From c1a34caba7c39d3f27f7dd6ba249046e04a83e1c Mon Sep 17 00:00:00 2001
From: Ander Punnar <ander@kvlt.ee>
Date: Tue, 16 Apr 2019 19:06:48 +0300
Subject: [PATCH] __acl: add "other" ACL entry support and some comments,
 remove getfacl's inline comments

---
 cdist/conf/type/__acl/explorer/acl_is    |  5 +++--
 cdist/conf/type/__acl/gencode-remote     | 21 +++++++++++++++++++--
 cdist/conf/type/__acl/man.rst            |  6 +++++-
 cdist/conf/type/__acl/parameter/optional |  1 +
 4 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/cdist/conf/type/__acl/explorer/acl_is b/cdist/conf/type/__acl/explorer/acl_is
index 89da89f1..70e18116 100755
--- a/cdist/conf/type/__acl/explorer/acl_is
+++ b/cdist/conf/type/__acl/explorer/acl_is
@@ -26,6 +26,7 @@ then
     exit 1
 fi
 
-getfacl "/$__object_id" 2>/dev/null \
-    | grep -E '^((default:)?(user|group):[^:]|(default:)?mask::)' \
+getfacl -E "/$__object_id" 2>/dev/null \
+    | grep -E '^(default:)?(user|group|(mask|other):):[^:]' \
+    | sed -r 's/#.+$//' \
     || true
diff --git a/cdist/conf/type/__acl/gencode-remote b/cdist/conf/type/__acl/gencode-remote
index 91fb7117..ce88afc4 100755
--- a/cdist/conf/type/__acl/gencode-remote
+++ b/cdist/conf/type/__acl/gencode-remote
@@ -28,7 +28,8 @@ acl_is="$( cat "$__object/explorer/acl_is" )"
 
 acl_path="/$__object_id"
 
-acl_should="$( for parameter in user group
+acl_should="$(
+for parameter in user group
 do
     if [ ! -f "$__object/parameter/$parameter" ]
     then continue
@@ -53,6 +54,7 @@ do
         fi
     done < "$__object/parameter/$parameter"
 done
+
 if [ -f "$__object/parameter/mask" ]
 then
     l=$( cat "$__object/parameter/mask" )
@@ -64,6 +66,18 @@ then
     then echo "default:mask::$l"
     fi
 fi
+
+if [ -f "$__object/parameter/other" ]
+then
+    l=$( cat "$__object/parameter/other" )
+
+    echo "other::$l"
+
+    if [ -f "$__object/parameter/default" ] \
+        && [ "$is_dir" = '1' ]
+    then echo "default:other::$l"
+    fi
+fi
 )"
 
 setfacl_exec='setfacl'
@@ -89,8 +103,11 @@ then
     else
         echo "$acl_is" | while read -r acl
         do
+            # Skip wanted ACL entries which already exist
+            # and skip mask and other entries, because we
+            # can't actually remove them, but only change.
             if echo "$acl_should" | grep -Eq "^$acl" \
-                || echo "$acl" | grep -Eq '^(default:)?mask'
+                || echo "$acl" | grep -Eq '^(default:)?(mask|other)'
             then continue
             fi
 
diff --git a/cdist/conf/type/__acl/man.rst b/cdist/conf/type/__acl/man.rst
index c10ee1a0..40c3ead4 100644
--- a/cdist/conf/type/__acl/man.rst
+++ b/cdist/conf/type/__acl/man.rst
@@ -18,6 +18,9 @@ OPTIONAL PARAMETERS
 mask
    Add mask ACL entry.
 
+other
+   Add other ACL entry.
+
 
 OPTIONAL MULTIPLE PARAMETERS
 ----------------------------
@@ -53,7 +56,8 @@ EXAMPLES
         --user bob:r-x \
         --group project-group:rwx \
         --group some-other-group:r-x \
-        --mask r-x
+        --mask r-x \
+        --other r-x
 
 
 AUTHORS
diff --git a/cdist/conf/type/__acl/parameter/optional b/cdist/conf/type/__acl/parameter/optional
index bb4fcf2b..4b32086b 100644
--- a/cdist/conf/type/__acl/parameter/optional
+++ b/cdist/conf/type/__acl/parameter/optional
@@ -1 +1,2 @@
 mask
+other