require 'ldap'
require 'uri'

basedn = ''
conn = ''

f = File.new('/etc/openldap/ldap.conf', 'r')
f.readlines.each do |line|
    line = line.strip
    next if line =~ /^#/
    next if line == ''
    line = line.split
    if line[0] == 'BASE'
        basedn = line[1]
    elsif line[0] == 'URI'
        line.shift
        line.each do |uri|
            uri = URI.parse(uri)
            begin
                if uri.scheme == 'ldaps'
                    if ! uri.port
                        uri.port = 636
                    end
                    conn = LDAP::SSLConn.new(uri.host, uri.port)
                else
                    if ! uri.port
                        uri.port = 389
                    end
                    conn = LDAP::Conn.new(uri.host, uri.port)
                end
                conn.bind
                break
            rescue LDAP::ResultError
                next
            end
        end
    end
end
f.close


print "class user::virtual {\n"


conn.search(basedn, LDAP::LDAP_SCOPE_SUBTREE, 'objectClass=posixAccount',
	    ['uid', 'uidNumber', 'gidNumber', 'gecos', 'homeDirectory',
	     'loginShell' ]) { |entry|
    groups = []
    filter = '(&(objectClass=posixGroup)(|(uniqueMember=' + entry.get_dn \
	     + ')(memberUid=' + entry['uid'][0] + ')))'
    conn.search(basedn, LDAP::LDAP_SCOPE_SUBTREE, filter, ['cn']) { |group|
	groups << group['cn'][0]
    }
    prigroup = nil
    conn.search(basedn, LDAP::LDAP_SCOPE_SUBTREE, \
		'(&(objectClass=posixGroup)(gidNumber=' + entry['gidNumber'][0] + '))', \
		['cn']) { |group|
	prigroup = group['cn'][0]
    }

    print "\n"
    print "    @user { '" + entry['uid'][0] + "':\n"
    print "        ensure  => present,\n"
    print "        uid     => '" + entry['uidNumber'][0] + "',\n"
    print "        gid     => '" + entry['gidNumber'][0] + "',\n"
    begin
        print "        comment => '" + entry['gecos'][0] + "',\n"
    rescue
        print "        comment => '" + entry['uid'][0] + "',\n"
    end
    print "        home    => '" + entry['homeDirectory'][0] + "',\n"
    begin
        print "        shell   => '" + entry['loginShell'][0] + "',\n"
    rescue
        print "        shell   => '/bin/false',\n"
    end
    if groups.length > 0
	print "        groups  => [ "
	groups.each do |group|
	    print "'" + group + "', "
	end
	print "],\n"
    end
    print "        require => [ Group['" + prigroup + "'],"
    groups.each do |group|
	print "\n                     Group['" + group + "'],"
    end
    print " ],\n"
    print "    }\n"

}


conn.search(basedn, LDAP::LDAP_SCOPE_SUBTREE, 'objectClass=posixGroup',
	    ['cn', 'gidNumber', 'memberUid', 'uniqueMember']) { |entry|

    # generate virtual group entry
    print "\n"
    print "    @group { '" + entry['cn'][0] + "':\n"
    print "        ensure => present,\n"
    print "        gid    => '" + entry['gidNumber'][0] + "',\n"
    print "    }\n"

}


print "\n}\n"