3 files changed, 58 insertions, 14 deletions

diff --git a/lib/authenticator-plaintext.lua b/lib/authenticator-plaintext.lua
index aa3e2e3..e90520d 100644
--- a/lib/authenticator-plaintext.lua
+++ b/lib/authenticator-plaintext.lua
@@ -9,8 +9,23 @@ create a different file for each field.
 
 module (..., package.seeall)
 
+list_fields = function(self, tabl)
+	if not self or not tabl or tabl == "" then
+		return {}
+	end
+
+	local fields = {}
+	for file in fs.find(".*"..tabl, self.conf.confdir) do
+		local field = string.match(file, "([^/]*)"..tabl.."$") or ""
+		if fs.is_file(file) and field ~= "" then
+			fields[#fields + 1] = field
+		end
+	end
+	return fields
+end
+
 read_field = function(self, tabl, field)
-	if not tabl or tabl == "" or not field then
+	if not self or not tabl or tabl == "" or not field then
 		return nil
 	end
 
@@ -34,7 +49,7 @@ read_field = function(self, tabl, field)
 end
 
 delete_field = function(self, tabl, field)
-	if not tabl or tabl == "" or not field then
+	if not self or not tabl or tabl == "" or not field then
 		return false
 	end
 	local passwd_path = self.conf.confdir .. field .. tabl
@@ -95,5 +110,13 @@ delete_entry = function (self, tabl, field, id)
 		fs.write_file(passwd_path, table.concat(output,"\n"))
 	end
 
+	-- If deleting the main field, delete all other fields also
+	if field == "" then
+		local fields = list_fields(self, tabl)
+		for i,fld in ipairs(fields) do
+			delete_entry(self, tabl, fld, id)
+		end
+	end
+
 	return result
 end
diff --git a/lib/authenticator.lua b/lib/authenticator.lua
index 4af5e45..857703c 100644
--- a/lib/authenticator.lua
+++ b/lib/authenticator.lua
@@ -170,7 +170,7 @@ get_userinfo_roles = function(self, userid)
 	end
 	local rol = require("roles")
 	if rol then
-		local avail_roles = rol.list_all_roles()
+		local avail_roles = rol.list_all_roles(self)
 		for x,role in ipairs(avail_roles) do
 			if role=="ALL" then
 				table.remove(avail_roles,x)
@@ -251,6 +251,14 @@ delete_user = function (self, userid)
 	return cfe({ value=cmdresult, label="Delete user result" })
 end
 
+list_userfields = function(self)
+	load_auth(self)
+	if auth then
+		return auth.list_fields(self, passwdtable)
+	end
+	return nil
+end
+
 read_userfield = function(self, name)
 	load_auth(self)
 	if auth and name ~= "" then
@@ -291,6 +299,14 @@ delete_userentry = function (self, name, userid)
 	return false
 end
 
+list_rolefields = function(self)
+	load_auth(self)
+	if auth then
+		return auth.list_fields(self, roletable)
+	end
+	return nil
+end
+
 read_rolefield = function(self, name)
 	load_auth(self)
 	if auth then
diff --git a/lib/roles.lua b/lib/roles.lua
index b90ecea..1ac4ae9 100644
--- a/lib/roles.lua
+++ b/lib/roles.lua
@@ -1,6 +1,6 @@
 --this module is for authorization help and group/role management
 
-
+require ("authenticator")
 require ("posix")
 require ("fs")
 require ("format")
@@ -87,7 +87,7 @@ list_default_roles = function()
 	return default_roles
 end
 
-list_roles = function()
+list_roles = function(self)
 	local defined_roles = {}
 	local reverseroles = {}
 	for x,role in ipairs(default_roles) do
@@ -106,8 +106,8 @@ list_roles = function()
 	return defined_roles, default_roles
 end
 
-list_all_roles = function()
-	local defined_roles, default_roles = list_roles()
+list_all_roles = function(self)
+	local defined_roles, default_roles = list_roles(self)
 	for x,role in ipairs(defined_roles) do
 		default_roles[#default_roles + 1] = role
 	end
@@ -115,12 +115,12 @@ list_all_roles = function()
 end	
 
 -- Go through the roles files and determine the permissions for the specified roles
-get_roles_perm = function(startdir,roles)
+get_roles_perm = function(self,roles)
 	permissions = {}
 	permissions_array = {}
 
 	-- find all of the roles files and add in the master file
-	local rolesfiles = get_roles_candidates(startdir)
+	local rolesfiles = get_roles_candidates(self.conf.appdir)
 	rolesfiles[#rolesfiles + 1]  = roles_file
 
 	local reverseroles = {}
@@ -154,12 +154,12 @@ get_roles_perm = function(startdir,roles)
 end
 
 -- Go through the roles files and determine the permissions for the specified role
-get_role_perm = function(startdir,role)
+get_role_perm = function(self,role)
 	permissions = {}
 	permissions_array = {}
 
 	-- find all of the roles files and add in the master file
-	local rolesfiles = get_roles_candidates(startdir)
+	local rolesfiles = get_roles_candidates(self.conf.appdir)
 	rolesfiles[#rolesfiles + 1]  = roles_file
 
 	for x,file in ipairs(rolesfiles) do
@@ -187,7 +187,7 @@ get_role_perm = function(startdir,role)
 end
 
 -- Delete a role from role file
-delete_role = function(role)
+delete_role = function(self, role)
 	for x,ro in ipairs(default_roles) do
 		if role==ro then
 			return false, "Cannot delete default roles"
@@ -208,13 +208,18 @@ delete_role = function(role)
 
 	if result == true then
 		fs.write_file(roles_file, table.concat(output,"\n"))
+		-- also need to delete any other roles fields for this role
+		local fields = authenticator.list_rolefields(self) or {}
+		for x,field in ipairs(fields) do
+			authenticator.delete_roleentry(self, field, role)
+		end
 	end
 
 	return result, cmdresult
 end
 
 -- Set permissions for a role in role file
-set_role_perm = function(role, permissions, permissions_array)
+set_role_perm = function(self, role, permissions, permissions_array)
 	if role==nil or role=="" then
 		return false, "Invalid Role"
 	end
@@ -238,7 +243,7 @@ set_role_perm = function(role, permissions, permissions_array)
 		return false, "No permissions set"
 	end
 
-	delete_role(role)
+	delete_role(self, role)
 	fs.write_line_file(roles_file, role .. "=" .. table.concat(permissions_array,","))
 	return true
 end