#!/bin/sh -e
#
# 2011-2015 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011 Nico Schottelius (nico-cdist at schottelius.org)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
#
# Manage groups.
#

name="$__object_id"
os="$(cat "$__global/explorer/os")"
state="$(cat "$__object/parameter/state")"


# Use short option names for portability
shorten_property() {
   case "$1" in
      gid) echo -- "-g";;
      password) echo -- "-p";;
      system) echo -- "-r";;
   esac
}


if [ "$state" = "present" ]; then
   case "$os" in
      freebsd)
         supported_change_properties="gid"
      ;;
      *)
         supported_change_properties="gid password"
      ;;
   esac
   if grep -q "^${name}:" "$__object/explorer/group"; then
      # change existing
      for property in $supported_change_properties; do
         if [ -f "$__object/parameter/$property" ]; then
            new_value="$(cat "$__object/parameter/$property")"
            unset current_value
            case "$property" in
               password)
                  current_value="$(awk -F: '{ print $2 }' "$__object/explorer/gshadow")"
               ;;
               gid)
                  current_value="$(awk -F: '{ print $3 }' "$__object/explorer/group")"
               ;;
            esac
            if [ "$new_value" != "$current_value" ]; then
               set -- "$@" "$(shorten_property $property)" \'$new_value\'
               echo change $property $new_value $current_value >> "$__messages_out"
            fi
         fi
      done
      if [ $# -gt 0 ]; then
         if [ "$os" = "freebsd" ]; then
            echo pw groupmod "$@" "$name"
         else
            echo groupmod "$@" "$name"
         fi
         echo mod >> "$__messages_out"
      fi
   else
      # create new
      for property in $supported_change_properties; do
         if [ -f "$__object/parameter/$property" ]; then
            new_value="$(cat "$__object/parameter/$property")"
            if [ -z "$new_value" ]; then
               # Boolean parameters have no value
               set -- "$@" "$(shorten_property $property)"
            else
               set -- "$@" "$(shorten_property $property)" \'$new_value\'
            fi
         fi
      done
      if [ "$os" = "freebsd" ]; then
         echo pw groupadd "$@" "$name"
      else
         echo groupadd "$@" "$name"
      fi
   fi
else
   # delete existing
   if grep -q "^${name}:" "$__object/explorer/group"; then
      if [ "$os" = "freebsd" ]; then
         echo pw groupdel "$name"
      else
         echo groupdel "$name"
      fi
      echo remove >> "$__messages_out"
   fi
fi