#! /opt/Guardian/Admin/php/bin/php
<?php
/*
 * Copyright(c) 2007 CANON SYSTEM SOLUTIONS INC. All rights reserved.
 * ԥȤɲ/ѥɤѹ
 * FOR GUARDIANSUITE Version 4.0/4.1
 */

require_once "login.php";
require_once 'send_config.php';

$script_name = basename(array_shift($argv));
$clazz = get_classname($script_name);
if ($clazz == false)
    usage();

$opt = array_shift($argv);

if ($opt == null) {
    usage();
} else if ($opt == "--delete" || $opt == "-d") {
    $opt = array_shift($argv);
    if ($opt == null)
        usage();
    $user = $opt;
    _delete_user($clazz, $user);
} else if ($opt{0} == '-') {
    usage();
} else {
    $user = $opt;
    _change_passwd($clazz, $user);
}

exit(0);


function get_classname($filename) {
    $s = substr($filename, 0, 3);
    switch ($s) {
    case "adm":
        return "admin";
    case "mng":
        return "manager";
    case "sys":
        return "sysadm";
    case "usr":
        return "usradm";
    default:
        return false;
    }
}

function usage() {
    global $script_name;
    fwrite(STDERR, "Usage: $script_name [OPTION] user\n");
    fwrite(STDERR, "  Change/Add/Delete user account\n");
    fwrite(STDERR, "  option  --delete | -d:  delete specified user account\n");
    exit(1);
}

function _delete_user($clazz, $user) {
    fwrite(STDERR, "DELETE $user\n");
    $has_conf = file_exists(Account::getPropertyFile($clazz, $user));
    $rtn = revoke_account($clazz, $user);
    if ($rtn && $has_conf)
        $rtn = guts_send_config(null, "mail", $clazz, array($user), false, false, $out);
}

function is_interactive() {
    system("test -t 0", $r);
    return ($r == 0);
}

function _change_passwd($clazz, $user) {

    $u =& get_account($clazz, $user);
    if ($u != null && $u->auth_type == 'ldap') {
        fwrite(STDERR, "ldap user named $user already exists.\n");
        exit(1);
    }

    $has_tty = is_interactive();
    $passwd = get_passwd($user, $has_tty);
    if (!checkPasswd($passwd, $passwd, $user, $error)) {
        fwrite(STDERR, "Invalid password: $error\n");
        exit(1);
    }        

    $rtn = change_passwd($clazz, $user, $passwd);
    if (!$rtn) {
        fwrite(STDERR, "Updating passwd file failed.\n");
        exit(1);
    }

    if ($clazz != "usradm") {
        $conf = Account::getPropertyFile($clazz, $user);
        if (file_exists($conf)) {
            change_lastpasswd_mod($clazz, $user);
        } else {
            $section = findSectionName($clazz);
            if ($section == null)
                return false;
            $tmpfn = tempnam(TMP_DIR, ".acnt");
            $fp = fopen($tmpfn, "w");
            if ($fp == null)
                return false;
            fputs($fp, $section . "\n");
            fputs($fp, "RealName = \n");
            fputs($fp, "[SHARE]\n");
            fputs($fp, "LastPasswdTime = ");
            fputs($fp, time());
            fputs($fp, "\n");
            fclose($fp);
            su_cp($tmpfn, $conf);
            su_chmod("644", $conf);
            @ unlink($tmpfn);
        }
    }

    if ($u != null)
        fwrite(STDERR, "Updating password for user $user\n");
    else
        fwrite(STDERR, "Adding password for user $user\n");
}

function get_passwd($user, $has_tty = true) {
    if ($has_tty) {
        fwrite(STDOUT, "CHANGE/ADD password for $user\n");
        fwrite(STDOUT, "New password: ");
        fflush(STDOUT);
        system("stty -echo echonl");
    }
    $s0 = fgets(STDIN);
    if ($has_tty) {
        fwrite(STDOUT, "Re-type new password: ");
        fflush(STDOUT);
    }
    $s1 = fgets(STDIN);
    if ($has_tty) {
        system("stty echo -echonl");
    }
    if ($s0 != $s1) {
        fwrite(STDERR, "password verification error\n");
        exit(1);
    }
    return rtrim($s0);
}

?>
