1 files changed, 209 insertions, 0 deletions
diff --git a/site_perl/UID.pm b/site_perl/UID.pm
new file mode 100644
index 000000000..16f03a0ec
--- /dev/null
+++ b/site_perl/UID.pm
@@ -0,0 +1,209 @@
+package FS::UID;
+
+use strict;
+use vars qw(
+  @ISA @EXPORT_OK $cgi $dbh $freeside_uid $conf $datasrc $db_user $db_pass
+);
+use Exporter;
+use Carp;
+use DBI;
+use FS::Conf;
+
+@ISA = qw(Exporter);
+@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup
+                adminsuidsetup getotaker dbh datasrc);
+
+$freeside_uid = scalar(getpwnam('freeside'));
+
+my $conf = new FS::Conf;
+($datasrc, $db_user, $db_pass) = $conf->config('secrets')
+  or die "Can't get secrets: $!";
+
+=head1 NAME
+
+FS::UID - Subroutines for database login and assorted other stuff
+
+=head1 SYNOPSIS
+
+  use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker
+  checkeuid checkruid swapuid);
+
+  adminsuidsetup;
+
+  $cgi = new CGI::Base;
+  $cgi->get;
+  $dbh = cgisuidsetup($cgi);
+
+  $dbh = dbh;
+
+  $datasrc = datasrc;
+
+=head1 DESCRIPTION
+
+Provides a hodgepodge of subroutines. 
+
+=head1 SUBROUTINES
+
+=over 4
+
+=item adminsuidsetup
+
+Cleans the environment.
+Make sure the script is running as freeside, or setuid freeside.
+Opens a connection to the database.
+Swaps real and effective UIDs.
+Returns the DBI database handle (usually you don't need this).
+
+=cut
+
+sub adminsuidsetup {
+
+  $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
+  $ENV{'SHELL'} = '/bin/sh';
+  $ENV{'IFS'} = " \t\n";
+  $ENV{'CDPATH'} = '';
+  $ENV{'ENV'} = '';
+  $ENV{'BASH_ENV'} = '';
+
+  croak "Not running uid freeside!" unless checkeuid();
+  $dbh = DBI->connect($datasrc,$db_user,$db_pass, {
+	# hack for web demo
+	#  my($user)=getotaker();
+	#  $dbh = DBI->connect("$datasrc:$user",$db_user,$db_pass, {
+                          'AutoCommit' => 'true',
+                          'ChopBlanks' => 'true',
+  } ) or die "DBI->connect error: $DBI::errstr\n";;
+
+  swapuid(); #go to non-privledged user if running setuid freeside
+
+  $dbh;
+}
+=item cgisuidsetup CGI::Base_OBJECT
+
+Stores the CGI::Base_OBJECT for later use.
+Runs adminsuidsetup.
+
+=cut
+
+sub cgisuidsetup {
+  $cgi=$_[0];
+  adminsuidsetup;
+}
+
+=item dbh
+
+Returns the DBI database handle.
+
+=cut
+
+sub dbh {
+  $dbh;
+}
+
+=item datasrc
+
+Returns the DBI data source.
+
+=cut
+
+sub datasrc {
+  $datasrc;
+}
+
+#hack for web demo
+#sub setdbh {
+#  $dbh=$_[0];
+#}
+
+sub suidsetup {
+  croak "suidsetup depriciated";
+}
+
+=item getotaker
+
+Returns the current Freeside user.  Currently that means the CGI REMOTE_USER,
+or 'freeside'.
+
+=cut
+
+sub getotaker {
+  if ($cgi && defined $cgi->var('REMOTE_USER')) {
+    return $cgi->var('REMOTE_USER'); #for now
+  } else {
+    'freeside';
+  }
+}
+
+=item checkeuid
+
+Returns true if effective UID is that of the freeside user.
+
+=cut
+
+sub checkeuid {
+  ( $> == $freeside_uid );
+}
+
+=item checkruid
+
+Returns true if the real UID is that of the freeside user.
+
+=cut
+
+sub checkruid {
+  ( $< == $freeside_uid );
+}
+
+=item swapuid
+
+Swaps real and effective UIDs.
+
+=cut
+
+sub swapuid {
+  ($<,$>) = ($>,$<);
+}
+
+=back
+
+=head1 BUGS
+
+Not OO.
+
+No capabilities yet.  When mod_perl and Authen::DBI are implemented, 
+cgisuidsetup will go away as well.
+
+=head1 SEE ALSO
+
+L<FS::Record>,  L<CGI::Base>, L<DBI>
+
+=head1 HISTORY
+
+ivan@voicenet.com 97-jun-4 - 9
+ 
+untaint otaker ivan@voicenet.com 97-jul-7
+
+generalize and auto-get uid (getotaker still needs to be db'ed)
+ivan@sisd.com 97-nov-10
+
+&cgisuidsetup logs into database.  other cleaning.
+ivan@sisd.com 97-nov-22,23
+
+&adminsuidsetup logs into database with otaker='freeside' (for
+automated tasks like billing)
+ivan@sisd.com 97-dec-13
+
+added sub datasrc for fs-setup ivan@sisd.com 98-feb-21
+
+datasrc, user and pass now come from conf/secrets ivan@sisd.com 98-jun-28
+
+added ChopBlanks to DBI call (see man DBI) ivan@sisd.com 98-aug-16
+
+pod, use FS::Conf, implemented cgisuidsetup as adminsuidsetup,
+inlined suidsetup
+ivan@sisd.com 98-sep-12
+
+=cut
+
+1;
+