#! /bin/bash
# -*- coding: utf-8 -*-
# Set default protection of user root dir in order to run ssh
#
# author: Antonio M. Vigliotti - antoniomaria.vigliotti@gmail.com
# (C) 2015-2018 by SHS-AV s.r.l. - http://www.shs-av.com - info@shs-av.com
READLINK=$(which greadlink 2>/dev/null) || READLINK=$(which readlink 2>/dev/null)
export READLINK
# Based on template 2.0.0
THIS=$(basename "$0")
TDIR=$(readlink -f $(dirname $0))
[ $BASH_VERSINFO -lt 4 ] && echo "This script $0 requires bash 4.0+!" && exit 4
if [[ -z $HOME_DEVEL || ! -d $HOME_DEVEL ]]; then
  [[ -d $HOME/odoo/devel ]] && HOME_DEVEL="$HOME/odoo/devel" || HOME_DEVEL="$HOME/devel"
fi
[[ -x $TDIR/../bin/python3 ]] && PYTHON=$(readlink -f $TDIR/../bin/python3) || [[ -x $TDIR/python3 ]] && PYTHON="$TDIR/python3" || PYTHON=$(which python3 2>/dev/null) || PYTHON="python"
[[ -z $PYPATH ]] && PYPATH=$(echo -e "import os,sys\no=os.path\na=o.abspath\nj=o.join\nd=o.dirname\nb=o.basename\nf=o.isfile\np=o.isdir\nC=a('"$TDIR"')\nD='"$HOME_DEVEL"'\nif not p(D) and '/devel/' in C:\n D=C\n while b(D)!='devel':  D=d(D)\nN='venv_tools'\nU='setup.py'\nO='tools'\nH=o.expanduser('~')\nT=j(d(D),O)\nR=j(d(D),'pypi') if b(D)==N else j(D,'pypi')\nW=D if b(D)==N else j(D,'venv')\nS='site-packages'\nX='scripts'\ndef pt(P):\n P=a(P)\n if b(P) in (X,'tests','travis','_travis'):\n  P=d(P)\n if b(P)==b(d(P)) and f(j(P,'..',U)):\n  P=d(d(P))\n elif b(d(C))==O and f(j(P,U)):\n  P=d(P)\n return P\ndef ik(P):\n return P.startswith((H,D,K,W)) and p(P) and p(j(P,X)) and f(j(P,'__init__.py')) and f(j(P,'__main__.py'))\ndef ak(L,P):\n if P not in L:\n  L.append(P)\nL=[C]\nK=pt(C)\nfor B in ('z0lib','zerobug','odoo_score','clodoo','travis_emulator'):\n for P in [C]+sys.path+os.environ['PATH'].split(':')+[W,R,T]:\n  P=pt(P)\n  if B==b(P) and ik(P):\n   ak(L,P)\n   break\n  elif ik(j(P,B,B)):\n   ak(L,j(P,B,B))\n   break\n  elif ik(j(P,B)):\n   ak(L,j(P,B))\n   break\n  elif ik(j(P,S,B)):\n   ak(L,j(P,S,B))\n   break\nak(L,os.getcwd())\nprint(' '.join(L))\n"|$PYTHON)
[[ $TRAVIS_DEBUG_MODE -ge 8 ]] && echo "PYPATH=$PYPATH"
for d in $PYPATH /etc; do
  if [[ -e $d/z0librc ]]; then
    . $d/z0librc
    Z0LIBDIR=$(readlink -e $d)
    break
  fi
done
[[ -z "$Z0LIBDIR" ]] && echo "Library file z0librc not found in <$PYPATH>!" && exit 72
[[ $TRAVIS_DEBUG_MODE -ge 8 ]] && echo "Z0LIBDIR=$Z0LIBDIR"

CFG_init "ALL"
link_cfg_def
link_cfg $DIST_CONF $TCONF
[[ $TRAVIS_DEBUG_MODE -ge 8 ]] && echo "DIST_CONF=$DIST_CONF" && echo "TCONF=$TCONF"
get_pypi_param ALL
RED="\e[1;31m"
GREEN="\e[1;32m"
CLR="\e[0m"

__version__=2.0.10

OPTOPTS=(h        G         n            V           v)
OPTDEST=(opt_help opt_group opt_dry_run  opt_version opt_verbose)
OPTACTI=("+"      "="       "1>"         "*>"        1)
OPTDEFL=(1        ""        0            ""          0)
OPTMETA=("help"   "group"   "do nothing" "version"   "verbose")
OPTHELP=("this help"\
  "set group ownership"
  "do nothing (dry-run)"
  "show version"
  "verbose mode")
OPTARGS=(tgtpath)
parseoptargs "$@"

if [[ "$opt_version" ]]; then
  echo "$__version__"
  exit 0
fi
if [[ $opt_help -gt 0 ]]; then
  print_help "Set default protection of user root dir in order to run ssh" \
    "(C) 2015-2018 by zeroincombenze®\nhttp://wiki.zeroincombenze.org/en/Linux/dev\nAuthor: antoniomaria.vigliotti@gmail.com"
  exit 0
fi
if [ $opt_verbose -gt 1 ]; then set -x; fi
if [ -z "$tgtpath" ]; then
  echo "Missed path"
  exit 1
fi
rootpath=$($READLINK -e $tgtpath)
if [ ! -d "$rootpath" ]; then
  echo "Path does not exist"
  exit 1
fi
if grep -q :$rootpath: /etc/passwd; then
  :
else
  echo "Path is not home directory of any user"
  exit 1
fi
tgtpath=$($READLINK -e $rootpath/.ssh)
if [ ! -d "$tgtpath" ]; then
  echo "$rootpath/.ssh does not exist"
  exit 1
fi
user=$(grep :$rootpath: /etc/passwd | head -n1 | awk -F: '{print $1}')
rgid=$(grep ^$user: /etc/passwd | awk -F: '{print $4}')
rgroup=$(grep :$rgid: /etc/group | head -n1 | awk -F: '{print $1}')
if [ -z $opt_group ]; then
  group=$rgroup
else
  group=$opt_group
fi
if [ $opt_dry_run -gt 0 ]; then
  opts_dry_run=--dry-run
else
  opts_dry_run=
fi
echo "Ownership = $user:$group ($rgroup)"
if [ "${tgtpath:0:5}" == "/opt/" ]; then
  echo "chown $opts_dry_run root:root /opt/"
  (($opt_dry_run)) || chown root:root /opt/
  echo "chmod $opts_dry_run u=rwx,g=rx,o=rx /opt/"
  (($opt_dry_run)) || chmod u=rwx,g=rx,o=rx /opt/
fi
echo "chown $opts_dry_run $user:$group $rootpath"
(($opt_dry_run)) || chown $user:$group $rootpath
# echo "chmod $opts_dry_run u=rwx,g=rwx,o-rwx $rootpath"
# (($opt_dry_run))||chmod u=rwx,g=rwx,o-rwx $rootpath
echo "chown $opts_dry_run $user:$rgroup $tgtpath"
(($opt_dry_run)) || chown $user:$rgroup $tgtpath
echo "chmod $opts_dry_run u=rwx,g-rwx,o-rwx $tgtpath"
(($opt_dry_run)) || chmod u=rwx,g-rwx,o-rwx $tgtpath
echo "chmod $opts_dry_run u=rwx,g-rwx,o-rwx $tgtpath/.."
(($opt_dry_run)) || chmod u=rwx,g-rwx,o-rwx $tgtpath/..
echo "chown $opts_dry_run $user:$rgroup $tgtpath/*"
(($opt_dry_run)) || chown $user:$rgroup $tgtpath/*
echo "chmod $opts_dry_run u=r,g-rwx,o-rwx $tgtpath/*"
(($opt_dry_run)) || chmod u=r,g-rwx,o-rwx $tgtpath/*
echo "chmod $opts_dry_run u=r,g=r,o=r $tgtpath/*.pub"
(($opt_dry_run)) || chmod u=r,g=r,o=r $tgtpath/*.pub
if [ -f $tgtpath/authorized_keys ]; then
  echo "chmod $opts_dry_run u=rw,g=r,o=r $tgtpath/authorized_keys"
  (($opt_dry_run)) || chmod u=rw,g=r,o=r $tgtpath/authorized_keys
fi
if [ -f $tgtpath/known_hosts ]; then
  echo "chmod $opts_dry_run u=rw,g=r,o=r $tgtpath/known_hosts"
  (($opt_dry_run)) || chmod u=rw,g=r,o=r $tgtpath/known_hosts
fi
dir -alhd $rootpath/ $tgtpath/. $tgtpath/..
dir -alh $tgtpath/
exit 0
