X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FUID.pm;h=50a9178951315c20fd44838a1ec4fefb9a3ab13a;hp=f5c4f6139102a0295860793abffa6ae188eb0e0c;hb=ff27c3f36240aee48ed50153dd5d8fe3ac3f2443;hpb=ece31063b782031e21ba1f57476afab555af5363 diff --git a/FS/FS/UID.pm b/FS/FS/UID.pm index f5c4f6139..50a917895 100644 --- a/FS/FS/UID.pm +++ b/FS/FS/UID.pm @@ -1,28 +1,33 @@ package FS::UID; +use base qw( Exporter ); use strict; use vars qw( - @ISA @EXPORT_OK $cgi $dbh $freeside_uid $user - $conf_dir $secrets $datasrc $db_user $db_pass %callback $driver_name - $AutoCommit + @EXPORT_OK $DEBUG $me $cgi $freeside_uid $conf_dir $cache_dir + $secrets $datasrc $db_user $db_pass $schema $dbh $driver_name + $AutoCommit %callback @callback $callback_hack ); -use subs qw( - getsecrets cgisetotaker -); -use Exporter; -use Carp qw(carp croak cluck); +use subs qw( getsecrets ); +use Carp qw( carp croak cluck confess ); use DBI; -use FS::Conf; +use IO::File; +use FS::CurrentUser; + +@EXPORT_OK = qw( checkeuid checkruid cgi setcgi adminsuidsetup forksuidsetup + preuser_setup load_schema + getotaker dbh datasrc getsecrets driver_name myconnect + ); -@ISA = qw(Exporter); -@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup - adminsuidsetup getotaker dbh datasrc getsecrets driver_name ); +$DEBUG = 0; +$me = '[FS::UID]'; $freeside_uid = scalar(getpwnam('freeside')); -$conf_dir = "/usr/local/etc/freeside/"; +$conf_dir = "%%%FREESIDE_CONF%%%"; +$cache_dir = "%%%FREESIDE_CACHE%%%"; $AutoCommit = 1; #ours, not DBI +$callback_hack = 0; =head1 NAME @@ -30,13 +35,9 @@ FS::UID - Subroutines for database login and assorted other stuff =head1 SYNOPSIS - use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker - checkeuid checkruid swapuid); - - adminsuidsetup $user; + use FS::UID qw(adminsuidsetup dbh datasrc checkeuid checkruid); - $cgi = new CGI; - $dbh = cgisuidsetup($cgi); + $dbh = adminsuidsetup $user; $dbh = dbh; @@ -58,59 +59,153 @@ Sets the user to USER (see config.html from the base documentation). Cleans the environment. Make sure the script is running as freeside, or setuid freeside. Opens a connection to the database. -Swaps real and effective UIDs. Runs any defined callbacks (see below). Returns the DBI database handle (usually you don't need this). =cut sub adminsuidsetup { + $dbh->disconnect if $dbh; + &forksuidsetup(@_); +} + +sub forksuidsetup { + my $user = shift; + warn "$me forksuidsetup starting for $user\n" if $DEBUG; + + if ( $FS::CurrentUser::upgrade_hack ) { + $user = 'fs_bootstrap'; + } else { + croak "fatal: adminsuidsetup called without arguements" unless $user; + + $user =~ /^([\w\-\.]+)$/ or croak "fatal: illegal user $user"; + $user = $1; + } - $user = shift; - croak "fatal: adminsuidsetup called without arguements" unless $user; + env_setup(); + + db_setup(); + + callback_setup(); + + warn "$me forksuidsetup loading user\n" if $DEBUG; + FS::CurrentUser->load_user($user); + + $dbh; +} + +sub preuser_setup { + $dbh->disconnect if $dbh; + env_setup(); + db_setup(); + callback_setup(); + $dbh; +} - $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin'; +sub env_setup { + + $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/bin'; $ENV{'SHELL'} = '/bin/sh'; $ENV{'IFS'} = " \t\n"; $ENV{'CDPATH'} = ''; $ENV{'ENV'} = ''; $ENV{'BASH_ENV'} = ''; - croak "Not running uid freeside!" unless checkeuid(); - getsecrets; - $dbh->disconnect if $dbh; - $dbh = DBI->connect($datasrc,$db_user,$db_pass, { - 'AutoCommit' => 0, - 'ChopBlanks' => 1, - } ) or die "DBI->connect error: $DBI::errstr\n"; +} + +sub load_schema { + warn "$me loading schema\n" if $DEBUG; + getsecrets() unless $datasrc; + use FS::Schema qw(reload_dbdef dbdef); + reload_dbdef("$conf_dir/dbdef.$datasrc") + unless $FS::Schema::setup_hack; +} + +sub db_setup { + croak "Not running uid freeside (\$>=$>, \$<=$<)\n" unless checkeuid(); + + warn "$me forksuidsetup connecting to database\n" if $DEBUG; + $dbh = &myconnect(); + + warn "$me forksuidsetup connected to database with handle $dbh\n" if $DEBUG; + + load_schema(); + + warn "$me forksuidsetup deciding upon config system to use\n" if $DEBUG; - swapuid(); #go to non-privledged user if running setuid freeside + unless ( $FS::Schema::setup_hack ) { + + #how necessary is this now that we're no longer possibly a pre-1.9 db? + my $sth = $dbh->prepare("SELECT COUNT(*) FROM conf") or die $dbh->errstr; + $sth->execute or die $sth->errstr; + $sth->fetchrow_arrayref->[0] or die "NO CONFIGURATION RECORDS FOUND"; - foreach ( keys %callback ) { - &{$callback{$_}}; } - $dbh; + } -=item cgisuidsetup CGI_object +sub callback_setup { -Takes a single argument, which is a CGI (see L) or Apache (see L) -object (CGI::Base is depriciated). Runs cgisetotaker and then adminsuidsetup. + unless ( $callback_hack ) { + warn "$me calling callbacks\n" if $DEBUG; + foreach ( keys %callback ) { + &{$callback{$_}}; + # breaks multi-database installs # delete $callback{$_}; #run once + } -=cut + &{$_} foreach @callback; + } else { + warn "$me skipping callbacks (callback_hack set)\n" if $DEBUG; + } -sub cgisuidsetup { - $cgi=shift; - if ( $cgi->isa('CGI::Base') ) { - carp "Use of CGI::Base is depriciated"; - } elsif ( $cgi->isa('Apache') ) { +} - } elsif ( ! $cgi->isa('CGI') ) { - croak "fatal: unrecognized object $cgi"; +sub myconnect { + my $handle = DBI->connect( getsecrets(), { 'AutoCommit' => 0, + 'ChopBlanks' => 1, + 'ShowErrorStatement' => 1, + 'pg_enable_utf8' => 1, + #'mysql_enable_utf8' => 1, + } + ) + or die "DBI->connect error: $DBI::errstr\n"; + + $FS::Conf::conf_cache = undef; + + if ( $schema ) { + use DBIx::DBSchema::_util qw(_load_driver ); #quelle hack + my $driver = _load_driver($handle); + if ( $driver =~ /^Pg/ ) { + no warnings 'redefine'; + eval "sub DBIx::DBSchema::DBD::${driver}::default_db_schema {'$schema'}"; + die $@ if $@; + } } - cgisetotaker; - adminsuidsetup($user); + + $handle; +} + +=item install_callback + +A package can install a callback to be run in adminsuidsetup by passing +a coderef to the FS::UID->install_callback class method. If adminsuidsetup has +run already, the callback will also be run immediately. + + $coderef = sub { warn "Hi, I'm returning your call!" }; + FS::UID->install_callback($coderef); + + install_callback FS::UID sub { + warn "Hi, I'm returning your call!" + }; + +=cut + +sub install_callback { + my $class = shift; + my $callback = shift; + push @callback, $callback; + &{$callback} if $dbh; } =item cgi @@ -120,10 +215,21 @@ Returns the CGI (see L) object. =cut sub cgi { - carp "warning: \$FS::UID::cgi isa Apache" if $cgi->isa('Apache'); + carp "warning: \$FS::UID::cgi is undefined" unless defined($cgi); + #carp "warning: \$FS::UID::cgi isa Apache" if $cgi && $cgi->isa('Apache'); $cgi; } +=item cgi CGI_OBJECT + +Sets the CGI (see L) object. + +=cut + +sub setcgi { + $cgi = shift; +} + =item dbh Returns the DBI database handle. @@ -161,34 +267,13 @@ sub suidsetup { =item getotaker -Returns the current Freeside user. +(Deprecated) Returns the current Freeside user's username. =cut sub getotaker { - $user; -} - -=item cgisetotaker - -Sets and returns the CGI REMOTE_USER. $cgi should be defined as a CGI.pm -object (see L) or an Apache object (see L). Support for CGI::Base -and derived classes is depriciated. - -=cut - -sub cgisetotaker { - if ( $cgi && $cgi->isa('CGI::Base') && defined $cgi->var('REMOTE_USER')) { - carp "Use of CGI::Base is depriciated"; - $user = lc ( $cgi->var('REMOTE_USER') ); - } elsif ( $cgi && $cgi->isa('CGI') && defined $cgi->remote_user ) { - $user = lc ( $cgi->remote_user ); - } elsif ( $cgi && $cgi->isa('Apache') ) { - $user = lc ( $cgi->connection->user ); - } else { - die "fatal: Can't get REMOTE_USER! for cgi $cgi"; - } - $user; + carp "FS::UID::getotaker deprecated"; + $FS::CurrentUser::CurrentUser->username; } =item checkeuid @@ -198,6 +283,7 @@ Returns true if effective UID is that of the freeside user. =cut sub checkeuid { + #$> = $freeside_uid unless $>; #huh. mpm-itk hack ( $> == $freeside_uid ); } @@ -211,38 +297,20 @@ sub checkruid { ( $< == $freeside_uid ); } -=item swapuid - -Swaps real and effective UIDs. - -=cut - -sub swapuid { - ($<,$>) = ($>,$<) if $< != $>; -} - -=item getsecrets [ USER ] +=item getsecrets -Sets the user to USER, if supplied. -Sets and returns the DBI datasource, username and password for this user from -the `/usr/local/etc/freeside/mapsecrets' file. +Sets and returns the DBI datasource, username and password from +the `/usr/local/etc/freeside/secrets' file. =cut sub getsecrets { - my($setuser) = shift; - $user = $setuser if $setuser; - die "No user!" unless $user; - my($conf) = new FS::Conf $conf_dir; - my($line) = grep /^\s*$user\s/, $conf->config('mapsecrets'); - die "User not found in mapsecrets!" unless $line; - $line =~ /^\s*$user\s+(.*)$/; - $secrets = $1; - die "Illegal mapsecrets line for user?!" unless $secrets; - ($datasrc, $db_user, $db_pass) = $conf->config($secrets) - or die "Can't get secrets: $!"; - $FS::Conf::default_dir = $conf_dir. "/conf.$datasrc"; + + ($datasrc, $db_user, $db_pass, $schema) = + map { /^(.*)$/; $1 } readline(new IO::File "$conf_dir/secrets") + or die "Can't get secrets: $conf_dir/secrets: $!\n"; undef $driver_name; + ($datasrc, $db_user, $db_pass); } @@ -250,17 +318,28 @@ sub getsecrets { =head1 CALLBACKS -Warning: this interface is likely to change in future releases. +Warning: this interface is (still) likely to change in future releases. -A package can install a callback to be run in adminsuidsetup by putting a -coderef into the hash %FS::UID::callback : +New (experimental) callback interface: + +A package can install a callback to be run in adminsuidsetup by passing +a coderef to the FS::UID->install_callback class method. If adminsuidsetup has +run already, the callback will also be run immediately. $coderef = sub { warn "Hi, I'm returning your call!" }; - $FS::UID::callback{'Package::Name'}; + FS::UID->install_callback($coderef); + + install_callback FS::UID sub { + warn "Hi, I'm returning your call!" + }; -=head1 VERSION +Old (deprecated) callback interface: -$Id: UID.pm,v 1.6 2001-04-23 09:00:06 ivan Exp $ +A package can install a callback to be run in adminsuidsetup by putting a +coderef into the hash %FS::UID::callback : + + $coderef = sub { warn "Hi, I'm returning your call!" }; + $FS::UID::callback{'Package::Name'} = $coderef; =head1 BUGS @@ -268,12 +347,11 @@ Too many package-global variables. Not OO. -No capabilities yet. When mod_perl and Authen::DBI are implemented, -cgisuidsetup will go away as well. +No capabilities yet. (What does this mean again?) Goes through contortions to support non-OO syntax with multiple datasrc's. -Callbacks are inelegant. +Callbacks are (still) inelegant. =head1 SEE ALSO