#!/bin/sh
#250516 sfs
export TEXTDOMAIN=sudoq
tmp=$(mktemp /tmp/sudoqXXXX)
#echo "$(gettext 'Error')" ;exit
#if [ ! "`pidof Xorg X Xorg-bin 2>&1>/dev/null`" ] ;then
#if [ "`pidof Xorg X Xorg-bin > /dev/null 2>&1`" || "$XDG_SESSION_TYPE" = "wayland" ] ;then
NTFA(){
    [ "`grep -E '^sudo: ' $tmp |tail -1`" ] || return
    i=gtk-dialog-warning
    yad --Xwidth=600 --image-on-top --image=$i --fixed \
    --window-icon="$i" --name=$i --title="$1" \
    --text "<span color=\"red\"><b>$1</b></span>
<i>$2</i>" >/dev/null 
rm $tmp
}
NTFQ(){
    i=gtk-dialog-question
    yad --Xwidth=600 --image-on-top --image=$i --fixed \
    --window-icon="$i" --name=$i --title="$1" \
    --text "<span color=\"green\"><b>$1</b></span>
<i>$2</i>" >/dev/null 
}

  CONFIG_FILE="/etc/security/faillock.conf"
  USERNAME=$LOGNAME
  FAILURES=$($sudo faillock --user "$USERNAME" | grep -c "V$")
#    UNLOCK_TIME=$(grep -oP 'unlock_time\s*=\s*\K\d+' "$CONFIG_FILE" 2>/dev/null || echo "600")
  UNLOCK_TIME=$(grep -oP '^\s*unlock_time\s*=\s*\K\d+' "$CONFIG_FILE" 2>/dev/null || echo "600")
UNLOCK_TIMEm=$((UNLOCK_TIME / 60))
  DENY=$(grep -oP 'deny\s*=\s*\K\d+' "$CONFIG_FILE" 2>/dev/null || echo "3")  # По умолчанию 3 попыток

  # Получение времени последней неудачной попытки
  LAST_FAILURE_TIME=$(faillock --user "$USERNAME" | awk '{print $1, $2}' | tail -n 1)
  if [ -n "$LAST_FAILURE_TIME" ]; then
    LAST_FAILURE_TIMESTAMP=$(date -d "$LAST_FAILURE_TIME" +%s 2>/dev/null)  # Преобразуем в Unix-время
  else
    LAST_FAILURE_TIMESTAMP=""
  fi

  # Проверка, заблокирован ли пользователь в текущий момент
  if [ "$FAILURES" -ge "$DENY" ]; then
    if [ -n "$LAST_FAILURE_TIMESTAMP" ]; then
      CURRENT_TIMESTAMP=$(date +%s)
      TIME_ELAPSED=$((CURRENT_TIMESTAMP - LAST_FAILURE_TIMESTAMP))
#      TIME_REMAINING=$((UNLOCK_TIME - TIME_ELAPSED))
      TIME_REMAINING=$((UNLOCK_TIME - TIME_ELAPSED + 60))

      if [ "$TIME_REMAINING" -ge 0 ]; then
        TIME_REMAINING_MINUTES=$((TIME_REMAINING / 60))
        echo "Заблокирован. Осталось времени: $TIME_REMAINING_MINUTES минут"
        NTFQ "$(gettext 'User') $LOGNAME $(gettext 'is blocked for') $TIME_REMAINING_MINUTES $(gettext 'min.')" \
    	    "$(gettext 'Unlock it')?" 
    	if [ "$?" = "0" ] ;then
    	    faillock --user "$LOGNAME" --reset #&& 
    	    $0 "$@" &
    	fi
	rm $tmp 2>/dev/null
        exit 
      else
        echo "Разблокирован. Время блокировки истекло."
      fi
    else
      echo "Заблокирован. Время последней попытки неизвестно."
      rm $tmp 2>/dev/null
      exit 1
    fi
#  else
#    REMAINING_ATTEMPTS=$((DENY - FAILURES))
#    echo "Осталось попыток: $REMAINING_ATTEMPTS"
  fi
#exit

#if [ "`pidof Xorg X Xorg-bin`" ] || [ "$XDG_SESSION_TYPE" = "wayland" ] ;then
if [ "`pidof Xorg X Xorg-bin`" ] || [ "$XDG_CURRENT_DESKTOP" = "labwc:wlroots" ] ;then
#    SUDO_ASKPASS=/usr/bin/sudoy wt -o -q "/bin/sudo -A "$@""
#    e="$(SUDO_ASKPASS=/usr/bin/sudoy /bin/sudo -A "$@")"
    export aa="$@"
#    touch $tmp && chmod 777 $tmp
    SUDO_ASKPASS=/usr/bin/sudoy /bin/sudo -AE "$@" 2>$tmp || NTFA "$(gettext 'Error')" "`tail -1 $tmp` "
#$(gettext 'User') $LOGNAME $(gettext 'is blocked for') $UNLOCK_TIMEm $(gettext 'min.')"
#    SUDO_ASKPASS=/usr/local/bin/1/gnome-ssh-askpass3/pkg/gnome-ssh-askpass3/usr/lib/ssh/gnome-ssh-askpass3 /bin/sudo -AE "$@" 2>$tmp || NTFA "$(gettext 'Error')" "`tail -1 $tmp` "
else
    /bin/sudo -E "$@"
fi
rm $tmp 2>/dev/null
