#!/usr/bin/perl -w
#
#  rhrdlibs
#
#  Copyright (C) 2015 Christian Pointner <equinox@helsinki.at>
#
#  This file is part of rhrdlibs.
#
#  rhrdlibs is free software: you can redistribute it and/or modify
#  it under the terms of the GNU Affero General Public License as published by
#  the Free Software Foundation, either version 3 of the License, or
#  any later version.
#
#  rhrdlibs is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU Affero General Public License for more details.
#
#  You should have received a copy of the GNU Affero General Public License
#  along with rhrdlibs. If not, see <http://www.gnu.org/licenses/>.
#

use strict;
use RHRD::rddb;
use String::MkPasswd qw(mkpasswd);

# this is ridiculous but makes it a little harder to change user passwords...
if ($> != 0 ) {
  print STDERR "this must be run as root!\n";
  exit 1;
}

my $num_args = $#ARGV + 1;
if ($num_args <= 0) {
  print STDERR "WARNING: this will update all users tokens (except for admin)\n";
}

my %EXCLUDED_USERS = map { $_ => 1 } @ARGV;
$EXCLUDED_USERS{'admin'} = 1;

my ($dbh, undef, $errorstring) = RHRD::rddb::opendb();
if(defined $dbh) {
  my @users = RHRD::rddb::list_users($dbh);
  if(!defined $users[0] && defined $users[2]) {
    print STDERR "$users[2]\n";
    exit 1;
  }

  foreach my $user (@users) {
    next if(exists($EXCLUDED_USERS{$user}));
    my $token = mkpasswd(-length => 16, -minnum => 3, -minupper => 3, -minspecial => 0);
    RHRD::rddb::set_token($dbh, $user, $token);
    print "$user -> $token\n";
  }

  RHRD::rddb::closedb($dbh);
} else {
  print STDERR "$errorstring\n";
  exit 1;
}

exit 0