#!/bin/bash
############################################################
# Decription: manage user in directory
#             
# Author: Gilles Mouchet (gilles.mouchet@gmail.com)
# Creation Date: 27-Dec-2024
# Version: 1.0
# Install: 
#   see README.md
# Usage: ./manage_user.sh --help
# Changelog:
#    V1.0 - 28-Dec-2024 - GMo
#      Added
#      - Creation of script from scratch
#
############################################################ 

# debug
#set -x

#------------------------------------------------------------------------------
# printUsge
function printUsage {
    /bin/cat << EOF

Usage: $progName [options]

Options:
  -a <ou_cn>,--add=<ou_cn>      Add OU in the directory
                                To add an OU in a OU see example 
  -d <ou_cn>,--del=<ou_cn>      Deleted OU from directory
  -l, --list                    List OU                 
  -h,--help                     Show this help
  -v,--version                  Show version

Examples:
  Add OU applications
    $progName -a "applications"
    $progName --add="applications"

  Add OU myapp in OU applications (OU application must exist)
    $progName -a "myapp applications"

  Delete OU myapp from ou applications (subordinate objects must be deleted first)
    $progName -d "myapp"

 Delete OU applications   
    $progName --del="applications" (subordinate objects must be deleted first)

EOF
}
#------------------------------------------------------------------------------
# list OU
function listOU {
  #echo "ldapsearch -x -LLL -H $LDAP_SRV -b \"$LDAP_BASE\" -D \"$LDAP_MANAGER_USER\" -w $LDAP_MANAGER_PASS \
  #-s sub \"(|(objectClass=organizationalUnit)(objectClass=Group))\" "
  ldapsearch -x -LLL -H $LDAP_SRV -b "$LDAP_BASE" -D "$LDAP_MANAGER_USER" -w $LDAP_MANAGER_PASS \
    -s sub "(objectClass=organizationalUnit)" 
}
#------------------------------------------------------------------------------
# add OU
function addOU {
  # set array
  ou_array=($ou_to_add)
  # set array lenth
  len=${#ou_array[@]}
  #loop to create OU with under OU (if exist in param)
  for (( i=1; i<$len; i++ )); do 
      ou_add="${ou_add},ou=${ou_array[$i]}"
   done
   # set var for ou: entry
   ou_ou=${ou_array[0]}
   # add OU in directory
   ldapadd -x -H $LDAP_SRV -D "$LDAP_MANAGER_USER" -w $LDAP_MANAGER_PASS << EOF
dn: ou=${ou_array[0]}${ou_add},$LDAP_BASE
objectClass: top
objectClass: organizationalUnit
ou: ${ou_array[0]}
EOF
}
#------------------------------------------------------------------------------
# delOU
function delOU {
    # search all OU matching the OO to delete
    full_ou=$(ldapsearch -x -LLL -H $LDAP_SRV -b "$LDAP_BASE" -D "$LDAP_MANAGER_USER" -w $LDAP_MANAGER_PASS \
        "(ou=${ou_to_del})" dn | cut -d" " -f2)
    #create an array 
    full_ou_array=($full_ou)
    # set len of arrray
    len=${#full_ou_array[@]}
    # check if result exist
    if [ $len == "0" ]; then
          echo "'ou=$ou_to_del.$LDAP_BASE' doesn't exist !"
        exit 1
    fi
    # check that array have more one entry. If yes ask which OU delete 
    if [ $len != "1" ]; then
          #loop to create OU with under OU (if exist in param)
          choice=0
          for (( item=0; item<$len; item++ )); do 
              choice=$((choice+1))
              echo "$choice - ${full_ou_array[$item]}"
          done
          # request a choice
          read -p "Which OU would you delete (1..$len) " -n 1 -r
          echo -e "\n" 
          # check that the choice is between 1 to $len
          if [[ $REPLY =~ ^[0-9]+$ ]] && [ $REPLY -ge 1 ] && [ $REPLY -le $len ]; then
              choice=$((REPLY-1))
              full_ou=${full_ou_array[$choice]}
          else
              echo "The choice '$REPLY' is not between 1 and $len."
              exit
          fi
    # the array have one entry only
    else
        full_ou=${full_ou_array[0]}
    fi
    # request confirmation
    echo -e "\nYou will DELETE '$full_ou' from the directory"
    read -p "Are you sure? " -n 1 -r
    echo -e "\n"
    if [[ $REPLY =~ ^[Yy]$ ]]; then
        # delete OU
        ldapdelete -x -H $LDAP_SRV -D "$LDAP_MANAGER_USER" -w $LDAP_MANAGER_PASS \
        "$full_ou"
        if [ "$?" == "0" ]; then
            echo -e "\n'$full_ou' successfully deleted from directory\n"
        fi
    fi    
}
#------------------------------------------------------------------------------
# main
# version
version="v1.0.0"
# script name
progName="./$(/bin/basename $0)"
# read all functios
source functions.sh
# read config
readConfig
# check that a parameter exists
if [ -z "$1" ]; then
    printUsage
    exit 1
fi
# check that a parameter exists
if [ -z "$1" ]; then
    printUsage
    exit 1
fi 

while test $# -gt 0
do
  case "$1" in
    -a|--add*)
      # --add parameter    
      if [[ $1 =~ add= ]]; then
          ou_to_add="$(echo $1 | cut -f2 -d=)"
          if [ -z "${ou_to_add}" ]; then
              printUsage
              exit 1
          fi
          addOU
          shift
      # -a parameter
      else
          # check if argument from -a exist
          if [ -z "$2" ]; then
              printUsage
              exit 1
          fi 
          ou_to_add="$2"
          addOU
          shift 2
      fi
    ;;
    -d|--del*)
      # --del parameter    
      if [[ $1 =~ del= ]]; then
          ou_to_del="$(echo $1 | cut -f2 -d=)"
          if [ -z "${ou_to_del}" ]; then
              printUsage
              exit 1
          fi
          delOU
          shift
      # -d parameter
      else
          # check if argument from -d exist
          if [ -z "$2" ]; then
              printUsage
              exit 1
           fi 
          ou_to_del="$2"
          delOU
          shift 2
      fi
    ;;
    -l|--list)
      listOU
      shift
    ;;
    -h|--help|help)
      printUsage
      exit 0
    ;;
    -v|--version)
      echo "2022-$(date +Y) $progName $version"
      exit
    ;; 
    *)
      echo "${progName}: invalid option -- '$1'!"
      echo -e "Try '$progName --help' for more information.\n"
      exit 1
    ;;
  esac
done