#!/bin/bash

[ -f /etc/passwd.uid ] || exit 0
[ -f /opt/perun/bin/process-passwd.sh ] || exit 0

echo "<<<perun_users>>>"

[ -f /etc/facter/facts.d/puppet.yaml ] && grep "role" /etc/facter/facts.d/puppet.yaml | awk '{print "role " $2}'

users=""
# ziskame uzivatelov
MIN_UID=200
MAX_UID=65533
[ -s /etc/passwd.uid ] && . /etc/passwd.uid 2>/dev/null
users=$( awk -v MIN_UID=$MIN_UID -v MAX_UID=$MAX_UID -F: '{ if ($3 >= MIN_UID && $3 <= MAX_UID) print $1 ";" $1 }' </etc/passwd )


# expired users
expired_users=$(cat /etc/shadow 2>/dev/null | awk -F: '{if ($8 == 1) print $1 ";" $1}' 2>/dev/null)

# odeberu expirovane uzivatele ze seznamu
users=$(echo "$users" | grep -v -F -x -f <(echo "$expired_users"))

if [ ${#users} -eq 0 ] ; then
    echo "all msg no users found"
    exit 0
fi

declare -A done
done=( ["home"]=false ["scratch"]=false ["scratch.ssd"]=false)

for i in "${!done[@]}"; do
	if [ ! -d "/$i" ]; then
		echo "$i available false"
		done[$i]=true
	else
		echo "$i available true"
	fi
done

############################################
# asynchrone ziskame vypis adresaru home a scratch
############################################
unknownMsg=""
function async_ls {
    dir=$1
    postpone=$2
   
    if [[ $postpone > 0 ]] ; then
		postpone=$(( ( RANDOM % $postpone )  + 1 ))
    fi
    run_ls=false

    pid=$(cat /tmp/perun_users.ls_$dir.pid 2>/dev/null)
    if [ ${#pid} -gt 0 ] ; then
        ps ax | awk -v PID=$pid '{if($1==PID && $5=="/bin/bash")exit 1}' > /dev/null 2> /dev/null
        if [ $? -eq 1 ] ; then
            unknownMsg+="'ls -l /$dir/' pid ${pid} still exists"
        else
            case $dir in
                "home") ls_home=$(cat /tmp/perun_users.ls_$dir.output 2>/dev/null);;
                "scratch") ls_scratch=$(cat /tmp/perun_users.ls_$dir.output 2>/dev/null);;
                "scratch.ssd") ls_scratch_ssd=$(cat /tmp/perun_users.ls_$dir.output 2>/dev/null);;
            esac
            #rm /tmp/perun_users.ls_$dir.pid /tmp/perun_users.ls_$dir.output 2>/dev/null
            run_ls=true
        fi
    else
        unknownMsg+="'ls -l /$dir/' not checked yet"
        run_ls=true
    fi

    # RT#770776: kontrolovat adresare jen pokud je /etc/passwd starsi nez 40 minut nebo predchozi kontrola probehla pred vice nez tremi hodinami.    
    if [ ! -f /tmp/perun_users.ls_$dir.output ] || (test "`find /etc/passwd -mmin +40`" && test "`find /tmp/perun_users.ls_$dir.output -mmin +180`"); then
        if $run_ls ; then 
            ( sleep $postpone;  ls -l /$dir/ 2>/dev/null > /tmp/perun_users.ls_$dir.output ) & disown 2>/dev/null
            echo "$!" > "/tmp/perun_users.ls_$dir.pid"

            #schovame si seznam uzivatelu, aby byla data konzistentni s vypisem adresare
            echo "$users" > /tmp/perun_users.$dir.users
        fi       
    fi
}

[ ! -d /scratch ] && [ ! -d /scratch.ssd ] && allow_empty_scratch=true


for i in "${!done[@]}"; do 
	if [[ ${done[$i]} == true ]]; then
		continue
	fi
	unknownMsg=""
	async_ls $i 60
	if [[ "$unknownMsg" != "" ]]; then
		echo "$i msg $unknownMsg"
		done[$i]=true
	fi
done

############################################
#konec asynchroniho ziskavani vypisu, pokud probehlo ziskani dat v poradku, jde se zpracovavat
############################################

for i in "${!done[@]}"; do 
	if [[ ${done[$i]} == true ]]; then
		continue
	fi
	case $i in
		"home")
			home_folders=$(echo "$ls_home" | awk '{ if ( substr($1, 1, 1) == "d" ) {print $3 ";" $9} }')
			home_permissions=$(echo "$ls_home" | awk '{ if ( substr($1, 1, 1) == "d" ) {print $1 " " $NF} }')
			home_users=$(cat /tmp/perun_users.home.users 2>/dev/null)

			home_errs=`comm -23 <(echo "$home_users" | sort) <(echo "$home_folders" | sort) | tr '\n' ' '`
			home_perm_errs=`echo "$home_permissions" | awk '{if ($1 !~ "^d....-..-.$") printf $2";"$1" " }'`
			
			# zjisteni, zda jeden uzivatel nevlastni vice adresaru
			home_owner_duplicity_errs=$(echo "$home_folders" | awk '{print $1}' | grep -v -E 'root|nobody' | sort | uniq -c -d | awk '{printf "%s ", $2}')

			[ ${#home_folders} -eq 0 ] && echo "$i empty"
			[ ${#home_errs} -gt 0 ]  && echo "$i missing_directory $home_errs"
			[ ${#home_perm_errs} -gt 0 ] && echo "$i permission $home_perm_errs"
			[ ${#home_owner_duplicity_errs} -gt 0 ] && echo "$i duplicity $home_owner_duplicity_errs"
			;;

		"scratch")
			scratch_folders=$(echo "$ls_scratch" | awk '{ if ( substr($1, 1, 1) == "d" ) {print $3 ";" $9} }')
			scratch_users=$(cat /tmp/perun_users.scratch.users 2>/dev/null)
			scratch_errs=`comm -23 <(echo "$scratch_users" | sort) <(echo "$scratch_folders" | sort) | tr '\n' ' '`

			[ ${#scratch_folders} -eq 0 -a -x /usr/sbin/pbs_mom ] && echo "$i empty"
			[ ${#scratch_errs} -gt 0 ] && echo "$i missing_directory $scratch_errs"
			;;

		"scratch.ssd")
			scratch_ssd_folders=$(echo "$ls_scratch_ssd" | awk '{ if ( substr($1, 1, 1) == "d" ) {print $3 ";" $9} }')
			scratch_ssd_users=$(cat /tmp/perun_users.scratch.ssd.users 2>/dev/null)
			
			scratch_ssd_errs=`comm -23 <(echo "$scratch_ssd_users" | sort) <(echo "$scratch_ssd_folders" | sort) | tr '\n' ' '`
			
			[ ${#scratch_ssd_folders} -eq 0 -a -x /usr/sbin/pbs_mom ] && echo "$i empty"
			[ ${#scratch_ssd_errs} -gt 0 ] && echo "$i missing_directory $scratch_ssd_errs"
			;;
	esac
done

exit 0
