Add 'remove_userid' function, inverse of 'update_userids'.

[monkeysphere.git] / src / monkeysphere-server

diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index ffb34522bd60ab264b0d05ef8a8bc778defee4f5..13221c5bcb6c029a51e73347751dc9fd8b270297 100755 (executable)
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -28,14 +28,15 @@ GREP_OPTIONS=
 usage() {
 cat <<EOF
 usage: $PGRM <subcommand> [args]
-Monkeysphere server admin tool.
+MonkeySphere server admin tool.
 
 subcommands:
   update-users (s) [USER]...            update users authorized_keys files
   gen-key (g)                           generate gpg key for the server
   publish-key (p)                       publish server key to keyserver
   trust-keys (t) KEYID...               mark keyids as trusted
-  update-user-userids (u) USER UID...   add/update userids for a user
+  update-user-userids (u) USER UID...   add/update user IDs for a user
+  remove-user-userids (r) USER UID...   remove user IDs for a user
   help (h,?)                            this help
 
 EOF
@@ -121,7 +122,7 @@ export GNUPGHOME
 mkdir -p -m 0700 "$GNUPGHOME"
 
 case $COMMAND in
-    'update-users'|'s')
+    'update-users'|'update-user'|'s')
        if [ "$1" ] ; then
            unames="$@"
        else
@@ -133,13 +134,17 @@ case $COMMAND in
 
            log "----- user: $uname -----"
 
+           # set variables for the user
            AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname"
            msAuthorizedKeys="$CACHE"/"$uname"/authorized_keys
            cacheDir="$CACHE"/"$uname"/user_keys
 
-            # make sure authorized_user_ids file exists
+            # make sure user's authorized_user_ids file exists
+           touch "$AUTHORIZED_USER_IDS"
+
+           # skip if the user's authorized_user_ids file is empty
            if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
-               log "authorized_user_ids file for '$uname' is empty or does not exist."
+               log "authorized_user_ids file for '$uname' is empty."
                continue
            fi
 
@@ -164,16 +169,18 @@ case $COMMAND in
        publish_server_key
        ;;
 
-    'trust-keys'|'t')
+    'trust-keys'|'trust-key'|'t')
        if [ -z "$1" ] ; then
            failure "you must specify at least one key to trust."
        fi
+
+       # process key IDs
        for keyID ; do
            trust_key "$keyID"
        done
        ;;
 
-    'update-user-userids'|'u')
+    'update-user-userids'|'update-user-userid'|'u')
        uname="$1"
        shift
        if [ -z "$uname" ] ; then
@@ -182,11 +189,46 @@ case $COMMAND in
        if [ -z "$1" ] ; then
            failure "you must specify at least one userid."
        fi
+
+       # set variables for the user
        AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname"
        cacheDir="$CACHE"/"$uname"/user_keys
+
+        # make sure user's authorized_user_ids file exists
+       touch "$AUTHORIZED_USER_IDS"
+
+       # process the user IDs
        for userID ; do
            update_userid "$userID" "$cacheDir"
        done
+
+       log "run the following to update user's authorized_keys file:"
+       log "$PGRM update-users $uname"
+       ;;
+
+    'remove-user-userids'|'remove-user-userid'|'r')
+       uname="$1"
+       shift
+       if [ -z "$uname" ] ; then
+           failure "you must specify user."
+       fi
+       if [ -z "$1" ] ; then
+           failure "you must specify at least one userid."
+       fi
+
+       # set variables for the user
+       AUTHORIZED_USER_IDS="$MS_HOME"/authorized_user_ids/"$uname"
+
+        # make sure user's authorized_user_ids file exists
+       touch "$AUTHORIZED_USER_IDS"
+
+       # process the user IDs
+       for userID ; do
+           remove_userid "$userID"
+       done
+
+       log "run the following to update user's authorized_keys file:"
+       log "$PGRM update-users $uname"
        ;;
 
     'help'|'h'|'?')