# HG changeset patch
# User Guido Berhoerster <guido+pwm@berhoerster.name>
# Date 1505666705 -7200
# Node ID 1b89066d992cdc44a67801c72674c8196a0f8136
# Parent  ec01c579024aed7ddf3a10fdeff3b38280bd2074
Add read-only mode

diff -r ec01c579024a -r 1b89066d992c cmd.c
--- a/cmd.c	Thu Sep 07 12:40:50 2017 +0200
+++ b/cmd.c	Sun Sep 17 18:45:05 2017 +0200
@@ -228,9 +228,15 @@
 			return (CMD_SIGNAL);
 		}
 	}
-	if (io_printf("There are%sunsaved changes\n",
-	    ctx->unsaved_changes ? " " : " no ") == IO_SIGNAL) {
-		return (CMD_SIGNAL);
+	if (ctx->is_readonly) {
+		if (io_printf("Read-only mode\n") == IO_SIGNAL) {
+			return (CMD_SIGNAL);
+		}
+	} else {
+		if (io_printf("There are%sunsaved changes\n",
+		    ctx->unsaved_changes ? " " : " no ") == IO_SIGNAL) {
+			return (CMD_SIGNAL);
+		}
 	}
 
 	return (CMD_STATUS);
@@ -495,6 +501,11 @@
 		goto out;
 	}
 
+	if (ctx->is_readonly) {
+		pwm_err(ctx, "cannot create new entries in read-only mode");
+		goto out;
+	}
+
 	record = pwfile_create_record();
 
 	for (i = 1; i < argc; i++) {
@@ -571,6 +582,12 @@
 		pwm_err(ctx, "invalid id %s", argv[1]);
 		goto out;
 	}
+
+	if (ctx->is_readonly) {
+		pwm_err(ctx, "cannot modify entries in read-only mode");
+		goto out;
+	}
+
 	record = pwfile_get_record(ctx, id);
 
 	for (i = 2; i < argc; i++) {
@@ -650,6 +667,10 @@
 	/* check if first argument is an id */
 	if ((argc > 1) && (parse_id(argv[1], &id) == 0)) {
 		i++;
+		if (ctx->is_readonly) {
+			pwm_err(ctx, "cannot modify entries in read-only mode");
+			goto out;
+		}
 	}
 
 	for (; i < argc; i++) {
@@ -781,6 +802,11 @@
 		return (CMD_ERR);
 	}
 
+	if (ctx->is_readonly) {
+		pwm_err(ctx, "cannot remove entries in read-only mode");
+		return (CMD_ERR);
+	}
+
 	if (pwfile_remove_pws_record(ctx, id) != 0) {
 		pwm_err(ctx, "failed to remove record %u", id);
 		return (CMD_ERR);
@@ -959,6 +985,11 @@
 		return (CMD_USAGE);
 	}
 
+	if (ctx->is_readonly) {
+		pwm_err(ctx, "cannot create groups in read-only mode");
+		return (CMD_ERR);
+	}
+
 	if (ctx->is_interactive && (argc != 2)) {
 		if (io_get_line(NULL, "Group: ", 0, NULL, 0,
 		    sizeof (group_buf), group_buf) == IO_SIGNAL) {
@@ -986,6 +1017,11 @@
 		return (CMD_USAGE);
 	}
 
+	if (ctx->is_readonly) {
+		pwm_err(ctx, "cannot remove groups in read-only mode");
+		return (CMD_ERR);
+	}
+
 	if (pwfile_remove_group(ctx, argv[1]) != 0) {
 		pwm_err(ctx, "empty group \"%s\" does not exist", argv[1]);
 		return (CMD_ERR);
@@ -1001,7 +1037,14 @@
 
 	if (argc > 2) {
 		return (CMD_USAGE);
-	} else if (argc == 2) {
+	}
+
+	if (ctx->is_readonly) {
+		pwm_err(ctx, "cannot modify entries in read-only mode");
+		return (CMD_ERR);
+	}
+
+	if (argc == 2) {
 		len = strlen(argv[1]);
 		if (len == 0) {
 			pwm_err(ctx, "password must not be empty");
@@ -1060,6 +1103,11 @@
 		return (CMD_USAGE);
 	}
 
+	if (ctx->is_readonly) {
+		pwm_err(ctx, "cannot write changes in read-only mode");
+		return (CMD_ERR);
+	}
+
 	return ((pwfile_write_file(ctx) == 0) ? CMD_OK : CMD_ERR);
 }
 
diff -r ec01c579024a -r 1b89066d992c pwm.1.xml
--- a/pwm.1.xml	Thu Sep 07 12:40:50 2017 +0200
+++ b/pwm.1.xml	Sun Sep 17 18:45:05 2017 +0200
@@ -34,7 +34,7 @@
       <email>guido+pwm@berhoerster.name</email>
       <personblurb/>
     </author>
-    <date>7 September, 2017</date>
+    <date>17 September, 2017</date>
   </info>
   <refmeta>
     <refentrytitle>pwm</refentrytitle>
@@ -55,6 +55,9 @@
         <replaceable>password_file</replaceable>
       </arg>
       <arg choice="opt">
+        <option>-R</option>
+      </arg>
+      <arg choice="opt">
         <replaceable>database_file</replaceable>
       </arg>
     </cmdsynopsis>
@@ -107,6 +110,15 @@
           <replaceable>password_file</replaceable>.</para>
         </listitem>
       </varlistentry>
+      <varlistentry>
+        <term>
+          <option>-R</option>
+        </term>
+        <listitem>
+          <para>Treat the database as read-only and disallow any modifications
+          and write operations.</para>
+        </listitem>
+      </varlistentry>
     </variablelist>
   </refsect1>
   <refsect1>
diff -r ec01c579024a -r 1b89066d992c pwm.c
--- a/pwm.c	Thu Sep 07 12:40:50 2017 +0200
+++ b/pwm.c	Sun Sep 17 18:45:05 2017 +0200
@@ -49,7 +49,7 @@
 static void
 usage(void)
 {
-	fprintf(stderr, "usage: %s [-P file] [filename]\n", getprogname());
+	fprintf(stderr, "usage: %s [-P file] [-R] [filename]\n", getprogname());
 }
 
 void
@@ -344,11 +344,14 @@
 
 	ctx.is_interactive = isatty(STDIN_FILENO);
 
-	while (!errflag && (c = getopt(argc, argv, "P:h")) != -1) {
+	while (!errflag && (c = getopt(argc, argv, "P:Rh")) != -1) {
 		switch (c) {
 		case 'P':
 			master_password_filename = optarg;
 			break;
+		case 'R':
+			ctx.is_readonly = 1;
+			break;
 		case 'h':
 			usage();
 			status = EXIT_SUCCESS;
diff -r ec01c579024a -r 1b89066d992c pwm.h
--- a/pwm.h	Thu Sep 07 12:40:50 2017 +0200
+++ b/pwm.h	Sun Sep 17 18:45:05 2017 +0200
@@ -45,6 +45,7 @@
 
 struct pwm_ctx {
 	int		is_interactive;
+	int		is_readonly;
 	const char	*prev_cmd;
 	char		*errmsg;
 	char		*dirname;