#!/bin/sh
if [ -n "${2}" ]; then
	echo "Expected only one argument"
	exit 1
elif [ -z "${1}" ]; then
	echo "No file path provided"
	exit 1
elif [ "$(id -u)" -eq 0 ]; then
	echo "Cannot be run as root"
	exit 1
fi

set -eu

tempdir="$(mktemp -d)"

trap 'rm -rf $tempdir' EXIT
srcfile="$(doas realpath "$1")"

if doas [ -f "$srcfile" ]; then
	doas cp -a "$srcfile" "$tempdir"/file
	doas cp -a "$tempdir"/file "$tempdir"/edit

	# make sure that the file is editable by user
	doas chown "$USER":"$USER" "$tempdir"/edit
	chmod 600 "$tempdir"/edit
else
	# create file with "regular" system permissions (root:root 644)
	touch "$tempdir"/file
	doas chown root:root "$tempdir"/file
fi

$EDITOR "$tempdir"/edit

doas tee "$tempdir"/file 1>/dev/null < "$tempdir"/edit

if doas cmp -s "$tempdir/file" "$srcfile"; then
	echo "Skipping write; no changes."
	exit 0
else
	doas mv -f "$tempdir"/file "$srcfile"
	exit 0
fi