#!/bin/sh
#
# gnsu: gnsu's not su

PASSWORDTRIES=3

CMD="$@"

LIBEXECDIR=/usr/libexec

init() {
	export PATH="/sbin:/usr/sbin:${PATH}" # PATH after or someone can fake "sudo" binary with it's own.

	# Translations only work with utf8 locales
	if ! locale -k charmap|grep -q UTF-8 ; then
		LANG=C
	fi

	# Gettext internationalization
	export TEXTDOMAIN="gnsu"
	export TEXTDOMAINDIR="/usr/share/locale"
	. gettext.sh

	export u=`whoami`

	export TRUE=/usr/bin/true

	export SUDO_ASKPASS=$LIBEXECDIR/gnsu-helper
	export GNSU_ASKPASS=$LIBEXECDIR/gnsu-askpass

	export COUNT=$PASSWORDTRIES
}

help() {
	cat <<- EOF
	Usage: gnsu [SUDO OPTIONS] command [COMMAND ARGUMENTS]
	Run a command as another user through sudo
	
	OPTIONS:
	        -h, --help           Show this help
	EOF
}

storedpass() {
	sudo -n $TRUE 2> /dev/null
	return $?
}

askpass() {
	if [ $COUNT -lt $PASSWORDTRIES ]; then
		PERMISSION="-p"
	else
		PERMISSION=""
	fi
	GNSU_PASSWORD=$( $GNSU_ASKPASS \
		--title="$CMD" \
		--user="$u" \
		$PERMISSION \
		2> /dev/null)
	retval=$?
	if [ $retval -ne 0 ]; then
		exit 0
	fi
	export GNSU_PASSWORD
}

trypass() {
	sudo -A $TRUE 2> /dev/null
	return $?
}

execcommand() {
	sudo -A $CMD
}

execcommandnopass() {
	sudo $CMD
}

passwordloop() {
	if [ $COUNT -gt 0 ]; then
		askpass
		trypass
		retval=$?
		if [ $retval -eq 0 ]; then
			execcommand
			exit
		else
			COUNT=$(($COUNT - 1))
			passwordloop
		fi
	else
		exit 1
	fi
}

case $1 in
	-h | --help | "" )
	help
	exit
	;;
esac

init
storedpass
retval=$?
if [ $retval -eq 0 ]; then
	execcommandnopass
else
	passwordloop
fi

