use strict;
use vars qw(
@ISA @EXPORT_OK $cgi $dbh $freeside_uid $user
- $conf_dir $secrets $datasrc $db_user $db_pass %callback
+ $conf_dir $secrets $datasrc $db_user $db_pass %callback $driver_name
+ $AutoCommit
);
use subs qw(
getsecrets cgisetotaker
);
use Exporter;
-use Carp;
+use Carp qw(carp croak cluck);
use DBI;
use FS::Conf;
@ISA = qw(Exporter);
-@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup
- adminsuidsetup getotaker dbh datasrc getsecrets );
+@EXPORT_OK = qw(checkeuid checkruid cgisuidsetup adminsuidsetup forksuidsetup
+ getotaker dbh datasrc getsecrets driver_name );
$freeside_uid = scalar(getpwnam('freeside'));
$conf_dir = "/usr/local/etc/freeside/";
+$AutoCommit = 1; #ours, not DBI
+
=head1 NAME
FS::UID - Subroutines for database login and assorted other stuff
=head1 SYNOPSIS
use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker
- checkeuid checkruid swapuid);
+ checkeuid checkruid);
adminsuidsetup $user;
$datasrc = datasrc;
+ $driver_name = driver_name;
+
=head1 DESCRIPTION
Provides a hodgepodge of subroutines.
=cut
sub adminsuidsetup {
+ $dbh->disconnect if $dbh;
+ &forksuidsetup(@_);
+}
+sub forksuidsetup {
$user = shift;
croak "fatal: adminsuidsetup called without arguements" unless $user;
+ $user =~ /^([\w\-\.]+)$/ or croak "fatal: illegal user $user";
+ $user = $1;
+
$ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
$ENV{'SHELL'} = '/bin/sh';
$ENV{'IFS'} = " \t\n";
croak "Not running uid freeside!" unless checkeuid();
getsecrets;
$dbh = DBI->connect($datasrc,$db_user,$db_pass, {
- 'AutoCommit' => 'true',
- 'ChopBlanks' => 'true',
+ 'AutoCommit' => 0,
+ 'ChopBlanks' => 1,
} ) or die "DBI->connect error: $DBI::errstr\n";
- swapuid(); #go to non-privledged user if running setuid freeside
-
foreach ( keys %callback ) {
&{$callback{$_}};
+ # breaks multi-database installs # delete $callback{$_}; #run once
}
$dbh;
=item cgisuidsetup CGI_object
-Stores the CGI (see L<CGI>) object for later use. (CGI::Base is depriciated)
-Runs adminsuidsetup.
+Takes a single argument, which is a CGI (see L<CGI>) or Apache (see L<Apache>)
+object (CGI::Base is depriciated). Runs cgisetotaker and then adminsuidsetup.
=cut
$datasrc;
}
-#hack for web demo
-#sub setdbh {
-# $dbh=$_[0];
-#}
+=item driver_name
+
+Returns just the driver name portion of the DBI data source.
+
+=cut
+
+sub driver_name {
+ return $driver_name if defined $driver_name;
+ $driver_name = ( split(':', $datasrc) )[1];
+}
sub suidsetup {
croak "suidsetup depriciated";
=item cgisetotaker
Sets and returns the CGI REMOTE_USER. $cgi should be defined as a CGI.pm
-object. Support for CGI::Base and derived classes is depriciated.
+object (see L<CGI>) or an Apache object (see L<Apache>). Support for CGI::Base
+and derived classes is depriciated.
=cut
} elsif ( $cgi && $cgi->isa('Apache') ) {
$user = lc ( $cgi->connection->user );
} else {
- die "fatal: Can't get REMOTE_USER! for cgi $cgi";
+ die "fatal: Can't get REMOTE_USER! for cgi $cgi - you need to setup ".
+ "Apache user authentication as documented in httemplate/docs/install.html";
}
$user;
}
( $< == $freeside_uid );
}
-=item swapuid
-
-Swaps real and effective UIDs.
-
-=cut
-
-sub swapuid {
- ($<,$>) = ($>,$<) if $< != $>;
-}
-
=item getsecrets [ USER ]
Sets the user to USER, if supplied.
die "No user!" unless $user;
my($conf) = new FS::Conf $conf_dir;
my($line) = grep /^\s*$user\s/, $conf->config('mapsecrets');
- die "User not found in mapsecrets!" unless $line;
+ die "User $user not found in mapsecrets!" unless $line;
$line =~ /^\s*$user\s+(.*)$/;
$secrets = $1;
die "Illegal mapsecrets line for user?!" unless $secrets;
($datasrc, $db_user, $db_pass) = $conf->config($secrets)
or die "Can't get secrets: $!";
$FS::Conf::default_dir = $conf_dir. "/conf.$datasrc";
+ undef $driver_name;
($datasrc, $db_user, $db_pass);
}
=head1 VERSION
-$Id: UID.pm,v 1.2 2000-05-13 21:50:12 ivan Exp $
+$Id: UID.pm,v 1.18 2002-07-03 11:23:25 ivan Exp $
=head1 BUGS