#!/bin/bash

# Reset access rights of a netatalk archive
#
# The archive should be in subfolders named after read/write and readonly groups
# like this: /var/local/netatalk/files_administered_by_admins/admin/users/
#
# Also, the file /etc/local/volumes should contain something like the following
# (indicating the root of all netatalk folders):
#
# NDIR="/var/local/netatalk"
#

# Fallback to this uid and gid if group uid doesn't exist
GRP_UID="admin"
GRP_GID="admin"

[ -f /etc/local/volumes ] || exit 1
. /etc/local/volumes
[ "x$NDIR" = "x" ] && exit 1

if [ $# -eq 0 ]; then
	echo "Usage: $0 <base directory> <read user/group> <write user/group> [create]"
	exit 1
fi

if [ "x$1" = "x" ]; then
	echo "$0: base directory missing - exiting..."
	exit 1
fi
VOL=$NDIR/$1

if [ "x$2" = "x" ]; then
	echo "$0: read group missing - exiting..."
	exit 1
fi
ALL=$2
#if [ `getent passwd "$ALL" | awk -F: '{print $1}';` ]; then
if [ "`getent passwd "$ALL"`" != "" ]; then
	ALL_UID=$ALL
	ALL_GID=$ALL
else
	echo "$0: User id $ALL doesn't exist - exiting..."
	exit 1
fi

if [ "x$3" = "x" ]; then
	echo "$0: write group missing - exiting..."
	exit 1
fi
GRP=$3
#if [ `getent passwd "$GRP" | awk -F: '{print $1}';` = "" ]; then
if [ "`getent passwd "$GRP"`" != "" ]; then
	GRP_UID=$GRP
	GRP_GID=$GRP
else
	echo "User id $GRP doesn't exist - using $GRP_UID:$GRP_GID instead"
fi

if [ "x$4" != "x" ]; then
	if [ "x$4" == "xcreate" ]; then
		mkdir -p $VOL/$ALL/$GRP || exit
	else
		echo "Usage: $0 <base directory> <read user/group> <write user/group> [create]"
		exit 1
	fi
fi

test -d $VOL/$ALL/$GRP || exit
test -d $VOL/$ALL/$GRP/.AppleDouble || mkdir $VOL/$ALL/$GRP/.AppleDouble
test -d $VOL/$ALL/$GRP/.AppleDesktop || mkdir $VOL/$ALL/$GRP/.AppleDesktop
chown root:$ALL_GID $VOL/$ALL
chown $GRP_UID:$ALL_GID $VOL/$ALL/$GRP
chmod u=rwX,g=rXs,o= $VOL/$ALL
chmod u=rwX,g=rXs,o= $VOL/$ALL/$GRP
echo "People in group $GRP has read/write access through AppleShare"
test $GRP = $ALL || echo "People in group $ALL has read access through AppleShare"
echo "Others have no access"
echo -n "Checking permissions..."
chown -R .$GRP_GID $VOL/$ALL/$GRP \
    && chmod -R u=rwX,g=rwXs,o=rX $VOL/$ALL/$GRP \
    && chmod u=rwX,g=rXs,o=rX $VOL/$ALL/$GRP
echo "."