#!/bin/sh

alterator_api_version=1
po_domain="alterator-ahttpd"
aclfile="/etc/ahttpd/acl.conf"

. alterator-sh-functions
. shell-config
rdelim='[[:space:]]\+'
wdelim='	'

### acl work
acl_read()
{
    shell_config_get "$aclfile" "$1" "$rdelim"
}

acl_add()
{
    local users="$(acl_read "$1")"
    [ -n "$users" ] || users="root"
    shell_config_set "$aclfile" "$1" "${users},$2" "$rdelim" "$wdelim"
}

acl_del()
{
    local users="$(acl_read "$1")"
    local out=
    local IFS=','

    for i in $users; do
	[ "$i" == "$2" ] || out="$out,$i"
    done

    out=${out#,}
    if [ "$out" = "root" ];then
	shell_config_del "$aclfile" "$1" "$rdelim"
    else
	shell_config_set "$aclfile" "$1" "${out#,}" "$rdelim" "$wdelim"
    fi
}

name_read()
{
    local fname="/usr/share/alterator/applications/$in_desktopfile.desktop"
    alterator-dump-desktop -v lang="$in_language" -v out="Name" "$fname"
}

uri_read()
{
    local fname="/usr/share/alterator/applications/$in_desktopfile.desktop"
    shell_config_get "$fname" X-Alterator-URI
}

read_module()
{
    write_string_param name "$(name_read "$fname")"
}

write_module()
{
    local uri="$(uri_read)"

    if [ -n "$in_new" -a -n "$in_new_user" ];then
	acl_add "$uri" "$in_new_user"
    elif [ -n "$in_delete" -a -n "$in_user" ];then
	acl_del "$uri" "$in_user"
    fi
}

list_unused_users()
{
    local uri="$(uri_read)"

    local UID_MIN="$(grep -s ^UID_MIN /etc/login.defs |awk '{print $2;exit}')"
    [ -n "$UID_MIN" ] || UID_MIN=500

    local installed="$(mktemp -t installed.XXXXXX)"
    acl_read "$uri"|tr ',' '\n' | sort >"$installed"

    getent passwd |
	awk -F: -v "uid_min=$UID_MIN" '$3>=uid_min && $1!="root" && $7!="/dev/null"{print $1}'|
	sort |
	comm -23 - "$installed" |
	write_enum

    rm -f "$installed"
}

list_users()
{
    local uri="$(uri_read)"

    acl_read "$uri"|
	tr ',' '\n'|
	grep -v 'root'| #skip default administrator
	sort|
	write_enum
}



on_message()
{
	case "$in_action" in
	    read)
		if [ -z "$in_desktopfile" ];then
		    write_error "`_ "No module found"`"
		    return
		fi
		read_module "$in_desktopfile"
		;;
	    list)
		case "$in__objects" in
		    unused_users) list_unused_users;;
		    users)	list_users;;
		esac
		;;
	    write)
		write_module
		;;
	esac
}

message_loop
