#!/usr/bin/perl

use strict;
use warnings;
use perunServicesInit;
use perunServicesUtils;
use File::Basename;

local $::SERVICE_NAME = basename($0);
local $::PROTOCOL_VERSION = "3.0.0";
my $SCRIPT_VERSION = "3.2.0";

perunServicesInit::init;
my $directory = perunServicesInit::getDirectory;
my $data = perunServicesInit::getHashedDataWithGroups;

our $A_PRINCIPAL;            *A_PRINCIPAL =           \'urn:perun:user:attribute-def:def:kerberosAdminPrincipal';
our $A_USER_STATUS;          *A_USER_STATUS =         \'urn:perun:member:attribute-def:core:status';

my $kerberosLogins = (); # $kerberosLogins->{principal} = 1

foreach my $resourceId ($data->getResourceIds()) {

	foreach my $memberId ($data->getMemberIdsForResource(resource => $resourceId)) {

		next if $data->getMemberAttributeValue( member => $memberId, attrName => $A_USER_STATUS ) ne 'VALID';

		my $principal = $data->getUserAttributeValue( member => $memberId, attrName => $A_PRINCIPAL );
		$kerberosLogins->{$principal} = 1;

	}

}

####### output file ######################
my $service_file_name = "$directory/$::SERVICE_NAME";
open SERVICE_FILE,">$service_file_name" or die "Cannot open $service_file_name: $! \n";
foreach my $principal (sort keys %$kerberosLogins) {
	print SERVICE_FILE $principal . "\n";
}
close(SERVICE_FILE);

perunServicesInit::finalize;
