package sysutils

// Checked consolidates all the provided checked functions.
func (i *IDState) Checked() (checked bool) {

	if i == nil {
		return
	}

	checked = i.uidsChecked &&
		i.gidsChecked &&
		i.sudoChecked &&
		i.ppidUidChecked &&
		i.ppidGidChecked

	return
}

/*
IsReal consolidates all the elevation/dropped-privs checks into a single method.

It will only return true if no sudo was detected and *all* UIDs/GIDs match.
*/
func (i *IDState) IsReal(real bool) {

	if i == nil {
		return
	}

	real = true

	for _, b := range []bool{
		i.IsSuid(),
		i.IsSgid(),
		i.IsSudoUser(),
		i.IsSudoGroup(),
	} {
		if b {
			real = false
			return
		}
	}

	return
}

/*
IsSudoGroup is true if any of the group sudo env vars are set,
or the parent process has a different group (and is not PID 1).

It will always return false if SudoChecked returns false oor PPIDGIDsChecked returns false.
*/
func (i *IDState) IsSudoGroup() (sudo bool) {

	if i == nil || !i.sudoChecked || !i.ppidGidChecked {
		return
	}

	sudo = i.SudoEnvGroup || !i.PPIDGidMatch

	return
}

/*
IsSudoUser is true if any of the user sudo env vars are set,
or the parent process has a different owner (and is not PID 1).

It will always return false if SudoChecked returns false or PPIDUIDsChecked returns false.
*/
func (i *IDState) IsSudoUser() (sudo bool) {

	if i == nil || !i.sudoChecked || !i.ppidUidChecked {
		return
	}

	sudo = i.SudoEnvUser || !i.PPIDUidMatch

	return
}

// IsSuid is true if the RUID does not match EUID or SUID. It will always return false if UIDsChecked returns false.
func (i *IDState) IsSuid() (suid bool) {

	if i == nil || !i.uidsChecked {
		return
	}

	suid = i.RUID != i.EUID || i.RUID != i.SUID

	return
}

// IsSgid is true if the RGID does not match EGID or SGID. It will always return false if GIDsChecked returns false.
func (i *IDState) IsSgid() (sgid bool) {

	if i == nil || !i.gidsChecked {
		return
	}

	sgid = i.RGID != i.EGID || i.RGID != i.SGID

	return
}

// GIDsChecked is true if the GIDs presented can be trusted.
func (i *IDState) GIDsChecked() (checked bool) {

	if i == nil {
		return
	}

	checked = i.gidsChecked

	return
}

// PPIDGIDsChecked is true if PPIDGidMatch can be trusted.
func (i *IDState) PPIDGIDsChecked() (checked bool) {

	if i == nil {
		return
	}

	checked = i.ppidGidChecked

	return
}

// PPIDUIDsChecked is true if PPIDUidMatch can be trusted.
func (i *IDState) PPIDUIDsChecked() (checked bool) {

	if i == nil {
		return
	}

	checked = i.ppidUidChecked

	return
}

// SudoChecked is true if SudoEnvVars can be trusted
func (i *IDState) SudoChecked() (checked bool) {

	if i == nil {
		return
	}

	checked = i.sudoChecked

	return
}

// UIDsChecked is true if the UIDs presented can be trusted.
func (i *IDState) UIDsChecked() (checked bool) {

	if i == nil {
		return
	}

	checked = i.uidsChecked

	return
}