#!/bin/sh -e

. alterator-openldap-functions

# Read default configuration
set_ldap_config

[ -n "$DN_CONF" ] || fatal "DN_CONF not set"

# show usage information if no arguments
if [ $# -eq 0 ]; then
    db="-h"
else
    db="$1"
    shift
fi

key="*"
[ $# -gt 0 ] && { key="$1"; shift; }

ldap_parse_reply()
{
		ruby -e '
require "ldap"
require "ldap/ldif"

defaultArgs = Array.new

case ARGV[0]
    when "group"
        defaultArgs = %w/cn userPassword gidNumber memberUid/
    when "passwd"
        defaultArgs = %w/uid userPassword uidNumber gidNumber gecos homeDirectory loginShell/
    when "ws"
        defaultArgs = %w/uid "" uidNumber/
end

ARGV.delete_at(0)

args = ARGV.empty? ? defaultArgs : ARGV.dup

LDAP::LDIF.parse_file "/dev/stdin" do |obj|
  reply = args.collect do |f|
    (obj.attrs[f.downcase] || [""]) * ","
  end
  puts reply * ":"
end
' "$@"
}

ldap_search_groups()
{
	ldapsearch -LLL -b "ou=Group,$base" -x \
		-H "ldap://${host:-127.0.0.1}" \
		"(&(objectClass=posixGroup)(cn=$key))" |
	ldap_parse_reply group "$@" 2>/dev/null
}

ldap_search_users()
{
	ldapsearch -LLL -b "ou=People,$base" -x \
		-H "ldap://${host:-127.0.0.1}" \
		"(&(objectClass=posixAccount)(uid=$key))" |
	ldap_parse_reply passwd "$@" 2>/dev/null
}

ldap_search_workstations()
{
	section=$(ldapsearch -LLL -b "$base" \
			-x -H "ldap://${host:-127.0.0.1}" \
			"(&(objectClass=organizationalUnit)(ou=Computers))")
	if [ -n "$section" ]; then
		ldapsearch -LLL -b "ou=Computers,$base" -x \
				-H "ldap://${host:-127.0.0.1}" \
				"(&(objectClass=posixAccount)(uid=$key))" |
		ldap_parse_reply ws "$@" 2>/dev/null
	fi
}

# Parse arguments
case "$db" in
    "group")
	ldap_search_groups "$@"
	;;
    "passwd")
	ldap_search_users "$@"
	;;
    "ws")
	ldap_search_workstations "$@"
	;;
    "--version")
	get_ldap_version
	;;
    -h|--help|*)
	cat <<EOF
Usage:

    $0 <command> [<objname>]

Available commands:

    group       show LDAP group properties or all groups if objname is '*' or is omitted
    passwd      show LDAP user properties or all users if objname is '*' or is omitted
    ws          show registered workstation or all workstations if objname is '*' or is omitted
    -h, --help  show this help
    --version   show version

EOF

esac

