1 package FS::part_export::broadband_sqlradius;
4 use vars qw($DEBUG @ISA @pw_set %options %info $conf);
7 use FS::Record qw( dbh str2time_sql ); #qsearch qsearchs );
8 use FS::part_export::sqlradius qw(sqlradius_connect);
10 FS::UID->install_callback(sub { $conf = new FS::Conf });
12 @ISA = qw(FS::part_export::sqlradius);
16 @pw_set = ( 'a'..'z', 'A'..'Z', '0'..'9', '(', ')', '#', '.', ',' );
18 tie %options, 'Tie::IxHash',
19 'datasrc' => { label=>'DBI data source ' },
20 'username' => { label=>'Database username' },
21 'password' => { label=>'Database password' },
22 'usergroup'=> { label => 'Group table',
24 options => [qw( radusergroup usergroup )],
26 # session report doesn't currently know about this export anyway
29 # label => 'Hide IP address on session reports',
32 label => 'Export MAC address as',
34 options => [ qw(uppercase lowercase) ],
37 label => 'Separate MAC address octets with',
40 'mac_as_password' => {
43 label => 'Use MAC address as password',
45 'radius_password' => { label=>'Fixed password' },
46 'ip_addr_as' => { label => 'Send IP address as',
47 default => 'Framed-IP-Address' },
50 label => 'Export RADIUS group attributes to this database',
55 'svc' => 'svc_broadband',
56 'desc' => 'Real-time export to SQL-backed RADIUS (such as FreeRadius) for broadband services',
57 'options' => \%options,
60 Real-time export of <b>radcheck</b>, <b>radreply</b>, and <b>usergroup</b>
61 tables to any SQL database for
62 <a href="http://www.freeradius.org/">FreeRADIUS</a>
63 or <a href="http://radius.innercite.com/">ICRADIUS</a>.
66 This export is for broadband service access control based on MAC address.
67 For a more typical RADIUS export, see sqlradius.
71 <a href="http://search.cpan.org/dist/DBI/DBI.pm#connect">DBI documentation</a>
73 <a href="http://search.cpan.org/search?mode=module&query=DBD%3A%3A">documentation for your DBD</a>
74 for the exact syntax of a DBI data source.
79 sub rebless { shift; }
82 my($self, $svc_broadband) = (shift, shift);
83 $svc_broadband->mac_addr_formatted(
84 $self->option('mac_case'), $self->option('mac_delimiter')
89 my($self, $svc_broadband) = (shift, shift);
91 if ( length($self->option('ip_addr_as',1))
92 and length($svc_broadband->ip_addr) ) {
93 $reply{$self->option('ip_addr_as')} = $svc_broadband->ip_addr;
99 my($self, $svc_broadband) = (shift, shift);
100 my $password_attrib = $conf->config('radius-password') || 'Password';
102 if ( $self->option('mac_as_password') ) {
103 $check{$password_attrib} = $self->export_username($svc_broadband);
105 elsif ( length( $self->option('radius_password',1)) ) {
106 $check{$password_attrib} = $self->option('radius_password');
111 sub radius_check_suspended {
112 my($self, $svc_broadband) = (shift, shift);
114 return () unless $self->option('mac_as_password')
115 || length( $self->option('radius_password',1));
117 my $password_attrib = $conf->config('radius-password') || 'Password';
119 $password_attrib => join('',map($pw_set[ int(rand $#pw_set) ], (0..7) ) )
123 #false laziness w/sqlradius.pm
124 sub _export_suspend {
125 my( $self, $svc_broadband ) = (shift, shift);
127 local $SIG{HUP} = 'IGNORE';
128 local $SIG{INT} = 'IGNORE';
129 local $SIG{QUIT} = 'IGNORE';
130 local $SIG{TERM} = 'IGNORE';
131 local $SIG{TSTP} = 'IGNORE';
132 local $SIG{PIPE} = 'IGNORE';
134 my $oldAutoCommit = $FS::UID::AutoCommit;
135 local $FS::UID::AutoCommit = 0;
138 my @newgroups = $self->suspended_usergroups($svc_broadband);
140 unless (@newgroups) { #don't change password if assigning to a suspended group
142 my $err_or_queue = $self->sqlradius_queue(
143 $svc_broadband->svcnum, 'insert',
144 'check', $self->export_username($svc_broadband),
145 $self->radius_check_suspended($svc_broadband)
147 unless ( ref($err_or_queue) ) {
148 $dbh->rollback if $oldAutoCommit;
149 return $err_or_queue;
155 $self->sqlreplace_usergroups(
156 $svc_broadband->svcnum,
157 $self->export_username($svc_broadband),
159 [ $svc_broadband->radius_groups('hashref') ],
163 $dbh->rollback if $oldAutoCommit;
166 $dbh->commit or die $dbh->errstr if $oldAutoCommit;
171 sub update_svc {} #do nothing