1 package FS::access_user;
4 use vars qw( @ISA $htpasswd_file );
7 use FS::Record qw( qsearch qsearchs dbh );
9 use FS::access_usergroup;
12 @ISA = qw( FS::m2m_Common FS::Record );
14 #kludge htpasswd for now (i hope this bootstraps okay)
15 FS::UID->install_callback( sub {
16 my $conf = new FS::Conf;
17 $htpasswd_file = $conf->base_dir. '/htpasswd';
22 FS::access_user - Object methods for access_user records
28 $record = new FS::access_user \%hash;
29 $record = new FS::access_user { 'column' => 'value' };
31 $error = $record->insert;
33 $error = $new_record->replace($old_record);
35 $error = $record->delete;
37 $error = $record->check;
41 An FS::access_user object represents an internal access user. FS::access_user inherits from
42 FS::Record. The following fields are currently supported:
46 =item usernum - primary key
56 =item disabled - empty or 'Y'
66 Creates a new internal access user. To add the user to the database, see L<"insert">.
68 Note that this stores the hash reference, not a distinct copy of the hash it
69 points to. You can ask the object for a copy with the I<hash> method.
73 # the new method can be inherited from FS::Record, if a table method is defined
75 sub table { 'access_user'; }
79 Adds this record to the database. If there is an error, returns the error,
80 otherwise returns false.
87 local $SIG{HUP} = 'IGNORE';
88 local $SIG{INT} = 'IGNORE';
89 local $SIG{QUIT} = 'IGNORE';
90 local $SIG{TERM} = 'IGNORE';
91 local $SIG{TSTP} = 'IGNORE';
92 local $SIG{PIPE} = 'IGNORE';
94 my $oldAutoCommit = $FS::UID::AutoCommit;
95 local $FS::UID::AutoCommit = 0;
98 my $error = $self->htpasswd_kludge();
100 $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
104 $error = $self->SUPER::insert(@_);
107 $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
110 $dbh->commit or die $dbh->errstr if $oldAutoCommit;
116 sub htpasswd_kludge {
119 #awful kludge to skip setting htpasswd for fs_* users
120 return '' if $self->username =~ /^fs_/;
122 unshift @_, '-c' unless -e $htpasswd_file;
124 system('htpasswd', '-b', @_,
133 return 'htpasswd exited unsucessfully';
139 Delete this record from the database.
146 local $SIG{HUP} = 'IGNORE';
147 local $SIG{INT} = 'IGNORE';
148 local $SIG{QUIT} = 'IGNORE';
149 local $SIG{TERM} = 'IGNORE';
150 local $SIG{TSTP} = 'IGNORE';
151 local $SIG{PIPE} = 'IGNORE';
153 my $oldAutoCommit = $FS::UID::AutoCommit;
154 local $FS::UID::AutoCommit = 0;
158 $self->SUPER::delete(@_)
159 || $self->htpasswd_kludge('-D')
163 $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
166 $dbh->commit or die $dbh->errstr if $oldAutoCommit;
172 =item replace OLD_RECORD
174 Replaces the OLD_RECORD with this one in the database. If there is an error,
175 returns the error, otherwise returns false.
180 my($new, $old) = ( shift, shift );
182 local $SIG{HUP} = 'IGNORE';
183 local $SIG{INT} = 'IGNORE';
184 local $SIG{QUIT} = 'IGNORE';
185 local $SIG{TERM} = 'IGNORE';
186 local $SIG{TSTP} = 'IGNORE';
187 local $SIG{PIPE} = 'IGNORE';
189 my $oldAutoCommit = $FS::UID::AutoCommit;
190 local $FS::UID::AutoCommit = 0;
193 my $error = $new->htpasswd_kludge();
195 $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
199 $error = $new->SUPER::replace($old, @_);
202 $dbh->rollback or die $dbh->errstr if $oldAutoCommit;
205 $dbh->commit or die $dbh->errstr if $oldAutoCommit;
213 Checks all fields to make sure this is a valid internal access user. If there is
214 an error, returns the error, otherwise returns false. Called by the insert
219 # the check method should currently be supplied - FS::Record contains some
220 # data checking routines
226 $self->ut_numbern('usernum')
227 || $self->ut_alpha('username')
228 || $self->ut_text('_password')
229 || $self->ut_text('last')
230 || $self->ut_text('first')
231 || $self->ut_enum('disabled', [ '', 'Y' ] )
233 return $error if $error;
240 Returns a name string for this user: "Last, First".
246 $self->get('last'). ', '. $self->first;
249 =item access_usergroup
253 sub access_usergroup {
255 qsearch( 'access_usergroup', { 'usernum' => $self->usernum } );
266 #=item access_groupnames
270 #sub access_groupnames {
276 Returns a list of agentnums this user can view (via group membership).
282 my $sth = dbh->prepare(
283 "SELECT DISTINCT agentnum FROM access_usergroup
284 JOIN access_groupagent USING ( groupnum )
286 ) or die dbh->errstr;
287 $sth->execute($self->usernum) or die $sth->errstr;
288 map { $_->[0] } @{ $sth->fetchall_arrayref };
293 Returns a hashref of agentnums this user can view.
299 { map { $_ => 1 } $self->agentnums };
304 Returns an sql fragement to select only agentnums this user can view.
311 my @agentnums = map { "agentnum = $_" } $self->agentnums;
313 push @agentnums, 'agentnum IS NULL'
314 if $self->access_right('View/link unlinked services');
316 return ' 1 = 0 ' unless scalar(@agentnums);
317 '( '. join( ' OR ', @agentnums ). ' )';
322 Returns true if the user can view the specified agent.
327 my( $self, $agentnum ) = @_;
328 my $sth = dbh->prepare(
329 "SELECT COUNT(*) FROM access_usergroup
330 JOIN access_groupagent USING ( groupnum )
331 WHERE usernum = ? AND agentnum = ?"
332 ) or die dbh->errstr;
333 $sth->execute($self->usernum, $agentnum) or die $sth->errstr;
334 $sth->fetchrow_arrayref->[0];
339 Returns the list of agents this user can view (via group membership), as
348 'hashref' => { disabled=>'' },
349 'extra_sql' => ' AND '. $self->agentnums_sql,
355 Given a right name, returns true if this user has this right (currently via
356 group membership, eventually also via user overrides).
361 my( $self, $rightname ) = @_;
362 my $sth = dbh->prepare("
363 SELECT groupnum FROM access_usergroup
364 LEFT JOIN access_group USING ( groupnum )
365 LEFT JOIN access_right
366 ON ( access_group.groupnum = access_right.rightobjnum )
368 AND righttype = 'FS::access_group'
370 ") or die dbh->errstr;
371 $sth->execute($self->usernum, $rightname) or die $sth->errstr;
372 my $row = $sth->fetchrow_arrayref;
373 $row ? $row->[0] : '';
382 L<FS::Record>, schema.html from the base documentation.