#!/usr/bin/perl -w -I/opt/eprints2/perl_lib

use EPrints::User;
use EPrints::Session;
use Net::LDAP;
use strict;

my $session = EPrints::Session->new( 1 , $ARGV[0] );
exit unless( defined $session );

# Set to 1 to actually make changes to the database
my $forreal = 0;

# Get user dataset
my $user_ds = $session->get_archive()->get_dataset( "user" );

# Start connection
my $ldap = Net::LDAP->new( "ldap.host.name", version => 3 );
unless( $ldap )
{
	print STDERR "LDAP error: $@\n";
	exit 1;
}

# Bind 
# If anonymous binding doesnt work, call bind() with a distinguished name
# and password
my $mesg = $ldap->bind;
#my $dn = "";
#my $pword = "";
#my $mesg = $ldap->bind( $dn, password=>$pword );
if( $mesg->code() )
{
	print STDERR "Bind error: " . $mesg->error() . "\n";
	exit 1;
}

# Search for users
my $base = "ou=user,dc=domain,dc=name";
my $result = $ldap->search (
	base	=> "$base",
	scope   => "sub",
	# search the field that the server uses to store usernames
	# this may be 'samaccountname', or 'cn', or something else!
	filter => "samaccountname=*",
	attrs   =>  [],
	sizelimit=>0
);
if( $result->code() )
{
	print STDERR "Search error: " . $result->error() . "\n";
	exit;
}

# Iterate over results, creating or updating EPrints user accounts as required
my $s={};
my $entr = $result->pop_entry;

while( defined $entr )
{

	my $username = $entr->get_value( "samaccountname" );

	# Does account already exist?
	my $searchexp = new EPrints::SearchExpression( session=>$session, dataset=>$user_ds );
	$searchexp->add_field( $user_ds->get_field( "username" ), $username );
	my $searchid = $searchexp->perform_search;
	my( $user ) = $searchexp->get_records;
	$searchexp->dispose();

	if( !defined $user )
	{

		# New account
		if( $forreal )
		{
			$user = EPrints::User::create_user( $session, "ldapuser" );
			$user->set_value( "username", $username );
			print "CREATING: $username\n";
		}
		else
		{
			print "(WOULD BE) CREATING: $username\n";
		}

	} 
	else 
	{

		# Update account
		if( $forreal )
		{
			print "UPDATING: $username\n";
		} 
		else 
		{
			print "(WOULD BE) UPDATING: $username\n";
		}

	}

	# Set metadata
	if( $forreal )
	{

		my $name = {};
		$name->{family} = $entr->get_value( "sn" );
		$name->{given} = $entr->get_value( "givenName" );
		$user->set_value( "name", $name );
		$user->set_value( "username", $username );
		$user->set_value( "email", $entr->get_value( "mail" ) );
		$user->commit();

	} 
	else 
	{

		print "FAMILY = " . $entr->get_value( "sn" ) . "\n";
		print "GIVEN = " . $entr->get_value( "givenName" ) . "\n";
		print "EMAIL = " . $entr->get_value( "mail" ) . "\n";
		print "DN = " . $entr->get_value( "distinguishedName" ) . "\n";

	}

	$entr = $result->pop_entry;
}

$ldap->unbind;