X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2Fpart_export%2Fshellcommands.pm;h=edbe78f03a977ae46d0beb70774cceb76191757b;hb=eee6d96f68294389e3e1659e18a945ff2e5c47e5;hp=ca04e3869c1a2715f52e54ed456d07792e18b9fa;hpb=30ceabb9d40844452fae8e7c5535fd6a6738b0cd;p=freeside.git
diff --git a/FS/FS/part_export/shellcommands.pm b/FS/FS/part_export/shellcommands.pm
index ca04e3869..edbe78f03 100644
--- a/FS/FS/part_export/shellcommands.pm
+++ b/FS/FS/part_export/shellcommands.pm
@@ -4,6 +4,7 @@ use vars qw(@ISA %info);
use Tie::IxHash;
use String::ShellQuote;
use FS::part_export;
+use FS::Record qw( qsearch qsearchs );
@ISA = qw(FS::part_export);
@@ -13,6 +14,9 @@ tie my %options, 'Tie::IxHash',
default=>'useradd -c $finger -d $dir -m -s $shell -u $uid -p $crypt_password $username'
#default=>'cp -pr /etc/skel $dir; chown -R $uid.$gid $dir'
},
+ 'useradd_no_queue' => { label=>'Run immediately',
+ type => 'checkbox',
+ },
'useradd_stdin' => { label=>'Insert command STDIN',
type =>'textarea',
default=>'',
@@ -21,6 +25,9 @@ tie my %options, 'Tie::IxHash',
default=>'userdel -r $username',
#default=>'rm -rf $dir',
},
+ 'userdel_no_queue' => { label=>'Run immediately',
+ type =>'checkbox',
+ },
'userdel_stdin' => { label=>'Delete command STDIN',
type =>'textarea',
default=>'',
@@ -34,11 +41,14 @@ tie my %options, 'Tie::IxHash',
# 'rm -rf $old_dir'.
#')'
},
+ 'usermod_no_queue' => { label=>'Run immediately',
+ type =>'checkbox',
+ },
'usermod_stdin' => { label=>'Modify command STDIN',
type =>'textarea',
default=>'',
},
- 'usermod_pwonly' => { label=>'Disallow username, domain, uid, gid, dir and RADIUS group changes',
+ 'usermod_pwonly' => { label=>'Disallow username, domain, uid, gid, and dir changes', #and RADIUS group changes',
type =>'checkbox',
},
'usermod_nousername' => { label=>'Disallow just username changes',
@@ -47,12 +57,18 @@ tie my %options, 'Tie::IxHash',
'suspend' => { label=>'Suspension command',
default=>'usermod -L $username',
},
+ 'suspend_no_queue' => { label=>'Run immediately',
+ type =>'checkbox',
+ },
'suspend_stdin' => { label=>'Suspension command STDIN',
default=>'',
},
'unsuspend' => { label=>'Unsuspension command',
default=>'usermod -U $username',
},
+ 'unsuspend_no_queue' => { label=>'Run immediately',
+ type =>'checkbox',
+ },
'unsuspend_stdin' => { label=>'Unsuspension command STDIN',
default=>'',
},
@@ -60,6 +76,20 @@ tie my %options, 'Tie::IxHash',
type=>'select', options=>[qw(crypt md5)],
default => 'crypt',
},
+ 'groups_susp_reason' => { label =>
+ 'Radius group mapping to reason (via template user)',
+ type => 'textarea',
+ },
+ 'ignore_all_output' => {
+ label => 'Ignore all output and errors from the command',
+ type => 'checkbox',
+ },
+ 'ignored_errors' => { label => 'Regexes of specific errors to ignore, separated by newlines',
+ type => 'textarea'
+ },
+# 'no_queue' => { label => 'Run command immediately',
+# type => 'checkbox',
+# },
;
%info = (
@@ -72,7 +102,7 @@ tie my %options, 'Tie::IxHash',
Run remote commands via SSH. Usernames are considered unique (also see
shellcommands_withdomain). You probably want this if the commands you are
running will not accept a domain as a parameter. You will need to
-setup SSH for unattended operation.
+setup SSH for unattended operation.
Use these buttons for some useful presets:
@@ -151,22 +181,37 @@ old_ for replace operations):
$username
$_password
- $quoted_password
- unencrypted password, already quoted for the shell (do not add additional quotes)
- $crypt_password
- encrypted password, already quoted for the shell (do not add additional quotes)
+ $quoted_password
- unencrypted password, already quoted for the shell (do not add additional quotes).
+ $crypt_password
- encrypted password. When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
+ $ldap_password
- Password in LDAP/RFC2307 format (for example, "{PLAIN}himom", "{CRYPT}94pAVyK/4oIBk" or "{MD5}5426824942db4253f87a1009fd5d2d4"). When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
$uid
$gid
- $finger
- GECOS, already quoted for the shell (do not add additional quotes)
- $first
- First name of GECOS, already quoted for the shell (do not add additional quotes)
- $last
- Last name of GECOS, already quoted for the shell (do not add additional quotes)
+ $finger
- GECOS. When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
+ $first
- First name of GECOS. When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
+ $last
- Last name of GECOS. When used on the command line (rather than STDIN), it will be quoted for the shell already (do not add additional quotes).
$dir
- home directory
$shell
$quota
@radius_groups
- - All other fields in svc_acct are also available.
+
$reasonnum (when suspending)
+ $reasontext (when suspending)
+ $reasontypenum (when suspending)
+ $reasontypetext (when suspending)
+ $pkgnum
+ $custnum
+ - All other fields in svc_acct are also available.
+
- The following fields from cust_main are also available (except during replace): company, address1, address2, city, state, zip, county, daytime, night, fax, otaker, agent_custid, locale. When used on the command line (rather than STDIN), they will be quoted for the shell already (do not add additional quotes).
END
);
+sub _groups_susp_reason_map { shift->_map('groups_susp_reason'); }
+
+sub _map {
+ my $self = shift;
+ map { reverse(/^\s*(\S+)\s*(.*)\s*$/) } split("\n", $self->option(shift) );
+}
+
sub rebless { shift; }
sub _export_insert {
@@ -199,7 +244,6 @@ sub _export_command_or_super {
}
};
-
sub _export_command {
my ( $self, $action, $svc_acct) = (shift, shift, shift);
my $command = $self->option($action);
@@ -211,6 +255,7 @@ sub _export_command {
no strict 'refs';
${$_} = $svc_acct->getfield($_) foreach $svc_acct->fields;
+ # snarfs are unused at this point?
my $count = 1;
foreach my $acct_snarf ( $svc_acct->acct_snarf ) {
${"snarf_$_$count"} = shell_quote( $acct_snarf->get($_) )
@@ -221,6 +266,16 @@ sub _export_command {
my $cust_pkg = $svc_acct->cust_svc->cust_pkg;
if ( $cust_pkg ) {
+ no strict 'vars';
+ {
+ no strict 'refs';
+ foreach my $custf (qw( company address1 address2 city state zip country
+ daytime night fax otaker agent_custid locale
+ ))
+ {
+ ${$custf} = $cust_pkg->cust_main->$custf();
+ }
+ }
$email = ( grep { $_ !~ /^(POST|FAX)$/ } $cust_pkg->cust_main->invoicing_list )[0];
} else {
$email = '';
@@ -228,28 +283,102 @@ sub _export_command {
$finger =~ /^(.*)\s+(\S+)$/ or $finger =~ /^((.*))$/;
($first, $last ) = ( $1, $2 );
+ $domain = $svc_acct->domain;
+
+ $quoted_password = shell_quote $_password;
+
+ $crypt_password = $svc_acct->crypt_password( $self->option('crypt') );
+ $ldap_password = $svc_acct->ldap_password( $self->option('crypt') );
+
+ @radius_groups = $svc_acct->radius_groups;
+
+ my ($reasonnum, $reasontext, $reasontypenum, $reasontypetext);
+ if ( $cust_pkg && $action eq 'suspend' &&
+ (my $r = $cust_pkg->last_reason('susp')) )
+ {
+ $reasonnum = $r->reasonnum;
+ $reasontext = $r->reason;
+ $reasontypenum = $r->reason_type;
+ $reasontypetext = $r->reasontype->type;
+
+ my %reasonmap = $self->_groups_susp_reason_map;
+ my $userspec = '';
+ $userspec = $reasonmap{$reasonnum}
+ if exists($reasonmap{$reasonnum});
+ $userspec = $reasonmap{$reasontext}
+ if (!$userspec && exists($reasonmap{$reasontext}));
+
+ my $suspend_user;
+ if ( $userspec =~ /^\d+$/ ) {
+ $suspend_user = qsearchs( 'svc_acct', { 'svcnum' => $userspec } );
+ } elsif ( $userspec =~ /^\S+\@\S+$/ ) {
+ my ($username,$domain) = split(/\@/, $userspec);
+ for my $user (qsearch( 'svc_acct', { 'username' => $username } )){
+ $suspend_user = $user if $userspec eq $user->email;
+ }
+ } elsif ($userspec) {
+ $suspend_user = qsearchs( 'svc_acct', { 'username' => $userspec } );
+ }
+
+ @radius_groups = $suspend_user->radius_groups
+ if $suspend_user;
+
+ } else {
+ $reasonnum = $reasontext = $reasontypenum = $reasontypetext = '';
+ }
+
+ $pkgnum = $cust_pkg ? $cust_pkg->pkgnum : '';
+ $custnum = $cust_pkg ? $cust_pkg->custnum : '';
+
+ my $stdin_string = eval(qq("$stdin"));
+
$first = shell_quote $first;
$last = shell_quote $last;
$finger = shell_quote $finger;
- $quoted_password = shell_quote $_password;
- $domain = $svc_acct->domain;
+ $crypt_password = shell_quote $crypt_password;
+ $ldap_password = shell_quote $ldap_password;
- $crypt_password =
- shell_quote( $svc_acct->crypt_password( $self->option('crypt') ) );
+ $company = shell_quote $company;
+ $address1 = shell_quote $address1;
+ $address2 = shell_quote $address2;
+ $city = shell_quote $city;
+ $state = shell_quote $state;
+ $zip = shell_quote $zip;
+ $country = shell_quote $country;
+ $daytime = shell_quote $daytime;
+ $night = shell_quote $night;
+ $fax = shell_quote $fax;
+ $otaker = shell_quote $otaker;
+ $agent_custid = shell_quote $agent_custid;
+ $locale = shell_quote $locale;
- @radius_groups = $svc_acct->radius_groups;
+ my $command_string = eval(qq("$command"));
- $self->shellcommands_queue( $svc_acct->svcnum,
- user => $self->option('user')||'root',
- host => $self->machine,
- command => eval(qq("$command")),
- stdin_string => eval(qq("$stdin")),
+ my @ssh_cmd_args = (
+ user => $self->option('user') || 'root',
+ host => $self->machine,
+ command => $command_string,
+ stdin_string => $stdin_string,
+ ignore_all_output => $self->option('ignore_all_output'),
+ ignored_errors => $self->option('ignored_errors') || '',
);
+
+ if($self->option($action . '_no_queue')) {
+ # discard return value just like freeside-queued.
+ eval { ssh_cmd(@ssh_cmd_args) };
+ $error = $@;
+ return $error. ' ('. $self->exporttype. ' to '. $self->machine. ')'
+ if $error;
+ }
+ else {
+ $self->shellcommands_queue( $svc_acct->svcnum, @ssh_cmd_args );
+ }
}
sub _export_replace {
my($self, $new, $old ) = (shift, shift, shift);
my $command = $self->option('usermod');
+ return '' if $command =~ /^\s*$/;
my $stdin = $self->option('usermod_stdin');
no strict 'vars';
{
@@ -257,18 +386,19 @@ sub _export_replace {
${"old_$_"} = $old->getfield($_) foreach $old->fields;
${"new_$_"} = $new->getfield($_) foreach $new->fields;
}
- $new_finger =~ /^(.*)\s+(\S+)$/ or $finger =~ /^((.*))$/;
+ my $old_cust_pkg = $old->cust_svc->cust_pkg;
+ my $new_cust_pkg = $new->cust_svc->cust_pkg;
+ my $new_cust_main = $new_cust_pkg ? $new_cust_pkg->cust_main : '';
+
+ $new_finger =~ /^(.*)\s+(\S+)$/ or $new_finger =~ /^((.*))$/;
($new_first, $new_last ) = ( $1, $2 );
- $new_first = shell_quote $new_first;
- $new_last = shell_quote $new_last;
- $new_finger = shell_quote $new_finger;
$quoted_new__password = shell_quote $new__password; #old, wrong?
$new_quoted_password = shell_quote $new__password; #new, better?
$old_domain = $old->domain;
$new_domain = $new->domain;
- $new_crypt_password =
- shell_quote( $new->crypt_password( $self->option('crypt') ) );
+ $new_crypt_password = $new->crypt_password( $self->option('crypt') );
+ $new_ldap_password = $new->ldap_password( $self->option('crypt') );
@old_radius_groups = $old->radius_groups;
@new_radius_groups = $new->radius_groups;
@@ -292,20 +422,52 @@ sub _export_replace {
if ( $old_dir ne $new_dir ) {
$error ||= "can't change dir";
}
- if ( join("\n", sort @old_radius_groups) ne
- join("\n", sort @new_radius_groups) ) {
- $error ||= "can't change RADIUS groups";
- }
+ #if ( join("\n", sort @old_radius_groups) ne
+ # join("\n", sort @new_radius_groups) ) {
+ # $error ||= "can't change RADIUS groups";
+ #}
}
return $error. ' ('. $self->exporttype. ' to '. $self->machine. ')'
if $error;
- $self->shellcommands_queue( $new->svcnum,
- user => $self->option('user')||'root',
- host => $self->machine,
- command => eval(qq("$command")),
- stdin_string => eval(qq("$stdin")),
+ $new_agent_custid = $new_cust_main ? $new_cust_main->agent_custid : '';
+ $new_locale = $new_cust_main ? $new_cust_main->locale : '';
+ $old_pkgnum = $old_cust_pkg ? $old_cust_pkg->pkgnum : '';
+ $old_custnum = $old_cust_pkg ? $old_cust_pkg->custnum : '';
+ $new_pkgnum = $new_cust_pkg ? $new_cust_pkg->pkgnum : '';
+ $new_custnum = $new_cust_pkg ? $new_cust_pkg->custnum : '';
+
+ my $stdin_string = eval(qq("$stdin"));
+
+ $new_first = shell_quote $new_first;
+ $new_last = shell_quote $new_last;
+ $new_finger = shell_quote $new_finger;
+ $new_crypt_password = shell_quote $new_crypt_password;
+ $new_ldap_password = shell_quote $new_ldap_password;
+ $new_agent_custid = shell_quote $new_agent_custid;
+ $new_locale = shell_quote $new_locale;
+
+ my $command_string = eval(qq("$command"));
+
+ my @ssh_cmd_args = (
+ user => $self->option('user') || 'root',
+ host => $self->machine,
+ command => $command_string,
+ stdin_string => $stdin_string,
+ ignore_all_output => $self->option('ignore_all_output'),
+ ignored_errors => $self->option('ignored_errors') || '',
);
+
+ if($self->option('usermod_no_queue')) {
+ # discard return value just like freeside-queued.
+ eval { ssh_cmd(@ssh_cmd_args) };
+ $error = $@;
+ return $error. ' ('. $self->exporttype. ' to '. $self->machine. ')'
+ if $error;
+ }
+ else {
+ $self->shellcommands_queue( $new->svcnum, @ssh_cmd_args );
+ }
}
#a good idea to queue anything that could fail or take any time
@@ -319,8 +481,38 @@ sub shellcommands_queue {
}
sub ssh_cmd { #subroutine, not method
- use Net::SSH '0.08';
- &Net::SSH::ssh_cmd( { @_ } );
+ use Net::OpenSSH;
+ my $opt = { @_ };
+ open my $def_in, '<', '/dev/null' or die "unable to open /dev/null\n";
+ my $ssh = Net::OpenSSH->new(
+ $opt->{'user'}.'@'.$opt->{'host'},
+ 'default_stdin_fh' => $def_in
+ );
+ # ignore_all_output doesn't override this
+ die "Couldn't establish SSH connection: ". $ssh->error if $ssh->error;
+
+ my $ssh_opt = {};
+ $ssh_opt->{'stdin_data'} = $opt->{'stdin_string'}
+ if exists($opt->{'stdin_string'}) and length($opt->{'stdin_string'});
+ my ($output, $errput) = $ssh->capture2($ssh_opt, $opt->{'command'});
+ return if $opt->{'ignore_all_output'};
+ die "Error running SSH command: ". $ssh->error if $ssh->error;
+
+ if ( ($output || $errput)
+ && $opt->{'ignored_errors'} && length($opt->{'ignored_errors'})
+ ) {
+ my @ignored_errors = split('\n',$opt->{'ignored_errors'});
+ foreach my $ignored_error ( @ignored_errors ) {
+ $output =~ s/$ignored_error//g;
+ $errput =~ s/$ignored_error//g;
+ }
+ chomp($output);
+ chomp($errput);
+ }
+
+ die $errput if $errput;
+ die $output if $output;
+ '';
}
#sub shellcommands_insert { #subroutine, not method