#!/usr/bin/perl -w
# $Id$
# This script (sophomorix-useradd) is maintained by Rüdiger Beck
# It is Free Software (License GPLv3)
# If you find errors, contact the author
# jeffbeck@web.de  or  jeffbeck@gmx.de


# Bibliotheken
use strict;
use Getopt::Long;
Getopt::Long::Configure ("bundling");
use Sophomorix::SophomorixConfig;
use Sophomorix::SophomorixBase;
use Sophomorix::SophomorixAPI;
use DBI;
use Net::LDAP;

use Sophomorix::SophomorixPgLdap qw(show_modulename
                                    check_connections
                                    create_user_db_entry
                                    adduser_to_project
                                   );


my @arguments = @ARGV;


# ===========================================================================
# Variablen
# ==========================================================================

my $help=0;
my $info=0;
my $login="";
my $type="";
my $shell="";

my $skiplock=0;

# mandatory
my $administrator="";
my $unixadmin="";
my $examaccount="";
my $computer="";

my $unix_group="";


# optional
my $uid_number=-1;
my $gecos="";
my $surname="";
my $given_name="";
my $sec_groups="";


my $home="";
my $epoch_now=time;
my $password="";
my $quota="";
my $unid="";
my $sophomorix_status="";

$Conf::log_level=1;


# ===========================================================================
# Optionen verarbeiten
# ==========================================================================


# Parsen der Optionen
my $testopt=GetOptions(
           "help|h" => \$help,
           "info|i" => \$info,
           "administrator=s" => \$administrator,
           "unixadmin=s" => \$unixadmin,
           "examaccount=s" => \$examaccount,
           "computer=s" => \$computer,
           "verbose|v+" => \$Conf::log_level,
           "unix-group=s" => \$unix_group,
           "secondary-groups=s" => \$sec_groups,
           "gecos=s" => \$gecos,
           "uidnumber=i" => \$uid_number,
           "shell=s" => \$shell,
           "home=s" => \$home,
           "skiplock" => \$skiplock,
          );

# Prüfen, ob Optionen erkannt wurden, sonst Abbruch
&check_options($testopt);
&check_connections();

# --help
if ($help==1) {
   # Scriptname ermitteln
   my @list = split(/\//,$0);
   my $scriptname = pop @list;
   # Befehlsbeschreibung
   print('
sophomorix-useradd adds a user to the sophomorix database (and ldap)

Options
  -h / --help
  -v / --verbose
  -vv /--verbose --verbose
  --skiplock

Klassenarbeitsaccount:
  --examaccount name         account for exams

Administrator:
  --administrator name       administrator
  --uidnumber number
  --secondary-groups group1,group2
  --unixadmin name           login (no windows account)

  optional
    --shell /bin/sh
    --home /dev/null
    --gecos "my gecos field"

Computeraccount:
  --computer name            $ account

and for examaccounts, administrators and unixadmin:
  --unix-group groupname


Please see the sophomorix-useradd(8) man pages for full documentation
');
   print "\n";
   exit;
}



# --info
if ($info==1){
    print "No Option --info\n";
    exit;
}




# some exits if options are missing
if ($unix_group ne "" and ($examaccount ne "" or 
                           $administrator ne "" or 
                           $unixadmin ne "") or 
                   ($computer ne "") ){
   # thats OK 
} else {
    print "\nThe following options must be used:\n\n";
    print "1)    --unix-group name \n";
    print "  and one of:\n";
    print "      --administarator name\n";
    print "      --unixadmin name\n";
    print "      --examaccount name\n";
    print "OR:\n\n";
    print "2)   --computer name\n\n";
    exit;
}

if ($computer ne "" and not $computer=~m/\$$/){
    print "\nA computers name must end with \$\n";
    print "WARNING: I'm doing nothing\n\n";
    exit;
}

if ($computer ne "" and $unix_group ne ""){
    print "\nComputers must be in a fixed group\n";
    print "You cannot add $computer in group $unix_group\n";
    print "WARNING: I'm doing nothing\n\n";
    exit;
}




# set some stuff
if ($password eq ""){
    $password="linux";
}

if ($computer ne ""){
    $type="computer";
    $unix_group="domcomputers";
    $login=$computer;
    if ($shell eq ""){
        $shell="/bin/false";
    }
    if ($gecos eq ""){
        $gecos="Computer";
    }
    if ($surname eq ""){
        $surname="Computer";
    }
    if ($given_name eq ""){
        $given_name="Computer";
    }
    $home="/dev/null";
    $sophomorix_status="P";
}

if ($examaccount ne ""){
    $type="examaccount";
    $login=$examaccount;
    if ($shell eq ""){
        $shell="/bin/bash";
    }
    if ($gecos eq ""){
        $gecos="ExamAccount";
    }
    if ($surname eq ""){
        $surname="Account";
    }
    if ($given_name eq ""){
        $given_name="Exam";
    }
    $home=$DevelConf::homedir_ws."/".$unix_group."/".$login;
    $sophomorix_status="P";
}

if ($administrator ne ""){
    $type="administrator";
    $login=$administrator;
    if ($shell eq ""){
        $shell="/bin/bash";
    }
    if ($home eq ""){
        $home=$DevelConf::homedir_all_admins."/".$login;
    }
    if ($gecos eq ""){
        $gecos="unknown admin";
    }
    if ($surname eq ""){
        $surname="Doe";
    }
    if ($given_name eq ""){
        $given_name="John";
    }
    $sophomorix_status="P";
}

if ($unixadmin ne ""){
    $type="unixadmin";
    $login=$unixadmin;
    if ($shell eq ""){
        $shell="/bin/bash";
    }
    if ($home eq ""){
        $home=$DevelConf::homedir_all_admins."/".$login;
    }
    if ($gecos eq ""){
        $gecos="unknown unixadmin";
    }
    if ($surname eq ""){
        $surname="Doe";
    }
    if ($given_name eq ""){
        $given_name="Jane";
    }
    $sophomorix_status="P";
}


&log_script_start(@arguments);


# Do it !
print "Creating user account $login:\n";
print "    Uidnumber        : $uid_number\n";
print "    Account Type     : $type\n";
print "    Secondary Grp.   : $sec_groups\n";
print "    Group            : $unix_group\n";
print "    Home             : $home\n";
print "    Gecos            : $gecos\n";
print "    Shell            : $shell\n";
print "    SophomorixStatus : $sophomorix_status\n";
print "    Epoch            : $epoch_now\n";
print "    Password         : $password\n";
print "    Quota            : $quota\n";


# repair.directories einlesen ???
&get_alle_verzeichnis_rechte();

# fetch permission for all homes
&fetch_repairhome();



# 1. create postgres entry
&create_user_db_entry($surname,$given_name,"01.01.1970",
                      $unix_group,$login,$password,
                      $shell,$quota,$unid,$epoch_now,undef,$sophomorix_status,
                      $uid_number,$home,$gecos,$type);

## 2. Add the class (db and dirs,links, ...)
&provide_class_files($unix_group,$type);

## 3. set a password
## my $klartext_passwort="12345678";
#&set_sophomorix_passwd($login,$klartext_passwort);

## 4. Creating dirs, links for the user
&provide_user_files($login,$unix_group);

# add to secondary groups
if ($sec_groups ne ""){
    my @grp_list=split(/,/,$sec_groups);
    foreach my $group (@grp_list){
        # 3rd param: 0=do not keep track of memberships in projects
        &adduser_to_project($login,$group,0);
    }
}

# set quota ???

&log_script_end(@arguments);
