helpers/user

#!/bin/bash

# Check if a YunoHost user exists
#
# usage: ynh_user_exists --username=username
# | arg: -u, --username=    - the username to check
# | ret: 0 if the user exists, 1 otherwise.
#
# example: ynh_user_exists 'toto' || echo "User does not exist"
#
# Requires YunoHost version 2.2.4 or higher.
ynh_user_exists() {
    # Declare an array to define the options of this helper.
    local legacy_args=u
    local -A args_array=([u]=username=)
    local username
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"

    yunohost user list --output-as json --quiet | jq -e ".users.\"${username}\"" >/dev/null
}

# Retrieve a YunoHost user information
#
# usage: ynh_user_get_info --username=username --key=key
# | arg: -u, --username=    - the username to retrieve info from
# | arg: -k, --key=         - the key to retrieve
# | ret: the value associate to that key
#
# example: mail=$(ynh_user_get_info --username="toto" --key=mail)
#
# Requires YunoHost version 2.2.4 or higher.
ynh_user_get_info() {
    # Declare an array to define the options of this helper.
    local legacy_args=uk
    local -A args_array=([u]=username= [k]=key=)
    local username
    local key
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"

    yunohost user info "$username" --output-as json --quiet | jq -r ".$key"
}

# Get the list of YunoHost users
#
# usage: ynh_user_list
# | ret: one username per line as strings
#
# example: for u in $(ynh_user_list); do ... ; done
#
# Requires YunoHost version 2.4.0 or higher.
ynh_user_list() {
    yunohost user list --output-as json --quiet | jq -r ".users | keys[]"
}

# Check if a user exists on the system
#
# usage: ynh_system_user_exists --username=username
# | arg: -u, --username=    - the username to check
# | ret: 0 if the user exists, 1 otherwise.
#
# Requires YunoHost version 2.2.4 or higher.
ynh_system_user_exists() {
    # Declare an array to define the options of this helper.
    local legacy_args=u
    local -A args_array=([u]=username=)
    local username
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"

    getent passwd "$username" &>/dev/null
}

# Check if a group exists on the system
#
# usage: ynh_system_group_exists --group=group
# | arg: -g, --group=   - the group to check
# | ret: 0 if the group exists, 1 otherwise.
#
# Requires YunoHost version 3.5.0.2 or higher.
ynh_system_group_exists() {
    # Declare an array to define the options of this helper.
    local legacy_args=g
    local -A args_array=([g]=group=)
    local group
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"

    getent group "$group" &>/dev/null
}

# Create a system user
#
# usage: ynh_system_user_create --username=user_name [--home_dir=home_dir] [--use_shell] [--groups="group1 group2"]
# | arg: -u, --username=    - Name of the system user that will be create
# | arg: -h, --home_dir=    - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home
# | arg: -s, --use_shell    - Create a user using the default login shell if present. If this argument is omitted, the user will be created with /usr/sbin/nologin shell
# | arg: -g, --groups       - Add the user to system groups. Typically meant to add the user to the ssh.app / sftp.app group (e.g. for borgserver, my_webapp)
#
# Create a nextcloud user with no home directory and /usr/sbin/nologin login shell (hence no login capability) :
# ```
# ynh_system_user_create --username=nextcloud
# ```
# Create a discourse user using /var/www/discourse as home directory and the default login shell :
# ```
# ynh_system_user_create --username=discourse --home_dir=/var/www/discourse --use_shell
# ```
#
# Requires YunoHost version 2.6.4 or higher.
ynh_system_user_create() {
    # Declare an array to define the options of this helper.
    local legacy_args=uhs
    local -A args_array=([u]=username= [h]=home_dir= [s]=use_shell [g]=groups=)
    local username
    local home_dir
    local use_shell
    local groups

    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
    use_shell="${use_shell:-0}"
    home_dir="${home_dir:-}"
    groups="${groups:-}"

    if ! ynh_system_user_exists "$username"; then # Check if the user exists on the system
        # If the user doesn't exist
        if [ -n "$home_dir" ]; then # If a home dir is mentioned
            local user_home_dir="--home-dir $home_dir"
        else
            local user_home_dir="--no-create-home"
        fi
        if [ $use_shell -eq 1 ]; then # If we want a shell for the user
            local shell=""            # Use default shell
        else
            local shell="--shell /usr/sbin/nologin"
        fi
        useradd $user_home_dir --system --user-group $username $shell || ynh_die --message="Unable to create $username system account"
    fi

    local group
    for group in $groups; do
        usermod -a -G "$group" "$username"
    done
}

# Delete a system user
#
# usage: ynh_system_user_delete --username=user_name
# | arg: -u, --username=    - Name of the system user that will be create
#
# Requires YunoHost version 2.6.4 or higher.
ynh_system_user_delete() {
    # Declare an array to define the options of this helper.
    local legacy_args=u
    local -A args_array=([u]=username=)
    local username
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"

    # Check if the user exists on the system
    if ynh_system_user_exists "$username"; then
        deluser $username
    else
        ynh_print_warn --message="The user $username was not found"
    fi

    # Check if the group exists on the system
    if ynh_system_group_exists "$username"; then
        delgroup $username
    fi
}

# Execute a command as another user
#
# usage: ynh_exec_as $USER COMMAND [ARG ...]
#
# Requires YunoHost version 4.1.7 or higher.
ynh_exec_as() {
    local user=$1
    shift 1

    if [[ $user = $(whoami) ]]; then
        eval "$@"
    else
        sudo -u "$user" "$@"
    fi
}