#!/usr/local/bin/cbsd
#v11.0.5
globalconf="${workdir}/cbsd.conf";
MYARG="mode"
MYOPTARG="fromfile jname login fullname group uid secgroup shell pw epw"
MYDESC="Add user to jail"
ADDHELP="mode can be: remove, add, show\n"

. ${subr}
. ${strings}
. ${system}
init $*

#defines
_MYDIR=$(dirname `realpath $0`)
SERVICE="adduser"

f_getvar()
{
	local __var_to_get="$1" __var_to_set="$2"
	[ "$__var_to_set" ] || local value
	eval [ \"\${$__var_to_get+set}\" ]
	local __retval=$?
	eval ${__var_to_set:-value}=\"\${$__var_to_get}\"
	[ "$__var_to_set" ] || { [ "$value" ] && echo "$value"; }
	return $__retval
}


check_jaildir()
{
	local check_file="${path}/etc/master.passwd ${path}/etc/passwd ${path}/etc/group ${path}/usr/sbin/pw"
	local i
	local ret=0

	for i in $check_file; do
		[ ! -f "${i}" ] && echo ${i} && ret=1
	done

	return ${ret}
}

getpw()
{
	local _oldmodes=$( /bin/stty -g ) _try=0
	pw=""
	_try=0

	while [ ${_try} -ne 3 ]; do
		printf "${BOLD}Enter password:${NORMAL}"
		while [ -z "${npw}" ]; do
			#/bin/stty -echo
			read npw
			/bin/stty ${_oldmodes}
		done

		printf "\n${BOLD}Re-enter password: ${NORMAL}"
		while [ -z "${tpw}" ]; do
			/bin/stty -echo
			read tpw
			/bin/stty ${_oldmodes}
		done

		[ "${tpw}" = "${npw}" ] && pw="${npw}" && break

		printf "\n${MAGENTA}Wrong password${NORMAL}\n"
		unset npw tpw
		_try=$(( _try + 1 ))
	done

	/bin/stty ${_oldmodes}
	echo
}

# must be filled:
# mandatory: login, pw
# opt: uid, fullname, group, secgroup, shell
c_adduser()
{
	local _res

	[ -z "${login}" ] && ${ECHO} "${GREEN}login= ${MAGENTA} is mandatory${NORMAL}" && return 1

	echo " $exec_cmd user show $login "

	_res=$( ${exec_cmd} user show ${login} 2>&1)
	case $? in
		0)
			${ECHO} "${MAGENTA}Already exist: ${NORMAL}${_res}"
			return 1
			;;
		67)
			;;
		*)
			${ECHO} "${MAGENTA}Error: ${NORMAL}${_res}"
			return 1
			;;
	esac

	if [ -z "${pw}" -a -z "${fromfile}" ]; then
		[ -z "${epw}" ] && getpw
	fi
	[ -z "${pw}" -a -z "${epw}" ] && err 1 "${GREEN}pw= ${MAGENTA}or ${GREEN}epw= ${MAGENTA} is mandatory${NORMAL}"
	ADDON=""
	[ -n "$uid" ] && ADDON="${ADDON} -u ${uid}"
	[ -n "$fullname" ] && ADDON="${ADDON} -c \"${fullname}\""
	[ -n "$group" ] && ADDON="${ADDON} -g ${group}"
	[ -n "$secgroup" ] && ADDON="${ADDON} -G ${secgroup}"

	if [ -n "$shell" ]; then
		ADDON="${ADDON} -s ${shell}"
	else
		ADDON="${ADDON} -s /bin/csh"
	fi

	if [ "${emulator}" != "jail" -a -n "${emulator}" -a "${emulator}" != "bhyve" ]; then
		. ${workdir}/emulator.subr
		init_usermode_emul
		CHROOT_EXEC="/usr/sbin/chroot ${path} /bin/${emulator}"
	else
		CHROOT_EXEC="/usr/sbin/chroot ${path}"
	fi

	#echo "$CHROOT_EXEC /bin/sh  : pw useradd $login $ADDON"

	${CHROOT_EXEC} /bin/sh <<EOF
/usr/sbin/pw useradd ${login} ${ADDON} -m
EOF

	if [ -n "${pw}" ]; then
		${CHROOT_EXEC} /bin/sh <<EOF
echo "${pw}" |/usr/sbin/pw mod user ${login} -h 0 -
EOF
	elif [ -n "${epw}" ]; then
		${CHROOT_EXEC} /bin/sh <<EOF
/usr/bin/chpass -p '${epw}' ${login}
EOF
	fi
}

# must be filled:
# mandatory: login
remove()
{
	${exec_cmd} user del ${login}
}

origjname=

if [ -z "${jname}" ]; then
	data=""
	exec_cmd="/usr/sbin/pw"
else
	# push original jname to temporary variable for extract after fromfile action
	origjname="${jname}"
	. ${jrcconf}

	[ $? -eq 1 ] &&  err 1 "${MAGENTA}No such jail: ${GREEN}${jname}${NORMAL}"

	[ $baserw -eq 1 ] && path=$data

	if [ ${jid} -eq 0 ]; then
		set -e
		. ${_MYDIR}/bsdconf.subr
		set +e
		. ${workdir}/universe.subr
		readconf buildworld.conf
		init_target_arch
		init_srcdir
		init_basedir
		init_kerneldir
		prepare_jail
	fi

	if [ "${emulator}" != "jail" -a -n "${emulator}" -a "${emulator}" != "bhyve" ]; then
		. ${workdir}/emulator.subr
		init_usermode_emul
		CHROOT_EXEC="/usr/sbin/chroot ${path} /bin/${emulator}"
	else
		CHROOT_EXEC="/usr/sbin/chroot ${path}"
	fi

	exec_cmd="${CHROOT_EXEC} /usr/sbin/pw"
	check_jaildir

	if [ $? -eq 1 ]; then
		echo "bad data dir"
		exit 1
	fi
fi


if [ -r "${fromfile}" ]; then
	. ${fromfile}

	if [ -n "${origjname}" ]; then
		# extract after fromfile original jname if exist
		jname="${origjname}"
		. ${jrcconf}
	fi

	[ $baserw -eq 1 ] && path=$data
	[ -z "${user_add}" ] && exit 0

	for i in ${user_add}; do
		unset login epw pw fullname secgroup group shell res err
		login="${i}"

		f_getvar user_pw_${i} pw
		f_getvar user_pw_${i}_crypt epw
		f_getvar user_gecos_${i} fullname
		f_getvar user_home_${i} home
		f_getvar user_shell_${i} shell
		f_getvar user_member_groups_${i} secgroup

		case "${mode}" in
			"add")
				res=$( c_adduser )
				ret=$?
				;;
			"remove")
				res=$( remove )
				ret=$?
				;;
			"show")
				res=$( show )
				ret=$?
				;;
		esac
		[ ${ret} -ne 0 ] && ${ECHO} "${res}" && continue
	done
	exit 0
fi

case "${mode}" in
	"remove")
		res=$( ${exec_cmd} user show ${login} 2>&1)
		err=$?
		case ${err} in
			0)
				;;
			*)
				err 1 "${MAGENTA}Error: ${NORMAL}${T}"
				;;
		esac
		res=$( remove )
		err=$?
		;;
	"add")
		res=$( adduser )
		err=$?
		;;
	"show")
		[ -z "${login}" ] && err 1 "${GREEN}login= ${MAGENTA}is mandatory${NORMAL}"
		res=$( ${exec_cmd} user show ${login} )
		err=$?
		;;
esac

[ ${err} -ne 0 ] && err 1 "${res}"
exit 0
