#!/bin/bash
# Complete Network Discovery Workflow
# Automatically scans network, integrates pfSense XML, and generates diagrams

set -e

echo "=========================================="
echo "Complete Network Discovery Workflow"
echo "=========================================="
echo ""

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color

log_info() {
    echo -e "${BLUE}[INFO]${NC} $1"
}

log_success() {
    echo -e "${GREEN}[SUCCESS]${NC} $1"
}

log_warning() {
    echo -e "${YELLOW}[WARNING]${NC} $1"
}

log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
}

# Move old results to results folder
log_info "Moving old results to results folder..."
mkdir -p results
mv network_scan_*.json server_details_*.json network_summary_*.md *_failed_ssh.json results/ 2>/dev/null || true
if [ $? -eq 0 ] && [ "$(ls results/ 2>/dev/null | wc -l)" -gt 0 ]; then
    log_info "Moved old result files to results/ folder"
fi

# Check if we're in the right directory
if [ ! -f "src/integrated_scanner.py" ]; then
    log_error "src/integrated_scanner.py not found. Please run this script from the network scanner directory."
    exit 1
fi

# Check for pfSense XML files
XML_FILES=$(ls *.xml 2>/dev/null | wc -l)
if [ "$XML_FILES" -gt 0 ]; then
    log_info "Found $XML_FILES pfSense XML configuration file(s)"
else
    log_warning "No pfSense XML files found. Network scan will proceed without pfSense integration."
fi

# Step 1: Run system verification
log_info "Step 1: Verifying system requirements..."
if python3 src/test_system.py >/dev/null 2>&1; then
    log_success "System verification passed"
else
    log_error "System verification failed. Please check the output above."
    exit 1
fi

# Step 2: Run integrated network scan
log_info "Step 2: Running integrated network scan..."
SCAN_OUTPUT="network_scan_$(date +%Y%m%d_%H%M%S).json"
if python3 src/integrated_scanner.py -o "$SCAN_OUTPUT" -v; then
    log_success "Network scan completed: $SCAN_OUTPUT"
    
    # Check for failed SSH hosts file
    FAILED_SSH_OUTPUT="${SCAN_OUTPUT%.json}_failed_ssh.json"
    if [ -f "$FAILED_SSH_OUTPUT" ]; then
        FAILED_COUNT=$(jq '.total_failed' "$FAILED_SSH_OUTPUT" 2>/dev/null || echo "unknown")
        log_warning "Found $FAILED_COUNT hosts with SSH port open but failed authentication: $FAILED_SSH_OUTPUT"
    fi
else
    log_error "Network scan failed"
    exit 1
fi

# Step 3: Collect server information from hypervisors
log_info "Step 3: Collecting server information from hypervisors..."
SERVER_OUTPUT="server_details_$(date +%Y%m%d_%H%M%S).json"
if python3 src/server_info_collector.py -o "$SERVER_OUTPUT"; then
    log_success "Server information collected: $SERVER_OUTPUT"
else
    log_warning "Server information collection failed"
fi

# Step 5: Generate pfSense summary if XML files exist
if [ "$XML_FILES" -gt 0 ]; then
    log_info "Step 5: Generating pfSense network summary..."
    SUMMARY_OUTPUT="network_summary_$(date +%Y%m%d_%H%M%S).md"
    if python3 src/pfsense_integrator.py *.xml --summary "$SUMMARY_OUTPUT"; then
        log_success "Network summary generated: $SUMMARY_OUTPUT"
    else
        log_warning "Network summary generation failed"
    fi
fi

# Step 6: Show results summary
echo ""
echo "=========================================="
log_success "Network Discovery Complete!"
echo "=========================================="
echo ""
echo "Generated files:"
echo "  📊 Network Scan: $SCAN_OUTPUT"
if [ -f "$SERVER_OUTPUT" ]; then
    echo "  🖥️  Server Details: $SERVER_OUTPUT"
fi
if [ -f "$FAILED_SSH_OUTPUT" ]; then
    echo "  🔐 Failed SSH Hosts: $FAILED_SSH_OUTPUT"
fi
if [ "$XML_FILES" -gt 0 ]; then
    echo "  📋 Network Summary: $SUMMARY_OUTPUT"
fi
echo ""

# Show network statistics
if command -v jq >/dev/null 2>&1; then
    echo "Network Statistics:"
    TOTAL_SEGMENTS=$(jq '.segments | length' "$SCAN_OUTPUT")
    TOTAL_DEVICES=$(jq '[.segments[].devices[]] | length' "$SCAN_OUTPUT")
    PFSENSE_DEVICES=$(jq '[.segments[].devices[] | select(.device_type=="firewall")] | length' "$SCAN_OUTPUT")
    
    echo "  📡 Network Segments: $TOTAL_SEGMENTS"
    echo "  🖥️  Total Devices: $TOTAL_DEVICES"
    echo "  🛡️  pfSense Firewalls: $PFSENSE_DEVICES"
    echo ""
fi

echo "Next steps:"
if [ -f "$SERVER_OUTPUT" ]; then
    echo "  1. Review $SERVER_OUTPUT for detailed server and VM information"
    STEP_NUM=2
else
    STEP_NUM=1
fi
if [ -f "$FAILED_SSH_OUTPUT" ]; then
    echo "  $STEP_NUM. Review $FAILED_SSH_OUTPUT for hosts needing SSH credential fixes"
    STEP_NUM=$((STEP_NUM + 1))
fi
if [ "$XML_FILES" -gt 0 ]; then
    echo "  $STEP_NUM. Review $SUMMARY_OUTPUT for detailed pfSense configuration"
    STEP_NUM=$((STEP_NUM + 1))
fi
echo "  $STEP_NUM. Examine $SCAN_OUTPUT for complete network data (use jq for querying)"
echo ""

log_success "Workflow completed successfully! 🎉"