#!/bin/sh

export PATH="/bin:/usr/bin"
CONFIG="./config.test"

get_param() {
  grep "^$1=" "$CONFIG" | cut -d= -f2-
}

LIBDIR=`get_param LIBDIR`
LOGFILE=`get_param LOGFILE`
GROUPFILE=`get_param GROUPFILE`
export NO_SYSUTILS=`get_param NO_SYSUTILS`
test -z "$LIBDIR" && echo "LIBDIR is empty.  Is there a configuration file in $CONFIG?" 1>&2 && exit 1

REQUESTOR="$1"
OPERATION="$2"
GROUP="$3"
MEMBER="$4"
test -z "$MEMBER" && MEMBER="$REQUESTOR"

die() {
  RETVAL="$1"
  shift
  echo "$@" 1>&2
  echo "Error: $@" >> "$LOGFILE"
  echo "ABORTED ugadmin `date`" >> "$LOGFILE"
  exit "$RETVAL"
}

echo "BEGIN ugadmin `date`" >> "$LOGFILE"
echo "Called as: ugadmin $@" >> "$LOGFILE"

test -z "$REQUESTOR" && die 5 "Do not call ugadmin directly"
test -z "$OPERATION" && die 5 "You must specify an operation"
test -z "$GROUP" && die 5 "You must specify a group"

cmd="$LIBDIR/checkperms '$OPERATION' '$REQUESTOR' '$GROUP' '$MEMBER' '$GROUPFILE' '$CONFIG'"
echo "Running $cmd" >> "$LOGFILE"
! eval "$cmd" >> "$LOGFILE" 2>&1 && \
  die 2 "Insufficient privileges for $OPERATION (see $CONFIG)"

cmd="$LIBDIR/groups-$OPERATION '$REQUESTOR' '$GROUP' '$MEMBER' '$GROUPFILE'"
echo "Running $cmd" >> "$LOGFILE"
! eval "$cmd" >> "$LOGFILE" 2>&1 && \
  die 1 "Operation failed: `tail -1 "$LOGFILE"`"

echo "Succeeded: $OPERATION $GROUP of $MEMBER by $REQUESTOR"

echo "END ugadmin `date`" >> "$LOGFILE"