#!/usr/bin/perl

# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# This Source Code Form is "Incompatible With Secondary Licenses", as
# defined by the Mozilla Public License, v. 2.0.
#
# Usage secbugsreport.pl YYYY MM DD, e.g. secbugsreport.pl $(date +'%Y %m %d')

use 5.10.1;
use strict;
use warnings;

use lib qw(. lib local/lib/perl5);

use Bugzilla;
use Bugzilla::Component;
use Bugzilla::Constants;
use Bugzilla::Error;
use Bugzilla::Mailer;
use Bugzilla::Report::SecurityRisk;

use DateTime;
use URI;
use JSON::MaybeXS;

BEGIN { Bugzilla->extensions }
Bugzilla->usage_mode(USAGE_MODE_CMDLINE);

exit 0 unless Bugzilla->params->{report_secbugs_active};
exit 0 unless defined $ARGV[0] && defined $ARGV[1] && defined $ARGV[2];

my $html;
my $template     = Bugzilla->template();
my $end_date     = DateTime->new( year => $ARGV[0], month => $ARGV[1], day => $ARGV[2] );
my $start_date   = $end_date->clone()->subtract( months => 6 );
my $report_week  = $end_date->ymd('-');
my $products     = decode_json( Bugzilla->params->{report_secbugs_products} );
my $sec_keywords = [ 'sec-critical', 'sec-high' ];
my $report       = Bugzilla::Report::SecurityRisk->new(
    start_date   => $start_date,
    end_date     => $end_date,
    products     => $products,
    sec_keywords => $sec_keywords
);
my $vars = {
    urlbase         => Bugzilla->localconfig->{urlbase},
    report_week     => $report_week,
    products        => $products,
    sec_keywords    => $sec_keywords,
    results         => $report->results,
    build_bugs_link => \&build_bugs_link,
};

$template->process( 'reports/email/security-risk.html.tmpl', $vars, \$html )
    or ThrowTemplateError( $template->error() );

# For now, only send HTML email.
my $email = Email::MIME->create(
    header_str => [
        From    => Bugzilla->params->{'mailfrom'},
        To      => Bugzilla->params->{report_secbugs_emails},
        Subject => "Security Bugs Report for $report_week",
        'X-Bugzilla-Type' => 'admin'
    ],
    attributes => {
        content_type => 'text/html',
        charset      => 'UTF-8',
        encoding     => 'quoted-printable',
    },
    body_str => $html,
);

MessageToMTA($email);

sub build_bugs_link {
    my ( $arr, $product ) = @_;
    my $uri = URI->new( Bugzilla->localconfig->{urlbase} . 'buglist.cgi' );
    $uri->query_param( bug_id => ( join ',', @$arr ) );
    $uri->query_param( product => $product ) if $product;
    return $uri->as_string;
}