#!/bin/sh -e

. shell-error
. ldap-config

[ -n "$(echo "$1" |grep '/etc/openldap')" ] && SLAPD_CONF="$1" && shift

ldap_config "$SLAPD_CONF"

[ "$#" -gt 0 ] || fatal "more arguments required"
db="$1"; shift
key="*"
[ "$#" -gt 0 ] && {	key="$1"; shift; }

if [ "$bindpw" = "-W" ]; then
	echo -n "Enter LDAP Password: "
	read -es passwd
	echo
	bindpw="-w '$passwd'"
fi

ldap_parse_reply()
{
		ruby -e '
require "ldap"
require "ldap/ldif"

args = ARGV.empty? ? %w/uid userPassword uidNumber gidNumber gecos homeDirectory loginShell/ : ARGV.dup

LDAP::LDIF.parse_file "/dev/stdin" do |obj|
  reply = args.collect do |f|
    (obj.attrs[f.downcase] || [""]) * ","
  end
  puts reply * ":"
end
' "$@"
}


ldap_search_groups()
{
	ldapsearch -LLL -b "$base" $binddn $bindpw -x -H "ldap://${host:-127.0.0.1}" "(&(objectClass=posixGroup)(cn=$key))" |
		ldap_parse_reply cn userPassword gidNumber memberUid
}

ldap_search_users()
{
	ldapsearch -LLL -b "$base" $binddn $bindpw -x -H "ldap://${host:-127.0.0.1}" "(&(objectClass=posixAccount)(uid=$key))" |
		ldap_parse_reply "$@"
}

case "$db" in
	"group")
		ldap_search_groups "$@"
		;;
	"passwd")
		ldap_search_users "$@"
		;;
esac
