package FS::access_user;
use strict;
-use vars qw( @ISA );
+use vars qw( @ISA $htpasswd_file );
+use FS::UID;
+use FS::Conf;
use FS::Record qw( qsearch qsearchs dbh );
use FS::m2m_Common;
+use FS::option_Common;
use FS::access_usergroup;
+use FS::agent;
-@ISA = qw( FS::m2m_Common FS::Record );
+@ISA = qw( FS::m2m_Common FS::option_Common FS::Record );
+#@ISA = qw( FS::m2m_Common FS::option_Common );
+
+#kludge htpasswd for now (i hope this bootstraps okay)
+FS::UID->install_callback( sub {
+ my $conf = new FS::Conf;
+ $htpasswd_file = $conf->base_dir. '/htpasswd';
+} );
=head1 NAME
=item first -
+=item disabled - empty or 'Y'
+
=back
=head1 METHODS
sub table { 'access_user'; }
+sub _option_table { 'access_user_pref'; }
+sub _option_namecol { 'prefname'; }
+sub _option_valuecol { 'prefvalue'; }
+
=item insert
Adds this record to the database. If there is an error, returns the error,
=cut
-# the insert method can be inherited from FS::Record
+sub insert {
+ my $self = shift;
+
+ my $error = $self->check;
+ return $error if $error;
+
+ local $SIG{HUP} = 'IGNORE';
+ local $SIG{INT} = 'IGNORE';
+ local $SIG{QUIT} = 'IGNORE';
+ local $SIG{TERM} = 'IGNORE';
+ local $SIG{TSTP} = 'IGNORE';
+ local $SIG{PIPE} = 'IGNORE';
+
+ my $oldAutoCommit = $FS::UID::AutoCommit;
+ local $FS::UID::AutoCommit = 0;
+ my $dbh = dbh;
+
+ $error = $self->htpasswd_kludge();
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ return $error;
+ }
+
+ $error = $self->SUPER::insert(@_);
+
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+
+ #make sure it isn't a dup username? or you could nuke people's passwords
+ #blah. really just should do our own login w/cookies
+ #and auth out of the db in the first place
+ #my $hterror = $self->htpasswd_kludge('-D');
+ #$error .= " - additionally received error cleaning up htpasswd file: $hterror"
+ return $error;
+
+ } else {
+ $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+ '';
+ }
+
+}
+
+sub htpasswd_kludge {
+ my $self = shift;
+
+ #awful kludge to skip setting htpasswd for fs_* users
+ return '' if $self->username =~ /^fs_/;
+
+ unshift @_, '-c' unless -e $htpasswd_file;
+ if (
+ system('htpasswd', '-b', @_,
+ $htpasswd_file,
+ $self->username,
+ $self->_password,
+ ) == 0
+ )
+ {
+ return '';
+ } else {
+ return 'htpasswd exited unsucessfully';
+ }
+}
=item delete
=cut
-# the delete method can be inherited from FS::Record
+sub delete {
+ my $self = shift;
+
+ local $SIG{HUP} = 'IGNORE';
+ local $SIG{INT} = 'IGNORE';
+ local $SIG{QUIT} = 'IGNORE';
+ local $SIG{TERM} = 'IGNORE';
+ local $SIG{TSTP} = 'IGNORE';
+ local $SIG{PIPE} = 'IGNORE';
+
+ my $oldAutoCommit = $FS::UID::AutoCommit;
+ local $FS::UID::AutoCommit = 0;
+ my $dbh = dbh;
+
+ my $error =
+ $self->SUPER::delete(@_)
+ || $self->htpasswd_kludge('-D')
+ ;
+
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ return $error;
+ } else {
+ $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+ '';
+ }
+
+}
=item replace OLD_RECORD
=cut
-# the replace method can be inherited from FS::Record
+sub replace {
+ my $new = shift;
+
+ my $old = ( ref($_[0]) eq ref($new) )
+ ? shift
+ : $new->replace_old;
+
+ local $SIG{HUP} = 'IGNORE';
+ local $SIG{INT} = 'IGNORE';
+ local $SIG{QUIT} = 'IGNORE';
+ local $SIG{TERM} = 'IGNORE';
+ local $SIG{TSTP} = 'IGNORE';
+ local $SIG{PIPE} = 'IGNORE';
+
+ my $oldAutoCommit = $FS::UID::AutoCommit;
+ local $FS::UID::AutoCommit = 0;
+ my $dbh = dbh;
+
+ if ( $new->_password ne $old->_password ) {
+ my $error = $new->htpasswd_kludge();
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ return $error;
+ }
+ }
+
+ my $error = $new->SUPER::replace($old, @_);
+
+ if ( $error ) {
+ $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+ return $error;
+ } else {
+ $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+ '';
+ }
+
+}
=item check
my $error =
$self->ut_numbern('usernum')
- || $self->ut_text('username')
+ || $self->ut_alpha_lower('username')
|| $self->ut_text('_password')
|| $self->ut_text('last')
|| $self->ut_text('first')
+ || $self->ut_enum('disabled', [ '', 'Y' ] )
;
return $error if $error;
sub agentnums_href {
my $self = shift;
- { map { $_ => 1 } $self->agentnums };
+ scalar( { map { $_ => 1 } $self->agentnums } );
}
-=item agentnums_sql
+=item agentnums_sql [ HASHREF | OPTION => VALUE ... ]
Returns an sql fragement to select only agentnums this user can view.
+Options are passed as a hashref or a list. Available options are:
+
+=over 4
+
+=item null
+
+The frament will also allow the selection of null agentnums.
+
+=item null_right
+
+The fragment will also allow the selection of null agentnums if the current
+user has the provided access right
+
+=item table
+
+Optional table name in which agentnum is being checked. Sometimes required to
+resolve 'column reference "agentnum" is ambiguous' errors.
+
+=back
+
=cut
sub agentnums_sql {
+ my( $self ) = shift;
+ my %opt = ref($_[0]) ? %{$_[0]} : @_;
+
+ my $agentnum = $opt{'table'} ? $opt{'table'}.'.agentnum' : 'agentnum';
+
+ my @agentnums = map { "$agentnum = $_" } $self->agentnums;
+
+ push @agentnums, "$agentnum IS NULL"
+ if $opt{'null'}
+ || ( $opt{'null_right'} && $self->access_right($opt{'null_right'}) );
+
+ return ' 1 = 0 ' unless scalar(@agentnums);
+ '( '. join( ' OR ', @agentnums ). ' )';
+}
+
+=item agentnum
+
+Returns true if the user can view the specified agent.
+
+=cut
+
+sub agentnum {
+ my( $self, $agentnum ) = @_;
+ my $sth = dbh->prepare(
+ "SELECT COUNT(*) FROM access_usergroup
+ JOIN access_groupagent USING ( groupnum )
+ WHERE usernum = ? AND agentnum = ?"
+ ) or die dbh->errstr;
+ $sth->execute($self->usernum, $agentnum) or die $sth->errstr;
+ $sth->fetchrow_arrayref->[0];
+}
+
+=item agents
+
+Returns the list of agents this user can view (via group membership), as
+FS::agent objects.
+
+=cut
+
+sub agents {
my $self = shift;
- '( '.
- join( ' OR ', map "agentnum = $_", $self->agentnums ).
- ' )';
+ qsearch({
+ 'table' => 'agent',
+ 'hashref' => { disabled=>'' },
+ 'extra_sql' => ' AND '. $self->agentnums_sql,
+ });
}
=item access_right