sub insert {
my $self = shift;
+ my $error = $self->check;
+ return $error if $error;
+
local $SIG{HUP} = 'IGNORE';
local $SIG{INT} = 'IGNORE';
local $SIG{QUIT} = 'IGNORE';
local $FS::UID::AutoCommit = 0;
my $dbh = dbh;
- my $error = $self->htpasswd_kludge();
+ $error = $self->htpasswd_kludge();
if ( $error ) {
$dbh->rollback or die $dbh->errstr if $oldAutoCommit;
return $error;
if ( $error ) {
$dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+
+ #make sure it isn't a dup username? or you could nuke people's passwords
+ #blah. really just should do our own login w/cookies
+ #and auth out of the db in the first place
+ #my $hterror = $self->htpasswd_kludge('-D');
+ #$error .= " - additionally received error cleaning up htpasswd file: $hterror"
return $error;
+
} else {
$dbh->commit or die $dbh->errstr if $oldAutoCommit;
'';
local $FS::UID::AutoCommit = 0;
my $dbh = dbh;
- my $error = $new->htpasswd_kludge();
- if ( $error ) {
- $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
- return $error;
+ if ( $new->_password ne $old->_password ) {
+ my $error = $new->htpasswd_kludge();
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ return $error;
+ }
}
- $error = $new->SUPER::replace($old, @_);
+ my $error = $new->SUPER::replace($old, @_);
if ( $error ) {
$dbh->rollback or die $dbh->errstr if $oldAutoCommit;
my $error =
$self->ut_numbern('usernum')
- || $self->ut_alpha('username')
+ || $self->ut_alpha_lower('username')
|| $self->ut_text('_password')
|| $self->ut_text('last')
|| $self->ut_text('first')
sub agentnums_href {
my $self = shift;
- { map { $_ => 1 } $self->agentnums };
+ scalar( { map { $_ => 1 } $self->agentnums } );
}
-=item agentnums_sql
+=item agentnums_sql [ HASHREF | OPTION => VALUE ... ]
Returns an sql fragement to select only agentnums this user can view.
+Options are passed as a hashref or a list. Available options are:
+
+=over 4
+
+=item null
+
+The frament will also allow the selection of null agentnums.
+
+=item null_right
+
+The fragment will also allow the selection of null agentnums if the current
+user has the provided access right
+
+=item table
+
+Optional table name in which agentnum is being checked. Sometimes required to
+resolve 'column reference "agentnum" is ambiguous' errors.
+
+=back
+
=cut
sub agentnums_sql {
- my $self = shift;
+ my( $self ) = shift;
+ my %opt = ref($_[0]) ? %{$_[0]} : @_;
+
+ my $agentnum = $opt{'table'} ? $opt{'table'}.'.agentnum' : 'agentnum';
- my @agentnums = map { "agentnum = $_" } $self->agentnums;
+ my @agentnums = map { "$agentnum = $_" } $self->agentnums;
- push @agentnums, 'agentnum IS NULL'
- if $self->access_right('View/link unlinked services');
+ push @agentnums, "$agentnum IS NULL"
+ if $opt{'null'}
+ || ( $opt{'null_right'} && $self->access_right($opt{'null_right'}) );
return ' 1 = 0 ' unless scalar(@agentnums);
'( '. join( ' OR ', @agentnums ). ' )';
sub access_right {
my( $self, $rightname ) = @_;
+
+ #some caching of ACL requests for low-hanging fruit perf improvement
+ #since we get a new $CurrentUser object each page view there shouldn't be any
+ #issues with stickiness
+ if ( $self->{_ACLcache} ) {
+ return $self->{_ACLcache}{$rightname}
+ if exists($self->{_ACLcache}{$rightname});
+ } else {
+ $self->{_ACLcache} = {};
+ }
+
my $sth = dbh->prepare("
SELECT groupnum FROM access_usergroup
LEFT JOIN access_group USING ( groupnum )
WHERE usernum = ?
AND righttype = 'FS::access_group'
AND rightname = ?
+ LIMIT 1
") or die dbh->errstr;
$sth->execute($self->usernum, $rightname) or die $sth->errstr;
my $row = $sth->fetchrow_arrayref;
- $row ? $row->[0] : '';
+
+ #$row ? $row->[0] : '';
+ $self->{_ACLcache}{$rightname} = ( $row ? $row->[0] : '' );
+
}
=back