source: LATMOS-Accounts/bin/la-guser @ 669

#!/bin/env perl

use strict;
use warnings;
use LATMOS::Accounts;
use Getopt::Long;
use Pod::Usage;
use LATMOS::Accounts::Utils;
use LATMOS::Accounts::Log;

=head1 NAME

    la-guser -- add users into groups

=head1 SYNOPSIS

    la-guser [options] [-s|-r] user group1 [group2 [...]]

=cut

GetOptions(
    'c|config=s' => \my $config,
    'b|base=s'   => \my $base,
    's'          => \my $set,
    'r'          => \my $remove,
    'noexp'      => \my $noexp,
    'exp'        => \my $exp,
    'help'       => sub { pod2usage(0) },
) or pod2usage();

$set && $remove and do {                                              
    warn "-s and -r cannot be used together\n";                       
    pod2usage();                                                      
    exit 1;                                                           
};  

my $otype = 'user';

=head1 OPTIONS

=over 4

=item -c|--config configfile

Use this configuration file instead of the default one.

=item -b|--base basename

Query this specific base instead of the default one.

=item --noexp

Take into account all objects (even non propagated ones, with attribute 'exported'=0)

=item --exp

Take into account only propagated objects (attribute 'exported'=1) (default)

=item -r

Remove "user" from group(s) instead of adding (cannot be used with -s)

=item -s

Set member list to "user" in group(s) instead of adding (cannot be used with -r)

=back

=cut

if (@ARGV < 2) {warn "You must specify 'user' and 'group1', aborting\n"; pod2usage(); }

my $LA = LATMOS::Accounts->new($config, noacl => 1);
my $labase = $base ? $LA->base($base) : $LA->default_base;
$labase && $labase->load or die "Cannot load base";

$labase->wexported($noexp ? 0 : 1);

$labase->is_supported_object($otype) or die "$otype object unsupported\n";
my ($objname, @groups) = @ARGV;

if (my $obj = $labase->get_object($otype, $objname)) {
    # getting current value
    {
        my @missing = grep {
            !$labase->get_object('group', $_)
        } @groups;
        if (@missing) {
            la_log(LA_ERR, "cannot find user(s) %s", join(', ', sort @missing));
            exit 1;
        }
    }
    my @current_groups = $obj->get_attributes('memberOf');
    my %uniq_groups;
    if ($set) {
        foreach (@groups) {
            $uniq_groups{$_} = 1;
        }
    } else {
        foreach (@current_groups) {
            $uniq_groups{$_} = 1;
        }
        if ($remove) {
            foreach (@groups) {
                delete $uniq_groups{$_};
            }
        } else {
            foreach (@groups) {
                $uniq_groups{$_} = 1;
            }
        }
    }
    my @new_groups = keys %uniq_groups;
    la_log(LA_INFO, "memberOf was:     %s", join(', ', sort @current_groups));
    if ($obj->set_c_fields(memberOf => [ @new_groups ])) {
        la_log(LA_INFO, "memberOf are now: %s", join(', ', sort @new_groups));
        $labase->commit;
        exit 0;
    } else {
        la_log(LA_INFO, "No change done");
        exit 1;
    }
} else {
    la_log(LA_ERR, "Cannot find group %s", $objname);
    exit 1;
}