# -*- mode: python -*-

Import("env")

env = env.Clone()

env.SConscript(
    dirs=[
        'external',
    ],
    exports=[
        'env',
    ],
)

generateActionTypes = env.Command(
    target=[
        'action_type.h', 'action_type.cpp'
    ],
    source=[
        'generate_action_types.py',
        'action_types.txt'
    ],
    action='$PYTHON $SOURCES $TARGETS',
)

env.Alias('generated-sources', generateActionTypes)

env.Library(
    target='auth_rolename',
    source=[
        'role_name.cpp'
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/base',
    ],
)

env.Library(
    target='authentication_restriction',
    source=[
        'restriction_environment.cpp',
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/util/net/network',
    ],
)

env.CppUnitTest(
    target='restriction_test',
    source=[
        'restriction_test.cpp',
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/base',
        'authentication_restriction',
    ],
)

# The Auth library should consist only of the shimmed API for Auth usage and the implementations of
# the data structures used in that API.  No actual Auth subsystem implementation should exist in
# this library.
env.Library(
    target='auth',
    source=[
        'authorization_manager.cpp',
        'authorization_session.cpp',
        'auth_decorations.cpp',
    ],
    LIBDEPS=[
        'auth_rolename',
        'user_name',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/db/service_context',
        '$BUILD_DIR/mongo/rpc/audit_metadata',
    ],
)


env.Library(
    target='user_name',
    source=[
        'user_name.cpp',
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/base',
    ],
)

env.Library(
    target='user',
    source=[
        'user.cpp',
    ],
    LIBDEPS=[
        'authprivilege',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/crypto/sha_block_${MONGO_CRYPTO}',
    ],
)

env.Library(
    target='auth_impl_internal_local',
    source=[
        'authz_manager_external_state_local.cpp',
    ],
    LIBDEPS=[
        'auth_impl_internal',
    ],
)

env.Library(
    target="role_graph",
    source=[
        'role_graph.cpp',
        'role_graph_builtin_roles.cpp',
    ],
    LIBDEPS=[
        'auth',
        'authprivilege',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/bson/mutable/mutable_bson',
    ],
)

env.Library(
    target='user_document_parser',
    source=[
        'user_document_parser.cpp',
    ],
    LIBDEPS=[
        'auth',
        'user',
        'role_graph_update',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/bson/mutable/mutable_bson',
        '$BUILD_DIR/mongo/bson/util/bson_extract',
    ],
)

env.Library(
    target='role_graph_update',
    source=[
        'role_graph_update.cpp',
    ],
    LIBDEPS=[
        'auth',
        'role_graph',
        '$BUILD_DIR/mongo/db/update/update_driver',
    ],
)

env.Library(
    target='auth_impl_internal',
    source=[
        'authorization_manager_impl.cpp',
        'authorization_session_impl.cpp',
        'authz_manager_external_state.cpp',
        'authz_session_external_state.cpp',
        'user_set.cpp',
    ],
    LIBDEPS=[
        'address_restriction',
        'auth',
        'auth_rolename',
        'authentication_restriction',
        'authorization_manager_global',
        'authprivilege',
        'role_graph',
        'sasl_options',
        'user',
        'user_document_parser',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/base/secure_allocator',
        '$BUILD_DIR/mongo/bson/mutable/mutable_bson',
        '$BUILD_DIR/mongo/bson/util/bson_extract',
        '$BUILD_DIR/mongo/db/catalog/document_validation',
        '$BUILD_DIR/mongo/db/common',
        '$BUILD_DIR/mongo/db/global_settings',
        '$BUILD_DIR/mongo/db/namespace_string',
        '$BUILD_DIR/mongo/db/pipeline/lite_parsed_document_source',
        '$BUILD_DIR/mongo/db/update/update_driver',
        '$BUILD_DIR/mongo/util/icu',
        '$BUILD_DIR/mongo/util/net/ssl_manager',
        '$BUILD_DIR/mongo/util/net/ssl_types',
    ],
)

env.Library(
    target='authprivilege',
    source=[
        'action_set.cpp',
        'action_type.cpp',
        'impersonation_session.cpp',
        'privilege.cpp',
        'privilege_parser.cpp',
        'resource_pattern.cpp',
        'user_management_commands_parser.cpp',
    ],
    LIBDEPS=[
        'auth',
        'address_restriction',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/bson/mutable/mutable_bson',
        '$BUILD_DIR/mongo/db/common',
    ],
)

env.Library(
    target='internal_user_auth',
    source=[
        'internal_user_auth.cpp',
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/bson/mutable/mutable_bson',
        '$BUILD_DIR/mongo/bson/util/bson_extract',
    ],
)

env.Library(
    target='authorization_manager_global',
    source=[
        'authorization_manager_global.cpp',
    ],
    LIBDEPS=[
        'auth',
        '$BUILD_DIR/mongo/db/server_options_core',
        '$BUILD_DIR/mongo/db/service_context',
    ],
)

env.Library(
    target='security_key',
    source=[
        'security_key.cpp',
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/base',
    ],
    LIBDEPS_PRIVATE=[
        'internal_user_auth',
        'sasl_options',
        'security_file',
        'user',
        '$BUILD_DIR/mongo/base/secure_allocator',
        '$BUILD_DIR/mongo/crypto/sha_block_${MONGO_CRYPTO}',
        '$BUILD_DIR/mongo/util/md5',
    ],
)

## NOTE: We could make external auth non-optional by removing this
## predicate check on the SASL_CLIENT flag.
optionalExternalSaslDeps = []
if env['MONGO_BUILD_SASL_CLIENT']:
    optionalExternalSaslDeps = ['external/externalsaslauth']

env.Library(
    target='authservercommon',
    source=[
        'authz_session_external_state_server_common.cpp',
        'sasl_commands.cpp',
    ],
    LIBDEPS=[
        'auth',
        'internal_user_auth',
        'auth_impl_internal',
        'authorization_manager_global',
        'saslauth',
        'security_file',
    ] + optionalExternalSaslDeps,
    LIBDEPS_PRIVATE=[
        '$BUILD_DIR/mongo/client/sasl_client',
        '$BUILD_DIR/mongo/db/audit',
        '$BUILD_DIR/mongo/db/commands',
        '$BUILD_DIR/mongo/db/commands/servers',
        '$BUILD_DIR/mongo/db/commands/test_commands_enabled',
    ],
)

env.Library(
    target='security_file',
    source=[
        'security_file.cpp',
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/db/server_options_core',
    ],
)

env.Library(
    target='sasl_options',
    source=[
        'sasl_options.cpp',
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/db/server_parameters',
        '$BUILD_DIR/mongo/util/net/network',
        '$BUILD_DIR/mongo/util/options_parser/options_parser',
    ],
)

env.Library(
    target='saslauth',
    source=[
        'sasl_mechanism_registry.cpp',
        'sasl_plain_server_conversation.cpp',
        'sasl_scram_server_conversation.cpp',
    ],
    LIBDEPS=[
        'auth',
        'authprivilege',
        'sasl_options',
        'user',
        'user_name',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/base/secure_allocator',
        '$BUILD_DIR/mongo/crypto/sha_block_${MONGO_CRYPTO}',
        '$BUILD_DIR/mongo/db/commands/test_commands_enabled',
        '$BUILD_DIR/mongo/util/icu',
        '$BUILD_DIR/mongo/util/md5',
        '$BUILD_DIR/mongo/util/net/network',
    ],
)

env.CppUnitTest(target='sasl_mechanism_registry_test',
                source=[
                    'sasl_mechanism_registry_test.cpp',
                ],
                LIBDEPS=[
                    '$BUILD_DIR/mongo/db/service_context_test_fixture',
                    'authmocks',
                    'saslauth',
                ])

env.Library(
    target='authmongod',
    source=[
        'authz_manager_external_state_d.cpp',
        'authz_session_external_state_d.cpp',
    ],
    LIBDEPS=[
        'authservercommon',
        'auth_impl_internal_local',
        '$BUILD_DIR/mongo/db/db_raii',
        '$BUILD_DIR/mongo/db/dbdirectclient',
        '$BUILD_DIR/mongo/db/dbhelpers',
        '$BUILD_DIR/mongo/db/repl/repl_coordinator_interface',
        '$BUILD_DIR/mongo/db/server_parameters',
    ],
)

env.Library(
    target='authmongos',
    source=[
        'authz_manager_external_state_s.cpp',
        'authz_session_external_state_s.cpp',
        'user_cache_invalidator_job.cpp'],
    LIBDEPS=[
        'authservercommon',
        '$BUILD_DIR/mongo/s/catalog/dist_lock_manager',
        '$BUILD_DIR/mongo/s/coreshard',
    ],
)

env.Library(
    target='authmocks',
    source=[
        'authz_manager_external_state_mock.cpp',
        'authz_session_external_state_mock.cpp',
    ],
    LIBDEPS=[
        '$BUILD_DIR/mongo/db/matcher/expressions',
        '$BUILD_DIR/mongo/db/service_context',
        '$BUILD_DIR/mongo/db/update/update_driver',
        'auth',
        'auth_impl_internal',
        'auth_impl_internal_local',
    ],
)

env.CppUnitTest(
    target='action_set_test',
    source=[
        'action_set_test.cpp'
    ],
    LIBDEPS=[
        'auth',
        'authmocks',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
    ],
)

env.CppUnitTest(
    target='privilege_parser_test',
    source=[
        'privilege_parser_test.cpp',
    ],
    LIBDEPS=[
        'auth',
        'authmocks',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
    ],
)

env.CppUnitTest(
    target='role_graph_test',
    source=[
        'role_graph_test.cpp',
    ],
    LIBDEPS=[
        'auth',
        'authmocks',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
    ],
)

env.CppUnitTest(
    target='user_document_parser_test',
    source=[
        'user_document_parser_test.cpp',
    ],
    LIBDEPS=[
        'auth',
        'authmocks',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
    ],
)

env.CppUnitTest(
    target='user_set_test',
    source=[
        'user_set_test.cpp',
    ],
    LIBDEPS=[
        'auth',
        'authmocks',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
    ],
)

env.CppUnitTest(
    target='authorization_manager_test',
    source=[
        'authorization_manager_test.cpp',
    ],
    LIBDEPS=[
        'auth',
        'authmocks',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
        '$BUILD_DIR/mongo/transport/transport_layer_common',
        '$BUILD_DIR/mongo/transport/transport_layer_mock',
    ],
)

env.CppUnitTest(
    target='authorization_session_test',
    source=[
        'authorization_session_test.cpp',
        'authorization_session_for_test.cpp',
    ],
    LIBDEPS=[
        'auth',
        'authmocks',
        'auth_impl_internal',
        'saslauth',
        '$BUILD_DIR/mongo/db/pipeline/pipeline',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
        '$BUILD_DIR/mongo/transport/transport_layer_mock',
    ],
)

env.Library(
    target='address_restriction',
    source=[
        'address_restriction.cpp',
        env.Idlc('address_restriction.idl')[0],
    ],
    LIBDEPS_PRIVATE=[
        'authentication_restriction',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/util/net/network',
        '$BUILD_DIR/mongo/idl/idl_parser',
    ],
)

env.CppUnitTest(
    target='address_restriction_test',
    source=[
        'address_restriction_test.cpp',
    ],
    LIBDEPS=[
        'address_restriction',
        '$BUILD_DIR/mongo/base',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
        '$BUILD_DIR/mongo/util/net/network',
    ],
)

env.CppUnitTest(
    target='sasl_scram_test',
    source=[
        'sasl_authentication_session_test.cpp',
        'sasl_scram_test.cpp',
    ],
    LIBDEPS_PRIVATE=[
        'authmocks',
        'saslauth',
        '$BUILD_DIR/mongo/client/sasl_client',
        '$BUILD_DIR/mongo/db/service_context_test_fixture',
    ],
)

