#!/bin/sh
# mdsec: modify a secure entry, writing it back after.

[ -z "$DEFAULT_GPG" ] && echo "DEFAULT_GPG not set" && return
[ ! -f "$HOME/docs/wr/sec/$1" ] && echo "File $1 does not exist" && return
mkdir -p "/tmp/mksec"

# File names
temp="/tmp/mksec/$1.decrypted"
ck="/tmp/mksec/$1-modck.decrypted"
src="$HOME/docs/wr/sec/$1"
dest="$src"


gpg -d --output "$temp" "$src"
cp "$temp" "$ck"
nvim "$temp"

# Only try to save if a modification has been made, tested with modification
# date, where the edited file should only be -nt if its been modified/saved.
if [ "$temp" -nt "$ck" ] ; then 
	gpg --encrypt --armor --symmetric -r "$DEFAULT_GPG" --output "$dest" "$temp"
else
	printf "No modification made - no changes saved\n"
fi

shred -u "$temp"
shred -u "$ck"