#!/bin/bash
set -e

if [ -z "$1" ]; then
    echo "No path provided"
    exit 1
fi

MAGENTO_PATH="$1"
#PATCH_URL="https://repo.magento.com/patch/VULN-32437-2-4-X-patch.zip"
PATCH_URL="https://pubfiles.nexcess.net/magento/patches/VULN-32437-2-4-X-patch.zip"
PATCH_FILE="VULN-32437-2-4-X-patch.zip"
TEMP_DIR="/tmp/magento-vuln-32437-patch"
LOG_FILE="/var/log/VULN-32437.log"

{
    echo " -- Patch Application Started: $(date) - Path: $MAGENTO_PATH -- "

    if [ ! -d "$MAGENTO_PATH" ]; then
        echo "$MAGENTO_PATH does not exist"
        exit 1
    fi

    if [ ! -f "$MAGENTO_PATH/bin/magento" ]; then
        echo "No Valid Magneto Installation in Path"
        exit 1
    fi

    if [ -d "$TEMP_DIR" ] && [ -f "$TEMP_DIR/$PATCH_FILE" ]; then
        echo "Patch Found"
    else
        mkdir -p "$TEMP_DIR"
        if wget -O "$TEMP_DIR/$PATCH_FILE" "$PATCH_URL"; then
            echo "patch downloaded"
        else
            echo "Failed to download patch"
            exit 1
        fi
    fi

    PATCH_FILE_PATH="$TEMP_DIR/VULN-32437_2.4.X.patch"

    if [ -f "$PATCH_FILE_PATH" ]; then
        echo "Patch file already extracted"
    else
        if unzip -o -q "$TEMP_DIR/$PATCH_FILE" -d "$TEMP_DIR"; then
            echo "Patch extracted"
        else
            echo "Failed to extract"
            exit 1
        fi
    fi

    if [ ! -f "$PATCH_FILE_PATH" ]; then
        echo "patch file not found"
        exit 1
    fi

    echo "Applying patch: VULN-32437_2.4.X.patch"

    if patch -p1 --dry-run -d "$MAGENTO_PATH" < "$PATCH_FILE_PATH" &> /dev/null; then
        if patch -p1 -d "$MAGENTO_PATH" < "$PATCH_FILE_PATH"; then
            echo "patch applied"
        else
            echo "patch could not be applied"
            exit 1
        fi
    else
        echo "other error, check if patch is already applied / valid"
        exit 1
    fi

    echo " -- Patch Application Ended: $(date) - Path: $MAGENTO_PATH --"
} 2>&1 |tee -a "$LOG_FILE"