X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FUID.pm;h=3d893ee2fcd7ad989b0c5486300f87c490da76c5;hp=2315c266d24846c7e1f51799d31e096280eaa0d0;hb=e7acc4af0a47299644ff2389be3991b708878693;hpb=6cd87c0d3b5280446301c647fa5f1ec5a593fa3f diff --git a/FS/FS/UID.pm b/FS/FS/UID.pm index 2315c266d..3d893ee2f 100644 --- a/FS/FS/UID.pm +++ b/FS/FS/UID.pm @@ -3,24 +3,27 @@ package FS::UID; use strict; use vars qw( @ISA @EXPORT_OK $cgi $dbh $freeside_uid $user - $conf_dir $secrets $datasrc $db_user $db_pass %callback + $conf_dir $secrets $datasrc $db_user $db_pass %callback @callback + $driver_name $AutoCommit ); use subs qw( getsecrets cgisetotaker ); use Exporter; -use Carp; +use Carp qw(carp croak cluck); use DBI; use FS::Conf; @ISA = qw(Exporter); -@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup - adminsuidsetup getotaker dbh datasrc getsecrets ); +@EXPORT_OK = qw(checkeuid checkruid cgisuidsetup adminsuidsetup forksuidsetup + getotaker dbh datasrc getsecrets driver_name myconnect ); $freeside_uid = scalar(getpwnam('freeside')); $conf_dir = "/usr/local/etc/freeside/"; +$AutoCommit = 1; #ours, not DBI + =head1 NAME FS::UID - Subroutines for database login and assorted other stuff @@ -28,7 +31,7 @@ FS::UID - Subroutines for database login and assorted other stuff =head1 SYNOPSIS use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker - checkeuid checkruid swapuid); + checkeuid checkruid); adminsuidsetup $user; @@ -39,6 +42,8 @@ FS::UID - Subroutines for database login and assorted other stuff $datasrc = datasrc; + $driver_name = driver_name; + =head1 DESCRIPTION Provides a hodgepodge of subroutines. @@ -60,10 +65,17 @@ Returns the DBI database handle (usually you don't need this). =cut sub adminsuidsetup { + $dbh->disconnect if $dbh; + &forksuidsetup(@_); +} +sub forksuidsetup { $user = shift; croak "fatal: adminsuidsetup called without arguements" unless $user; + $user =~ /^([\w\-\.]+)$/ or croak "fatal: illegal user $user"; + $user = $1; + $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin'; $ENV{'SHELL'} = '/bin/sh'; $ENV{'IFS'} = " \t\n"; @@ -72,25 +84,50 @@ sub adminsuidsetup { $ENV{'BASH_ENV'} = ''; croak "Not running uid freeside!" unless checkeuid(); - getsecrets; - $dbh = DBI->connect($datasrc,$db_user,$db_pass, { - 'AutoCommit' => 'true', - 'ChopBlanks' => 'true', - } ) or die "DBI->connect error: $DBI::errstr\n"; - swapuid(); #go to non-privledged user if running setuid freeside + $dbh = &myconnect; foreach ( keys %callback ) { &{$callback{$_}}; + # breaks multi-database installs # delete $callback{$_}; #run once } + &{$_} foreach @callback; + $dbh; } +sub myconnect { + $dbh = DBI->connect( getsecrets, {'AutoCommit' => 0, 'ChopBlanks' => 1, } ) + or die "DBI->connect error: $DBI::errstr\n"; +} + +=item install_callback + +A package can install a callback to be run in adminsuidsetup by passing +a coderef to the FS::UID->install_callback class method. If adminsuidsetup has +run already, the callback will also be run immediately. + + $coderef = sub { warn "Hi, I'm returning your call!" }; + FS::UID->install_callback($coderef); + + install_callback FS::UID sub { + warn "Hi, I'm returning your call!" + }; + +=cut + +sub install_callback { + my $class = shift; + my $callback = shift; + push @callback, $callback; + &{$callback} if $dbh; +} + =item cgisuidsetup CGI_object -Stores the CGI (see L) object for later use. (CGI::Base is depriciated) -Runs adminsuidsetup. +Takes a single argument, which is a CGI (see L) or Apache (see L) +object (CGI::Base is depriciated). Runs cgisetotaker and then adminsuidsetup. =cut @@ -98,8 +135,10 @@ sub cgisuidsetup { $cgi=shift; if ( $cgi->isa('CGI::Base') ) { carp "Use of CGI::Base is depriciated"; + } elsif ( $cgi->isa('Apache') ) { + } elsif ( ! $cgi->isa('CGI') ) { - croak "Pass a CGI object to cgisuidsetup!"; + croak "fatal: unrecognized object $cgi"; } cgisetotaker; adminsuidsetup($user); @@ -112,6 +151,7 @@ Returns the CGI (see L) object. =cut sub cgi { + carp "warning: \$FS::UID::cgi isa Apache" if $cgi->isa('Apache'); $cgi; } @@ -135,10 +175,16 @@ sub datasrc { $datasrc; } -#hack for web demo -#sub setdbh { -# $dbh=$_[0]; -#} +=item driver_name + +Returns just the driver name portion of the DBI data source. + +=cut + +sub driver_name { + return $driver_name if defined $driver_name; + $driver_name = ( split(':', $datasrc) )[1]; +} sub suidsetup { croak "suidsetup depriciated"; @@ -157,7 +203,8 @@ sub getotaker { =item cgisetotaker Sets and returns the CGI REMOTE_USER. $cgi should be defined as a CGI.pm -object. Support for CGI::Base and derived classes is depriciated. +object (see L) or an Apache object (see L). Support for CGI::Base +and derived classes is depriciated. =cut @@ -167,8 +214,11 @@ sub cgisetotaker { $user = lc ( $cgi->var('REMOTE_USER') ); } elsif ( $cgi && $cgi->isa('CGI') && defined $cgi->remote_user ) { $user = lc ( $cgi->remote_user ); + } elsif ( $cgi && $cgi->isa('Apache') ) { + $user = lc ( $cgi->connection->user ); } else { - die "fatal: Can't get REMOTE_USER!"; + die "fatal: Can't get REMOTE_USER! for cgi $cgi - you need to setup ". + "Apache user authentication as documented in httemplate/docs/install.html"; } $user; } @@ -193,16 +243,6 @@ sub checkruid { ( $< == $freeside_uid ); } -=item swapuid - -Swaps real and effective UIDs. - -=cut - -sub swapuid { - ($<,$>) = ($>,$<) if $< != $>; -} - =item getsecrets [ USER ] Sets the user to USER, if supplied. @@ -217,13 +257,14 @@ sub getsecrets { die "No user!" unless $user; my($conf) = new FS::Conf $conf_dir; my($line) = grep /^\s*$user\s/, $conf->config('mapsecrets'); - die "User not found in mapsecrets!" unless $line; + die "User $user not found in mapsecrets!" unless $line; $line =~ /^\s*$user\s+(.*)$/; $secrets = $1; die "Illegal mapsecrets line for user?!" unless $secrets; ($datasrc, $db_user, $db_pass) = $conf->config($secrets) or die "Can't get secrets: $!"; $FS::Conf::default_dir = $conf_dir. "/conf.$datasrc"; + undef $driver_name; ($datasrc, $db_user, $db_pass); } @@ -231,17 +272,28 @@ sub getsecrets { =head1 CALLBACKS -Warning: this interface is likely to change in future releases. +Warning: this interface is (still) likely to change in future releases. -A package can install a callback to be run in adminsuidsetup by putting a -coderef into the hash %FS::UID::callback : +New (experimental) callback interface: + +A package can install a callback to be run in adminsuidsetup by passing +a coderef to the FS::UID->install_callback class method. If adminsuidsetup has +run already, the callback will also be run immediately. $coderef = sub { warn "Hi, I'm returning your call!" }; - $FS::UID::callback{'Package::Name'}; + FS::UID->install_callback($coderef); + + install_callback FS::UID sub { + warn "Hi, I'm returning your call!" + }; -=head1 VERSION +Old (deprecated) callback interface: -$Id: UID.pm,v 1.1 1999-08-04 09:03:53 ivan Exp $ +A package can install a callback to be run in adminsuidsetup by putting a +coderef into the hash %FS::UID::callback : + + $coderef = sub { warn "Hi, I'm returning your call!" }; + $FS::UID::callback{'Package::Name'} = $coderef; =head1 BUGS @@ -254,7 +306,7 @@ cgisuidsetup will go away as well. Goes through contortions to support non-OO syntax with multiple datasrc's. -Callbacks are inelegant. +Callbacks are (still) inelegant. =head1 SEE ALSO