diff options
author | cvs2git <cvs2git> | 1998-09-24 10:18:07 +0000 |
---|---|---|
committer | cvs2git <cvs2git> | 1998-09-24 10:18:07 +0000 |
commit | 3ba031e371221667213ffaa91bfd442a2c3dbeab (patch) | |
tree | f24db73928414428444fe91cfdc26d39bcbc7a4a | |
parent | fc71b32cf4e835c46e62b7ed3c08ab04d3556078 (diff) | |
parent | 208d3a27d3bf6128735b76ca91b941007e911fd6 (diff) |
This commit was manufactured by cvs2svn to create branch 'freeside_import'.
-rw-r--r-- | site_perl/UID.pm | 209 |
1 files changed, 209 insertions, 0 deletions
diff --git a/site_perl/UID.pm b/site_perl/UID.pm new file mode 100644 index 000000000..16f03a0ec --- /dev/null +++ b/site_perl/UID.pm @@ -0,0 +1,209 @@ +package FS::UID; + +use strict; +use vars qw( + @ISA @EXPORT_OK $cgi $dbh $freeside_uid $conf $datasrc $db_user $db_pass +); +use Exporter; +use Carp; +use DBI; +use FS::Conf; + +@ISA = qw(Exporter); +@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup + adminsuidsetup getotaker dbh datasrc); + +$freeside_uid = scalar(getpwnam('freeside')); + +my $conf = new FS::Conf; +($datasrc, $db_user, $db_pass) = $conf->config('secrets') + or die "Can't get secrets: $!"; + +=head1 NAME + +FS::UID - Subroutines for database login and assorted other stuff + +=head1 SYNOPSIS + + use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker + checkeuid checkruid swapuid); + + adminsuidsetup; + + $cgi = new CGI::Base; + $cgi->get; + $dbh = cgisuidsetup($cgi); + + $dbh = dbh; + + $datasrc = datasrc; + +=head1 DESCRIPTION + +Provides a hodgepodge of subroutines. + +=head1 SUBROUTINES + +=over 4 + +=item adminsuidsetup + +Cleans the environment. +Make sure the script is running as freeside, or setuid freeside. +Opens a connection to the database. +Swaps real and effective UIDs. +Returns the DBI database handle (usually you don't need this). + +=cut + +sub adminsuidsetup { + + $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin'; + $ENV{'SHELL'} = '/bin/sh'; + $ENV{'IFS'} = " \t\n"; + $ENV{'CDPATH'} = ''; + $ENV{'ENV'} = ''; + $ENV{'BASH_ENV'} = ''; + + croak "Not running uid freeside!" unless checkeuid(); + $dbh = DBI->connect($datasrc,$db_user,$db_pass, { + # hack for web demo + # my($user)=getotaker(); + # $dbh = DBI->connect("$datasrc:$user",$db_user,$db_pass, { + 'AutoCommit' => 'true', + 'ChopBlanks' => 'true', + } ) or die "DBI->connect error: $DBI::errstr\n";; + + swapuid(); #go to non-privledged user if running setuid freeside + + $dbh; +} +=item cgisuidsetup CGI::Base_OBJECT + +Stores the CGI::Base_OBJECT for later use. +Runs adminsuidsetup. + +=cut + +sub cgisuidsetup { + $cgi=$_[0]; + adminsuidsetup; +} + +=item dbh + +Returns the DBI database handle. + +=cut + +sub dbh { + $dbh; +} + +=item datasrc + +Returns the DBI data source. + +=cut + +sub datasrc { + $datasrc; +} + +#hack for web demo +#sub setdbh { +# $dbh=$_[0]; +#} + +sub suidsetup { + croak "suidsetup depriciated"; +} + +=item getotaker + +Returns the current Freeside user. Currently that means the CGI REMOTE_USER, +or 'freeside'. + +=cut + +sub getotaker { + if ($cgi && defined $cgi->var('REMOTE_USER')) { + return $cgi->var('REMOTE_USER'); #for now + } else { + 'freeside'; + } +} + +=item checkeuid + +Returns true if effective UID is that of the freeside user. + +=cut + +sub checkeuid { + ( $> == $freeside_uid ); +} + +=item checkruid + +Returns true if the real UID is that of the freeside user. + +=cut + +sub checkruid { + ( $< == $freeside_uid ); +} + +=item swapuid + +Swaps real and effective UIDs. + +=cut + +sub swapuid { + ($<,$>) = ($>,$<); +} + +=back + +=head1 BUGS + +Not OO. + +No capabilities yet. When mod_perl and Authen::DBI are implemented, +cgisuidsetup will go away as well. + +=head1 SEE ALSO + +L<FS::Record>, L<CGI::Base>, L<DBI> + +=head1 HISTORY + +ivan@voicenet.com 97-jun-4 - 9 + +untaint otaker ivan@voicenet.com 97-jul-7 + +generalize and auto-get uid (getotaker still needs to be db'ed) +ivan@sisd.com 97-nov-10 + +&cgisuidsetup logs into database. other cleaning. +ivan@sisd.com 97-nov-22,23 + +&adminsuidsetup logs into database with otaker='freeside' (for +automated tasks like billing) +ivan@sisd.com 97-dec-13 + +added sub datasrc for fs-setup ivan@sisd.com 98-feb-21 + +datasrc, user and pass now come from conf/secrets ivan@sisd.com 98-jun-28 + +added ChopBlanks to DBI call (see man DBI) ivan@sisd.com 98-aug-16 + +pod, use FS::Conf, implemented cgisuidsetup as adminsuidsetup, +inlined suidsetup +ivan@sisd.com 98-sep-12 + +=cut + +1; + |