#!/bin/sh -e
#
# 2012-2014 Steven Armstrong (steven-cdist at armstrong.cc)
# 2014 Nico Schottelius (nico-cdist at schottelius.org)
# 2021 Darko Poljak (darko.poljak at gmail.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#

owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
file="$(cat "$__object/explorer/file")"

if [ ! -f "$__object/parameter/nofile" ] && [ -z "${file}" ]
then
    printf "Cannot determine path of authorized_keys file\\n" >&2
    exit 1
fi

if [ ! -f "$__object/parameter/noparent" ] || [ ! -f "$__object/parameter/nofile" ]; then
    group="$(cut -d':' -f 1 "$__object/explorer/group")"
    if [ -z "${group}" ]; then
        printf "Failed to get owners group from explorer\\n" >&2
        exit 1
    fi

    if [ ! -f "$__object/parameter/noparent" ]; then
        __ssh_dot_ssh "${owner}"
        export require="__ssh_dot_ssh/${owner}"
    fi
    if [ ! -f "$__object/parameter/nofile" ]; then
        # Ensure that authorized_keys file exists and has the right permissions.
        __file "${file}" \
            --owner "${owner}" \
            --group "${group}" \
            --mode 0600 \
            --state exists
        export require="__file/${file}"
    fi
fi