import sys
import requests
import ssl
import json
import warnings
import urllib3.exceptions

warnings.simplefilter('ignore', urllib3.exceptions.InsecureRequestWarning)

count = len(sys.argv)
if count <= 8:
   print 
   print 
   print ("SYNTAX: url domain username password acces-code box-name record-name new-password")
   exit()

base_url     = sys.argv[1]
domain       = sys.argv[2]
username     = sys.argv[3]
password     = sys.argv[4]
accesscode   = sys.argv[5]
box_name     = sys.argv[6]
record_name  = sys.argv[7]
new_pswd     = sys.argv[8]

print ()
print ("url         = ", base_url)
print ("domain      = ", domain)
print ("username    = ", username)
print ("password    = ", password)
print ("acc-code    = ", accesscode)
print ("box-name    = ", box_name)
print ("record-name = ", record_name)
print ("new-pswd    = ", new_pswd)
print ()

session = requests.Session()

headers = {"Accept" : 'application/json', "SAB-Access-Code" : accesscode }

#_url = base_url + '/status'
#resp = session.get(_url, headers=headers, verify=False)
#print('\nSAB: ', response.text, '\n')

if domain != "":
    login =  domain + '\\' + username
    params = {
        "domain" : domain,   
        "login" : login,   
        "username" : username,   
        "password" : password,
    }
else:
    login = username
    params = {
        "login" : login,   
        "password" : password,
    }


url = base_url + '/api/login'

response = session.post(url, data=params, headers=headers, verify=False)

#print(response)
s = str(response)

if s.lower() != '<response [200]>':
    data = response.json()
    result = data["msg"]
    for rep in result:
        msg = rep['severity']
        if msg == 'ERROR':
            print('\n\n ERROR: ', rep['message'])

        exit()

url = base_url + '/safe/search/' + record_name
response = session.get(url, headers=headers, verify=False)

#print('\n', response.text, '\n')

data = response.json()
result = data["result"]

#print('\n')

for res in result:
    id = res["id"]
    name = res["name"]
    parent = res["parent"]
    owner = res["owner"]

    if owner != '':
      parent = parent + ' (' + owner + ')'

    print(id, name, parent)

    if name.upper() == record_name.upper() and parent.upper() == box_name.upper():

        # read record
        url = base_url + '/safe/records/' + str(id)
        response = session.get(url, headers=headers, verify=False)

        data = response.json()
        result = data["record"]

        id = res["id"]
        name = res["name"]
        type = res["template"]

        # read record secret fields
        url = url + '/passwords'
        response = session.get(url, headers=headers, verify=False)

        data = response.json()
        pswd = data["password"]

        # update record id, name and password
        print('\n\n record name  = ', name)
        print(    ' rec type     = ', type)
        print(    ' org password = ', pswd)
        print(    ' new password = ', new_pswd)

        if pswd == new_pswd:
            print('\n\n new and original passwords are the same')
            exit()

        params = {
            "password"   : new_pswd,   
            "passwordRe" : new_pswd
        }
        obj = json.dumps(params)

        url = base_url + '/safe/records/' + str(id) + '/passwords'
        response = session.post(url, data=obj, headers=headers, verify=False)

        data = response.json()
        result = data["msg"]
        for rep in result:
            msg = rep['severity']
            if msg == 'ERROR':
                print('\n\n ERROR: ', rep['message'])
            else:
                print('\n\n password updated.')

            exit()

print('\n\n', record_name, 'not found')