from random import SystemRandom
from uuid import uuid4

def generate_secret_key():
  cryptogen = SystemRandom()
  return  str(cryptogen.getrandbits(256))


def add_enterprise_config_defaults(config_obj, current_secret_key):
  """ Adds/Sets the config defaults for enterprise registry config. """
  # These have to be false.
  config_obj['TESTING'] = False
  config_obj['USE_CDN'] = False

  # Default for V3 upgrade.
  config_obj['V3_UPGRADE_MODE'] = config_obj.get('V3_UPGRADE_MODE', 'complete')

  # Defaults for Red Hat Quay.
  config_obj['REGISTRY_TITLE'] = config_obj.get('REGISTRY_TITLE', 'Red Hat Quay')
  config_obj['REGISTRY_TITLE_SHORT'] =  config_obj.get('REGISTRY_TITLE_SHORT', 'Red Hat Quay')

  # Default features that are on.
  config_obj['FEATURE_USER_LOG_ACCESS'] = config_obj.get('FEATURE_USER_LOG_ACCESS', True)
  config_obj['FEATURE_USER_CREATION'] = config_obj.get('FEATURE_USER_CREATION', True)
  config_obj['FEATURE_ANONYMOUS_ACCESS'] = config_obj.get('FEATURE_ANONYMOUS_ACCESS', True)
  config_obj['FEATURE_REQUIRE_TEAM_INVITE'] = config_obj.get('FEATURE_REQUIRE_TEAM_INVITE', True)
  config_obj['FEATURE_CHANGE_TAG_EXPIRATION'] = config_obj.get('FEATURE_CHANGE_TAG_EXPIRATION',
                                                               True)
  config_obj['FEATURE_DIRECT_LOGIN'] = config_obj.get('FEATURE_DIRECT_LOGIN', True)
  config_obj['FEATURE_APP_SPECIFIC_TOKENS'] = config_obj.get('FEATURE_APP_SPECIFIC_TOKENS', True)
  config_obj['FEATURE_PARTIAL_USER_AUTOCOMPLETE'] = config_obj.get('FEATURE_PARTIAL_USER_AUTOCOMPLETE', True)
  config_obj['FEATURE_USERNAME_CONFIRMATION'] = config_obj.get('FEATURE_USERNAME_CONFIRMATION', True)
  config_obj['FEATURE_RESTRICTED_V1_PUSH'] = config_obj.get('FEATURE_RESTRICTED_V1_PUSH', True)

  # Default features that are off.
  config_obj['FEATURE_MAILING'] = config_obj.get('FEATURE_MAILING', False)
  config_obj['FEATURE_BUILD_SUPPORT'] = config_obj.get('FEATURE_BUILD_SUPPORT', False)
  config_obj['FEATURE_ACI_CONVERSION'] = config_obj.get('FEATURE_ACI_CONVERSION', False)
  config_obj['FEATURE_APP_REGISTRY'] = config_obj.get('FEATURE_APP_REGISTRY', False)
  config_obj['FEATURE_REPO_MIRROR'] = config_obj.get('FEATURE_REPO_MIRROR', False)

  # Default repo mirror config.
  config_obj['REPO_MIRROR_TLS_VERIFY'] = config_obj.get('REPO_MIRROR_TLS_VERIFY', True)
  config_obj['REPO_MIRROR_SERVER_HOSTNAME'] = config_obj.get('REPO_MIRROR_SERVER_HOSTNAME', None)

  # Default the signer config.
  config_obj['GPG2_PRIVATE_KEY_FILENAME'] = config_obj.get('GPG2_PRIVATE_KEY_FILENAME',
                                                           'signing-private.gpg')
  config_obj['GPG2_PUBLIC_KEY_FILENAME'] = config_obj.get('GPG2_PUBLIC_KEY_FILENAME',
                                                          'signing-public.gpg')
  config_obj['SIGNING_ENGINE'] = config_obj.get('SIGNING_ENGINE', 'gpg2')

  # Default security scanner config.
  config_obj['FEATURE_SECURITY_NOTIFICATIONS'] = config_obj.get(
    'FEATURE_SECURITY_NOTIFICATIONS', True)

  config_obj['FEATURE_SECURITY_SCANNER'] = config_obj.get(
    'FEATURE_SECURITY_SCANNER', False)

  config_obj['SECURITY_SCANNER_ISSUER_NAME'] = config_obj.get(
    'SECURITY_SCANNER_ISSUER_NAME', 'security_scanner')

  # Default time machine config.
  config_obj['TAG_EXPIRATION_OPTIONS'] = config_obj.get('TAG_EXPIRATION_OPTIONS',
                                                        ['0s', '1d', '1w', '2w', '4w'])
  config_obj['DEFAULT_TAG_EXPIRATION'] = config_obj.get('DEFAULT_TAG_EXPIRATION', '2w')

  # Default mail setings.
  config_obj['MAIL_USE_TLS'] = config_obj.get('MAIL_USE_TLS', True)
  config_obj['MAIL_PORT'] = config_obj.get('MAIL_PORT', 587)
  config_obj['MAIL_DEFAULT_SENDER'] = config_obj.get('MAIL_DEFAULT_SENDER', 'support@quay.io')

  # Default auth type.
  if not 'AUTHENTICATION_TYPE' in config_obj:
    config_obj['AUTHENTICATION_TYPE'] = 'Database'

  # Default secret key.
  if not 'SECRET_KEY' in config_obj:
    if current_secret_key:
      config_obj['SECRET_KEY'] = current_secret_key
    else:
      config_obj['SECRET_KEY'] = generate_secret_key()

  # Default database secret key.
  if not 'DATABASE_SECRET_KEY' in config_obj:
    config_obj['DATABASE_SECRET_KEY'] = generate_secret_key()

  # Default torrent pepper.
  if not 'BITTORRENT_FILENAME_PEPPER' in config_obj:
    config_obj['BITTORRENT_FILENAME_PEPPER'] = str(uuid4())

  # Default storage configuration.
  if not 'DISTRIBUTED_STORAGE_CONFIG' in config_obj:
    config_obj['DISTRIBUTED_STORAGE_PREFERENCE'] = ['default']
    config_obj['DISTRIBUTED_STORAGE_CONFIG'] = {
      'default': ['LocalStorage', {'storage_path': '/datastorage/registry'}]
    }

    config_obj['USERFILES_LOCATION'] = 'default'
    config_obj['USERFILES_PATH'] = 'userfiles/'

    config_obj['LOG_ARCHIVE_LOCATION'] = 'default'

  # Misc configuration.
  config_obj['PREFERRED_URL_SCHEME'] = config_obj.get('PREFERRED_URL_SCHEME', 'http')
  config_obj['ENTERPRISE_LOGO_URL'] = config_obj.get(
    'ENTERPRISE_LOGO_URL', '/static/img/quay-horizontal-color.svg')
  config_obj['TEAM_RESYNC_STALE_TIME'] = config_obj.get('TEAM_RESYNC_STALE_TIME', '60m')