#!/usr/bin/env bash
# onx-ftp-disconnect — Aktif Pure-FTPd oturumlarini kapat (SIGTERM via pure-ftpwho + kill)
# Input:  {"username":"onx_xxx_dev"}
# Output: {"username":...,"kicked":N}

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${SCRIPT_DIR}/_lib/common.sh"

require_root
onx_json_input

USERNAME="$(onx_json_field username)"

[[ -z "$USERNAME" ]] && onx_die 1 "username zorunlu"
[[ "$USERNAME" =~ ^onx_[a-z0-9]+_[a-z0-9_]+$ ]] || \
    onx_die 1 "Gecersiz username: '${USERNAME}'"

onx_log "ftp-disconnect: kicking sessions for user=${USERNAME}"

KICKED=0

# ─── Method 1: pure-ftpwho (reports active sessions with PIDs) ───────────────
if command -v pure-ftpwho &>/dev/null; then
    # pure-ftpwho -n outputs lines like: <pid> <user> <ip> <path>
    while IFS= read -r line; do
        PID="$(echo "$line" | awk '{print $1}')"
        SESSION_USER="$(echo "$line" | awk '{print $2}')"
        if [[ "$SESSION_USER" == "$USERNAME" ]] && [[ "$PID" =~ ^[0-9]+$ ]]; then
            kill -TERM "$PID" 2>/dev/null && KICKED=$((KICKED + 1)) || true
            onx_log "ftp-disconnect: SIGTERM -> pid=${PID} user=${SESSION_USER}"
        fi
    done < <(pure-ftpwho -n 2>/dev/null || true)
fi

# ─── Method 2: Fallback — scan /proc for pure-ftpd processes owned by user ──
# This covers cases where pure-ftpwho is not available or returns nothing.
if [[ $KICKED -eq 0 ]]; then
    for PIDDIR in /proc/[0-9]*/; do
        PID="${PIDDIR//[^0-9]/}"
        [[ -z "$PID" ]] && continue
        # Read cmdline; check if pure-ftpd process
        CMDLINE="$(cat "/proc/${PID}/cmdline" 2>/dev/null | tr '\0' ' ' || true)"
        if [[ "$CMDLINE" == *pure-ftpd* ]]; then
            # Check if this process is running as the target user
            PROC_USER="$(stat -c '%U' "/proc/${PID}" 2>/dev/null || true)"
            if [[ "$PROC_USER" == "$USERNAME" ]]; then
                kill -TERM "$PID" 2>/dev/null && KICKED=$((KICKED + 1)) || true
                onx_log "ftp-disconnect: SIGTERM (fallback) -> pid=${PID} user=${PROC_USER}"
            fi
        fi
    done
fi

onx_log "ftp-disconnect: kicked=${KICKED} for user=${USERNAME}"
json_ok "{\"username\":\"${USERNAME}\",\"kicked\":${KICKED}}"
