From 058b7de78af95627fc5b56ce7c0c55457142a32c Mon Sep 17 00:00:00 2001
From: Jon Bracy <jonbracy@gmail.com>
Date: Mon, 25 Mar 2019 13:59:57 -0700
Subject: [PATCH] Add ability for config file to be the permissions file

---
 sync-accounts | 40 +++++++++++++++++++---------------------
 1 file changed, 19 insertions(+), 21 deletions(-)

diff --git a/sync-accounts b/sync-accounts
index 8781505..da6afd7 100755
--- a/sync-accounts
+++ b/sync-accounts
@@ -11,20 +11,32 @@ def github_keys(user)
 
   http = Net::HTTP.new('github.com', 443)
   http.use_ssl = true
-  http.verify_mode = OpenSSL::SSL::VERIFY_NONE
   
   response = http.request(Net::HTTP::Get.new("/#{user}.keys"))
   raise 'failure' unless response.is_a?(Net::HTTPOK)
   $key_cache[user] = response.body.split("\n")
 end
 
-def read_permissions(url)
+def read_permissions_from_url(url)
   url = URI.parse(url)
-  permissions = { 'apps' => {}, 'users' => {} }
+  http = Net::HTTP.new(url.host, url.port)
+  http.use_ssl = url.scheme == 'https'
   
-  yaml = Net::HTTP.start(url.host) do |http|
-    resp = http.get(url.path)
-    YAML.load(resp.body)
+  response = http.request(Net::HTTP::Get.new(url.path))
+  YAML.load(response.body)
+end
+
+def read_permissions(config_file_or_url)
+  permissions = { 'apps' => {}, 'users' => {} }
+
+  yaml = if File.exists?(config_file_or_url)
+    configs = YAML.load(File.read(config_file_or_url))
+    configs['url'] ? read_permissions_from_url(configs['url']) : configs
+  elsif config_file_or_url =~ URI::regexp
+    read_permissions_from_url(config_file_or_url)
+  else
+    puts "Invalid permissions url or config file #{config_file_or_url}"
+    exit(false)
   end
   
   # Add keys to users and apps
@@ -86,21 +98,7 @@ def write_authorized_keys(user, homedir, keys)
   FileUtils.chmod(0600, filename)
 end
 
-def permission_url(config_file_or_url)
-  config_file_or_url ||= '/etc/sync-accounts.conf'
-  
-  if File.exists?(config_file_or_url)
-    YAML.load(File.read(config_file_or_url))['url']
-  elsif config_file_or_url =~ URI::regexp
-    config_file_or_url
-  else
-    puts "Invalid permissions url or config file #{config_file_or_url}"
-    exit(false)
-  end
-end
-
-
-permissions = read_permissions(permission_url(ARGV[0]))
+permissions = read_permissions(ARGV[0] || '/etc/sync-accounts.conf')
 
 # Create missing users
 system_usernames = system_users.map{|su| su[:name]}