#!/usr/bin/php
<?php
(file_exists("/usr/share/mcms/user_management_functions.php")) or die("Unable to open /usr/share/mcms/user_management_functions.php");
(include("/usr/share/mcms/user_management_functions.php")) or die("Unable to open /usr/share/mcms/user_management_functions.php");

function usage() {
  global $argv;
  echo "Usage: $argv[0] [options] LOGIN\n";
  echo "  -u <UID>, --uid UID                   user ID of new account\n";
  echo "                                        (default: auto)\n";
  echo "  -g <GID>, --gid GID                   group ID of the new account\n";
  echo "                                        (default: auto)\n";
  echo "  -G <GROUPS>, --groups GROUPS          comma separated list of additional\n";
  echo "                                        group names\n";
  echo "  -d <DIR>, --dir DIR                   home directory (default: /home/LOGIN)\n";
  echo "  -s <SHELL>, --shell SHELL             users shell (default: /bin/bash)\n";
  echo "  -c <COMMENT>, --comment COMMENT       GECOS field of the account, typically\n";
  echo "                                        full name. Defaults to LOGIN if\n";
  echo "                                        not provided\n";
  echo "  -p <PASSWORD>, --password=<PASSWORD>  set the password, supplied in\n";
  echo "                                        parameter.\n";
  echo "  -R, --randpass                        generate random password, displayed\n";
  echo "                                        in summary\n";
  echo "  -C, --forcechange                     require the user to change the pass\n";
  echo "                                        1st login\n";
  echo "  -q, --quiet                           do not print summary of user addition\n";
  echo "  -v, --verbose                         print additional details in summary\n";
  echo "  -h, --help                            print this help message\n";
  echo "If neither -p/--password nor -R/--randpass are specified, you will be\n";
  echo "for the password to set for the user.\n";
  exit(254);
}

function parseargs($argc, $argv){
  global $gecos, $uid, $gid, $groups, $homedir, $shell, $password, $forcepwchange, $quiet, $comment, $login, $passmsg, $randpass, $verbose;
  if($argc<2 || in_array($argv[1],array('--help','-h','-help','-?'))) usage();

  $shortopts="u:g:G:d:s:c:p:RCqv";
  $longopts=array("uid:", "gid:", "groups:", "dir:", "shell:", "comment:", "password:", "randpass", "forcechange", "quiet", "verbose");
  $opt_index=null;
  $options=getopt($shortopts, $longopts, $opt_index);
  if ($opt_index+1 < $argc) {
    echo "Too many parameters specified\n";
    usage();
  }
  if(isset($argv[$opt_index])) {
    $login=$argv[$opt_index];
  } else {
    echo "LOGIN not provided\n";
    usage();
  }
  if ( $login[0] == "-" ) {
    echo "Invalid login name, starts with \"-\"\n";
    usage();
  }

  $passchange=false;
  $password=null;
  $passmsg="provided password";
  $randpass=false;

  if (isset($options['u']) || isset($options['uid']) ) {
    if (isset($options['u'])) {
      $uid=(int)$options['u'];
    } else {
      $uid=(int)$options['uid'];
    }
  } else {
    $uid="auto";
  }

  if (isset($options['g']) || isset($options['gid'])) {
    if (isset($options['g'])) {
      $gid=(int)$options['g'];
    } else {
      $gid=(int)$options['gid'];
    }
    $gidtest=popen("getent group $gid | awk 'BEGIN{FS=\":\"}{print $3}'","r");
    $gidresult=(int)trim(fgets($gidtest));
    if($gid!=$gidresult) {
      echo "Specified gid $gid does not exist\n";
      exit(3);
    }
  } else {
    $gid="auto";
  }

  if (isset($options['G']) || isset($options['groups'])) {
    if (isset($options['G'])) {
      $groups=$options['G'];
    } else {
      $groups=$options['groups'];
    }
  } else {
    $groups="";
  }

  if (isset($options['c']) || isset($options['comment']) ) {
    if (isset($options['c'])) {
      $comment=$options['c'];
    } else {
      $comment=$options['comment'];
    }
  } else {
    $comment=$login;
  }

  if (isset($options['d']) || isset($options['dir']) ) {
    if (isset($options['d'])) {
      $homedir=$options['d'];
    } else {
      $homedir=$options['dir'];
    }
  } else {
    $homedir="/home/$login";
  }

  if (isset($options['s']) || isset($options['shell']) ) {
    if (isset($options['s'])) {
      $shell=$options['s'];
    } else {
      $shell=$options['shell'];
    }
  } else {
    $shell="/bin/bash";
  }

  if ((isset($options['p']) || isset($options['password'])) && (isset($options['R']) || isset($options['randpass'])) ) {
    echo "Cannot specify both password and randpass parameters.\n";
    usage();
  }

  if (isset($options['p']) || isset($options['password']) ) {
    if (isset($options['p'])) {
      $password=$options['p'];
    } else {
      $password=$options['password'];
    }
  }

  if (isset($options['R']) || isset($options['randpass']) ) {
    $randpass=true;
  } else {
    $randpass=false;
  }

  if (isset($options['C']) || isset($options['forcechange'])) {
    $forcepwchange=true;
  } else {
    $forcepwchange=false;
  }

  if (isset($options['q']) || isset($options['quiet']) ) {
    $quiet=true;
  } else {
    $quiet=false;
  }

  if (isset($options['v']) || isset($options['verbose'])) {
    $quiet=false;
    $verbose=true;
  } else {
    $verbose=false;
  }
}  //end parseargs

//execution starts here
init();
parseargs($argc,$argv);

$logincheck=popen("getent passwd $login","r");
$loginfound=trim(fgets($logincheck,4096));
if($loginfound!="") {
  echo "User $login already exists\n";
  exit(5);
}

if ($randpass) {
  $password=randomPassword();
  $passmsg="randomly generated password $password";
}

if ($password==null) {
  $pass1=getPass("Please enter the password for $login: ");
  $pass2=getPass("Verify: ");
  while ($pass1!=$pass2) {
    echo "Passwords do not match.  Try again.\n";
    $pass1=getPass("Please enter the password for $login: ");
    $pass2=getPass("Verify: ");
  }
  $password=$pass1;
}

ldap_add_user($login,$password,$uid,$gid,$homedir,$gecos,$shell,$forcepwchange);
flush_nscd();
$gidp=popen("getent passwd $login | awk 'BEGIN{FS=\":\"}{print $4}'", "r");
if ( $gidp == FALSE ) {
  echo "Failed to add user $login\n";
  exit(3);
} else {
  $gidused=trim(fgets($gidp,4096));
  pclose($gidp);
}
$uidp=popen("getent passwd $login | awk 'BEGIN{FS=\":\"}{print $3}'", "r");
$uidused=trim(fgets($uidp,4096));
if($homedir!="") {
  system("cp -a /etc/skel $homedir");
  system("chown -R $login:$gidused $homedir");
} else {
  echo "Homedir blank! Cannot create!\n";
}
if ($groups!="") {
  ldap_user_set_groups($login, $groups);
  flush_nscd();
}

if(!$quiet) {
  echo "Created user $login with $passmsg\n";
  if($verbose) echo "uid: $uidused\tgid: $gidused\tshell: $shell\ncomment: $comment\thomedir: $homedir\n";
}
?>
