5 @ISA @EXPORT_OK $cgi $dbh $freeside_uid $user
6 $conf_dir $cache_dir $secrets $datasrc $db_user $db_pass %callback @callback
7 $driver_name $AutoCommit
10 getsecrets cgisetotaker
13 use Carp qw(carp croak cluck confess);
19 @EXPORT_OK = qw(checkeuid checkruid cgisuidsetup adminsuidsetup forksuidsetup
20 getotaker dbh datasrc getsecrets driver_name myconnect );
22 $freeside_uid = scalar(getpwnam('freeside'));
24 $conf_dir = "%%%FREESIDE_CONF%%%/";
25 $cache_dir = "%%%FREESIDE_CACHE%%%";
27 $AutoCommit = 1; #ours, not DBI
31 FS::UID - Subroutines for database login and assorted other stuff
35 use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker
41 $dbh = cgisuidsetup($cgi);
47 $driver_name = driver_name;
51 Provides a hodgepodge of subroutines.
57 =item adminsuidsetup USER
59 Sets the user to USER (see config.html from the base documentation).
60 Cleans the environment.
61 Make sure the script is running as freeside, or setuid freeside.
62 Opens a connection to the database.
63 Swaps real and effective UIDs.
64 Runs any defined callbacks (see below).
65 Returns the DBI database handle (usually you don't need this).
70 $dbh->disconnect if $dbh;
78 if ( $FS::CurrentUser::upgrade_hack ) {
79 $user = 'fs_bootstrap';
81 croak "fatal: adminsuidsetup called without arguements" unless $user;
83 $user =~ /^([\w\-\.]+)$/ or croak "fatal: illegal user $user";
87 $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
88 $ENV{'SHELL'} = '/bin/sh';
89 $ENV{'IFS'} = " \t\n";
92 $ENV{'BASH_ENV'} = '';
94 croak "Not running uid freeside!" unless checkeuid();
96 if ( $FS::CurrentUser::upgrade_hack && $olduser ) {
97 $dbh = &myconnect($olduser);
102 use FS::Schema qw(reload_dbdef);
103 reload_dbdef("$conf_dir/dbdef.$datasrc")
104 unless $FS::Schema::setup_hack;
106 FS::CurrentUser->load_user($user);
108 foreach ( keys %callback ) {
110 # breaks multi-database installs # delete $callback{$_}; #run once
113 &{$_} foreach @callback;
119 DBI->connect( getsecrets(@_), { 'AutoCommit' => 0,
121 'ShowErrorStatement' => 1,
124 or die "DBI->connect error: $DBI::errstr\n";
127 =item install_callback
129 A package can install a callback to be run in adminsuidsetup by passing
130 a coderef to the FS::UID->install_callback class method. If adminsuidsetup has
131 run already, the callback will also be run immediately.
133 $coderef = sub { warn "Hi, I'm returning your call!" };
134 FS::UID->install_callback($coderef);
136 install_callback FS::UID sub {
137 warn "Hi, I'm returning your call!"
142 sub install_callback {
144 my $callback = shift;
145 push @callback, $callback;
146 &{$callback} if $dbh;
149 =item cgisuidsetup CGI_object
151 Takes a single argument, which is a CGI (see L<CGI>) or Apache (see L<Apache>)
152 object (CGI::Base is depriciated). Runs cgisetotaker and then adminsuidsetup.
158 if ( $cgi->isa('CGI::Base') ) {
159 carp "Use of CGI::Base is depriciated";
160 } elsif ( $cgi->isa('Apache') ) {
162 } elsif ( ! $cgi->isa('CGI') ) {
163 croak "fatal: unrecognized object $cgi";
166 adminsuidsetup($user);
171 Returns the CGI (see L<CGI>) object.
176 carp "warning: \$FS::UID::cgi isa Apache" if $cgi->isa('Apache');
182 Returns the DBI database handle.
192 Returns the DBI data source.
202 Returns just the driver name portion of the DBI data source.
207 return $driver_name if defined $driver_name;
208 $driver_name = ( split(':', $datasrc) )[1];
212 croak "suidsetup depriciated";
217 Returns the current Freeside user.
227 Sets and returns the CGI REMOTE_USER. $cgi should be defined as a CGI.pm
228 object (see L<CGI>) or an Apache object (see L<Apache>). Support for CGI::Base
229 and derived classes is depriciated.
234 if ( $cgi && $cgi->isa('CGI::Base') && defined $cgi->var('REMOTE_USER')) {
235 carp "Use of CGI::Base is depriciated";
236 $user = lc ( $cgi->var('REMOTE_USER') );
237 } elsif ( $cgi && $cgi->isa('CGI') && defined $cgi->remote_user ) {
238 $user = lc ( $cgi->remote_user );
239 } elsif ( $cgi && $cgi->isa('Apache') ) {
240 $user = lc ( $cgi->connection->user );
242 die "fatal: Can't get REMOTE_USER! for cgi $cgi - you need to setup ".
243 "Apache user authentication as documented in httemplate/docs/install.html";
250 Returns true if effective UID is that of the freeside user.
255 ( $> == $freeside_uid );
260 Returns true if the real UID is that of the freeside user.
265 ( $< == $freeside_uid );
268 =item getsecrets [ USER ]
270 Sets the user to USER, if supplied.
271 Sets and returns the DBI datasource, username and password for this user from
272 the `/usr/local/etc/freeside/mapsecrets' file.
277 my($setuser) = shift;
278 $user = $setuser if $setuser;
279 my($conf) = new FS::Conf $conf_dir;
281 if ( $conf->exists('mapsecrets') ) {
282 die "No user!" unless $user;
283 my($line) = grep /^\s*($user|\*)\s/, $conf->config('mapsecrets');
284 confess "User $user not found in mapsecrets!" unless $line;
285 $line =~ /^\s*($user|\*)\s+(.*)$/;
287 die "Illegal mapsecrets line for user?!" unless $secrets;
289 # no mapsecrets file at all, so do the default thing
290 $secrets = 'secrets';
293 ($datasrc, $db_user, $db_pass) = $conf->config($secrets)
294 or die "Can't get secrets: $secrets: $!\n";
295 $FS::Conf::default_dir = $conf_dir. "/conf.$datasrc";
297 ($datasrc, $db_user, $db_pass);
304 Warning: this interface is (still) likely to change in future releases.
306 New (experimental) callback interface:
308 A package can install a callback to be run in adminsuidsetup by passing
309 a coderef to the FS::UID->install_callback class method. If adminsuidsetup has
310 run already, the callback will also be run immediately.
312 $coderef = sub { warn "Hi, I'm returning your call!" };
313 FS::UID->install_callback($coderef);
315 install_callback FS::UID sub {
316 warn "Hi, I'm returning your call!"
319 Old (deprecated) callback interface:
321 A package can install a callback to be run in adminsuidsetup by putting a
322 coderef into the hash %FS::UID::callback :
324 $coderef = sub { warn "Hi, I'm returning your call!" };
325 $FS::UID::callback{'Package::Name'} = $coderef;
329 Too many package-global variables.
333 No capabilities yet. When mod_perl and Authen::DBI are implemented,
334 cgisuidsetup will go away as well.
336 Goes through contortions to support non-OO syntax with multiple datasrc's.
338 Callbacks are (still) inelegant.
342 L<FS::Record>, L<CGI>, L<DBI>, config.html from the base documentation.