From fd67436fa82a6fd8727ff4004063a71017f29473 Mon Sep 17 00:00:00 2001
From: Marco Pessotto <melmothx@gmail.com>
Date: Tue, 23 Jan 2024 16:40:34 +0100
Subject: [PATCH] Extend amusewiki-reset-password to create users

Close #457
---
 script/amusewiki-reset-password | 68 +++++++++++++++++++++++++++++++--
 1 file changed, 65 insertions(+), 3 deletions(-)

diff --git a/script/amusewiki-reset-password b/script/amusewiki-reset-password
index 264c741c6..49050ca86 100755
--- a/script/amusewiki-reset-password
+++ b/script/amusewiki-reset-password
@@ -8,6 +8,9 @@ use warnings;
 use lib 'lib';
 use AmuseWikiFarm::Schema;
 use Crypt::XkcdPassword;
+use Getopt::Long;
+use Pod::Usage;
+
 
 =pod
 
@@ -19,7 +22,7 @@ amusewiki-reset-password - reset amusewiki passwords from the command line
 
 =head1 SYNOPSIS
 
-Usage: amusewiki-reset-password <username> [<password>]
+Usage: amusewiki-reset-password <username> [<password>] [ --create-with-role ROLE ] [ --add-to-site SITE-ID ]
 
 Reset the password of an arbitrary user. The password is optional and
 will be generated automatically if not provided.
@@ -27,8 +30,33 @@ will be generated automatically if not provided.
 You need to have dbic.yaml in the current directory, or in
 ~/.dbic.yaml with the C<amuse> stanza with the settings.
 
+=head2 OPTIONS
+
+=over 4
+
+=item --create-with-role ROLE
+
+If the user does not exist, create it with the given role. ROLE can be
+C<root>, C<admin> or C<librarian>.
+
+=item --add-to-site SITE-ID
+
+Add the user to the given site. Root users do not need this.
+
+=back
+
 =cut
 
+my %roles = map { $_ => $_ } (qw/root admin librarian/);
+
+my $create_with_role;
+my @sites;
+
+GetOptions(
+           'create-with-role=s' => \$create_with_role,
+           'add-to-site=s' => \@sites,
+          ) or die;
+
 my $schema = AmuseWikiFarm::Schema->connect('amuse');
 
 my ($username, $password) = @ARGV;
@@ -36,13 +64,47 @@ $password ||= Crypt::XkcdPassword->new(words => 'IT')->make_password(5, qr{\A[0-
 
 die "Usage: $0 <username> [<password>]\n" unless $username && $password;
 
-if (my $user = $schema->resultset('User')->find({ username => $username })) {
+my $user = $schema->resultset('User')->find({ username => $username });
+
+if ($user) {
     $user->password($password);
     $user->update;
     print qq{Password for $username is now '$password'\n};
 }
+elsif ($create_with_role) {
+    if (my $role = $roles{$create_with_role}) {
+        $user = $schema->resultset('User')->create({
+                                                    username => $username,
+                                                    password => $password,
+                                                   });
+        $user->set_roles([{ role => $role }]);
+        print "User $username created with password '$password' and role $role\n";
+    }
+    else {
+        die "Invalid role $create_with_role. Must be root, admin or librarian";
+    }
+}
 else {
-    die "No such user $username!";
+    print "User not found and --create-with-role not passed!\n\n";
+    pod2usage;
+    exit 2;
 }
 
+if (@sites) {
+    my $rs = $schema->resultset('Site')->search({ id => \@sites });
+    if ($rs->count) {
+        foreach my $site ($rs->all) {
+            if ($site->users->find({ username => $user->username })) {
+                print "$username already in " . $site->id . "\n";
+            }
+            else {
+                $site->add_to_users($user);
+                print "Added $username to " . $site->id . "\n";
+            }
+        }
+    }
+    else {
+        die "No site found with id " . join(" ", @sites) . "\n";
+    }
+}