#!/bin/sh
#
# /usr/local/bin/localfixaccessrights
# Copyright 2008 Jonas Smedegaard <dr@jones.dk>
#
# $Id: localfixaccessrights,v 1.1 2008-03-20 16:36:53 jonas Exp $
#
# Adjust access rights to follow directory-based policy
#
# TODO: Implement options:
#   --help
#   --run-once
#   --init
#   --verbose
#   --debug
#
# TODO: Support overriding defaults in rc-file
#
# FIXME: Implement more of the local policy...
#

set -e

PRG=$(basename "$0")

showhelp() {
	cat <<EOF
Usage:   $PRG DIR [ DIR ... ]

Examples:
    $PRG ~/private* ~/public*
EOF
}

exit1()	{
	echo >&2 "Error: $1"
	echo >&2 "Exiting..."
	exit 1
}

# Sanity checks
for dir in "$@"; do
	[ -d "$dir" ] || exit1 "Directory \"$dir\" is not a directory"
done

getbasename() {
	basename "$1"
}

getbits() {
	ls -l "$1" | awk '{print $1}'
}

setprivate() {
	case "$(getbits "$1")" in
	    drwx------)
		:
		;;
	    d*)
		chmod -f u=rwx,go= "$path" || true
		;;
	    -rw-------)
		:
		;;
	    -*)
		chmod -f u=rw,go= "$path" || true
		;;
	esac
}
setpublic() {
	case "$(getbits "$1")" in
	    drwxr?xr-x)
		:
		;;
	    d*)
		chmod -f u=rwx,g+rx,o=rx "$path" || true
		;;
	    -rw-r?-r--)
		:
		;;
	    -*)
		chmod -f u=rw,g+r,g-x,o=r "$path" || true
		;;
	esac
}

fileschanged -r -s created,changed "$@" | while read path; do

	case "$path" in
	    "$HOME"/public_images/*)
		case "$(getbasename "$path")" in
		    .*)
			setprivate "$path"
			continue
			;;
		esac

		setpublic "$path"
		continue
		;;
	esac
done

exit 0