#!/bin/bash
#
# (c) 2004-2100 ;)
# Author: cutmasta AT netline-is D0T de
# 
#
# This Script adds a OXLDAP User and creates the rights profile in the DB!
#
#
# GLOBAL CONFIGFILE
prefix=/usr
exec_prefix=${prefix}

GLOBAL_CONF="/etc/open-xchange/admintools.conf"

PASS_DIRECT=false

if [ -f $GLOBAL_CONF ]
    then
    . $GLOBAL_CONF
    else
    echo "Config File $GLOBAL_CONF not found."
    exit 0
fi


if [ $UID != 0 ]
then
  echo "Execute as root...or make sure slappasswd is in PATH"
  exit 0
fi



ac_prev=
for ac_option
do 
  if test -n "$ac_prev"; then
    eval "$ac_prev=\$ac_option"
    ac_prev=
    continue
  fi
  case "$ac_option" in
      -*=*) ac_optarg=`echo "$ac_option" | $SED_BIN 's/[-_a-zA-Z0-9]*=//'` ;;
      *) ac_optarg= ;;
  esac
  
  case "$ac_option" in
      
      --username)
	  ac_prev=username ;;
      --username=*) 
	  USERNAME=$ac_optarg ;;

      --passwd)
	  ac_prev=passwd ;;
      --passwd=*) 
	  USR_PASS=$ac_optarg ;;

      --passwd-direct)
      	  PASS_DIRECT=true ;;

      --name)
	  ac_prev=name ;;
      --name=*) 
	  NAME=$ac_optarg ;;

      --sname)
	  ac_prev=sname ;;
      --sname=*) 
	  SNAME=$ac_optarg ;;

      --maildomain)
	  ac_prev=maildomain ;;
      --maildomain=*) 
	  MAILDOMAIN=$ac_optarg ;;

      --shell)
	  ac_prev=shell ;;
      --shell=*) 
	  USR_SHELL=$ac_optarg ;;

      --lang)
	  ac_prev=lang ;;
      --lang=*) 
	  PREF_LANG=$ac_optarg ;;
      
      --mail_enabled)
	  ac_prev=mail_enabled ;;
      --mail_enabled=*) 
	  MAIL_ENAB=$ac_optarg ;;
      
      --inetmail)
	  ac_prev=inetmail ;;
      --inetmail=*) 
	  INET_MAIL=$ac_optarg ;;
      
      --ox_appointment_days)
	  ac_prev=ox_appointment_days ;;
      --ox_appointment_days=*) 
	  OX_APP_DAYS=$ac_optarg ;;

      --ox_task_days)
	  ac_prev=ox_task_days ;;
      --ox_task_days=*) 
	  OX_TASK_DAYS=$ac_optarg ;;

      --ox_timezone)
	  ac_prev=ox_timezone ;;
      --ox_timezone=*) 
	  OX_TZ=$ac_optarg ;;

      --write_global_address)
	  ac_prev=write_global_address ;;
      --write_global_address=*) 
	 WRITE_GLOBAL_ADDR=$ac_optarg ;;

      -help | --help | -? | --?)
	  
	  cat <<EOF

Usage: $0 [Options]

Options:
  --username=NAME              The new Username - eg. john
  --passwd=NAME                Password for the new User - eg. secret
  --passwd-direct              Password needs only LDAP coding (for {SASL}u@D)
  --name=NAME                  The Name of the User - eg. John
  --sname=NAME                 The Surename of the new User - eg. Doe
  --maildomain=NAME            Your Maildomain (company.org)
  --shell=FILE                 The Shell for the User - eg. /bin/bash/
  --lang=NAME                  Language of the User - eg. EN
  --mail_enabled=VALUE         Is Mail enabled - eg. OK
  --inetmail=BOOL              User allowed to send Mail to the Internet - eg. TRUE
  --ox_appointment_days=NUMBER How much days should appointments displayed - eg. 5
  --ox_task_days=NUMBER        How much days should tasks displays - eg. 5
  --ox_timezone=NAM            Which Timezone for the User - eg. Europe/Berlin
  --write_global_address=BOOL  User allowed to write in the Global Addressbook - eg. TRUE
EOF
	  exit 0
	  ;;
      *)    
	  echo "Unknown command $ac_option"
	  echo "Try $0 --help"
	  exit 1
	  ;;
  esac
  
done

ERROR=

if [ "$USERNAME" = "" ]
then
        ERROR="y"
        echo "Specify an Username!"
fi

if [ "$USR_PASS" = "" ]
then
        ERROR="y"
        echo "Specify a Password!"
fi

if [ "$NAME" = "" ]
then
        ERROR="y"
        echo "Specify a Name!"
fi

if [ "$SNAME" = "" ]
then
        ERROR="y"
        echo "Specify a Surename!"
fi

if [ "$MAILDOMAIN" = "" ]
then
        ERROR="y"
        echo "Specify a Maildomain!"
fi

if [ "$OX_TZ" = "" ]
then
        ERROR="y"
        echo "Specify a Timezone for the User!"
fi

if [ "$USR_SHELL" = "" ]
then
        USR_SHELL=$DEFAULT_USR_SHELL
fi

if [ "$PREF_LANG" = "" ]
then
        PREF_LANG=$DEFAULT_PREF_LANG
fi

if [ "$MAIL_ENAB" = "" ]
then
        MAIL_ENAB=$DEFAULT_MAIL_ENAB
fi

if [ "$INET_MAIL" = "" ]
then
        INET_MAIL=$DEFAULT_INET_MAIL
fi

if [ "$OX_APP_DAYS" = "" ]
then
        OX_APP_DAYS=$DEFAULT_OX_APP_DAYS
fi

if [ "$OX_TASK_DAYS" = "" ]
then
        OX_TASK_DAYS=$DEFAULT_OX_TASK_DAYS
fi

if [ "$WRITE_GLOBAL_ADDR" = "" ]
then
        WRITE_GLOBAL_ADDR=$DEFAULT_WRITE_GLOBAL_ADDR
fi



if [ "$ERROR" = "y" ]
then 
	echo "Please provide all needed Parameters!"
	echo "Try $0 --help"
	exit 0 ;
fi

### CONVERT TO LOWER CASE IF CHOOSEN ###
CASE_IGNORE=`echo $CASE_IGNORE | tr 'A-Z' 'a-z'`
if [ "$CASE_IGNORE" = "yes" ]
then
	USERNAME=`echo $USERNAME | tr 'A-Z' 'a-z'`
fi
########################################

if $PASS_DIRECT ; then
	CRYPTPASS="$USR_PASS"
else
	CRYPTPASS=`slappasswd -h {crypt} -s $USR_PASS`
fi

#CRYPTPASS=`perl -e 'print crypt($USR_PASS, pack("C2",(int(rand 26)+65),(int(rand 26)+65)));'`

CURRENT_UID=`$LDAPSEARCH_BIN $LDAPCONN -b $USER_BASEDN "(uid=*)" uidNumber | $GREP_BIN uidNumber | $SED_BIN -e 's/^uidNumber://' | $SORT_BIN -nr | $HEAD_BIN -n 1 | $AWK_BIN {'print $1'}`

if [ "$CURRENT_UID" = "#" ]
then
    CURRENT_UID=$MIN_UID
else
    CURRENT_UID=`$EXPR_BIN $CURRENT_UID + 1`
fi


echo "dn: uid=$USERNAME,$USER_BASEDN" > $TMPDIF
echo "objectClass: top" >> $TMPDIF
echo "objectClass: shadowAccount" >> $TMPDIF
echo "objectClass: posixAccount" >> $TMPDIF
echo "objectClass: person" >> $TMPDIF
echo "objectClass: inetOrgPerson" >> $TMPDIF
echo "objectClass: OXUserObject" >> $TMPDIF
echo "OpenLDAPaci: 1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,street,postalcode,st,c,oxtimezone,homephone,mobile,pager,facsimiletelephonenumber,telephonenumber,labeleduri,jpegphoto,loginDestination,sn,givenname,;r,s,c;[all]#self#" >> $TMPDIF
echo "uid: $USERNAME" >> $TMPDIF
#echo "userPassword: {CRYPT}$CRYPTPASS" >> $TMPDIF
echo "userPassword: $CRYPTPASS" >> $TMPDIF
echo "shadowMin: $SHADOW_MIN" >> $TMPDIF
echo "shadowMax: $SHADOW_MAX" >> $TMPDIF
echo "shadowWarning: $SHADOW_WARN" >> $TMPDIF
echo "shadowExpire: $SHADOW_EXPIRE" >> $TMPDIF
echo "description: $USERNAME" >> $TMPDIF
echo "cn: $NAME $SNAME" >> $TMPDIF
echo "uidNumber: $CURRENT_UID" >> $TMPDIF
echo "gidNumber: $STD_GID" >> $TMPDIF
echo "homeDirectory: $HOME_DIR$USERNAME/" >> $TMPDIF
echo "loginShell: $USR_SHELL" >> $TMPDIF
echo "sn: $SNAME" >> $TMPDIF
echo "givenName: $NAME" >> $TMPDIF
echo "mail: $USERNAME@$MAILDOMAIN" >> $TMPDIF
echo "mailDomain: $MAILDOMAIN" >> $TMPDIF
#for ALIAS in $ALIASE; do
# echo "alias: $ALIAS" >> $TMPDIF
#done
echo "o: $ORGA" >> $TMPDIF
echo "preferredLanguage: $PREF_LANG" >> $TMPDIF
echo "userCountry: Tuxworld" >> $TMPDIF
echo "mailEnabled: $MAIL_ENAB" >> $TMPDIF
echo "lnetMailAccess: $INET_MAIL" >> $TMPDIF
echo "OXAppointmentDays: $OX_APP_DAYS" >> $TMPDIF
echo "OXGroupID: $STD_GID" >> $TMPDIF
echo "OXTaskDays: $OX_TASK_DAYS" >> $TMPDIF
echo "OXTimeZone: $OX_TZ" >> $TMPDIF

LDAP_INSERT=`$LDAPADD_BIN $LDAPCONN -f $TMPDIF 2>&1 | $GREP_BIN ldap_add | $AWK_BIN -F'(' {'print $2'} | $AWK_BIN -F')' {'print $1'}`
rm $TMPDIF

echo "dn: ou=addr,uid=$USERNAME,$USER_BASEDN" > $TMPDIF
echo "ou: addr" >> $TMPDIF
echo "objectClass: top" >> $TMPDIF
echo "objectClass: organizationalUnit" >> $TMPDIF

LDAP_INSERT_ADR=`$LDAPADD_BIN $LDAPCONN -f $TMPDIF 2>&1 | $GREP_BIN ldap_add | $AWK_BIN -F'(' {'print $2'} | $AWK_BIN -F')' {'print $1'}`
rm $TMPDIF


if [ "$WRITE_GLOBAL_ADDR" = "TRUE" ]
then

  echo "dn: $GLOBAL_ADDRESSBOOK_ADMINSDN" > $TMPDIF
  echo "changetype: modify" >> $TMPDIF
  echo "add: member" >> $TMPDIF
  echo "member: uid=$USERNAME,$USER_BASEDN" >> $TMPDIF

LDAP_INSERT_ADDRESSADMIN=`$LDAPMODIFY_BIN $LDAPCONN -f $TMPDIF 2>&1 | $GREP_BIN ldap_modify | $AWK_BIN -F'(' {'print $2'} | $AWK_BIN -F')' {'print $1'}`
rm $TMPDIF

fi

esc=`echo -en "\033"`
warn="${esc}[1;31m"
done="${esc}[1;32m"
info="${esc}[1;33m"

case "$LDAP_INSERT" in
    
    "")
	echo "${done}LDAP Success"
	SQL_INSERT=`/usr/sbin/addusersql_ox --username=$USERNAME --lang=$PREF_LANG`
	if [ "$SQL_INSERT" = "INSERT" ]
	then
	    echo "${done}SQL Success"
	    
	else
	    echo "${warn}SQL Error"
	    echo "${warn}Deleting User from LDAP"
	    LDAP_DELETE=`$LDAPDELETE_BIN $LDAPCONN "ou=addr,uid=$USERNAME,$USER_BASEDN"`
	    LDAP_DELETE=`$LDAPDELETE_BIN $LDAPCONN "uid=$USERNAME,$USER_BASEDN"`
	    exit 0
	fi
	;;
    21)
	echo "${warn}invalid per syntax"
	;;
    34)
	echo "${warn}invalid DN"
	;;
    68)
	echo "${info}entry Already exists!"
	;;
    *)
	echo "${warn}Undefined ERROR - LDAP CODE $LDAP_INSERT"
	echo "${warn}See LDAP Log for Details!"
esac

echo -en "${esc}[m\017"
echo -n ""
