acl based directory share between users

acl-share-dir.sh

#!/bin/bash

# Usage: 
#  share_dir [ -o <owner> -g <group> ] <directory> <list of space delimited users names/uid>
#  use . for current directory
# -o forces own for directory, default is $USER
# -g forces group name for directory, default is "users" and if not available then $USER
#  Note: script operates recursively on given directory!, use with caution

## HELPERS

adirname() {
  # passed entire path
 echo "$(cd "$(dirname "$1")" >/dev/null 2>&1 ; pwd -P )"
}

chmod_dirs() {
  # passed entire path
  local usesudo 
  [[ $1 == -s ]] && usesudo="sudo" && shift 2
  $usesudo find $1 -type f -exec chmod $2 {} +
}


function confirm()
{
    echo -n "$@ "
    read -e answer
    for response in y Y yes YES Yes Sure sure SURE OK ok Ok
    do
        if [ "_$answer" == "_$response" ]
        then
            return 0
        fi
    done

    # Any answer other than the list above is considered a "no" answer
    return 1
}

# End Helpers


# Usage: 
#  adding: acladduserdir <user> <directory>
#  deleting: acladduserdir -d <user> <directory>
# add -s flag to force run as sudo
#  Note: script operates recursively on given directory!, use with caution

acladduserdir() {

  module_load confirm
  local uid
  local usesudo
  local del
  local spec
  local dir
  local cmd="-R  -m "
  local cmdd="-dR  -m"

  declare OPTION
  declare OPTARG
  declare OPTIND

  while getopts 'ds' OPTION; do
    # echo $OPTION $OPTARG
    case "$OPTION" in
    d)
      del=true
      ;;
    s)
      usesudo="sudo"
      ;;
    *)
      echo unknown option $OPTION
      ;;
    esac
  done

  shift $((OPTIND - 1))

  if [[ $del ]]; then
    echo deleting an acl entries for $1
    opts="-R  -x"
    optsd="-dR  -x"
    spec="u:$1"
  else
    opts="-R  -m "
    optsd="-dR  -m"
    spec="u:$1:rwX"
  fi
  [[ ! $2 ]] && echo acluserdir: both user and direcotory must be passed && return 1
  dir=$2
  uid=$(id -u $1 2>/dev/null)
  [[ $uid -lt 1000 ]] && echo no such regular user $1 && return 2
  [[ ! -d $2 ]] && echo no such directory $2 && return 3
  if [[ ! -w $2 ]]; then
    echo $2 not writable by current user $USER
    if [[ ! $(sudo -l -U $USER 2>/dev/null) ]]; then
      echo user does not have sudo privilges, aborting
      return 4
    else
      confirm "do you want to elevate to root and continue?" || return 5
      usesudo="sudo"
    fi
  fi
  echo these are the acl commands that you will run
  echo '******************'
  echo $usesudo setfacl $opts $spec $dir
  echo $usesudo setfacl $optsd $spec $dir
  echo '******************'
  confirm Double Check. Do you want to continue? || return 6
  $usesudo setfacl $opts $spec $dir
  $usesudo setfacl $optsd $spec $dir
  echo '*** new acl entries ***'
  $usesudo getfacl -p --omit-header $2 | grep $1

}

# Usage: 
#  share_dir [ -o <owner> -g <group> ] <directory> <list of space delimited users names/uid>
# -o forces own for directory, default is $USER
# -g forces group name for directory, default is "users" and if not available then $USER
#  Note: script operates recursively on given directory!, use with caution

share_dir() {
  [[ ! $(sudo -l -U $USER 2>/dev/null) ]] && echo current user does not have sudo privilges, aborting && return 4
  local group
  local owner=$USER
  [[ $(getent group users) ]] && group=users || group=$USER

  declare OPTION
  declare OPTARG
  declare OPTIND

  while getopts 'g:o:' OPTION; do
    # echo $OPTION $OPTARG
    case "$OPTION" in
    o)
      owner=$OPTARG
      ;;
    g)
      group=$OPTARG
      ;;
    *)
      echo unknown option $OPTION
      ;;
    esac
  done

  shift $((OPTIND - 1))
  
  local dir=$([[ ! $1 == /* ]] && echo $(adirname $1)/)$([[ $1 == . ]] && echo "" || echo $1)
  if [[ ! -d $dir ]]; then
    confirm no such directory $dir, create it? && sudo mkdir -p $dir || return 6
  fi
  shift
  confirm share directory $dir with users: $@ ? confirm || return 6
  for user in "$@"; do
    echo adding acl user $user
    acladduserdir -s $user $dir
  done
  echo done adding acl users $@
  echo these are the chown/chmod commands that you will run
  echo '******************'
  echo sudo chown -R $owner:$group $dir
  echo sudo chmod -R u+rwX $dir
  echo sudo chmod -R g+rwX $dir
  echo sudo find $dir -type d -exec chmod g+s {} +
  echo '******************'
  confirm Double Check. Do you want to continue? || return 6
  sudo chown -R $owner:$group $dir
  sudo chmod -R u+rwX $dir
  sudo find $dir -type d -exec chmod g+s {} +
  echo all done!
  ls -la $dir
  getfacl -p $dir

}