#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/realadduser                     Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

BEGIN {
    $ENV{'LANG'} = 'C';
}

use strict;
use Fcntl                       ();
use Cpanel::Finally             ();
use AcctLock                    ();
use Cpanel::Logger              ();
use Cpanel::LoginDefs           ();
use Cpanel::PwCache             ();
use Cpanel::SysAccounts         ();
use Whostmgr::Accounts::IdTrack ();

my $logger = Cpanel::Logger->new();

my $mailgid = ( Cpanel::PwCache::getpwnam('mail') )[3];

my $nochecks          = 0;
my $shell             = 0;
my $debug             = 0;
my $is_system_account = 0;

if (@ARGV) {
    while ( my $arg = shift @ARGV ) {
        last if !$arg;
        if ( $arg =~ m/^-+(\S+)/ ) {
            my $flag = $1;
            if ( $flag eq 'nochecks' ) {
                $nochecks = 1;
            }
            elsif ( $flag =~ m/^(no)?shell$/ ) {
                if ($1) {
                    $shell = 'noshell';
                }
                else {
                    $shell = shift @ARGV;
                }
            }
            elsif ( $flag =~ m/debug/i ) {
                $debug = 1;
            }
            elsif ( $flag eq 'r' || $flag eq 'system' ) {
                $is_system_account = 1;
            }
        }
        else {
            unshift @ARGV, $arg;
            last;
        }
    }
}

my $username = $ARGV[0];
my $homeroot = $ARGV[1];
my $pass     = $ARGV[2];
my $myuid    = $ARGV[3];
my $mygid    = $ARGV[4];

if ( !$ARGV[0] ) {
    my $up;
    chomp( $up = <STDIN> );
    my @UP = split( / /, $up );
    $username = $UP[0];
    $homeroot = $UP[1];
    $pass     = $UP[2];
}

if ( !$username ) {
    Cpanel::Logger::logger(
        {
            'message'   => "Syntax: adduser <username> <homeroot> <password>",
            'level'     => 'die',
            'service'   => 'realadduser',
            'output'    => 2,
            'backtrace' => 0,
        }
    );
}
if ( !$homeroot ) {
    Cpanel::Logger::logger(
        {
            'message'   => "Syntax: adduser <username> <homeroot> <password>",
            'level'     => 'die',
            'service'   => 'realadduser',
            'output'    => 2,
            'backtrace' => 0,
        }
    );
}

if ( !-e '/etc/allowstupidstuff' ) {
    if ( $username =~ /^\d+/ ) {
        Cpanel::Logger::logger(
            {
                'message'   => "Invalid username $username. Usernames must not begin with a number.",
                'level'     => 'die',
                'service'   => 'realadduser',
                'output'    => 2,
                'backtrace' => 0,
            }
        );
    }
}

if ( !$shell ) {
    if ( -x '/bin/rstsh' ) {
        $shell = '/bin/rstsh';
    }
    elsif ( -x '/bin/bash' ) {
        $shell = '/bin/bash';
    }
    elsif ( -x '/usr/local/bin/bash' ) {
        $shell = '/usr/local/bin/bash';
    }
    elsif ( -x '/bin/sh' ) {
        $shell = '/bin/sh';
    }
    else {
        Cpanel::Logger::logger(
            {
                'message'   => "No valid shell found. Using /bin/false",
                'level'     => 'warn',
                'service'   => 'realadduser',
                'output'    => 2,
                'backtrace' => 0,
            }
        );
        $shell = '/bin/false';
    }
}
elsif ( $shell eq 'noshell' ) {
    if ( -x '/usr/local/cpanel/bin/noshell' ) {
        $shell = '/usr/local/cpanel/bin/noshell';
    }
    else {
        $shell = '/bin/false';
    }
}

if ($debug) {
    Cpanel::Logger::logger(
        {
            'message'   => "User: $username Home: $homeroot Shell: $shell Checks: $nochecks",
            'level'     => 'debug',
            'service'   => 'realadduser',
            'output'    => 1,
            'backtrace' => 0,
        }
    );
    exit;
}

my $home = $homeroot;
if ( !-e $home ) {
    mkdir( $home, 0755 );
}

if ( $pass eq '' ) {
    Cpanel::Logger::logger(
        {
            'message'   => "No password specified for $username",
            'level'     => 'info',
            'service'   => 'realadduser',
            'output'    => 1,
            'backtrace' => 0,
        }
    );
}

my ( $minuid, $mingid, $maxuid, $maxgid );

if ($is_system_account) {
    $minuid = Cpanel::LoginDefs::get_sys_uid_min();
    $mingid = Cpanel::LoginDefs::get_sys_gid_min();
    $maxuid = Cpanel::LoginDefs::get_sys_uid_max();
    $maxgid = Cpanel::LoginDefs::get_sys_gid_max();
}
else {
    $minuid = Cpanel::LoginDefs::get_uid_min();
    $mingid = Cpanel::LoginDefs::get_gid_min();
    $maxuid = Cpanel::LoginDefs::get_uid_max();
    $maxgid = Cpanel::LoginDefs::get_gid_max();
}

my $username_nodash = $username;
if ( !$nochecks ) {
    $username_nodash =~ s/-//g;
}

my @UIDS;
my @GIDS;

AcctLock::acctlock();
my $unlock = Cpanel::Finally->new( sub { AcctLock::acctunlock(); } );

my ( $idalloc_status, $idalloc_statusmsg, $idalloc_uid, $idalloc_gid ) = Whostmgr::Accounts::IdTrack::allocate( { 'minuid' => $minuid, 'mingid' => $mingid } );

if ( !$idalloc_status ) {
    die $idalloc_statusmsg;
}

Cpanel::SysAccounts::add_system_user(
    $username,
    'pass'    => $pass,
    'uid'     => $idalloc_uid,
    'gid'     => $idalloc_gid,
    'homedir' => "$home/$username",
    'shell'   => $shell,
);

Cpanel::Logger::logger(
    {
        'message'   => "User $username added",
        'level'     => 'info',
        'service'   => 'realadduser',
        'output'    => 1,
        'backtrace' => 0,
    }
);