#!/usr/bin/env bash
# onx-file-chown — Dosya/klasör sahibini değiştir (yalnızca hesabın kendi UID/GID'i)
# Input:  {"paths":["/home/onx_xxx/public_html"],"uid":10001,"gid":10001,"recursive":false}
# Output: {"changed":1,"uid":10001,"gid":10001}

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${SCRIPT_DIR}/_lib/common.sh"

require_root
onx_json_input

# ─── Parse input ─────────────────────────────────────────────────────────────
UID_VAL="$(onx_json_field uid)"
GID_VAL="$(onx_json_field gid)"
RECURSIVE="$(onx_json_get_bool "$INPUT" recursive false)"

[[ -z "$UID_VAL" ]] && onx_die 1 "uid zorunlu"
[[ -z "$GID_VAL" ]] && onx_die 1 "gid zorunlu"

# Validate numeric and within system user range (>= 1000)
[[ "$UID_VAL" =~ ^[0-9]+$ ]] || onx_die 1 "uid sayısal olmalı"
[[ "$GID_VAL" =~ ^[0-9]+$ ]] || onx_die 1 "gid sayısal olmalı"
[[ "$UID_VAL" -ge 1000 ]]    || onx_die 1 "uid sistem hesabı değil (< 1000)"
[[ "$GID_VAL" -ge 1000 ]]    || onx_die 1 "gid sistem hesabı değil (< 1000)"

PATHS_JSON="$(printf '%s' "$INPUT" | jq -c '.paths // []')"
mapfile -t PATHS < <(printf '%s' "$PATHS_JSON" | jq -r '.[]')

[[ ${#PATHS[@]} -eq 0 ]] && onx_die 1 "paths dizisi boş"

# ─── Verify uid/gid matches the owning account ────────────────────────────────
# The UID of the first path's current owner must match the supplied uid
# (prevents changing ownership to another user's account)
FIRST_PATH_REAL="$(realpath -e "${PATHS[0]}" 2>/dev/null)" \
    || onx_die 1 "Path çözümlenemedi: ${PATHS[0]}"
[[ "$FIRST_PATH_REAL" == /home/* ]] || onx_die 1 "Path /home/ dışında: $FIRST_PATH_REAL"

CURRENT_UID="$(stat -c '%u' "$FIRST_PATH_REAL" 2>/dev/null)" \
    || onx_die 2 "stat başarısız: $FIRST_PATH_REAL"

if [[ "$CURRENT_UID" != "$UID_VAL" && "$CURRENT_UID" != "0" ]]; then
    onx_die 1 "UID uyumsuzluğu: dosya sahibi ${CURRENT_UID}, istenen ${UID_VAL}"
fi

# ─── Validate all paths and apply chown ───────────────────────────────────────
CHANGED=0

for p in "${PATHS[@]}"; do
    real="$(realpath -e "$p" 2>/dev/null)" || onx_die 1 "Path çözümlenemedi: $p"
    [[ "$real" == /home/* ]] || onx_die 1 "Path /home/ dışında: $real"

    if [[ "$RECURSIVE" == "true" && -d "$real" ]]; then
        chown -R "${UID_VAL}:${GID_VAL}" "$real" \
            || onx_die 3 "chown başarısız (recursive): $real"
        CHANGED=$((CHANGED + $(find "$real" | wc -l)))
    else
        chown "${UID_VAL}:${GID_VAL}" "$real" \
            || onx_die 3 "chown başarısız: $real"
        CHANGED=$((CHANGED + 1))
    fi
done

onx_log "file-chown: uid=${UID_VAL} gid=${GID_VAL} recursive=${RECURSIVE} changed=${CHANGED}"
onx_json_out changed "$CHANGED" uid "$UID_VAL" gid "$GID_VAL"
