from django.conf import settings
from ldap3 import Connection, Server, SYNC


def create_account(username, raw_password):
    connection = _get_connection()
    is_success = connection.add(
        f"cn={username},dc=local",
        ["simpleSecurityObject", "organizationalRole"],
        {"userPassword": raw_password},
    )
    return is_success


def account_exists(username):
    connection = _get_connection()
    exists = connection.search(f"cn={username},dc=local", "(objectclass=simpleSecurityObject)")
    return exists


def is_valid_account_data(username, raw_password):
    connection = _get_connection()
    is_valid = connection.search(
        f"cn={username},dc=local",
        "(objectclass=simpleSecurityObject)",
        attributes=["userPassword"],
    )
    if is_valid:
        is_valid = connection.entries[0]["userPassword"].value == raw_password
    return is_valid


def _get_connection():
    server = Server("localhost")
    # The SAFE_SYNC client strategy doesn't seem to be present in Buster version of ldap3. We might want to use it as
    # soon as it is available (multithreading).
    connection = Connection(
        server,
        settings.USERAUSFALL_LDAP["ADMIN_USER_DN"],
        settings.USERAUSFALL_LDAP["ADMIN_USER_PASSWORD"],
        client_strategy=SYNC,
        auto_bind=True,
    )
    return connection