Updated method updateACL

lcmlog-server-utils

@@ -1,7 +1,9 @@
 #!/bin/bash
 
+
 DIR="/var/local/log/lcmlog-data"
 
+
 ######################
 # AUXILIARY FUNCTION #
 ######################
@@ -25,8 +27,8 @@ method_help()
 	echo
 	echo "Options:"
 	echo "  -i  Initialization of the folder structure in default directory ($DIR)"
-	echo "  -l  See who is authorized in auth folder using getent"
-	echo "  -u  Update folders ACL"
+	echo "  -l  See who is authorized in $DIR/auth"
+	echo "  -u  Update folders ACL (data and logs)"
 	echo
 	echo "  -h  Show this help"
 }
@@ -73,7 +75,7 @@ method_init()
 		fi
 
 		echo
-		echo "Now you should add entries in auth files and then update folder permissions using the flag -u"
+		echo "Now you should add entries in $DIR/auth files and then update folder permissions using -u flag."
 
 	fi
 }
@@ -85,24 +87,29 @@ method_init()
 method_authlookup()
 {
 	if [ -d $DIR/auth ]; then
+		
+		# look 150
 		echo -e "\033[1;36m150 auth:\033[0;36m GET 150, GET Admin, POST 150\033[00m"
 		for uid in $(awk '{print $1}' $DIR/auth/150); do
 			getent passwd $uid
 		done
-
 		echo
+
+		# look admin
 		echo -e "\033[1;36mAdmin auth:\033[0;36m GET 150, GET Admin, POST 150, POST Admin, UPDATE\033[00m"
 		for uid in $(awk '{print $1}' $DIR/auth/Admin); do
 			getent passwd $uid
 		done
-
 		echo
+
+		# look ex 150
 		echo -e "\033[1;36mValhalla auth:\033[0;36m GET 150, GET Admin\033[00m"
 		for uid in $(awk '{print $1}' $DIR/auth/Valhalla); do
 			getent passwd $uid
 		done
-
 		echo
+
+		# look ex admin
 		echo -e "\033[1;36mNirvana auth:\033[0;36m GET 150, GET Admin, POST Admin\033[00m"
 		for uid in $(awk '{print $1}' $DIR/auth/Nirvana); do
 			getent passwd $uid
@@ -120,7 +127,63 @@ method_authlookup()
 method_updateACL()
 {
 	if [ -d $DIR/auth ] && [ -d $DIR/data ] && [ -d $DIR/logs ]; then
-		echo "OK. Method incomplete."
+
+		echo "Authorization in $DIR/auth:"
+		echo
+		method_authlookup
+
+		echo "Do you want to set new permissions? [y|n]"		
+		read ANSWER
+        while [ -z $ANSWER ]; do
+                echo "Yes (y) or no (n)? "
+                read ANSWER
+        done
+        while [ $ANSWER != "y" ] && [ $ANSWER != "n" ]; do
+                echo "Yes (y) or no (n)? "
+                read ANSWER
+                while [ -z $ANSWER ]; do
+                        echo  "Yes (y) or no (n)? "
+                        read ANSWER
+                done
+        done
+        if [ $ANSWER == "n" ]; then exit 0; fi		
+
+		# remove old permissions
+		echo "Removing old permissions..."
+		setfacl -b $DIR/data
+		setfacl -b $DIR/logs
+
+		# add new permissions
+		echo "Setting up new permissions..."
+
+		# set 150
+		for uid in $(awk '{print $1}' $DIR/auth/150); do
+			setfacl -m u:$uid:rwx $DIR/data
+			setfacl -m u:$uid:rwx $DIR/logs
+		done
+
+		# set admin
+		for uid in $(awk '{print $1}' $DIR/auth/Admin); do
+			setfacl -m u:$uid:rwx $DIR/data
+			setfacl -m u:$uid:rwx $DIR/logs
+		done
+		
+		# set ex 150
+		for uid in $(awk '{print $1}' $DIR/auth/Valhalla); do
+			setfacl -m u:$uid:rx $DIR/data
+			setfacl -m u:$uid:rwx $DIR/logs
+		done
+		
+		# set ex admin
+		for uid in $(awk '{print $1}' $DIR/auth/Nirvana); do
+			setfacl -m u:$uid:rwx $DIR/data
+			setfacl -m u:$uid:rwx $DIR/logs
+		done
+
+		echo "Done. New permissions are:"
+		getfacl $DIR/data
+		getfacl $DIR/logs
+		
 	else
 		echo "Error: some folders are missing. Use the -i option to create missing folders."
 	fi