1 package FS::part_export::sqlradius;
3 use vars qw(@ISA %info %options $notes1 $notes2);
5 use FS::Record qw( dbh );
8 @ISA = qw(FS::part_export);
10 tie %options, 'Tie::IxHash',
11 'datasrc' => { label=>'DBI data source ' },
12 'username' => { label=>'Database username' },
13 'password' => { label=>'Database password' },
14 'ignore_accounting' => {
16 label=>'Ignore accounting records from this database'
21 Real-time export of radcheck, radreply and usergroup tables to any SQL database
22 for <a href="http://www.freeradius.org/">FreeRADIUS</a>,
23 <a href="http://radius.innercite.com/">ICRADIUS</a>
24 or <a href="http://www.open.com.au/radiator/">Radiator</a>.
28 An existing RADIUS database will be updated in realtime, but you can use
29 <a href="../docs/man/bin/freeside-sqlradius-reset">freeside-sqlradius-reset</a>
30 to delete the entire RADIUS database and repopulate the tables from the
31 Freeside database. See the
32 <a href="http://search.cpan.org/dist/DBI/DBI.pm#connect">DBI documentation</a>
34 <a href="http://search.cpan.org/search?mode=module&query=DBD%3A%3A">documentation for your DBD</a>
35 for the exact syntax of a DBI data source.
37 <li>Using FreeRADIUS 0.9.0 with the PostgreSQL backend, the db_postgresql.sql schema and postgresql.conf queries contain incompatible changes. This is fixed in 0.9.1. Only new installs with 0.9.0 and PostgreSQL are affected - upgrades and other database backends and versions are unaffected.
38 <li>Using ICRADIUS, add a dummy "op" column to your database:
40 ALTER TABLE radcheck ADD COLUMN op VARCHAR(2) NOT NULL DEFAULT '=='<br>
41 ALTER TABLE radreply ADD COLUMN op VARCHAR(2) NOT NULL DEFAULT '=='<br>
42 ALTER TABLE radgroupcheck ADD COLUMN op VARCHAR(2) NOT NULL DEFAULT '=='<br>
43 ALTER TABLE radgroupreply ADD COLUMN op VARCHAR(2) NOT NULL DEFAULT '=='
45 <li>Using Radiator, see the
46 <a href="http://www.open.com.au/radiator/faq.html#38">Radiator FAQ</a>
47 for configuration information.
53 'desc' => 'Real-time export to SQL-backed RADIUS (FreeRADIUS, ICRADIUS, Radiator)',
54 'options' => \%options,
57 'This export does not export RADIUS realms (see also '.
58 'sqlradius_withdomain). '.
62 sub rebless { shift; }
65 my($self, $svc_acct) = (shift, shift);
70 my($self, $svc_acct) = (shift, shift);
72 foreach my $table (qw(reply check)) {
73 my $method = "radius_$table";
74 my %attrib = $svc_acct->$method();
75 next unless keys %attrib;
76 my $err_or_queue = $self->sqlradius_queue( $svc_acct->svcnum, 'insert',
77 $table, $self->export_username($svc_acct), %attrib );
78 return $err_or_queue unless ref($err_or_queue);
80 my @groups = $svc_acct->radius_groups;
82 my $err_or_queue = $self->sqlradius_queue(
83 $svc_acct->svcnum, 'usergroup_insert',
84 $self->export_username($svc_acct), @groups );
85 return $err_or_queue unless ref($err_or_queue);
91 my( $self, $new, $old ) = (shift, shift, shift);
93 local $SIG{HUP} = 'IGNORE';
94 local $SIG{INT} = 'IGNORE';
95 local $SIG{QUIT} = 'IGNORE';
96 local $SIG{TERM} = 'IGNORE';
97 local $SIG{TSTP} = 'IGNORE';
98 local $SIG{PIPE} = 'IGNORE';
100 my $oldAutoCommit = $FS::UID::AutoCommit;
101 local $FS::UID::AutoCommit = 0;
105 if ( $self->export_username($old) ne $self->export_username($new) ) {
106 my $err_or_queue = $self->sqlradius_queue( $new->svcnum, 'rename',
107 $self->export_username($new), $self->export_username($old) );
108 unless ( ref($err_or_queue) ) {
109 $dbh->rollback if $oldAutoCommit;
110 return $err_or_queue;
112 $jobnum = $err_or_queue->jobnum;
115 foreach my $table (qw(reply check)) {
116 my $method = "radius_$table";
117 my %new = $new->$method();
118 my %old = $old->$method();
119 if ( grep { !exists $old{$_} #new attributes
120 || $new{$_} ne $old{$_} #changed
123 my $err_or_queue = $self->sqlradius_queue( $new->svcnum, 'insert',
124 $table, $self->export_username($new), %new );
125 unless ( ref($err_or_queue) ) {
126 $dbh->rollback if $oldAutoCommit;
127 return $err_or_queue;
130 my $error = $err_or_queue->depend_insert( $jobnum );
132 $dbh->rollback if $oldAutoCommit;
138 my @del = grep { !exists $new{$_} } keys %old;
140 my $err_or_queue = $self->sqlradius_queue( $new->svcnum, 'attrib_delete',
141 $table, $self->export_username($new), @del );
142 unless ( ref($err_or_queue) ) {
143 $dbh->rollback if $oldAutoCommit;
144 return $err_or_queue;
147 my $error = $err_or_queue->depend_insert( $jobnum );
149 $dbh->rollback if $oldAutoCommit;
156 # (sorta) false laziness with FS::svc_acct::replace
157 my @oldgroups = @{$old->usergroup}; #uuuh
158 my @newgroups = $new->radius_groups;
160 foreach my $oldgroup ( @oldgroups ) {
161 if ( grep { $oldgroup eq $_ } @newgroups ) {
162 @newgroups = grep { $oldgroup ne $_ } @newgroups;
165 push @delgroups, $oldgroup;
169 my $err_or_queue = $self->sqlradius_queue( $new->svcnum, 'usergroup_delete',
170 $self->export_username($new), @delgroups );
171 unless ( ref($err_or_queue) ) {
172 $dbh->rollback if $oldAutoCommit;
173 return $err_or_queue;
176 my $error = $err_or_queue->depend_insert( $jobnum );
178 $dbh->rollback if $oldAutoCommit;
185 my $err_or_queue = $self->sqlradius_queue( $new->svcnum, 'usergroup_insert',
186 $self->export_username($new), @newgroups );
187 unless ( ref($err_or_queue) ) {
188 $dbh->rollback if $oldAutoCommit;
189 return $err_or_queue;
192 my $error = $err_or_queue->depend_insert( $jobnum );
194 $dbh->rollback if $oldAutoCommit;
200 $dbh->commit or die $dbh->errstr if $oldAutoCommit;
206 my( $self, $svc_acct ) = (shift, shift);
207 my $err_or_queue = $self->sqlradius_queue( $svc_acct->svcnum, 'delete',
208 $self->export_username($svc_acct) );
209 ref($err_or_queue) ? '' : $err_or_queue;
212 sub sqlradius_queue {
213 my( $self, $svcnum, $method ) = (shift, shift, shift);
214 my $queue = new FS::queue {
216 'job' => "FS::part_export::sqlradius::sqlradius_$method",
219 $self->option('datasrc'),
220 $self->option('username'),
221 $self->option('password'),
226 sub sqlradius_insert { #subroutine, not method
227 my $dbh = sqlradius_connect(shift, shift, shift);
228 my( $table, $username, %attributes ) = @_;
230 foreach my $attribute ( keys %attributes ) {
232 my $s_sth = $dbh->prepare(
233 "SELECT COUNT(*) FROM rad$table WHERE UserName = ? AND Attribute = ?"
234 ) or die $dbh->errstr;
235 $s_sth->execute( $username, $attribute ) or die $s_sth->errstr;
237 if ( $s_sth->fetchrow_arrayref->[0] ) {
239 my $u_sth = $dbh->prepare(
240 "UPDATE rad$table SET Value = ? WHERE UserName = ? AND Attribute = ?"
241 ) or die $dbh->errstr;
242 $u_sth->execute($attributes{$attribute}, $username, $attribute)
243 or die $u_sth->errstr;
247 my $i_sth = $dbh->prepare(
248 "INSERT INTO rad$table ( UserName, Attribute, op, Value ) ".
249 "VALUES ( ?, ?, ?, ? )"
250 ) or die $dbh->errstr;
254 ( $attribute =~ /Password/i ? '==' : ':=' ),
255 $attributes{$attribute},
256 ) or die $i_sth->errstr;
264 sub sqlradius_usergroup_insert { #subroutine, not method
265 my $dbh = sqlradius_connect(shift, shift, shift);
266 my( $username, @groups ) = @_;
268 my $sth = $dbh->prepare(
269 "INSERT INTO usergroup ( UserName, GroupName ) VALUES ( ?, ? )"
270 ) or die $dbh->errstr;
271 foreach my $group ( @groups ) {
272 $sth->execute( $username, $group )
273 or die "can't insert into groupname table: ". $sth->errstr;
278 sub sqlradius_usergroup_delete { #subroutine, not method
279 my $dbh = sqlradius_connect(shift, shift, shift);
280 my( $username, @groups ) = @_;
282 my $sth = $dbh->prepare(
283 "DELETE FROM usergroup WHERE UserName = ? AND GroupName = ?"
284 ) or die $dbh->errstr;
285 foreach my $group ( @groups ) {
286 $sth->execute( $username, $group )
287 or die "can't delete from groupname table: ". $sth->errstr;
292 sub sqlradius_rename { #subroutine, not method
293 my $dbh = sqlradius_connect(shift, shift, shift);
294 my($new_username, $old_username) = @_;
295 foreach my $table (qw(radreply radcheck usergroup )) {
296 my $sth = $dbh->prepare("UPDATE $table SET Username = ? WHERE UserName = ?")
298 $sth->execute($new_username, $old_username)
299 or die "can't update $table: ". $sth->errstr;
304 sub sqlradius_attrib_delete { #subroutine, not method
305 my $dbh = sqlradius_connect(shift, shift, shift);
306 my( $table, $username, @attrib ) = @_;
308 foreach my $attribute ( @attrib ) {
309 my $sth = $dbh->prepare(
310 "DELETE FROM rad$table WHERE UserName = ? AND Attribute = ?" )
312 $sth->execute($username,$attribute)
313 or die "can't delete from rad$table table: ". $sth->errstr;
318 sub sqlradius_delete { #subroutine, not method
319 my $dbh = sqlradius_connect(shift, shift, shift);
320 my $username = shift;
322 foreach my $table (qw( radcheck radreply usergroup )) {
323 my $sth = $dbh->prepare( "DELETE FROM $table WHERE UserName = ?" );
324 $sth->execute($username)
325 or die "can't delete from $table table: ". $sth->errstr;
330 sub sqlradius_connect {
331 #my($datasrc, $username, $password) = @_;
332 #DBI->connect($datasrc, $username, $password) or die $DBI::errstr;
333 DBI->connect(@_) or die $DBI::errstr;