#!/bin/sh
#
# 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Manage groups.
#

name="$__object_id"
os_version="$(cat "$__global/explorer/os_version")"
os="$(cat "$__global/explorer/os")"

cd "$__object/parameter"
if grep -q "^${name}:" "$__object/explorer/group"; then
   for property in $(ls .); do
      new_value="$(cat "$property")"
      # argument to pass the groupmod command for this property (exceptions
      # are made in the case statement below)
      proparg="--$property"

      case "$property" in
         password)
            if [ "$os" = "freebsd" ]; then
               echo "group/$name: FreeBSD doesn't support password modification" >&2
               exit 1
            fi
            case "$os_version" in
               "Red Hat Enterprise Linux Server release "[45]*|"CentOS release "[45]*)
                  # TODO: Use gpasswd?  Need to fix gshadow explorer first.
                  echo "group/$name: '$os_version' groupmod does not support password modification" >&2
                  exit 1
               ;;
            esac
            current_value="$(awk -F: '{ print $2 }' < "$__object/explorer/gshadow")"
         ;;
         gid)
            # set to -g to support older redhat/centos
            proparg="-g"
            current_value="$(awk -F: '{ print $3 }' < "$__object/explorer/group")"
         ;;
      esac

      if [ "$new_value" != "$current_value" ]; then
         set -- "$@" "$proparg" \"$new_value\"
         echo change $property $new_value $current_value >> "$__messages_out"
      fi
   done

   if [ $# -gt 0 ]; then
      echo mod >> "$__messages_out"
      case $os in
         freebsd)
            echo pw group mod "$@" "$name"
            ;;
         *)
            echo groupmod "$@" "$name"
            ;;
      esac
   fi
else
   echo add >> "$__messages_out"
   for property in $(ls .); do
      new_value="$(cat "$property")"
      if [ "$os" = "freebsd" ]; then
         case $property in
            gid)
               proparg="-g"
               ;;
            password)
               echo "group/$name: FreeBSD doesn't support password setting" >&2
               exit 1
               ;;
            *)
               # The type has been updated to support more properties than it knows how to handle for FreeBSD
               # tell the user about this.
               echo "Currently unknown property: $property" >&2
               exit 1
               ;;
         esac
      else
         proparg="--$property"
      fi

      set -- "$@" "$proparg" \"$new_value\"
      echo set $property $new_value >> "$__messages_out"
   done

   case $os in
      freebsd)
         echo pw group add "$@" "$name"
         ;;
      *)
         echo groupadd "$@" "$name"
         ;;
   esac
fi

