#!/bin/bash
# 
# This script is used for Administration of RSBAC ACL groups
#
#
# Make sure we're really running bash.
#
[ -z "$BASH" ] && { echo "This menu requires bash" 1>&2; exit 1; }

#
# Cache function definitions, turn off posix compliance
#
set -h +o posix

# This must be a unique temporary filename
if test -z "$TMPDIR" ; then TMPDIR=/tmp ; fi
TMPFILE=$TMPDIR/rsbac_dialog.$$
TMPFILETWO=${TMPFILE}.2

# set this to rsbac bin dir, if not in path (trailing / is mandatory!)
#
#if test -z "$RSBACPATH" ; then RSBACPATH=./ ; fi

# set this to initial dir on script startup
LASTDIR='.'

# test for LINES and COLUMNS (should be exported e.g. in /etc/profile)
if test -z "$LINES" ; then LINES=25 ; fi
if test -z "$COLUMNS" ; then COLUMNS=80 ; fi
declare -i BL=$LINES-4
declare -i BC=$COLUMNS-4
declare -i MAXWIDTH=$BC-26
declare -i MAXLINES=$LINES-10
gl () {
  if test $1 -gt $MAXLINES
  then echo $MAXLINES
  else echo $1
  fi
}

if test -z "$BACKTITLE"
  then BACKTITLE="RSBAC Administration Tools v1.0.9b" ; fi
TITLE="`whoami`: RSBAC ACL Group Administration"
ERRTITLE="RSBAC ACL Administration - ERROR"

## no changes below this line!

NO_USER=65533
ALL_USERS=65532
GETMODE=real
GETSWITCH=

onoff () {
   if test "$1" = "$2"
     then echo on
   else echo off
   fi
}

onoffb () {
   if test "$1" = "1"
     then echo on
   else echo off
   fi
}

get_vname () {
  if test "$TYPE" = "NONE"
    then echo " "
         return
  fi
  if test -z "$2"
    then echo "N/A"
         return
  fi

  case $1 in
    onoff)
      case $2 in
        1) echo On
          ;;
        *) echo Off
          ;;
      esac 
      ;;
    *) echo ERROR!
      ;;
  esac
}

full_name () {
  if test "$1" = ""
  then echo " "
  else echo `$RSBACPATH""attr_get_user $1 full_name`
  fi
}

get_uid () {
  if test "$1" = ""
  then echo " "
  else echo `$RSBACPATH""attr_get_user $1 user_nr`
  fi
}

get_name () {
  if test "$1" = ""
  then echo " "
  else echo `$RSBACPATH""attr_get_user $1 user_name`
  fi
}

split_subj () {
  echo $1|tr '_' ' '
}

gen_glist () {
  if test "$1" == "All"
  then TMP=`$RSBACPATH""acl_group -gsn list_groups`
  else TMP=`$RSBACPATH""acl_group -sn list_groups`
  fi
  for i in $TMP
  do
    TMP2=`$RSBACPATH""acl_group -s get_group_entry $i|tr ' ' '_'`
    echo $i $TMP2
  done
}

declare -i MAXNAMELEN=$BC-34
name_print () {
  if test ${#1} -gt $MAXNAMELEN
  then
    declare -i START=${#1}-$MAXNAMELEN
    echo "$1" | cut -c$START-${#1}
  else
    echo "$1"
  fi
}

gen_ulist () {
  $RSBACPATH""acl_group get_group_members $1 | sort -n
}

gen_member_add_choice () {
  if ${RSBACPATH}attr_get_user -nl >$TMPFILE
  then
    TMP=`cat $TMPFILE | sort -n`
    for i in $TMP
    do
      echo $i `get_name $i` off
    done
  fi
}

gen_member_remove_choice () {
  if $RSBACPATH""acl_group -sn get_group_members $GROUP >$TMPFILE 2>/dev/null
  then
    TMP=`cat $TMPFILE | sort -n`
    for i in $TMP
    do
      echo $i `get_name $i` off
    done
  fi
}

group_menu () {
  GROUP=$1
  if $RSBACPATH""acl_group get_group_type $GROUP >$TMPFILE 2>$TMPFILETWO
  then TYPE=`cat $TMPFILE`
  else
    dialog --title "$ERRTITLE" \
           --backtitle "$BACKTITLE" \
           --msgbox "`head -n 1 $TMPFILETWO`" $BL $BC
    return
  fi
  if $RSBACPATH""acl_group get_group_owner $GROUP >$TMPFILE 2>$TMPFILETWO
  then OWNER=`cat $TMPFILE`
  else
    dialog --title "$ERRTITLE" \
           --backtitle "$BACKTITLE" \
           --msgbox "`head -n 1 $TMPFILETWO`" $BL $BC
    return
  fi
  if $RSBACPATH""acl_group get_group_name $GROUP >$TMPFILE 2>$TMPFILETWO
  then NAME=`cat $TMPFILE`
  else
    dialog --title "$ERRTITLE" \
           --backtitle "$BACKTITLE" \
           --msgbox "`head -n 1 $TMPFILETWO`" $BL $BC
    return
  fi
  while true ; do \
    if ! \
    dialog --title "$TITLE" \
           --backtitle "$BACKTITLE" \
           --menu "Group Menu - Group $GROUP" $BL $BC $MAXLINES \
                  "Type" "$TYPE" \
                  "Owner" "$OWNER" \
                  "Name" "$NAME" \
                  "--------------" "" \
                  "Add Members" "" \
                  "Remove Members" "" \
                  "--------------" "" \
                  `gen_ulist $GROUP` \
                  "--------------" "" \
                  "Quit" "" \
           2>$TMPFILE
    then rm $TMPFILETWO ; return
    fi

    SELECTED=`cat $TMPFILE`
    case $SELECTED in
      Type)
          if test "$TYPE" == PRIVATE
          then TMP=GLOBAL
          else TMP=PRIVATE
          fi
          if $RSBACPATH""acl_group change_group $GROUP $OWNER $TMP "$NAME" &>$TMPFILE
          then
            TYPE=$TMP
          else
            dialog --title "$ERRTITLE" \
                   --backtitle "$BACKTITLE" \
                   --msgbox "`head -n 1 $TMPFILE`" $BL $BC
          fi
        ;;

      Owner)
          if dialog --title "$TITLE" \
                    --backtitle "$BACKTITLE" \
                    --menu "Choose new owner for group $GROUP" $BL $BC $MAXLINES \
                           `${RSBACPATH}attr_get_user -bl` \
            2>$TMPFILE
          then
            TMP=`cat $TMPFILE`
            if $RSBACPATH""acl_group change_group $GROUP $TMP $TYPE "$NAME" &>$TMPFILE
            then
              OWNER=$TMP
            else
              dialog --title "$ERRTITLE" \
                     --backtitle "$BACKTITLE" \
                     --msgbox "`head -n 1 $TMPFILE`" $BL $BC
            fi
          fi
        ;;

      Name)
          if dialog --title "$TITLE" \
                    --backtitle "$BACKTITLE" \
                    --inputbox "New name for group $GROUP" $BL $BC "$NAME" \
            2>$TMPFILE
          then
            TMP=`cat $TMPFILE`
            if $RSBACPATH""acl_group change_group $GROUP $OWNER $TYPE "$TMP" &>$TMPFILE
            then
              NAME="$TMP"
            else
              dialog --title "$ERRTITLE" \
                     --backtitle "$BACKTITLE" \
                     --msgbox "`head -n 1 $TMPFILE`" $BL $BC
            fi
          fi
        ;;

      'Add Members')
          if dialog --title "$TITLE" \
                    --backtitle "$BACKTITLE" \
                    --checklist "New members for group $GROUP" $BL $BC $MAXLINES \
                      `gen_member_add_choice` \
             2>$TMPFILE
          then
            TMP=`cat $TMPFILE | tr -d '"'`
            if ! $RSBACPATH""acl_group add_member $GROUP $TMP &>$TMPFILE
            then 
              dialog --title "$ERRTITLE" \
                     --backtitle "$BACKTITLE" \
                     --msgbox "`head -n 1 $TMPFILE`" $BL $BC
            fi
          fi
        ;;

      'Remove Members')
          if dialog --title "$TITLE" \
                    --backtitle "$BACKTITLE" \
                    --checklist "Members to be removed from group $GROUP" $BL $BC $MAXLINES \
                      `gen_member_remove_choice` \
             2>$TMPFILE
          then
            TMP=`cat $TMPFILE | tr -d '"'`
            if ! $RSBACPATH""acl_group remove_member $GROUP $TMP &>$TMPFILE
            then 
              dialog --title "$ERRTITLE" \
                     --backtitle "$BACKTITLE" \
                     --msgbox "`head -n 1 $TMPFILE`" $BL $BC
            fi
          fi
        ;;

      Quit)
          rm $TMPFILETWO
          return
        ;;

      "--------------")
          dialog --title "$ERRTITLE" \
                 --backtitle "$BACKTITLE" \
                 --msgbox "Group Menu: Selection Error!" 5 $BC
        ;;
      *)
          TMP=`get_name $SELECTED`
          dialog --title "$TITLE" \
                 --backtitle "$BACKTITLE" \
                 --msgbox "Group Menu: `grep '^'$TMP /etc/passwd`" 5 $BC
        ;;

    esac
  done
}

###################### Menu #################

SHOW=All

if test "$1" == "-h" -o "$1" == "--help"
then
  echo Use: $0 '[group-id]'
  exit
fi
if test -n "$1"
then
  group_menu $1
fi

while true ; do \
  if ! \
  dialog --title "$TITLE" \
         --backtitle "$BACKTITLE" \
         --menu "Main Menu" $BL $BC $MAXLINES \
                "All / Personal" "$SHOW" \
                "Add Group" "" \
                "Remove Group" "" \
                "--------------" "" \
                `gen_glist $SHOW` \
                "--------------" "" \
                "Quit" "" \
         2>$TMPFILE
   then rm $TMPFILE ; exit
  fi

  SELECTED=`cat $TMPFILE`
  case $SELECTED in
    "All / Personal")
        if test "$SHOW" == "All"
        then SHOW=Personal
        else SHOW=All
        fi
      ;;

    'Add Group')
        if dialog --title "$TITLE" \
                  --backtitle "$BACKTITLE" \
                  --inputbox "Name for new group" $BL $BC "New Group" \
           2>$TMPFILE
        then
          TMP=`cat $TMPFILE`
          if ! $RSBACPATH""acl_group add_group P "$TMP" &>$TMPFILE
          then 
            dialog --title "$ERRTITLE" \
                   --backtitle "$BACKTITLE" \
                   --msgbox "`head -n 1 $TMPFILE`" $BL $BC
          fi
        fi
      ;;

    "Remove Group")
        if dialog --title "$TITLE" \
                  --backtitle "$BACKTITLE" \
                  --menu "Choose group to delete" $BL $BC $MAXLINES \
                  `gen_glist Personal` \
               2>$TMPFILE
        then
          TMP=`cat $TMPFILE`
          if ! $RSBACPATH""acl_group remove_group $TMP &>$TMPFILE
          then 
            dialog --title "$ERRTITLE" \
                   --backtitle "$BACKTITLE" \
                   --msgbox "`head -n 1 $TMPFILE`" $BL $BC
          fi
        fi
      ;;

    Quit)
        rm $TMPFILE ; exit
      ;;

    -------------------)
        dialog --title "$ERRTITLE" \
               --backtitle "$BACKTITLE" \
               --msgbox "Main Menu: Selection Error!" 5 $BC
      ;;

    *)
      group_menu $SELECTED
      ;;

  esac
# sleep 2
done
