#!/bin/sh
# 15.01.2010 Tobias Koenig
# Version 0.1 New Script for Admin Menu created
# 27.01.2010 Tobias Koenig
# Version 0.2 Add New Features Multiple Users and Zeroshell Menu Integration !!
#
#
#
#Documentation:
#With the Script it is possible to create,change,expire & delete Users for the Capitive Portal on the Zeroshell.
#You have to put the Script on the Zeroshell (E.x /DB/user_menu.sh). You have to go to the Shell (S) in the Zeroshell Menu .
#The Rest you will see for yourself.
#Questions ? Ask me itsupport@tobiaskoenig.de
#You have to enter the follow Information to use the script:
#Administrator Passwort (The same like in the Webinterface)
#PasswordPolicy â man or auto : 
#man means you will be ask for the password for new Users or if you change the password of one User
#auto Password will be choosen randomly (only numbers) and show it after it is complete.  
# Contact : itsupport@tobiaskoenig.de
###########################################################

#Config Area

#Setting LDAP Parameter
dc0=`/usr/local/bin/ldapsearch -LLL -x -h 127.0.0.1|grep "dn: ou=People"|awk -F, '{print $2}'`
dc1=`/usr/local/bin/ldapsearch -LLL -x -h 127.0.0.1|grep "dn: ou=People"|awk -F, '{print $3}'`
dc=$dc0,$dc1

##Module Area DO NOT CHANGE ANY THERE ;-)

#######################
showInfo() {
read -p "Please enter a Username: " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 0 ] ; then
echo "******************************"
echo "Sorry Username not found"
echo "******************************"
menu
  else
  clear
  kadmin_checkexpire
  echo ""
  menu
fi
}
#######################

#######################
setExpired() {
read -p "Please enter a Username: " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 0 ] ; then
echo "******************************"
echo "Sorry Username not found"
echo "******************************"
menu
  else
  read -p "Please enter the days until the account expired: " days
  kadmin_expired 
  echo ""
  echo "********************************************"
  kadmin_checkexpire|grep "Password expiration date:"
  echo "********************************************"
  echo ""
  menu
fi
}
#######################

#######################
setPass() {
read -p "Please enter the Username: " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 0 ] ; then
echo "Sorry Username not exist"
menu
  else
    if [ $pwchoose = "man" ] ; then
    read -s -p "Please enter a new Passwort for $username : " userpw
      else
      userpw=`date +%j%N`
    fi
fi

kadmin_change

if [ $pwchoose = "auto" ] ; then
  echo "********************************************"
  echo "$username is changed to Passwort $userpw "
  echo "********************************************"
    else
    echo "********************************************"
    echo "$username is changed to Passwort you enter."
    echo "********************************************"
    echo ""
fi
menu
}
#######################
removeUser() {

read -p "Please enter Username to delete:  " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 0 ] ; then
echo "******************************"
echo "Sorry Username not exist"
echo "******************************"
menu
  else
ldapremove
kadmin_remove
  fi
menu
} 
#######################
newUser() {

id=`/usr/local/bin/ldapsearch -LLL -x -h 127.0.0.1 -b "ou=People,$dc"|grep "uidNumber:"| sed 's/uidNumber: //'|tail -1`
id=`expr $id + 1`

read -p "Please enter a new Username: " username

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $user_count = 1 ] ; then
echo "******************************"
echo "Sorry Username exist"
echo "******************************"
menu
  else
  if [ $pwchoose = "man" ] ; then
  read -s -p "Please enter a new Passwort for $username : " userpw
    else
    userpw=`date +%j%N`
  fi
  
ldapadd_add
      if [ $RETVAL = 0 ] ; then
      echo "LDAP ADD okay"
        else
	echo "Ldap add error above"
      fi

  kadmin_add
    if [ $RETVAL = 0 ] ; then
    echo "Kadmin okay"
      else
   echo "kadmin Problem above"
    fi

fi

  if [ $pwchoose = "auto" ] ; then
    echo "********************************************"
    echo "$username is created with Passwort $userpw "
    echo "********************************************"
    echo ""
    else
    echo "********************************************"
    echo "$username is created with Passwort you enter."
    echo "********************************************"
  fi
menu
}
#######################

#######################
newMultiUser() {

read -p "Please choose the number of new Users you want to create: " usercount
echo "Username will be first Part of you and the Number of User (Ex. USER[1-99])"
read -p "Please enter the first Part of Username (Ex. USER): " username1

if [ $pwchoose = "man" ] ; then
read -s -p "Please enter a new Passwort for all NewUsers : " userpw
fi

round=0

while [ $usercount != 0 ]
do

username=$username1$usercount
id=`/usr/local/bin/ldapsearch -LLL -x -h 127.0.0.1 -b "ou=People,$dc"|grep "uidNumber:"| sed 's/uidNumber: //'|tail -1`
id=`expr $id + 1`

user_count=`/usr/local/bin/ldapsearch -x -h 127.0.0.1 -b uid=$username,ou=People,$dc |grep uid:|wc -l`

if [ $pwchoose = "auto" ] ; then
userpw=`date +%j%N`
fi

if [ $user_count = 0 ] ; then

ldapadd_add
      if [ $RETVAL = 0 ] ; then
      echo "LDAP ADD okay"
        else
	echo "Ldap add error above"
      fi

kadmin_add
    if [ $RETVAL = 0 ] ; then
    echo "Kadmin okay"
      else
   echo "kadmin Problem above"
    fi

echo "********************************************">>/tmp/multi_user.log
echo "$username is created with Passwort $userpw ">>/tmp/multi_user.log
echo "********************************************">>/tmp/multi_user.log
echo "">>/tmp/multi_user.log
else
echo "$username exist already skipping...">>/tmp/multi_user.log
fi
usercount=`expr $usercount - 1`
done
cat /tmp/multi_user.log
rm -f /tmp/multi_user.log
menu
}
#######################


#######################
ldapremove() {
ldapdelete -v -D "cn=Manager,$dc" -x -w "$adminpw" uid=$username,ou=People,$dc
}
#######################

#######################
ldapadd_add() {
ldapadd -D "cn=Manager,$dc" -x -w "$adminpw" <<EOF
dn: uid=$username,ou=People,$dc
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: organizationalPerson
uid: $username
cn: ?
description: ?
displayName: $username
o: ?
mail: ?
givenName: $username
sn: $username
telephoneNumber: ?
uidNumber: $id
gidNumber: 65534
gecos: $username
homeDirectory: /home/$username
loginShell: /bin/false
EOF
RETVAL=$?
}
#######################

#######################
kadmin_add() {
kadmin.local <<EOR
add_principal -pw $userpw $username
EOR
RETVAL=$?
}
#######################

#######################
kadmin_remove() {
kadmin.local <<EOR
delete_principal -force $username
EOR
}
#######################

#######################
kadmin_change() {
/usr/local/sbin/kadmin.local <<EOF
change_password -pw $userpw $username
EOF
RETVAL=$?
}
#######################

#######################
kadmin_expired() {
/usr/local/sbin/kadmin.local <<EOF 
modprinc -pwexpire +"$days"day $username
EOF
RETVAL=$?
}
#######################

#######################
kadmin_checkexpire() {
/usr/local/sbin/kadmin.local <<EOF
getprinc $username
EOF
}
#######################

#######################
soon() {
echo "Sorry this Function comming soon..."
menu
}
#######################

#######################
choose_pw() {
read -p "Please choose man or auto for Passwordpolicy: " pwchoose
case $pwchoose in
		man)
			;;
		auto)
			;;
		*)
		 choose_pw
			;;
esac
}
#######################

#######################
integrate() {
echo "This Function should only be use one time after reboot Zeroshell !!!"
echo "Use this at your own Risk ! The Script user_menu_02.sh should be put to /DB/user_menu_02.sh!!!"
echo "For abort use own CTRL+C"
read -p "Start now ? press y " starting
if [ $starting = "y" ] ; then

new=`grep "UserMenu" /root/kerbynet.cgi/template/localman|wc -l`

if [ $new = "0" ] ; then
cat /root/kerbynet.cgi/template/localman | sed 's#<W> WiFi Manager#<W> WiFi Manager                  <U> UserMenu#'>/root/kerbynet.cgi/template/localman
cat /root/kerbynet.cgi/scripts/localman|sed 's#esac#  U)\n        clear \n        if Authenticated ; then \n        /DB/user_menu_02.sh \n        fi \n        ;; \n esac#'>/root/kerbynet.cgi/scripts/localman
echo "Integration finished after *New Connect* your should see the the UserMenu"
else
echo "Menu already Installed ?!"
fi
else
exit 2
fi
}
#######################


###Programm ###########
clear
echo "For Administration of the Zeroshell.."
read -s -p "Please enter the Admin PW: " adminpw
clear


menu() {
echo ""
echo "##############################"
echo ""
echo "Main Menu: "
echo ""
echo "1 Create new User"
echo "2 Set Password for User"
echo "3 Set Expired Date for User"
echo "4 Show Userinformations"
echo "5 Delete User"
echo "6 Create Mutliple Users [1-99]"
echo "7 Search for Logs (Proxy,Capitive)"
echo "8 Integrate in Zeroshell Menu (BETA) use at your OWN RISK"
echo ""
echo "Q Quit"
read -p "Please choose an Option: " menu

case $menu in
    1)
        newUser
        ;;
    2)
        setPass
        ;;
    3)
        setExpired
        ;;
    4)
        showInfo
        ;;
    5)
        removeUser
        ;;
    6)
        newMultiUser
        ;;
    7)
        soon
        ;;
    8)
        integrate
        ;;
    Q)
	exit
	;;
    *)
      echo "Please choose on of the Options above..."
	menu
      ;;    

esac
}
choose_pw
menu