package FS::access_user;
use strict;
-use vars qw( @ISA );
+use vars qw( @ISA $htpasswd_file );
use FS::Record qw( qsearch qsearchs dbh );
use FS::m2m_Common;
use FS::access_usergroup;
+use FS::agent;
@ISA = qw( FS::m2m_Common FS::Record );
+#kludge htpasswd for now
+$htpasswd_file = '/usr/local/etc/freeside/htpasswd';
+
=head1 NAME
FS::access_user - Object methods for access_user records
=item first -
+=item disabled - empty or 'Y'
+
=back
=head1 METHODS
=cut
-# the insert method can be inherited from FS::Record
+sub insert {
+ my $self = shift;
+
+ local $SIG{HUP} = 'IGNORE';
+ local $SIG{INT} = 'IGNORE';
+ local $SIG{QUIT} = 'IGNORE';
+ local $SIG{TERM} = 'IGNORE';
+ local $SIG{TSTP} = 'IGNORE';
+ local $SIG{PIPE} = 'IGNORE';
+
+ my $oldAutoCommit = $FS::UID::AutoCommit;
+ local $FS::UID::AutoCommit = 0;
+ my $dbh = dbh;
+
+ my $error =
+ $self->SUPER::insert(@_)
+ || $self->htpasswd_kludge()
+ ;
+
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ return $error;
+ } else {
+ $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+ '';
+ }
+
+}
+
+sub htpasswd_kludge {
+ my $self = shift;
+
+ #awful kludge to skip setting htpasswd for fs_* users
+ return '' if $self->username =~ /^fs_/;
+
+ unshift @_, '-c' unless -e $htpasswd_file;
+ if (
+ system('htpasswd', '-b', @_,
+ $htpasswd_file,
+ $self->username,
+ $self->_password,
+ ) == 0
+ )
+ {
+ return '';
+ } else {
+ return 'htpasswd exited unsucessfully';
+ }
+}
+
=item delete
=cut
-# the delete method can be inherited from FS::Record
+sub delete {
+ my $self = shift;
+
+ local $SIG{HUP} = 'IGNORE';
+ local $SIG{INT} = 'IGNORE';
+ local $SIG{QUIT} = 'IGNORE';
+ local $SIG{TERM} = 'IGNORE';
+ local $SIG{TSTP} = 'IGNORE';
+ local $SIG{PIPE} = 'IGNORE';
+
+ my $oldAutoCommit = $FS::UID::AutoCommit;
+ local $FS::UID::AutoCommit = 0;
+ my $dbh = dbh;
+
+ my $error =
+ $self->SUPER::delete(@_)
+ || $self->htpasswd_kludge('-D')
+ ;
+
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ return $error;
+ } else {
+ $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+ '';
+ }
+
+}
=item replace OLD_RECORD
=cut
-# the replace method can be inherited from FS::Record
+sub replace {
+ my($new, $old) = ( shift, shift );
+
+ local $SIG{HUP} = 'IGNORE';
+ local $SIG{INT} = 'IGNORE';
+ local $SIG{QUIT} = 'IGNORE';
+ local $SIG{TERM} = 'IGNORE';
+ local $SIG{TSTP} = 'IGNORE';
+ local $SIG{PIPE} = 'IGNORE';
+
+ my $oldAutoCommit = $FS::UID::AutoCommit;
+ local $FS::UID::AutoCommit = 0;
+ my $dbh = dbh;
+
+ my $error =
+ $new->SUPER::replace($old, @_)
+ || $new->htpasswd_kludge()
+ ;
+
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ return $error;
+ } else {
+ $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+ '';
+ }
+
+}
=item check
my $error =
$self->ut_numbern('usernum')
- || $self->ut_text('username')
+ || $self->ut_alpha('username')
|| $self->ut_text('_password')
|| $self->ut_text('last')
|| $self->ut_text('first')
+ || $self->ut_enum('disabled', [ '', 'Y' ] )
;
return $error if $error;
sub agentnums_sql {
my $self = shift;
- '( '.
- join( ' OR ', map "agentnum = $_", $self->agentnums ).
- ' )';
+
+ my @agentnums = map { "agentnum = $_" } $self->agentnums;
+
+ push @agentnums, 'agentnum IS NULL'
+ if $self->access_right('View/link unlinked services');
+
+ return ' 1 = 0 ' unless scalar(@agentnums);
+ '( '. join( ' OR ', @agentnums ). ' )';
+}
+
+=item agentnum
+
+Returns true if the user can view the specified agent.
+
+=cut
+
+sub agentnum {
+ my( $self, $agentnum ) = @_;
+ my $sth = dbh->prepare(
+ "SELECT COUNT(*) FROM access_usergroup
+ JOIN access_groupagent USING ( groupnum )
+ WHERE usernum = ? AND agentnum = ?"
+ ) or die dbh->errstr;
+ $sth->execute($self->usernum, $agentnum) or die $sth->errstr;
+ $sth->fetchrow_arrayref->[0];
+}
+
+=item agents
+
+Returns the list of agents this user can view (via group membership), as
+FS::agent objects.
+
+=cut
+
+sub agents {
+ my $self = shift;
+ qsearch({
+ 'table' => 'agent',
+ 'hashref' => { disabled=>'' },
+ 'extra_sql' => ' AND '. $self->agentnums_sql,
+ });
+}
+
+=item access_right
+
+Given a right name, returns true if this user has this right (currently via
+group membership, eventually also via user overrides).
+
+=cut
+
+sub access_right {
+ my( $self, $rightname ) = @_;
+ my $sth = dbh->prepare("
+ SELECT groupnum FROM access_usergroup
+ LEFT JOIN access_group USING ( groupnum )
+ LEFT JOIN access_right
+ ON ( access_group.groupnum = access_right.rightobjnum )
+ WHERE usernum = ?
+ AND righttype = 'FS::access_group'
+ AND rightname = ?
+ ") or die dbh->errstr;
+ $sth->execute($self->usernum, $rightname) or die $sth->errstr;
+ my $row = $sth->fetchrow_arrayref;
+ $row ? $row->[0] : '';
}
=back