#!/bin/bash
# info: suspend user
# options: USER [RESTART]
#
# example: v-suspend-user alice yes
#
# This function suspends a certain user and all his objects.

#----------------------------------------------------------#
#                Variables & Functions                     #
#----------------------------------------------------------#

# Argument definition
user=$1
restart=$2

# Includes
# shellcheck source=/etc/hestiacp/hestia.conf
source /etc/hestiacp/hestia.conf
# shellcheck source=/usr/local/hestia/func/main.sh
source $HESTIA/func/main.sh
# load config file
source_conf "$HESTIA/conf/hestia.conf"

#----------------------------------------------------------#
#                    Verifications                         #
#----------------------------------------------------------#

check_args '1' "$#" 'USER [RESTART]'
is_format_valid 'user'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
if [ "$user" = 'admin' ]; then
	exit
fi

# Perform verification if read-only mode is enabled
check_hestia_demo_mode

#----------------------------------------------------------#
#                       Action                             #
#----------------------------------------------------------#

# Do not restrict access to SFTP/FTP/SSH if POLICY_USER_VIEW_SUSPENDED is set to yes
if [ -z "$POLICY_USER_VIEW_SUSPENDED" ] || [ "$POLICY_USER_VIEW_SUSPENDED" = 'no' ]; then
	# Adding '!' in front of the password
	/usr/sbin/usermod --lock "$user"

	# Suspending ftp accounts
	for ftp in $(grep "^${user}_" /etc/passwd | cut -f 1 -d :); do
		/usr/sbin/usermod --lock "$ftp" 2> /dev/null
	done
fi

# Suspending web domains
if [ -n "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'no' ]; then
	$BIN/v-suspend-web-domains "$user" "no"
fi

# Suspending mail domains
if [ -n "$MAIL_SYSTEM" ] && [ "$MAIL_SYSTEM" != 'no' ]; then
	$BIN/v-suspend-mail-domains "$user" "no"
fi

# Suspending dns domains
if [ -n "$DNS_SYSTEM" ] && [ "$DNS_SYSTEM" != 'no' ]; then
	$BIN/v-suspend-dns-domains "$user" "no"
fi

# Suspending datbabases
if [ -n "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'no' ]; then
	$BIN/v-suspend-databases "$user"
fi

# Suspending cron jobs
if [ -n "$CRON_SYSTEM" ] && [ "$CRON_SYSTEM" != 'no' ]; then
	$BIN/v-suspend-cron-jobs "$user" "no"
fi

#----------------------------------------------------------#
#                       Hestia                             #
#----------------------------------------------------------#

# Restarting system services
$BIN/v-restart-web "$restart"
check_result $? "Web restart failed" > /dev/null

$BIN/v-restart-proxy "$restart"
check_result $? "Proxy restart failed" > /dev/null

$BIN/v-restart-dns "$restart"
check_result $? "DNS restart failed" > /dev/null

$BIN/v-restart-cron "$restart"
check_result $? "Cron restart failed" > /dev/null

# Changing suspend value
update_user_value "$user" '$SUSPENDED' 'yes'
increase_user_value 'admin' '$SUSPENDED_USERS'

# Logging
$BIN/v-log-action "system" "Info" "Users" "Suspended user account (Name: $user)."
log_event "$OK" "$ARGUMENTS"

exit