#!/bin/sh -e

. alterator-openldap-functions

# Read default configuration
set_ldap_config

[ -n "$DN_CONF" ] || fatal "DN_CONF not set"

if [ "$#" -eq 0 ]; then db="-h" # show usage information if no arguments
else db="$1"; shift; fi

key="*"
[ "$#" -gt 0 ] && {	key="$1"; shift; }

ldap_parse_reply()
{
		ruby -e '
require "ldap"
require "ldap/ldif"

defaultArgs = Array.new

case ARGV[0]
    when "group"
        defaultArgs = %w/cn userPassword gidNumber memberUid/
    when "passwd"
        defaultArgs = %w/uid userPassword uidNumber gidNumber gecos homeDirectory loginShell/
    when "ws"
        defaultArgs = %w/uid "" uidNumber/
end

ARGV.delete_at(0)

args = ARGV.empty? ? defaultArgs : ARGV.dup

LDAP::LDIF.parse_file "/dev/stdin" do |obj|
  reply = args.collect do |f|
    (obj.attrs[f.downcase] || [""]) * ","
  end
  puts reply * ":"
end
' "$@"
}


ldap_search_groups()
{
	ldapsearch -LLL -b "ou=Group,$base" -x -H "ldap://${host:-127.0.0.1}" "(&(objectClass=posixGroup)(cn=$key))" |
		ldap_parse_reply group "$@" 2>/dev/null
}

ldap_search_users()
{
	ldapsearch -LLL -b "ou=People,$base" -x -H "ldap://${host:-127.0.0.1}" "(&(objectClass=posixAccount)(uid=$key))" |
		ldap_parse_reply passwd "$@" 2>/dev/null
}

ldap_search_workstations()
{
	section=$(ldapsearch -LLL -b "$base" -x -H "ldap://${host:-127.0.0.1}" "(&(objectClass=organizationalUnit)(ou=Computers))")
	if [ -n "$section" ]; then
	    ldapsearch -LLL -b "ou=Computers,$base" -x -H "ldap://${host:-127.0.0.1}" "(&(objectClass=posixAccount)(uid=$key))" |
		ldap_parse_reply ws "$@" 2>/dev/null
	fi
}

# Parse arguments
case "$db" in
	"group")
		ldap_search_groups "$@"
		;;
	"passwd")
		ldap_search_users "$@"
		;;
	"ws")
		ldap_search_workstations "$@"
		;;
    "--version")
        get_ldap_version
        ;;
    -h|--help|*)
        cat <<EOF
Usage: 

    $0 <command> [<objname>]

Available commands:

    group       show LDAP group properties or all groups if objname is '*' or is omitted
    passwd      show LDAP user properties or all users if objname is '*' or is omitted
    ws          show registered workstation or all workstations if objname is '*' or is omitted
    -h, --help  show this help
    --version   show version

EOF

esac
