---

# ---
# - Remove unwanted users
# ---


- name: (samba_user.yml) Check if samba user exists for removable system user
  shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep '{{ item.name }}'
  register: samba_remove_system_users_present
  changed_when: "samba_remove_system_users_present.rc == 0"
  failed_when: "samba_remove_system_users_present.rc > 1"
  with_items: 
    - "{{ remove_system_users }}"
  loop_control:
    label: '{{ item.name }}'
  tags:
    - samba-user


- name: (samba_user.yml) Remove (old) system users from samba
  shell: "smbpasswd -s -x {{ item.name }}"
  with_items: 
    - "{{ remove_system_users }}"
  loop_control:
    label: '{{ item.name }}'
  when: samba_remove_system_users_present is changed
  tags:
    - samba-user


- name: (samba_user.yml) Check if samba user exists for removable nis user
  shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep '{{ item.name }}'
  register: samba_remove_inis_users_present
  changed_when: "samba_remove_inis_users_present.rc == 0"
  failed_when: "samba_remove_inis_users_present.rc > 1"
  with_items: 
    - "{{ remove_nis_users }}"
  loop_control:
    label: '{{ item.name }}'
  tags:
    - samba-user


- name: (samba_user.yml) Remove (old) nis users from samba
  shell: "smbpasswd -s -x {{ item.name }}"
  with_items: 
    - "{{ remove_nis_users }}"
  loop_control:
    label: '{{ item.name }}'
  when: samba_remove_inis_users_present is changed
  tags:
    - samba-user


# ---
# - default user/groups
# ---

- name: (samba_user.yml) Check if samba user exists for nis user
  shell: pdbedit -w -L | awk -F":" '{ print $1 }' | grep '{{ item.name }}'
  register: samba_nis_user_present
  changed_when: "samba_nis_user_present.rc == 1"
  failed_when: "samba_nis_user_present.rc > 1"
  loop: "{{ nis_user }}"
  loop_control:
    label: '{{ item.name }}'
  when:
    - item.is_samba_user is defined and item.is_samba_user|bool
  tags:
    - samba-user

- name: (samba_user.yml) Add nis user to samba (with nis users password)
  shell: >
    (echo '{{ item.item.password }}'; echo '{{ item.item.password }}') 
    | smbpasswd -s -a {{ item.item.name }}
  loop: "{{ samba_nis_user_present.results }}"
  when: item.changed
  loop_control:
    label: '{{ item.item.name }}'
  tags:
    - samba-user