#!/bin/sh -e

. alterator-openldap-functions

# Read default configuration
set_ldap_config

[ -n "$DN_CONF" ] || fatal "DN_CONF not set"

primary=

if [ $# -lt 2 ]; then
    mod="-h"
else
    mod="$1"; shift
    if [ "$mod" = "-g" ]; then
	primary="$1"; shift
    fi
    user="$1"; shift
    [ -z "$user" ] && fatal "user name is required"
    [ -z "$(ldap-getent passwd "$user")" ] &&
	fatal "user name \"$user\" is not exists"
fi

# Parse arguments
case "$mod" in
    -g)
	[ -z "$primary" ] && fatal "primary group name is missing"
	gid="$(ldap-getent group "$primary" gidNumber)"
	[ -z "$gid" ] && fatal "group name \"$primary\" not exists"
	echo "gidNumber:$gid" | ldap-usermod replace "$user"
	exit
	;;
    --version)
	get_ldap_version
	exit
	;;
    -h|--help)
	cat <<EOF
Usage:

    $0 <mode> <user>
    $0 -g <group> <user>

Arguments:

    mode        'add'. 'replace' or 'del'.
                Pairs of '<name>:<value>' will be read from stdin.
    user        LDAP user name
    -g <group>  Set primary <group> for user
    -h, --help  show this help
    --version   show version

EOF
	exit
	;;
esac

#edit ldap
ruby -e '
require "ldap"
require "ldap/ldif"

mod = LDAP::LDAP_MOD_REPLACE
case ARGV[0]
    when "add"
        mod = LDAP::LDAP_MOD_ADD
    when "del"
        mod = LDAP::LDAP_MOD_DELETE
end

ARGV.delete_at(0)

dn = ARGV[0]
attrs = {}
$stdin.each do |l|
  l.force_encoding("UTF-8") if l.respond_to? :force_encoding
  key, val = l.chomp.split(/:/, 2)
  attrs[key] ||= []
  attrs[key] << val unless val.empty?
end
puts LDAP::LDIF.mods_to_ldif(dn, *LDAP.hash2mods(mod, attrs))
' "$mod" "uid=$user,ou=People,$base" |
	ldapmodify -D "$rootdn" $rootpw -x \
			-H "ldap://${host:-127.0.0.1}" >/dev/null

