X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2Faccess_user.pm;h=a755daff697f8c286f3759d7879ed122d9b965a6;hb=c545a57d21341c49674defed65a4243f07b5ebaf;hp=cb43b37e9c23a16c0497e17f8c5a0970ecdad6c2;hpb=4bac99dd64706405ad85c10591bb6de319095294;p=freeside.git

diff --git a/FS/FS/access_user.pm b/FS/FS/access_user.pm
index cb43b37e9..a755daff6 100644
--- a/FS/FS/access_user.pm
+++ b/FS/FS/access_user.pm
@@ -90,6 +90,9 @@ otherwise returns false.
 sub insert {
   my $self = shift;
 
+  my $error = $self->check;
+  return $error if $error;
+
   local $SIG{HUP} = 'IGNORE';
   local $SIG{INT} = 'IGNORE';
   local $SIG{QUIT} = 'IGNORE';
@@ -101,7 +104,7 @@ sub insert {
   local $FS::UID::AutoCommit = 0;
   my $dbh = dbh;
 
-  my $error = $self->htpasswd_kludge();
+  $error = $self->htpasswd_kludge();
   if ( $error ) {
     $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
     return $error;
@@ -111,7 +114,14 @@ sub insert {
 
   if ( $error ) {
     $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+
+    #make sure it isn't a dup username?  or you could nuke people's passwords
+    #blah.  really just should do our own login w/cookies
+    #and auth out of the db in the first place
+    #my $hterror = $self->htpasswd_kludge('-D');
+    #$error .= " - additionally received error cleaning up htpasswd file: $hterror"
     return $error;
+
   } else {
     $dbh->commit or die $dbh->errstr if $oldAutoCommit;
     '';
@@ -236,7 +246,7 @@ sub check {
 
   my $error = 
     $self->ut_numbern('usernum')
-    || $self->ut_alpha('username')
+    || $self->ut_alpha_lower('username')
     || $self->ut_text('_password')
     || $self->ut_text('last')
     || $self->ut_text('first')
@@ -308,22 +318,46 @@ Returns a hashref of agentnums this user can view.
 
 sub agentnums_href {
   my $self = shift;
-  { map { $_ => 1 } $self->agentnums };
+  scalar( { map { $_ => 1 } $self->agentnums } );
 }
 
-=item agentnums_sql
+=item agentnums_sql [ HASHREF | OPTION => VALUE ... ]
 
 Returns an sql fragement to select only agentnums this user can view.
 
+Options are passed as a hashref or a list.  Available options are:
+
+=over 4
+
+=item null
+
+The frament will also allow the selection of null agentnums.
+
+=item null_right
+
+The fragment will also allow the selection of null agentnums if the current
+user has the provided access right
+
+=item table
+
+Optional table name in which agentnum is being checked.  Sometimes required to
+resolve 'column reference "agentnum" is ambiguous' errors.
+
+=back
+
 =cut
 
 sub agentnums_sql {
-  my $self = shift;
+  my( $self ) = shift;
+  my %opt = ref($_[0]) ? %{$_[0]} : @_;
+
+  my $agentnum = $opt{'table'} ? $opt{'table'}.'.agentnum' : 'agentnum';
 
-  my @agentnums = map { "agentnum = $_" } $self->agentnums;
+  my @agentnums = map { "$agentnum = $_" } $self->agentnums;
 
-  push @agentnums, 'agentnum IS NULL'
-    if $self->access_right('View/link unlinked services');
+  push @agentnums, "$agentnum IS NULL"
+    if $opt{'null'}
+    || ( $opt{'null_right'} && $self->access_right($opt{'null_right'}) );
 
   return ' 1 = 0 ' unless scalar(@agentnums);
   '( '. join( ' OR ', @agentnums ). ' )';