#!/usr/bin/bash

DAC_SWITCH=${1}

case ${DAC_SWITCH} in
"useradd")
    if [[ "${@:2}" =~ ^.*(-G|--group)[\t\ ]*.*wheel.*$ ]]; then
        echo "You are not allowed to create user with group wheel"
        exit 1
    fi
    useradd ${@:2}
;;

"userdel")
    userdel ${@:2}
;;

"usermod")
    if [[ "${@:2}" =~ ^.*(-g|-G|--group)[\t\ ]*.*wheel.*$ ]]; then
        echo "You are not allowed to create user with group wheel"
        exit 1
    fi
    usermod ${@:2}
;;

"passwd")
if [ -z ${2} ]; then
    echo "You must define username!"
    exit 1
elif [[ ${@:2} =~ ^.*root.*$ ]]; then
    echo "You are not allowed invoke passwd on root user"
    exit 1
else
    passwd ${@:2}
fi
;;

*)
    echo "Unknown action!"
;;
esac
