diff options
| author | Mark Wells <mark@freeside.biz> | 2016-01-12 22:07:17 -0800 |
|---|---|---|
| committer | Mark Wells <mark@freeside.biz> | 2016-01-12 22:10:51 -0800 |
| commit | 6f471946b3ae36061cb595ba0657a5b43e7bfd5d (patch) | |
| tree | afe0d89328e91b81981d3831ccec50cb35d63b20 | |
| parent | ae5d2972d6d9b582cd739bab778cc46dbe52e478 (diff) | |
allow svc_acct password field to be disabled, #39528, fixing fallout from #29354 and #32456
| -rw-r--r-- | FS/FS/Password_Mixin.pm | 2 | ||||
| -rw-r--r-- | FS/FS/svc_acct.pm | 2 | ||||
| -rwxr-xr-x | httemplate/edit/process/svc_acct.cgi | 31 | ||||
| -rw-r--r-- | httemplate/edit/process/svc_dsl.html | 15 | ||||
| -rw-r--r-- | httemplate/view/svc_acct/basics.html | 19 |
5 files changed, 51 insertions, 18 deletions
diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm index eb1db81e8..ee038db5a 100644 --- a/FS/FS/Password_Mixin.pm +++ b/FS/FS/Password_Mixin.pm @@ -37,7 +37,7 @@ message on failure, an empty string on success. This MUST NOT be called from check(). It should be called by the office UI, self-service ClientAPI, or other I<user-interactive> code that processes a password change, and only if the user has taken some action with the intent -of changing the password. +of setting the password. =cut diff --git a/FS/FS/svc_acct.pm b/FS/FS/svc_acct.pm index 203150f7c..af152a82e 100644 --- a/FS/FS/svc_acct.pm +++ b/FS/FS/svc_acct.pm @@ -318,7 +318,7 @@ sub table_info { disable_inventory => 1, }, '_password' => { label => 'Password', - required => 1 + #required => 1 }, 'gid' => { label => 'GID', diff --git a/httemplate/edit/process/svc_acct.cgi b/httemplate/edit/process/svc_acct.cgi index 17a035cdb..d81eaecb9 100755 --- a/httemplate/edit/process/svc_acct.cgi +++ b/httemplate/edit/process/svc_acct.cgi @@ -76,17 +76,30 @@ if ( $cgi->param('captcha_response') ) { } } -$new->_password($old->_password) if $old; -if ( $cgi->param('clear_password') eq '*HIDDEN*' - || $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) { - die "fatal: no previous account to recall hidden password from!" unless $old; +# check whether the password is set as "fixed" in the service def. if so, +# ignore the password that was submitted and use the fixed value. + +my $psc = $part_svc->part_svc_column('_password'); +if ( $psc->columnflag eq 'F' ) { + + $new->set('_password', $psc->columnvalue); + } else { - my $newpass = $cgi->param('clear_password'); - if ( !$old or ! $old->check_password($newpass) ) { - # then the password is being changed - $error ||= $new->is_password_allowed($newpass) - || $new->set_password($newpass); + + $new->_password($old->_password) if $old; + if ( $cgi->param('clear_password') eq '*HIDDEN*' + || $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) { + die "fatal: no previous account to recall hidden password from!" + unless $old; + } else { + my $newpass = $cgi->param('clear_password'); + if ( !$old or ! $old->check_password($newpass) ) { + # then the password is being changed + $error ||= $new->is_password_allowed($newpass) + || $new->set_password($newpass); + } } + } if ( ! $error ) { diff --git a/httemplate/edit/process/svc_dsl.html b/httemplate/edit/process/svc_dsl.html index 889366e07..436ca766b 100644 --- a/httemplate/edit/process/svc_dsl.html +++ b/httemplate/edit/process/svc_dsl.html @@ -12,8 +12,21 @@ my $precheck_callback = sub { my $cgi = shift; my $svcnum = $cgi->param('svcnum'); my $error = ''; + my $old; + my $part_svc; + if ( $svcnum ) { - my $old = FS::svc_dsl->by_key($svcnum); + $old = FS::svc_dsl->by_key($svcnum); + $part_svc = $old->part_svc; + } else { + my $svcpart = $cgi->param('svcpart') or die "svcpart required"; + $part_svc = FS::part_svc->by_key($svcpart); + } + my $psc = $part_svc->part_svc_column('password'); + if ( $psc->columnflag eq 'F' ) { + # enforce it here and skip password validation + $cgi->param('password', $psc->columnvalue; + } else { my $newpass = $cgi->param('password'); if ( $old and $newpass ne $old->password ) { $error ||= $old->is_password_allowed($newpass); diff --git a/httemplate/view/svc_acct/basics.html b/httemplate/view/svc_acct/basics.html index 441c20add..1b7d56b23 100644 --- a/httemplate/view/svc_acct/basics.html +++ b/httemplate/view/svc_acct/basics.html @@ -33,22 +33,29 @@ % $password = ''; % $show_pw .= '<I>('. mt('hidden') .')</I>'; % } +% my $psc = $part_svc->part_svc_column('_password'); +% if ( $psc->columnflag eq 'F' and $psc->columnvalue eq '' ) { +% # show nothing +% } else { <TR> <TD ALIGN="right"><% mt('Password') %></TD> <TD STYLE="background-color: #ffffff; white-space: nowrap"> <% $show_pw %> -% my $curuser = $FS::CurrentUser::CurrentUser; -% if ( $curuser->access_right('Provision customer service') or -% ($curuser->access_right('Edit password') and -% ! $part_svc->restrict_edit_password) ) -% { +% my $curuser = $FS::CurrentUser::CurrentUser; +% if ( $curuser->access_right('Provision customer service') or +% ($curuser->access_right('Edit password') and +% ! $part_svc->restrict_edit_password) +% and $psc->columnflag ne 'F' +% ) +% { <& /elements/change_password.html, 'svc_acct' => $svc_acct, 'curr_value' => $password, &> -% } +% } </TD> </TR> +% } % if ( $conf->exists('security_phrase') ) { <& /view/elements/tr.html, label=>mt('Security phrase'), value=>$svc_acct->sec_phrase &> |