#!/bin/bash

################################################################################
# Server Toolkit Data Cleanup
################################################################################
# Purpose: Remove all toolkit-generated data (for wiping before system transfer)
# Use Case: When moving toolkit to another server or fresh start
#
# What gets cleaned:
# - IP reputation database
# - Temporary analysis files
# - Cached data
# - Generated reports
# - Session data
################################################################################

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
source "$SCRIPT_DIR/lib/common-functions.sh"

# Require root
if [ "$EUID" -ne 0 ]; then
    print_error "This script must be run as root"
    exit 1
fi

print_banner "Server Toolkit Data Cleanup"

echo ""
echo -e "${YELLOW}${BOLD}⚠️  WARNING ⚠️${NC}"
echo ""
echo "This will remove ALL data collected by the Server Toolkit:"
echo ""
echo "  • IP reputation database (/var/lib/server-toolkit/)"
echo "  • Temporary analysis files (/tmp/)"
echo "  • Generated reports"
echo "  • Cached data"
echo "  • Session files"
echo ""
echo -e "${RED}This action CANNOT be undone!${NC}"
echo ""
echo "Use this when:"
echo "  ✓ Moving toolkit to a different server"
echo "  ✓ Starting fresh analysis"
echo "  ✓ Removing server-specific data before sharing"
echo ""
echo -e "${CYAN}────────────────────────────────────────────────────────────${NC}"
echo ""
read -p "Type 'yes' to confirm cleanup: " confirm

if [ "$confirm" != "yes" ]; then
    echo ""
    print_error "Cleanup cancelled"
    exit 0
fi

echo ""
echo "Starting cleanup..."
echo ""

# Track what was cleaned
cleaned_count=0
cleaned_size=0

# Function to safely remove directory/file and track size
safe_remove() {
    local path="$1"
    local description="$2"

    if [ -e "$path" ]; then
        # Calculate size before removing
        if [ -d "$path" ]; then
            size=$(du -sb "$path" 2>/dev/null | awk '{print $1}' || echo "0")
        else
            size=$(stat -c%s "$path" 2>/dev/null || echo "0")
        fi

        # Remove
        rm -rf "$path" 2>/dev/null

        if [ $? -eq 0 ]; then
            cleaned_size=$((cleaned_size + size))
            ((cleaned_count++))
            echo -e "  ${GREEN}✓${NC} Removed: $description"
            return 0
        else
            echo -e "  ${RED}✗${NC} Failed to remove: $description"
            return 1
        fi
    else
        echo -e "  ${DIM}○${NC} Not found: $description (already clean)"
        return 0
    fi
}

echo -e "${BOLD}IP Reputation Database:${NC}"
safe_remove "/var/lib/server-toolkit/ip-reputation" "IP reputation database (including hash index)"
safe_remove "/var/lib/server-toolkit" "Toolkit data directory"
echo ""

echo -e "${BOLD}Temporary Analysis Files:${NC}"
# Bot analyzer temp files
for pattern in /tmp/bot_analysis_* /tmp/*_bot_*.txt; do
    if ls $pattern 2>/dev/null | grep -q .; then
        rm -f $pattern 2>/dev/null
        echo -e "  ${GREEN}✓${NC} Removed: Bot analysis temp files"
        ((cleaned_count++))
        break
    fi
done

# 500 error tracker temp files
for pattern in /tmp/500-tracker-* /tmp/*500*.txt; do
    if ls $pattern 2>/dev/null | grep -q .; then
        rm -rf $pattern 2>/dev/null
        echo -e "  ${GREEN}✓${NC} Removed: 500 error tracker temp files"
        ((cleaned_count++))
        break
    fi
done

# Live monitoring temp files
for pattern in /tmp/live-monitor-* /tmp/*monitor*.tmp; do
    if ls $pattern 2>/dev/null | grep -q .; then
        rm -rf $pattern 2>/dev/null
        echo -e "  ${GREEN}✓${NC} Removed: Live monitoring temp files"
        ((cleaned_count++))
        break
    fi
done

# Error analyzer temp files
for pattern in /tmp/error_analysis_* /tmp/*error*.tmp; do
    if ls $pattern 2>/dev/null | grep -q .; then
        rm -f $pattern 2>/dev/null
        echo -e "  ${GREEN}✓${NC} Removed: Error analyzer temp files"
        ((cleaned_count++))
        break
    fi
done

# Generic toolkit temp files
for pattern in /tmp/toolkit_* /tmp/server-toolkit*; do
    if ls $pattern 2>/dev/null | grep -q .; then
        rm -rf $pattern 2>/dev/null
        echo -e "  ${GREEN}✓${NC} Removed: Generic toolkit temp files"
        ((cleaned_count++))
        break
    fi
done

echo ""

echo -e "${BOLD}Generated Reports:${NC}"
# Look for common report locations
for pattern in /tmp/*_report_*.txt /tmp/*_analysis_*.txt /root/*toolkit*.txt /root/*_report*.txt; do
    if ls $pattern 2>/dev/null | grep -q .; then
        count=$(ls $pattern 2>/dev/null | wc -l)
        rm -f $pattern 2>/dev/null
        echo -e "  ${GREEN}✓${NC} Removed: $count report file(s)"
        ((cleaned_count++))
        break
    fi
done

echo ""

echo -e "${BOLD}Cache and Session Data:${NC}"
# Cached analysis data
if [ -d "/var/cache/server-toolkit" ]; then
    safe_remove "/var/cache/server-toolkit" "Toolkit cache directory"
fi

# Session/lock files
for pattern in /var/run/server-toolkit* /var/lock/server-toolkit*; do
    if ls $pattern 2>/dev/null | grep -q .; then
        rm -f $pattern 2>/dev/null
        echo -e "  ${GREEN}✓${NC} Removed: Session/lock files"
        ((cleaned_count++))
        break
    fi
done

echo ""

echo -e "${BOLD}Log Files (Optional):${NC}"
echo -n "Remove toolkit execution logs? (yes/no) [no]: "
read remove_logs
remove_logs="${remove_logs:-no}"

if [ "$remove_logs" = "yes" ]; then
    for pattern in /var/log/server-toolkit*.log; do
        if ls $pattern 2>/dev/null | grep -q .; then
            count=$(ls $pattern 2>/dev/null | wc -l)
            rm -f $pattern 2>/dev/null
            echo -e "  ${GREEN}✓${NC} Removed: $count log file(s)"
            ((cleaned_count++))
            break
        fi
    done
else
    echo -e "  ${DIM}○${NC} Logs kept (skipped)"
fi

echo ""
echo -e "${CYAN}────────────────────────────────────────────────────────────${NC}"
echo ""

# Convert size to human readable
if [ "${cleaned_size:-0}" -lt 1024 ]; then
    size_human="${cleaned_size}B"
elif [ "${cleaned_size:-0}" -lt 1048576 ]; then
    size_human="$((cleaned_size / 1024))KB"
elif [ "${cleaned_size:-0}" -lt 1073741824 ]; then
    size_human="$((cleaned_size / 1048576))MB"
else
    size_human="$((cleaned_size / 1073741824))GB"
fi

echo -e "${GREEN}${BOLD}✓ Cleanup Complete!${NC}"
echo ""
echo "Summary:"
echo "  Items removed: $cleaned_count"
echo "  Space freed:   $size_human"
echo ""
echo "The toolkit is now clean and ready for:"
echo "  • Transfer to another server"
echo "  • Fresh analysis start"
echo "  • Sharing without server-specific data"
echo ""

# Verify critical directories are gone
missing=0
[ -d "/var/lib/server-toolkit" ] && { echo -e "${YELLOW}Warning: /var/lib/server-toolkit still exists${NC}"; ((missing++)); }
[ -d "/tmp/live-monitor-current" ] && { echo -e "${YELLOW}Warning: /tmp/live-monitor-current still exists${NC}"; ((missing++)); }

if [ "${missing:-0}" -gt 0 ]; then
    echo ""
    echo -e "${YELLOW}Some directories could not be removed (may be in use)${NC}"
    echo "Try stopping any running toolkit scripts and run cleanup again."
fi

echo ""

# Reset system detection cache so it re-detects on next menu display
unset SYS_DETECTION_COMPLETE
for var in $(compgen -e | grep "^SYS_"); do
    unset "$var"
done
echo -e "${CYAN}[INFO]${NC} System detection cache cleared - will re-detect on next menu"
echo ""

press_enter