#!/usr/bin/env python
# -*- mode: python -*-

#   Copyright (c) 2000       Jason Gunthorpe <jgg@debian.org>
#   Copyright (c) 2001-2003  James Troup <troup@debian.org>
#   Copyright (c) 2004       Joey Schulze <joey@debian.org>
#   Copyright (c) 2008       Peter Palfrader <peter@palfrader.org>
#
#   This program is free software; you can redistribute it and/or modify
#   it under the terms of the GNU General Public License as published by
#   the Free Software Foundation; either version 2 of the License, or
#   (at your option) any later version.
#
#   This program is distributed in the hope that it will be useful,
#   but WITHOUT ANY WARRANTY; without even the implied warranty of
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#   GNU General Public License for more details.
#
#   You should have received a copy of the GNU General Public License
#   along with this program; if not, write to the Free Software
#   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

from __future__ import print_function

import re, time, ldap, getopt, sys, os, pwd
from userdir_ldap import *
from userdir_gpg import *

# This tries to search for a free UID. There are two possible ways to do
# this, one is to fetch all the entires and pick the highest, the other
# is to randomly guess uids until one is free. This uses the former.
# Regrettably ldap doesn't have an integer attribute comparision function
# so we can only cut the search down slightly

# [JT] This is broken with Woody LDAP and the Schema; for now just
#      search through all GIDs.
def GetFreeID(l):
   Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,
                      "gidNumber=*",["gidNumber"])
   HighestUID = 0
   for I in Attrs:
      ID = int(GetAttr(I,"gidNumber","0"))
      if ID > HighestUID and ID < 60000:
         HighestUID = ID
   return HighestUID + 1

# Main starts here
AdminUser = pwd.getpwuid(os.getuid())[0]

# Process options
ForceMail = 0
OldGPGKeyRings = GPGKeyRings
userdir_gpg.GPGKeyRings = []
(options, arguments) = getopt.getopt(sys.argv[1:], "u:")
for (switch, val) in options:
   if (switch == '-u'):
      AdminUser = val

l = passwdAccessLDAP(BaseDn, AdminUser)

while 1:
   Group = raw_input("Group name? ")
   if Group == "":
      sys.exit(1)

   Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"gid=" + Group)
   if len(Attrs) == 0:
      break
   print("Group already exists")

Id = GetFreeID(l)
print("Create group %s ID = %d"%(Group,Id))

# Submit the add request
Dn = "gid=" + Group + "," + BaseDn
print("Updating LDAP directory..", end="")
sys.stdout.flush()
l.add_s(Dn,[("gid",Group),
            ("gidNumber",str(Id)),
            ("objectClass", GroupObjectClasses)])
print()
