rwx')
  end

  def readers
    users_collection.find('privileges.server' => 'r')
  end

  def set_priveleges_to_users(users, privilege_name, privilege_value)
    ids = users.to_a.map {|u| u['_id']}

    users_collection.update(
      {"_id" => {'$in' => ids}},
      {
        "$set" => {
          "privileges.#{privilege_name}" => privilege_value
        }
      }
    )
  end

  def not_admin_or_readers
    all = users_collection.find({}).to_a
    admin_ids = admins.to_a.map {|u| u['_id']}
    reader_ids = readers.to_a.map {|u| u['_id']}
    admin_or_reader_ids = admin_ids + reader_ids

    result = all.delete_if do |user|
      admin_or_reader_ids.include?(user['_id'])
    end
  end
end

updater = UsersPermissionsUpdater.new(user: 'user', password: 'pass', db: 'devops_prod')
updater.set_priveleges_to_users(updater.admins, 'stack', 'rwx')
updater.set_priveleges_to_users(updater.admins, 'stack_template', 'rwx')

updater.set_priveleges_to_users(updater.readers, 'stack', 'r')
updater.set_priveleges_to_users(updater.readers, 'stack_template', 'r')


puts "Updated admins"
puts "Updated readers"