#!/bin/sh -e
#
# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#

user="$(cat "$__object/parameter/user" 2>/dev/null || echo "$__object_id")"
state_should="$(cat "$__object/parameter/state")"
oldusermod="$(cat "$__object/explorer/oldusermod")"
os=$(cat "$__global/explorer/os")

mkdir "$__object/files"
# file has to be sorted for comparison with `comm`
sort "$__object/parameter/group" > "$__object/files/group.sorted"

case "$state_should" in
   present)
      changed_groups="$(comm -13 "$__object/explorer/group" "$__object/files/group.sorted")"
   ;;
   absent)
      changed_groups="$(comm -12 "$__object/explorer/group" "$__object/files/group.sorted")"
   ;;
esac

if [ -z "$changed_groups" ]; then
   # Nothing to do, move along
   exit 0
fi

for group in $changed_groups; do
   if [ "$os" = "netbsd" ] || [ "$os" = "openbsd" ]; then
      case "$state_should" in
         present) echo "usermod -G \"$group\" \"$user\"" ;;
         absent) echo 'NetBSD and OpenBSD do not have a command to remove a user from a group' >&2 ; exit 1 ;;
      esac
   elif [ "$os" = "freebsd" ]; then
      case "$state_should" in
         present) echo "pw groupmod \"$group\" -m \"$user\"" ;;
         absent) echo "pw groupmod \"$group\" -d \"$user\"" ;;
      esac
   elif [ "$oldusermod" = "true" ]; then
      case "$state_should" in
         present) echo "usermod -A \"$group\" \"$user\"" ;;
         absent) echo "usermod -R \"$group\" \"$user\"" ;;
      esac
   else
      case "$state_should" in
         present) echo "gpasswd -a \"$user\" \"$group\"" ;;
         absent) echo "gpasswd -d \"$user\" \"$group\"" ;;
      esac
   fi
done