X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2Faccess_user.pm;h=e5c5ed155036a13a22f8d597b3c5389af178a8b4;hb=8b72ad2a4d67f46e4bda36179e992d82d069689f;hp=e3a677b11e1689a52512f1a0aa07ce56b3ad3c55;hpb=4b5c6ba830fe2845a0055e1fcf5af0c7e8b8cd0c;p=freeside.git

diff --git a/FS/FS/access_user.pm b/FS/FS/access_user.pm
index e3a677b11..e5c5ed155 100644
--- a/FS/FS/access_user.pm
+++ b/FS/FS/access_user.pm
@@ -7,6 +7,7 @@ use FS::Conf;
 use FS::Record qw( qsearch qsearchs dbh );
 use FS::m2m_Common;
 use FS::option_Common;
+use FS::access_user_pref;
 use FS::access_usergroup;
 use FS::agent;
 
@@ -90,6 +91,9 @@ otherwise returns false.
 sub insert {
   my $self = shift;
 
+  my $error = $self->check;
+  return $error if $error;
+
   local $SIG{HUP} = 'IGNORE';
   local $SIG{INT} = 'IGNORE';
   local $SIG{QUIT} = 'IGNORE';
@@ -101,7 +105,7 @@ sub insert {
   local $FS::UID::AutoCommit = 0;
   my $dbh = dbh;
 
-  my $error = $self->htpasswd_kludge();
+  $error = $self->htpasswd_kludge();
   if ( $error ) {
     $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
     return $error;
@@ -111,7 +115,14 @@ sub insert {
 
   if ( $error ) {
     $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
+
+    #make sure it isn't a dup username?  or you could nuke people's passwords
+    #blah.  really just should do our own login w/cookies
+    #and auth out of the db in the first place
+    #my $hterror = $self->htpasswd_kludge('-D');
+    #$error .= " - additionally received error cleaning up htpasswd file: $hterror"
     return $error;
+
   } else {
     $dbh->commit or die $dbh->errstr if $oldAutoCommit;
     '';
@@ -236,7 +247,7 @@ sub check {
 
   my $error = 
     $self->ut_numbern('usernum')
-    || $self->ut_alpha('username')
+    || $self->ut_alpha_lower('username')
     || $self->ut_text('_password')
     || $self->ut_text('last')
     || $self->ut_text('first')
@@ -319,11 +330,19 @@ Options are passed as a hashref or a list.  Available options are:
 
 =over 4
 
-=item null - The frament will also allow the selection of null agentnums.
+=item null
+
+The frament will also allow the selection of null agentnums.
 
-=item null_right - The fragment will also allow the selection of null agentnums if the current user has the provided access right
+=item null_right
 
-=item table - Optional table name in which agentnum is being checked.  Sometimes required to resolve 'column reference "agentnum" is ambiguous' errors.
+The fragment will also allow the selection of null agentnums if the current
+user has the provided access right
+
+=item table
+
+Optional table name in which agentnum is being checked.  Sometimes required to
+resolve 'column reference "agentnum" is ambiguous' errors.
 
 =back
 
@@ -335,7 +354,9 @@ sub agentnums_sql {
 
   my $agentnum = $opt{'table'} ? $opt{'table'}.'.agentnum' : 'agentnum';
 
-  my @agentnums = map { "$agentnum = $_" } $self->agentnums;
+#  my @agentnums = map { "$agentnum = $_" } $self->agentnums;
+  my @agentnums = ();
+  push @agentnums, "$agentnum IN (". join(',', $self->agentnums). ')';
 
   push @agentnums, "$agentnum IS NULL"
     if $opt{'null'}
@@ -343,6 +364,7 @@ sub agentnums_sql {
 
   return ' 1 = 0 ' unless scalar(@agentnums);
   '( '. join( ' OR ', @agentnums ). ' )';
+
 }
 
 =item agentnum
@@ -378,15 +400,37 @@ sub agents {
   });
 }
 
-=item access_right
+=item access_right RIGHTNAME | LISTREF
 
-Given a right name, returns true if this user has this right (currently via
-group membership, eventually also via user overrides).
+Given a right name or a list reference of right names, returns true if this
+user has this right, or, for a list, one of the rights (currently via group
+membership, eventually also via user overrides).
 
 =cut
 
 sub access_right {
   my( $self, $rightname ) = @_;
+
+  $rightname = [ $rightname ] unless ref($rightname);
+
+  #some caching of ACL requests for low-hanging fruit perf improvement
+  #since we get a new $CurrentUser object each page view there shouldn't be any
+  #issues with stickiness
+  if ( $self->{_ACLcache} ) {
+
+    return grep $self->{_ACLcache}{$_}, @$rightname
+      unless grep !exists($self->{_ACLcache}{$_}), @$rightname;
+
+  } else {
+    $self->{_ACLcache} = {};
+  }
+
+  my $has_right = ' ( '. join(' OR ',
+                                      map { 'rightname = '. dbh->quote($_) }
+                                          @$rightname
+                             ).
+                  ' ) ';
+
   my $sth = dbh->prepare("
     SELECT groupnum FROM access_usergroup
                     LEFT JOIN access_group USING ( groupnum )
@@ -394,11 +438,15 @@ sub access_right {
                          ON ( access_group.groupnum = access_right.rightobjnum )
       WHERE usernum = ?
         AND righttype = 'FS::access_group'
-        AND rightname = ?
+        AND $has_right
+      LIMIT 1
   ") or die dbh->errstr;
-  $sth->execute($self->usernum, $rightname) or die $sth->errstr;
+  $sth->execute($self->usernum) or die $sth->errstr;
   my $row = $sth->fetchrow_arrayref;
-  $row ? $row->[0] : '';
+
+  #$row ? $row->[0] : '';
+  $self->{_ACLcache}{$rightname} = ( $row ? $row->[0] : '' );
+
 }
 
 =back