#!/bin/sh

set -eu

usage() {
    cat <<EOF
Usage: $BINNAME <group> <directory>
       $BINNAME help|-h|--help
EOF
    if [ "$#" -eq 2 ]; then
        cat <<EOF

This script creates <directory> and sets ACLs on it to ensure that all 
members of <group> have and retain write access to all files within.

Arguments:
  <group>       The group to grant access. Must exist in $GROUPFILE.

  <directory>   The directory to be created. Must not exist.

  help          Prints this help text


Group identifiers are formatted as "NN-MM". NN is the group number, and MM is 
the course variant. Currently there are two variants, "15" for the 15hp course 
and "75" for the 7.5hp course.

Files and directories:
  $GROUPFILE
                The list of user-group mappings.
                The list format is "<username><tab><groupid>"

EOF
    fi
    exit "$1"
}

die() {
    echo "$2"
    echo "Bailing."
    exit "$1"
}

BINNAME="$(basename $0)"
BASEDIR="$(dirname "$(readlink -f "$0")")"

GROUPFILE="$BASEDIR/groups.list"
GROUPS="$(sed -r '/^#/d' "$GROUPFILE" \
              | awk '{print $2}' \
              | sort \
              | uniq)"
CREATE=''

if [ "$#" = 0 ]; then
    usage 1
fi

case "$1" in
    -h|--help|help)
        usage 0 long
        ;;
esac

GROUP="$1"
DIRECTORY="$2"


if [ -e "$DIRECTORY" ]; then
    die 1 "Given directory already exists."
fi

mkdir -p "$DIRECTORY"

found=''
for existing in $GROUPS; do
    if [ "$GROUP" = "$existing" ]; then
        found=true
        break
    fi
done

if [ -z "$found" ]; then
    die 2 "Given group not found in groups.list."
fi

USERS="$(sed -r '/^#/d' "$GROUPFILE" \
             | grep "${GROUP}$" \
             | awk '{print $1}' \
             | sort \
             | uniq)"

for user in $USERS; do
    if id "$user" >/dev/null; then
        setfacl -Rm d:u:"$user":rwx,u:"$user":rwx "$DIRECTORY"
    fi
done