#!/usr/sbin/rsct/perl5/bin/perl
# IBM_PROLOG_BEGIN_TAG 
# This is an automatically generated prolog. 
#  
#  
#  
# Licensed Materials - Property of IBM 
#  
# (C) COPYRIGHT International Business Machines Corp. 2004,2007 
# All Rights Reserved 
#  
# US Government Users Restricted Rights - Use, duplication or 
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp. 
#  
# IBM_PROLOG_END_TAG 
#"@(#)66   1.8   src/rsct/rm/LPRM/cli/bin/mklpcmd.perl, LPRM, rsct_relgh, relghs001a 3/16/05 15:17:37"

# Creates an RMC Least Privilege Command 

use strict;
use locale;
BEGIN
  {
	# this enables us to redirect where it looks for other RSCT files during development
	$::rsctroot = $ENV{'RSCT_ROOT'} || '/usr/sbin/rsct';
	$::rsctpm = "$::rsctroot/pm";
	$::rsctmsgmaps = "$::rsctroot/msgmaps";
  }

use lib $::rsctpm;
use Getopt::Std;
use CT_cli_utils qw(printIMsg printEMsg);
use LPRM_cli_utils qw(process_api_error process_exit_code);
use Socket;

$main::PROGNAME = 'mklpcmd';
$main::MSGCAT = 'lprmcli.cat';
$main::LSMSG = '/usr/sbin/rsct/bin/ctdspmsg';

# For the usage, see lprmcli.msg
sub usage { printIMsg('IMsgMklpcmdUsageNew1');  exit (scalar(@_) ? $_[0] : 1); }

# Parse the cmd line args and check them
#if (! getopts('ln:hvV') ) { &usage; }
if (! getopts('c:ln:R:s:A:hTV') ) { &usage(3); }
#if (scalar(@ARGV) < 2 || $::opt_h) { &usage; }
if ($::opt_h) { &usage(0); }
if (scalar(@ARGV) < 2) { &usage(4); }
if ( (scalar(@ARGV)%2) !=0 ) { &usage(4); }
#if ($::opt_V) { $::opt_v = 1; }

my $name = shift @ARGV;
if ($name eq "") 
   {
    # bad name
    printEMsg('EMsgMklpcmdNameMissing');
    exit(5) ;
   }
my $cmd = join(' ', shift @ARGV);
if (!defined($::opt_l)) { $::opt_l = 0; }

if (defined($::opt_c))
   {
        $::opt_c = "::ControlFlags::$::opt_c";
   }

if (defined($::opt_n))
  {
	#todo: support symbolic names for values 2 and 3
	if ($ENV{CT_MANAGEMENT_SCOPE}!=2 && $ENV{CT_MANAGEMENT_SCOPE}!=3) { $ENV{CT_MANAGEMENT_SCOPE}=4; }
	$::opt_n = "::NodeNameList::{'$::opt_n'}";
  }
else { $ENV{CT_MANAGEMENT_SCOPE}=1; }

if (defined($::opt_R))
   {
        $::opt_R = "::RunCmdName::$::opt_R";
   }
if (defined($::opt_s))
   {
        $::opt_s = "::FilterScript::$::opt_s";
   }
if (defined($::opt_A))
   {
        $::opt_A = "::FilterArg::'$::opt_A'";
   }

# Deal with quotes in the cmd
# if the value already has quotes around it, do not quote it
if (!( $cmd =~ /^(".*"|'.*')$/ ))
  {
	# if the value has imbedded double quotes, use single quotes
	if ($cmd =~ /\"/) { $cmd = qq('$cmd'); } # use the other quotes
	else 		# use double quotes
	  {
		$cmd =~ s/\"/\\\"/sg;     # escape embedded double quotes
		$cmd = qq("$cmd");
	  }
  }

if ($::opt_T) {print STDERR "$main::PROGNAME: calling mkrsrc-api to create a LP resource\n ";}

my $cmd = qq(/usr/bin/mkrsrc-api IBM.LPCommands::Name::${name}::CommandPath::${cmd}::Lock::$::opt_l$::opt_n$::opt_R$::opt_s$::opt_A$::opt_c 2>&1);
#if ($::opt_v) { $main::PROGNAME = 'lslpcmd'; printIMsg('IMsgRmcCmd', $cmd); $main::PROGNAME = 'mklpcmd'; }
if ($::opt_V) { $main::PROGNAME = 'lslpcmd'; printIMsg('IMsgRmcCmd', $cmd); $main::PROGNAME = 'mklpcmd'; }

my @output = `$cmd`;
#my $rc = $? >> 8;
my $rc = $?;
$rc = process_exit_code($rc);
if ($rc)
  {
        if ($::opt_T) {print STDERR "$main::PROGNAME: mkrsrc-api returned $rc\n ";}
	#if (!$::opt_v) { $output[0] =~ s/.*::.*::.*::.*::.*:://; }
	#if (!$::opt_V) { $output[0] =~ s/.*::.*::.*::.*::.*:://; }
	#print @output;
        process_api_error("::",$rc,@output);
	exit $rc;
  }
if ($#ARGV >= 0)
   {
    my $i = 0;
    my $idpermpair ="";
    while($i <= $#ARGV)
       {
        #print "Argument $i is $ARGV[$i].\n";
        my $id = $ARGV[$i];
        #print "Argument $i+1 is $ARGV[$i+1].\n";
        my $perm = $ARGV[$i+1];
        $idpermpair= $idpermpair."${id}::$perm"."::";
        $i = $i+2;
       }
    #print "idpermstring is $idpermpair.\n";
    my $selectstr = "Name='$name'";
    if (length($selectstr)) { $selectstr = qq("$selectstr"); }

    if ($::opt_T) {print STDERR "$main::PROGNAME: calling chrsrcacl-api to modify the ACLs of the LP resource\n ";}
    my $cmd = qq(/usr/bin/chrsrcacl-api -s IBM.LPCommands::${selectstr}::$idpermpair 2>&1);
    if ($::opt_V) { $main::PROGNAME = 'lslpcmd'; printIMsg('IMsgRmcCmd', $cmd); $main::PROGNAME = 'mklpcmd'; }

    my @output = `$cmd`;
    #my $rc = $? >> 8;
    my $rc = $?;
    $rc = process_exit_code($rc);
    if ($rc)
       {
        if ($::opt_T) {print STDERR "$main::PROGNAME: chrsrcacl-api returned $rc\n ";}
        #if (!$::opt_V) { $output[0] =~ s/.*::.*::.*::.*::.*:://; }
        #print @output;
        process_api_error("::",$rc,@output);
        exit $rc;
       }
    }

exit $rc;


