#!/bin/sh
# Tempage is a script to simplify the use of AGE with tempfiles. 
# The purpose is to be able to work with files that you don't want to have touch a disk in unencrypted format
#
# The basic workflow is:
#   - create a temp dir
#   - extract an tar.gz.age file to that dir OR mark that you are working with a new dir.
#   - Work on the files, add files, etc.
#   - Save the files and close any editors.
#   - Setup recipients
#   - create tar.gz.age file in original directory
#   - remove temp file




#### STARTUP
# Setup temp dir and configure cleanup and trap to exit securely

TMP_DIR="$(mktemp -d)"

cleanup_tmp() {
    rm -rf "$TMP_DIR"
}

cleanup_on_trap() {
    echo "Removing all Temp Files"
    cleanup_tmp
    echo "Done. Temp Files removed."
    exit 1
}

trap cleanup_on_trap INT TERM

help() {
echo << eof
    HELP TEXT    
eof
}

### Interpret command line parameters
ARCHIVE_FILEPATH=""
OUTPUT_FILEPATH=""
NEW_ARCHIVE=""
PRIVATE_KEYS="~/.age/private_keys"

while [ "$#" -gt 0 ]; do
    case $1 in
        -h|--help)
            help
            cleanup_tmp
            exit 0
            ;;
        -f|--file)   # Handle -f or --file argument with a separate value
            ARCHIVE_FILEPATH="$2"
            shift
            ;;
        --file=*)    # Handle --file=[path/to/file] argument
            ARCHIVE_FILEPATH="${1#*=}"
            ;;
        -n|--new)    # Handle -n or --new argument
            NEW_ARCHIVE=true
            ;;
        -o|--output)
            OUTPUT_FILEPATH="$2"
            shift
            ;;
        --output=*)    # Handle --file=[path/to/file] argument
            OUTPUT_FILEPATH="${1#*=}"
            ;;
        -i|--identies)   # Handle -f or --file argument with a separate value
            PRIVATE_KEYS="$2"
            shift
            ;;
        --identities=*)    # Handle --file=[path/to/file] argument
            PRIVATE_KEYS="${1#*=}"
            ;;
        *)
            echo "Unknown parameter passed: $1"
            cleanup_on_trap
            exit 1
            ;;
    esac
    shift
done

# Get names for config and temp files
RECIPIENTS="$TMP_DIR/recipients.txt"


if [ -n "$NEW_ARCHIVE" ] ; then #if creating a new archive, create the config file.
    echo "#Creators Key\nage18jmnun5mrmjzf5gq60w8zjhl80nwhpw0d3qdgw6gjehf4u5agvvsu5kd0j\n" >> "$RECIPIENTS"
    echo "Please edit the recipeints file found at: $RECIPIENTS. It currently only has the program creator's key. UNTIL YOU FIX IT, THIS WILL NOT SECURLY ENCRYPT ANY THING. Don't forget to include your own public key or you will not be able to read it either."
elif [ -s $ARCHIVE_FILEPATH ] && [ -s "$PRIVATE_KEYS" ]; then
    # decrypt and extract into temp dir
    age -d -i "$PRIVATE_KEYS" -o -  "$ARCHIVE_FILEPATH" | tar -xzf - -C "$TMP_DIR"
else
    echo "No valid operation specified. Try $0 --help"
    exit 2
fi

# Continue working with file

while true; do
    echo "Enter command: \n\thelp|h, \n\tptd (print temp directory), \n\topen|o (open temp directory in GUI), \n\tencrypt|save|s (encrypt files), \n\texit|e|q (exit without saving/encrypting files)]:"
    read CMD

    case $CMD in
        h|help)
            help
            ;;
        ptd|p)
            echo "current temp directory is $TMP_DIR"
            ;;
        open|o)
            echo "Opening temp dir"
            xdg-open $TMP_DIR
            ;;
        s|save|encrypt)
            echo "Saving and encrypting files as they exist in temp directory"
            if [ -z "$OUTPUT_FILEPATH" ]; then
                echo "Please provide a path to save to:"
                read OUTPUT_FILEPATH
            fi
            tar -czf - -C "$TMP_DIR" . | age -R "$RECIPIENTS" -o "$OUTPUT_FILEPATH" - 
            ;;
        e|q|exit)
            cleanup_tmp
            exit 0
            ;;
        *)
            echo "Invalid command."
            ;;
    esac
done