#!/bin/bash

# Enhanced File Analysis Help System
# Integrates multiple help sources: custom cheat sheets, navi, tldr, and tool database

# Color definitions
RED='\033[0;31m'
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[1;33m'
CYAN='\033[0;36m'
MAGENTA='\033[0;35m'
NC='\033[0m'

# Help system paths
TOOLS_DB="/opt/remnux-docs/tools.db"
CHEAT_DIR="/opt/cheatsheets"
TLDR_CACHE="/home/remnux/.local/share/tldr"

# Resolve cheat file names from a user-provided tool name
# Tries several variants: exact, without .py, with .py, hyphen/underscore alternatives
resolve_cheat_file() {
    local name="$1"
    local base=$(echo "$name" | sed 's/\.[Pp][Yy]$//')

    # candidates to try in order
    local candidates=(
        "$name"
        "$base"
        "${base}.py"
        "${base//_/}"
        "${base//-/_}"
        "${base//_/-}"
    )

    for cand in "${candidates[@]}"; do
        if [[ -f "$CHEAT_DIR/personal/$cand" ]]; then
            echo "$CHEAT_DIR/personal/$cand"
            return 0
        fi
        if [[ -f "$CHEAT_DIR/${cand}.cheat" ]]; then
            echo "$CHEAT_DIR/${cand}.cheat"
            return 0
        fi
    done
    return 1
}

show_main_help() {
    echo -e "${CYAN}📚 File Analysis Container Help System${NC}"
    echo "======================================"
    echo ""
    echo -e "${GREEN}🔍 Tool Discovery:${NC}"
    echo "  fhelp tools [term]          - Search for analysis tools"
    echo "  fhelp tools --interactive   - Browse tools interactively"
    echo "  fhelp tools --list          - List all available tools"
    echo ""
    echo -e "${GREEN}📖 Command Examples:${NC}"
    echo "  fhelp cheat <tool>          - Show cheat sheet for specific tool"
    echo "  fhelp examples              - Browse all command examples interactively"
    echo "  fhelp quick <command>       - Quick examples (tldr style)"
    echo ""
    echo -e "${GREEN}🎯 Analysis Workflows:${NC}"
    echo "  fhelp pdf                   - PDF analysis workflow"
    echo "  fhelp malware               - Malware analysis workflow"
    echo "  fhelp forensics             - System forensics workflow"
    echo ""
    echo -e "${GREEN}💡 Quick Access:${NC}"
    echo "  fhelp --all                 - Show everything available"
    echo "  fhelp --offline             - Verify offline capabilities"
    echo ""
    echo -e "${YELLOW}Examples:${NC}"
    echo "  fhelp tools pdf             # Find PDF analysis tools"
    echo "  fhelp cheat pdfid.py        # Show pdfid.py examples"
    echo "  fhelp quick tar             # Quick tar examples"
    echo "  fhelp examples              # Browse all examples"
}

show_cheat() {
    local tool="$1"
    
    if [[ -z "$tool" ]]; then
        echo -e "${RED}❌ Please specify a tool name${NC}"
        echo "Usage: fhelp cheat <tool>"
        return 1
    fi
    
    # Check for specific workflow cheat sheets
    local cheat_file=""
    case "$tool" in
        "pdf"|"pdf-analysis")
            cheat_file="$CHEAT_DIR/pdf-analysis.cheat"
            ;;
        "malware"|"malware-analysis") 
            cheat_file="$CHEAT_DIR/malware-analysis.cheat"
            ;;
        *)
            cheat_file="$CHEAT_DIR/${tool}.cheat"
            ;;
    esac
    
    if [[ -f "$cheat_file" ]]; then
        echo -e "${CYAN}📋 Cheat Sheet: ${YELLOW}$tool${NC}"
        echo "=" $(printf '=%.0s' $(seq 1 ${#tool}))
        echo ""
        # Skip YAML frontmatter if present and print raw content (no ANSI coloring to avoid artifacts)
        awk '/^---$/{if(++c==2) start=1; next} start || !/^---$/ && c!=1' "$cheat_file"
    else
        # Try resolution of common variants (e.g., pdfid.py -> pdfid, oledump -> oledump.py)
        local resolved
        resolved=$(resolve_cheat_file "$tool") || true
        if [[ -n "$resolved" && -f "$resolved" ]]; then
            echo -e "${CYAN}📋 Cheat Sheet: ${YELLOW}$tool${NC}"
            echo "=" $(printf '=%.0s' $(seq 1 ${#tool}))
            echo ""
            awk '/^---$/{if(++c==2) start=1; next} start || !/^---$/ && c!=1' "$resolved"
        else
            echo -e "${YELLOW}⚠️  No cheat sheet found for '$tool'${NC}"
            echo ""
            echo "Available cheat sheets:"
            if [[ -d "$CHEAT_DIR/personal" ]]; then
                ls -1 "$CHEAT_DIR/personal/" 2>/dev/null | sed 's/^/  • /'
            fi
            return 1
        fi
    fi
}

show_quick() {
    local command="$1"
    
    if [[ -z "$command" ]]; then
        echo -e "${RED}❌ Please specify a command name${NC}"
        echo "Usage: fhelp quick <command>"
        return 1
    fi
    
    echo -e "${CYAN}📖 Quick examples for: ${YELLOW}$command${NC}"
    echo ""
    
    if command -v tldr >/dev/null 2>&1; then
        if ! tldr "$command" 2>/dev/null; then
            echo -e "${YELLOW}⚠️  No tldr page found for '$command'${NC}"
            echo "Try: fhelp cheat $command"
        fi
    else
        echo -e "${RED}❌ tldr command not available${NC}"
        return 1
    fi
}

show_tools() {
    local search_term="$1"
    local option="$2"
    
    case "$option" in
        "--interactive")
            if command -v find-tool >/dev/null 2>&1; then
                find-tool --interactive
            else
                echo -e "${RED}❌ find-tool not available${NC}"
            fi
            ;;
        "--list")
            if command -v find-tool >/dev/null 2>&1; then
                find-tool --list
            else
                echo -e "${RED}❌ find-tool not available${NC}"  
            fi
            ;;
        *)
            if [[ -z "$search_term" ]]; then
                echo -e "${RED}❌ Please provide a search term${NC}"
                echo "Usage: fhelp tools <search_term>"
                echo "       fhelp tools --interactive"
                echo "       fhelp tools --list"
                return 1
            fi
            
            echo -e "${CYAN}🔍 Searching analysis tools...${NC}"
            if command -v find-tool >/dev/null 2>&1; then
                find-tool "$search_term"
            else
                echo -e "${RED}❌ find-tool not available${NC}"
            fi
            ;;
    esac
}

show_examples() {
    echo -e "${CYAN}🎯 Available Command Examples${NC}"
    echo ""
    echo "Available cheat sheets:"
    if [[ -d "$CHEAT_DIR/personal" ]]; then
        echo -e "${GREEN}Cheat sheets (use: fhelp cheat <name>):${NC}"
        ls -1 "$CHEAT_DIR/personal/" 2>/dev/null | sed 's/^/  • /'
        echo ""
    fi
    
    echo "Available TLDR pages:"
    if [[ -d "/home/remnux/.local/share/tldr/pages/common" ]]; then
        echo -e "${GREEN}TLDR pages (use: tldr <name>):${NC}"
        ls -1 /home/remnux/.local/share/tldr/pages/common/*.md 2>/dev/null | sed 's|.*/||; s|\.md$||' | sed 's/^/  • /'
    fi
}

show_offline_status() {
    echo -e "${CYAN}🔌 Offline Capability Check${NC}"
    echo "==========================="
    echo ""
    echo "Documentation Tools:"
    
    local tools=("find-tool" "cheat" "tldr")
    for tool in "${tools[@]}"; do
        if command -v "$tool" >/dev/null 2>&1; then
            echo -e "  ${GREEN}✅ $tool - available${NC}"
        else
            echo -e "  ${RED}❌ $tool - missing${NC}"
        fi
    done
    
    echo ""
    echo "Documentation Files:"
    
    local files=("$TOOLS_DB" "$CHEAT_DIR/pdf-analysis.cheat" "$CHEAT_DIR/malware-analysis.cheat")
    local file_names=("/opt/remnux-docs/tools.db" "/opt/cheatsheets/pdf-analysis.cheat" "/opt/cheatsheets/malware-analysis.cheat")
    
    for i in "${!files[@]}"; do
        if [[ -f "${files[$i]}" ]]; then
            echo -e "  ${GREEN}✅ ${file_names[$i]} - available${NC}"
        else
            echo -e "  ${RED}❌ ${file_names[$i]} - missing${NC}"
        fi
    done
    
    # Count available cheat sheets
    if [[ -d "$CHEAT_DIR" ]]; then
        local cheat_count=$(ls -1 "$CHEAT_DIR"/*.cheat 2>/dev/null | wc -l)
        echo ""
        echo -e "${CYAN}📊 $cheat_count cheat sheets available${NC}"
    fi
    
    echo ""
    echo -e "${GREEN}🎉 Offline help system ready!${NC}"
}

show_pdf_workflow() {
    echo -e "${CYAN}📄 PDF Analysis Workflow${NC}"
    echo "========================"
    echo ""
    echo -e "${GREEN}Step 1: Initial Analysis${NC}"
    echo "  pdfid.py document.pdf              # Quick overview"
    echo "  file document.pdf                  # File type check"
    echo ""  
    echo -e "${GREEN}Step 2: Detailed Analysis${NC}"
    echo "  pdf-parser.py document.pdf         # Structure analysis"
    echo "  peepdf -i document.pdf             # Interactive analysis"
    echo ""
    echo -e "${GREEN}Step 3: Security Measures${NC}" 
    echo "  pdftk document.pdf output safe.pdf flatten  # Remove JavaScript"
    echo "  qpdf --decrypt encrypted.pdf decrypted.pdf  # Remove password"
    echo ""
    echo -e "${GREEN}Step 4: Deep Inspection${NC}"
    echo "  strings document.pdf | grep -i javascript   # Find suspicious strings" 
    echo "  exiftool document.pdf                       # Extract metadata"
    echo "  convert document.pdf[0] preview.png         # Safe preview"
    echo ""
    echo -e "${YELLOW}For more examples: fhelp cheat pdf${NC}"
}

show_malware_workflow() {
    echo -e "${CYAN}🦠 Malware Analysis Workflow${NC}"
    echo "============================"
    echo ""
    echo -e "${GREEN}Step 1: File Identification${NC}"
    echo "  file suspicious.exe                # Identify file type"
    echo "  exiftool suspicious.exe            # Extract metadata"
    echo ""
    echo -e "${GREEN}Step 2: Static Analysis${NC}"
    echo "  strings -n 8 malware.bin          # Extract strings"
    echo "  capa malware.exe                   # Detect capabilities"
    echo "  binwalk malware.bin                # Analyze binary structure"
    echo ""
    echo -e "${GREEN}Step 3: Document Analysis${NC}"
    echo "  oledump.py document.doc            # Office documents"
    echo "  rtfdump.py document.rtf            # RTF documents"
    echo "  box-js suspicious.js               # JavaScript sandbox"
    echo ""
    echo -e "${GREEN}Step 4: Data Extraction${NC}"
    echo "  base64dump.py encoded.txt          # Base64 content"
    echo "  foremost -t exe,dll -i image.dd    # File carving"
    echo ""  
    echo -e "${YELLOW}For more examples: fhelp cheat malware${NC}"
}

show_all() {
    echo -e "${CYAN}🔍 Complete Help System Overview${NC}"
    echo "================================="
    echo ""
    
    show_tools "analysis" 
    echo ""
    echo -e "${CYAN}Available Workflows:${NC}"
    echo "  • PDF Analysis (fhelp pdf)"
    echo "  • Malware Analysis (fhelp malware)"
    echo ""
    
    if [[ -d "$CHEAT_DIR" ]]; then
        echo -e "${CYAN}Available Cheat Sheets:${NC}"
        ls -1 "$CHEAT_DIR"/*.cheat 2>/dev/null | sed 's|.*/||; s|\.cheat$||' | sed 's/^/  • /'
        echo ""
    fi
    
    show_offline_status
}

# Main command parsing
case "${1:-}" in
    "tools")
        shift
        show_tools "$@"
        ;;
    "cheat")
        shift
        show_cheat "$@"
        ;;
    "quick")
        shift
        show_quick "$@"
        ;;
    "examples")
        show_examples
        ;;
    "pdf")
        show_pdf_workflow
        ;;
    "malware")
        show_malware_workflow
        ;;
    "forensics")
        echo -e "${YELLOW}⚠️  Forensics workflow not yet implemented${NC}"
        echo "Try: fhelp malware or fhelp pdf"
        ;;
    "--offline")
        show_offline_status
        ;;
    "--all")
        show_all
        ;;
    "--help"|"-h"|"help"|"")
        show_main_help
        ;;
    *)
        echo -e "${RED}Unknown option: $1${NC}"
        echo ""
        show_main_help
        ;;
esac