import os
import sys
import json
import logging
import platform
from mde_tools.os_version import os_version
from types import SimpleNamespace

LOGGER_NAME = 'support_tool'
log = logging.getLogger(LOGGER_NAME)

MDE_PATH_CONFIG="/etc/opt/microsoft/mdatp/mde_path.json"
def get_custom_base_path():
    """Get the custom base path from /etc/opt/microsoft/mdatp/mde_path.json."""
    default_base_path = "/"
    
    if os.path.exists(MDE_PATH_CONFIG):
        try:
            with open(MDE_PATH_CONFIG, 'r', encoding='utf-8') as f:
                data = json.load(f)
                custom_path = data.get("path")
                if custom_path:
                    return custom_path
        except (json.JSONDecodeError, IOError) as e:
            # Log the error for debugging purposes
            log.error(f"Error reading config file {MDE_PATH_CONFIG}: {e}", file=sys.stderr)
    
    return default_base_path

# Dynamically determine the base directory
BASE_DIR = get_custom_base_path()
log.info(f"Base directory for client analyser collection: {BASE_DIR}")

# determine if application is a script file or compiled ELF
IS_COMPILED_AS_BINARY = getattr(sys, 'frozen', False)
SUPPORT_TOOL_ROOT_DIRECTORY = os.path.join(os.path.dirname(sys.executable)) if IS_COMPILED_AS_BINARY else os.path.join(os.path.dirname(os.path.realpath(__file__)))
XSLT_FILENAME = 'report.xslt'
XML_FILENAME = 'events.xml'
XSLT_PERF_EPS_REPORT_PATH = os.path.join(SUPPORT_TOOL_ROOT_DIRECTORY, 'perf_eps_top_event_report.xslt')
XSLT_REPORT_PATH = os.path.join(SUPPORT_TOOL_ROOT_DIRECTORY, XSLT_FILENAME)
XML_EVENTS_PATH = os.path.join(SUPPORT_TOOL_ROOT_DIRECTORY, XML_FILENAME)
SUPPORTED_DISTROS_FILE_PATH = os.path.join(SUPPORT_TOOL_ROOT_DIRECTORY, "supported_distros.json")
EXTERNAL_DEPENDENCY_FILE_PATH = os.path.join(SUPPORT_TOOL_ROOT_DIRECTORY, "external_deps.json")
FOLDER_PERM_FILE_PATH = os.path.join(SUPPORT_TOOL_ROOT_DIRECTORY, "folder_perm.json")
MINIMUM_MACOS_VERSION = os_version("10.14")
MINIMUM_UBUNTU_VERSION = os_version("16.04")
MINIMUM_CENTOS_VERSION = os_version("6.7")
MINIMUM_RHEL_VERSION = os_version("6.7")
CENTOS_RHEL_PREVIEW_RANGE = SimpleNamespace(min=os_version("6.7"), max=os_version("6.10"))
MACOS_PREFIX = 2
LINUX_PREFIX = 3
LINUX_PLATFORM = 'Linux'
MACOS_PLATFORM = 'macOS'
LINUX_SUPPORTED_VERSIONS = 9
NETEXT_CONFIG_FILE_PATH = r"/Applications/Microsoft Defender.app/Contents/Resources/Tools/netext_config"
STATE_DIR = os.path.join(BASE_DIR, "var/opt/microsoft/mdatp")
WDAVENGINE_PATH = os.path.join(STATE_DIR, "wdavengine")
CONFIG_DIR = os.path.join(BASE_DIR, "etc/opt/microsoft/mdatp")

WDAV_STATE = {LINUX_PLATFORM: '/var/opt/microsoft/mdatp/wdavstate', MACOS_PLATFORM:'/Library/Application Support/Microsoft/Defender/wdavstate'}
MDATP_MANAGED = {LINUX_PLATFORM: os.path.join(CONFIG_DIR, "managed/mdatp_managed.json"), MACOS_PLATFORM:'/Library/Managed Preferences/com.microsoft.wdav.plist'}
ONBOARDING_JSON = {LINUX_PLATFORM:'/etc/opt/microsoft/mdatp/mdatp_onboard.json', MACOS_PLATFORM:'/Library/Application Support/Microsoft/Defender/com.microsoft.wdav.atp.plist'}
MDEATTACH_MANAGED = {LINUX_PLATFORM: os.path.join(CONFIG_DIR, "managed/mdeattach_managed.json"), MACOS_PLATFORM: '/Library/Managed Preferences/com.microsoft.mdeattach.plist'}
WDAV_CFG = {LINUX_PLATFORM: os.path.join(CONFIG_DIR, "wdavcfg"), MACOS_PLATFORM: '/Library/Application Support/Microsoft/Defender/wdavcfg'}
INSTALL_PATH = os.path.join(BASE_DIR, "opt/microsoft/mdatp")
INSTALL_BINARIES = os.path.join(INSTALL_PATH, "sbin")
LOG_DIR = {LINUX_PLATFORM: '/var/log/microsoft/mdatp', MACOS_PLATFORM : '/Library/Logs/Microsoft/mdatp'}
LOG_DIR_OPT= os.path.join(INSTALL_PATH, "log")
SERVICE_EXTRA_CONFIG_DIR = "/etc/systemd/system/mdatp.service.d"
MERGED_CONFIG_OPT = os.path.join(LOG_DIR_OPT, "microsoft_defender_core.log")
MERGED_CONFIG_ROTATED_DIR_OPT = os.path.join(LOG_DIR_OPT, "rotated")
MERGED_CONFIG = {LINUX_PLATFORM: '/var/log/microsoft/mdatp/microsoft_defender_core.log', MACOS_PLATFORM: '/Library/Logs/Microsoft/mdatp/microsoft_defender_core.log'}
MERGED_CONFIG_ROTATED_DIR = {LINUX_PLATFORM : '/var/log/microsoft/mdatp/rotated', MACOS_PLATFORM: '/Library/Logs/Microsoft/mdatp/rotated'}
ENGINEDB_DIR = os.path.join(STATE_DIR, "enginedb")
CRASH_REPORTS = os.path.join(STATE_DIR, "crash")
WDAV_DIAGNOSTIC_PATH = os.path.join(STATE_DIR, "wdavdiag/")
MDE_PATH_FALLBACK="/opt/microsoft/mdatp/conf/mde_path.json"
EXLUSION_RULES="/etc/audit/rules.d/exclude.rules"
RATE_LIMIT_RULES="/etc/audit/rules.d/mdatp.rate_limit.rules"
SKIP_FAULTY_RULES="/etc/audit/rules.d/1_mdatp.skip_faulty_rule.rules"
MDC_CONFIG="/var/lib/waagent/Microsoft.Azure.AzureDefenderForServers.MDE.Linux-*"#<version>"
EBPF_SYSCALLS = "/sys/kernel/debug/tracing/events/syscalls"
EBPF_RAW_SYSCALLS = "/sys/kernel/debug/tracing/events/raw_syscalls"
MDATP_SERVICE_PATH_DEB = "/lib/systemd/system/mdatp.service"
MDATP_SERVICE_PATH_RPM = "/usr/lib/systemd/system/mdatp.service"
MDMOVERRIDES = '/Library/Application Support/com.apple.TCC/MDMOverrides.plist'
MDATP_MOBILECONFIG_URL = 'https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/macos/mobileconfig/combined/mdatp.mobileconfig'
MDATP_MOBILECONFIG_CONTENT = '<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict><key>PayloadContent</key><array><dict><key>PayloadDescription</key><string>Background Service Management for Microsoft Defender</string><key>PayloadDisplayName</key><string>Background Service Management for Microsoft Defender</string><key>PayloadIdentifier</key><string>4DB96276-2310-44C2-AE11-C6E761FB0304.privacy.04102481-C1F1-44F2-B548-E0B554890493</string><key>PayloadType</key><string>com.apple.servicemanagement</string><key>PayloadUUID</key><string>A9BF8FA9-CEA3-42A2-B8C1-E1998B84CBB0</string><key>Rules</key><array><dict><key>RuleType</key><string>LabelPrefix</string><key>RuleValue</key><string>com.microsoft.fresno</string></dict><dict><key>RuleType</key><string>LabelPrefix</string><key>RuleValue</key><string>com.microsoft.dlp</string></dict><dict><key>RuleType</key><string>LabelPrefix</string><key>RuleValue</key><string>com.microsoft.wdav</string></dict></array></dict><dict><key>FilterDataProviderBundleIdentifier</key><string>com.microsoft.wdav.netext</string><key>FilterDataProviderDesignatedRequirement</key><string>identifier "com.microsoft.wdav.netext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string><key>FilterGrade</key><string>inspector</string><key>FilterPackets</key><false/><key>FilterSockets</key><true/><key>FilterType</key><string>Plugin</string><key>PayloadDisplayName</key><string>Web Content Filter Payload</string><key>PayloadIdentifier</key><string>283F4BF0-788A-4435-9B62-3E00896358D7</string><key>PayloadOrganization</key><string>JAMF Software</string><key>PayloadType</key><string>com.apple.webcontent-filter</string><key>PayloadUUID</key><string>283F4BF0-788A-4435-9B62-3E00896358D7</string><key>PayloadVersion</key><integer>1</integer><key>PluginBundleID</key><string>com.microsoft.wdav</string><key>UserDefinedName</key><string>Microsoft Defender Content Filter</string></dict><dict><key>NotificationSettings</key><array><dict><key>AlertType</key><integer>1</integer><key>BadgesEnabled</key><true/><key>BundleIdentifier</key><string>com.microsoft.autoupdate2</string><key>CriticalAlertEnabled</key><false/><key>NotificationsEnabled</key><true/><key>ShowInLockScreen</key><false/><key>ShowInNotificationCenter</key><true/><key>SoundsEnabled</key><true/></dict><dict><key>AlertType</key><integer>1</integer><key>BadgesEnabled</key><true/><key>BundleIdentifier</key><string>com.microsoft.wdav.tray</string><key>CriticalAlertEnabled</key><false/><key>NotificationsEnabled</key><true/><key>ShowInLockScreen</key><false/><key>ShowInNotificationCenter</key><true/><key>SoundsEnabled</key><true/></dict></array><key>PayloadDisplayName</key><string>Notifications Payload</string><key>PayloadIdentifier</key><string>05BF7221-2470-477D-99B3-1729B1932BDB</string><key>PayloadOrganization</key><string>Microsoft Corporation</string><key>PayloadType</key><string>com.apple.notificationsettings</string><key>PayloadUUID</key><string>05BF7221-2470-477D-99B3-1729B1932BDB</string><key>PayloadVersion</key><integer>1</integer></dict><dict><key>AllowUserOverrides</key><true/><key>AllowedSystemExtensions</key><dict><key>UBF8T346G9</key><array><string>com.microsoft.wdav.epsext</string><string>com.microsoft.wdav.netext</string></array></dict><key>PayloadDescription</key><string></string><key>PayloadDisplayName</key><string>System Extensions</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>605B85D6-5CE9-49C9-A10F-6B12B4D0B84E</string><key>PayloadOrganization</key><string>Microsoft Corporation</string><key>PayloadType</key><string>com.apple.system-extension-policy</string><key>PayloadUUID</key><string>605B85D6-5CE9-49C9-A10F-6B12B4D0B84E</string><key>PayloadVersion</key><integer>1</integer></dict><dict><key>PayloadDescription</key><string></string><key>PayloadDisplayName</key><string>Privacy Preferences Policy Control</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>E23CA4BE-65BA-4685-89D6-041F82994606</string><key>PayloadOrganization</key><string>Microsoft Corporation</string><key>PayloadType</key><string>com.apple.TCC.configuration-profile-policy</string><key>PayloadUUID</key><string>E23CA4BE-65BA-4685-89D6-041F82994606</string><key>PayloadVersion</key><integer>1</integer><key>Services</key><dict><key>Accessibility</key><array><dict><key>Allowed</key><integer>1</integer><key>CodeRequirement</key><string>identifier "com.microsoft.dlp.daemon" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string><key>Identifier</key><string>com.microsoft.dlp.daemon</string><key>IdentifierType</key><string>bundleID</string><key>StaticCode</key><integer>0</integer></dict></array><key>SystemPolicyAllFiles</key><array><dict><key>Allowed</key><integer>1</integer><key>CodeRequirement</key><string>identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string><key>Identifier</key><string>com.microsoft.wdav</string><key>IdentifierType</key><string>bundleID</string><key>StaticCode</key><integer>0</integer></dict><dict><key>Allowed</key><integer>1</integer><key>CodeRequirement</key><string>identifier "com.microsoft.wdav.epsext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string><key>Identifier</key><string>com.microsoft.wdav.epsext</string><key>IdentifierType</key><string>bundleID</string><key>StaticCode</key><integer>0</integer></dict><dict><key>Allowed</key><integer>1</integer><key>CodeRequirement</key><string>identifier "com.microsoft.dlp.daemon" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string><key>Identifier</key><string>com.microsoft.dlp.daemon</string><key>IdentifierType</key><string>bundleID</string><key>StaticCode</key><integer>0</integer></dict></array></dict></dict></array><key>PayloadDescription</key><string></string><key>PayloadDisplayName</key><string>Defender onboarding settings</string><key>PayloadEnabled</key><true/><key>PayloadIdentifier</key><string>23FE3F82-71F0-11EF-89EE-26DE397E1932</string><key>PayloadOrganization</key><string>Microsoft Corporation</string><key>PayloadRemovalDisallowed</key><true/><key>PayloadScope</key><string>System</string><key>PayloadType</key><string>Configuration</string><key>PayloadUUID</key><string>23FE3F82-71F0-11EF-89EE-26DE397E1932</string><key>PayloadVersion</key><integer>1</integer></dict></plist>'
MAC_MDATP_APP_BUNDLE = '/Applications/Microsoft Defender.app'
RTP_FILESYSTEMS = ["btrfs", "ecryptfs", "ext2", "ext3", "ext4", "fuse", "fuseblk", "jfs", "nfs", "overlay", "ramfs", "reiserfs", "tmpfs", "udf", "vfat", "xfs"]
RTP_WITH_CUSTOM_SCAN = [*RTP_FILESYSTEMS, "Efs", "S3fs", "Blobfuse", "Lustr", "glustrefs", "Afs", "sshfs", "cifs", "smb", "gcsfuse", "sysfs"]
LOCALE_FILE_PATHS = ["/etc/default/locale", "/etc/locale.conf", "/etc/sysconfig/language"]