# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at https://mozilla.org/MPL/2.0/.
# Copyright (c) 2017 Mozilla Corporation

import re


class message(object):

    def __init__(self):
        '''
        takes an incoming su message
        and parses it to extract data points
        '''

        self.registration = ['sshd']
        self.priority = 5

    def onMessage(self, message, metadata):

        self.session_regexp = re.compile(r'^pam_unix\(su(?:-l)?\:session\)\: session (?P<status>\w+) for user (?P<username>\w+)(?: (?:by (?:(?P<originuser>\w+))?\(uid\=(?P<uid>[0-9]+)\)?)?)?$')

        if 'details' in message:
            if 'program' in message['details']:
                if message['details']['program'] == 'su':
                    msg_unparsed = message['summary']
                    if msg_unparsed.startswith('pam_unix'):
                        session_search = re.search(self.session_regexp, msg_unparsed)
                        if session_search:
                            message['details']['originuser'] = session_search.group('originuser')
                            message['details']['status'] = session_search.group('status')
                            message['details']['uid'] = session_search.group('uid')
                            message['details']['username'] = session_search.group('username')

        return (message, metadata)