#!/bin/bash

set -e

test_mode=0
if [ $# -gt 0 ]; then
        test_mode=1
fi

accounts="{{ acct_list | join(" ") }}"

if [ "x$accounts" == "x" ]; then
	echo "{\"changed\": false}"
	exit 0
fi

userlist=""
for u in $accounts; do
	expire=`grep "^$u" /etc/shadow | cut -d: -f8`
	expire_72h_from_now=$((`date --utc -d "+3 days" +%s` / 86400))

	# check user exists
	if ! grep -qw "^$u" /etc/passwd ; then
		continue
	fi

	# check expiration
	if [ "x$expire" != "x" ] && [ $expire -le $expire_72h_from_now ]; then
		continue
	fi

	if [ $test_mode -eq 0 ]; then
		chage -E $expire_72h_from_now $u
	fi

	if [ "x$userlist" == "x" ]; then
		userlist="\"$u\""
	else
		userlist="$userlist,\"$u\""
	fi
done
if [ "x$userlist" == "x" ]; then
	echo "{\"changed\": false}"
else
	echo "{\"changed\": true, \"users\": [$userlist]}"
fi

