X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2Fsvc_acct.pm;h=194c8b7492c76ddb1012e3203a071aeb86aee205;hb=cc1d28920f8df9cc31bb7d788f828e8597f465b6;hp=926a9d344aeffbf268d9faea963ef75db3147ebf;hpb=842df85f746a2e1b961d6c9e3a8c5cc3678ae6dd;p=freeside.git diff --git a/FS/FS/svc_acct.pm b/FS/FS/svc_acct.pm index 926a9d344..194c8b749 100644 --- a/FS/FS/svc_acct.pm +++ b/FS/FS/svc_acct.pm @@ -3,8 +3,10 @@ package FS::svc_acct; use strict; use vars qw( @ISA $nossh_hack $conf $dir_prefix @shells $usernamemin $usernamemax $passwordmin $username_letter $username_letterfirst + $username_noperiod $shellmachine $useradd $usermod $userdel $mydomain $cyrus_server $cyrus_admin_user $cyrus_admin_pass + $icradius_dbh @saltset @pw_set); use Carp; use FS::Conf; @@ -53,6 +55,7 @@ $FS::UID::callback{'FS::svc_acct'} = sub { } $username_letter = $conf->exists('username-letter'); $username_letterfirst = $conf->exists('username-letterfirst'); + $username_noperiod = $conf->exists('username-noperiod'); $mydomain = $conf->config('domain'); if ( $conf->exists('cyrus') ) { ($cyrus_server, $cyrus_admin_user, $cyrus_admin_pass) = @@ -63,6 +66,12 @@ $FS::UID::callback{'FS::svc_acct'} = sub { $cyrus_admin_user = ''; $cyrus_admin_pass = ''; } + if ( $conf->exists('icradius_secrets') ) { + $icradius_dbh = DBI->connect($conf->config('icradius_secrets')) + or die $DBI::errstr; + } else { + $icradius_dbh = ''; + } }; @saltset = ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' ); @@ -229,7 +238,7 @@ sub insert { $self->shell, ); if ( $username && $uid && $dir && $shellmachine && ! $nossh_hack ) { - my $queue = new FS::queue { 'job' => 'Net::SSH::ssh' }; + my $queue = new FS::queue { 'job' => 'FS::svc_acct::ssh' }; $error = $queue->insert("root\@$shellmachine", eval qq("$useradd") ); if ( $error ) { $dbh->rollback if $oldAutoCommit; @@ -245,33 +254,82 @@ sub insert { return "queueing job (transaction rolled back): $error"; } } + if ( $icradius_dbh ) { + my $queue = new FS::queue { 'job' => 'FS::svc_acct::icradius_rc_insert' }; + $error = $queue->insert( $self->username, + $self->_password, + $self->radius_check + ); + if ( $error ) { + $dbh->rollback if $oldAutoCommit; + return "queueing job (transaction rolled back): $error"; + } + } $dbh->commit or die $dbh->errstr if $oldAutoCommit; ''; #no error } sub cyrus_insert { - my( $username, $quota ) = + my( $username, $quota ) = @_; + + warn "cyrus_insert: starting for user $username, quota $quota\n"; + warn "cyrus_insert: connecting to $cyrus_server\n"; my $client = Cyrus::IMAP::Admin->new($cyrus_server); + + warn "cyrus_insert: authentication as $cyrus_admin_user\n"; $client->authenticate( -user => $cyrus_admin_user, -mechanism => "login", -password => $cyrus_admin_pass ); + warn "cyrus_insert: creating user.$username\n"; my $rc = $client->create("user.$username"); my $error = $client->error; - die $error if $error; + die "cyrus_insert: error creating user.$username: $error" if $error; + warn "cyrus_insert: setacl user.$username, $username => all\n"; $rc = $client->setacl("user.$username", $username => 'all' ); $error = $client->error; - die $error if $error; + die "cyrus_insert: error setacl user.$username: $error" if $error; if ( $quota ) { + warn "cyrus_insert: setquota user.$username, STORAGE => $quota\n"; $rc = $client->setquota("user.$username", 'STORAGE' => $quota ); $error = $client->error; - die $error if $error; + die "cyrus_insert: error setquota user.$username: $error" if $error; + } + + 1; +} + +sub icradius_rc_insert { + my( $username, $password, %radcheck ) = @_; + + my $sth = $icradius_dbh->prepare( + "INSERT INTO radcheck ( id, UserName, Attribute, Value ) VALUES ( ". + join(", ", map { $icradius_dbh->quote($_) } ( + '', + $username, + "Password", + $password, + ) ). " )" + ); + $sth->execute or die "can't insert into radcheck table: ". $sth->errstr; + + foreach my $attribute ( keys %radcheck ) { + my $sth = $icradius_dbh->prepare( + "INSERT INTO radcheck ( id, UserName, Attribute, Value ) VALUES ( ". + join(", ", map { $icradius_dbh->quote($_) } ( + '', + $username, + $attribute, + $radcheck{$attribute}, + ) ). " )" + ); + $sth->execute or die "can't insert into radcheck table: ". $sth->errstr; } 1; @@ -309,8 +367,10 @@ $username and $dir. sub delete { my $self = shift; - return "Can't delete an account which has (svc_acct_sm) mail aliases!" - if $self->uid && qsearch( 'svc_acct_sm', { 'domuid' => $self->uid } ); + if ( defined( $FS::Record::dbdef->table('svc_acct_sm') ) ) { + return "Can't delete an account which has (svc_acct_sm) mail aliases!" + if $self->uid && qsearch( 'svc_acct_sm', { 'domuid' => $self->uid } ); + } return "Can't delete an account which is a (svc_forward) source!" if qsearch( 'svc_forward', { 'srcsvc' => $self->svcnum } ); @@ -337,6 +397,9 @@ sub delete { foreach my $cust_main_invoice ( qsearch( 'cust_main_invoice', { 'dest' => $self->svcnum } ) ) { + #next unless defined; #wtf is up with qsearch? + warn $cust_main_invoice; + next unless defined $cust_main_invoice; my %hash = $cust_main_invoice->hash; $hash{'dest'} = $self->email; my $new = new FS::cust_main_invoice \%hash; @@ -371,7 +434,7 @@ sub delete { $self->dir, ); if ( $username && $shellmachine && ! $nossh_hack ) { - my $queue = new FS::queue { 'job' => 'Net::SSH::ssh' }; + my $queue = new FS::queue { 'job' => 'FS::svc_acct::ssh' }; $error = $queue->insert("root\@$shellmachine", eval qq("$userdel") ); if ( $error ) { $dbh->rollback if $oldAutoCommit; @@ -388,13 +451,21 @@ sub delete { return "queueing job (transaction rolled back): $error"; } } + if ( $icradius_dbh ) { + my $queue = new FS::queue { 'job' => 'FS::svc_acct::icradius_rc_delete' }; + $error = $queue->insert( $self->username ); + if ( $error ) { + $dbh->rollback if $oldAutoCommit; + return "queueing job (transaction rolled back): $error"; + } + } $dbh->commit or die $dbh->errstr if $oldAutoCommit; ''; } sub cyrus_delete { - my( $username ) = shift; + my $username = shift; my $client = Cyrus::IMAP::Admin->new($cyrus_server); $client->authenticate( @@ -414,6 +485,18 @@ sub cyrus_delete { 1; } +sub icradius_rc_delete { + my $username = shift; + + my $sth = $icradius_dbh->prepare( + 'DELETE FROM radcheck WHERE UserName = ?' + ); + $sth->execute($username) + or die "can't delete from radcheck table: ". $sth->errstr; + + 1; +} + =item replace OLD_RECORD Replaces OLD_RECORD with this one in the database. If there is an error, @@ -481,7 +564,7 @@ sub replace { $new->getfield('gid'), ); if ( $old_dir && $new_dir && $old_dir ne $new_dir && ! $nossh_hack ) { - my $queue = new FS::queue { 'job' => 'Net::SSH::ssh' }; + my $queue = new FS::queue { 'job' => 'FS::svc_acct::ssh' }; $error = $queue->insert("root\@$shellmachine", eval qq("$usermod") ); if ( $error ) { $dbh->rollback if $oldAutoCommit; @@ -489,10 +572,33 @@ sub replace { } } + if ( $icradius_dbh ) { + my $queue = new FS::queue { 'job' => 'FS::svc_acct::icradius_rc_replace' }; + $error = $queue->insert( $new->username, + $new->_password, + ); + if ( $error ) { + $dbh->rollback if $oldAutoCommit; + return "queueing job (transaction rolled back): $error"; + } + } + $dbh->commit or die $dbh->errstr if $oldAutoCommit; ''; #no error } +sub icradius_rc_replace { + my( $username, $new_password ) = @_; + + my $sth = $icradius_dbh->prepare( + "UPDATE radcheck SET Value = ? WHERE UserName = ? and Attribute = ?" + ); + $sth->execute($new_password, $username, 'Password' ) + or die "can't update radcheck table: ". $sth->errstr; + + 1; +} + =item suspend Suspends this account by prefixing *SUSPENDED* to the password. If there is an @@ -574,6 +680,9 @@ sub check { } elsif ( $username_letter ) { $recref->{username} =~ /[a-z]/ or return "Illegal username"; } + if ( $username_noperiod ) { + $recref->{username} =~ /\./ and return "Illegal username"; + } $recref->{popnum} =~ /^(\d*)$/ or return "Illegal popnum: ".$recref->{popnum}; $recref->{popnum} = $1; @@ -754,11 +863,20 @@ sub email { $self->username. '@'. $self->domain; } +=item ssh + +=cut + +sub ssh { + my @args = @_; + ssh(@args,">>/usr/local/etc/freeside/sshoutput 2>&1"); +} + =back =head1 VERSION -$Id: svc_acct.pm,v 1.34 2001-09-11 03:15:58 ivan Exp $ +$Id: svc_acct.pm,v 1.42 2001-09-19 19:19:00 ivan Exp $ =head1 BUGS