#! /usr/bin/perl -w
#
# Manage administrators of a BOINC project
#
# Author: Gabor Gombas <gombasg@sztaki.hu>
#
# This is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.

=head1 NAME

boinc_admin - add or remove BOINC project administrators

=head1 SYNOPSIS

boinc_admin [B<--help>] [B<--quiet>] B<--name>=I<NAME> {B<--add>|B<--delete>} I<USER>

=head1 DESCRIPTION

This script adds or removes a local user from the list of administrators of a
given BOINC project. Being an administrator means

=over

=item

Being able to access the project's user via sudo. To achieve this the following
two rules are added to the sudoers file:

=over

=item I<USER> ALL = (boinc-I<NAME>) ALL

=item I<USER> ALL = (root) /bin/su - boinc-I<NAME>

=back

So I<USER> can run any command as the project user or he/she can start a login
shell as the project user.

=item

Access the administration options on the project's web page. The script will
ask for a password to be used for web access. This password is stored in
/var/lib/boinc/I<NAME>/project/admin_users.htpasswd and can be changed with the
B<htpasswd> utility that comes with Apache.

=item

Receive e-mails from the project account by adding the admin user to the project's
B<.forward> file.

=back

=head1 OPTIONS

=over

=item B<--help>

Display a short help text and exit.

=item B<--quiet>

Do not display status messages.

=item B<--name>=I<NAME>

The name of the project.

=item B<--add>

Add I<USER> to the list of administrators.

=item B<--delete>

Remove I<USER> from the list of administrators.

=item I<USER>

The name of the local user to add or remove.

=back

=head1 EXAMPLES

Letting user I<fred> be an administrator for project I<test>:

=over

=item B<boinc_admin --name=test --add fred>

=back

Revoking administrator rights from user I<fred>:

=over

=item B<boinc_admin --name=test --delete fred>

=back

=head1 SEE ALSO

B<boinc_ctl(8)>, B<boinc_create_project(8)>, B<boinc_delete_project(8)>

=head1 AUTHOR

Written by Gabor Gombas <gombasg@sztaki.hu>

=head1 COPYRIGHT

LGPL-2.1 or later

=cut

use Boinc::Common;
use Boinc::Admin;

use Getopt::Long;
use IO::File;
use Pod::Usage;

use strict;
use vars qw($project_name $help $add $delete $quiet);

my $logfile = '/var/log/boinc.log';

#######################################################################
# Main program

GetOptions("name=s" => \$project_name,
		"quiet" => \$quiet,
		"add" => \$add,
		"delete" => \$delete,
		"help" => \$help)
	or die("Failed to parse options\n");

pod2usage(1) if ($help);

die("You must specify the project name\n")
	unless $project_name;

die("No action specified\n")
	unless $add || $delete;

die("No user specified\n")
	unless $ARGV[0];

die("User $ARGV[0] does not exist\n")
	unless getpwnam($ARGV[0]);

set_logfile($logfile);
set_quiet($quiet);

add_admin($project_name, $ARGV[0]) if $add;
delete_admin($project_name, $ARGV[0]) if $delete;
