--- /dev/null
+package FS::UID;
+
+use strict;
+use vars qw(
+ @ISA @EXPORT_OK $cgi $dbh $freeside_uid $conf $datasrc $db_user $db_pass
+);
+use Exporter;
+use Carp;
+use DBI;
+use FS::Conf;
+
+@ISA = qw(Exporter);
+@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup
+ adminsuidsetup getotaker dbh datasrc);
+
+$freeside_uid = scalar(getpwnam('freeside'));
+
+my $conf = new FS::Conf;
+($datasrc, $db_user, $db_pass) = $conf->config('secrets')
+ or die "Can't get secrets: $!";
+
+=head1 NAME
+
+FS::UID - Subroutines for database login and assorted other stuff
+
+=head1 SYNOPSIS
+
+ use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker
+ checkeuid checkruid swapuid);
+
+ adminsuidsetup;
+
+ $cgi = new CGI::Base;
+ $cgi->get;
+ $dbh = cgisuidsetup($cgi);
+
+ $dbh = dbh;
+
+ $datasrc = datasrc;
+
+=head1 DESCRIPTION
+
+Provides a hodgepodge of subroutines.
+
+=head1 SUBROUTINES
+
+=over 4
+
+=item adminsuidsetup
+
+Cleans the environment.
+Make sure the script is running as freeside, or setuid freeside.
+Opens a connection to the database.
+Swaps real and effective UIDs.
+Returns the DBI database handle (usually you don't need this).
+
+=cut
+
+sub adminsuidsetup {
+
+ $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
+ $ENV{'SHELL'} = '/bin/sh';
+ $ENV{'IFS'} = " \t\n";
+ $ENV{'CDPATH'} = '';
+ $ENV{'ENV'} = '';
+ $ENV{'BASH_ENV'} = '';
+
+ croak "Not running uid freeside!" unless checkeuid();
+ $dbh = DBI->connect($datasrc,$db_user,$db_pass, {
+ # hack for web demo
+ # my($user)=getotaker();
+ # $dbh = DBI->connect("$datasrc:$user",$db_user,$db_pass, {
+ 'AutoCommit' => 'true',
+ 'ChopBlanks' => 'true',
+ } ) or die "DBI->connect error: $DBI::errstr\n";;
+
+ swapuid(); #go to non-privledged user if running setuid freeside
+
+ $dbh;
+}
+=item cgisuidsetup CGI::Base_OBJECT
+
+Stores the CGI::Base_OBJECT for later use.
+Runs adminsuidsetup.
+
+=cut
+
+sub cgisuidsetup {
+ $cgi=$_[0];
+ adminsuidsetup;
+}
+
+=item dbh
+
+Returns the DBI database handle.
+
+=cut
+
+sub dbh {
+ $dbh;
+}
+
+=item datasrc
+
+Returns the DBI data source.
+
+=cut
+
+sub datasrc {
+ $datasrc;
+}
+
+#hack for web demo
+#sub setdbh {
+# $dbh=$_[0];
+#}
+
+sub suidsetup {
+ croak "suidsetup depriciated";
+}
+
+=item getotaker
+
+Returns the current Freeside user. Currently that means the CGI REMOTE_USER,
+or 'freeside'.
+
+=cut
+
+sub getotaker {
+ if ($cgi && defined $cgi->var('REMOTE_USER')) {
+ return $cgi->var('REMOTE_USER'); #for now
+ } else {
+ 'freeside';
+ }
+}
+
+=item checkeuid
+
+Returns true if effective UID is that of the freeside user.
+
+=cut
+
+sub checkeuid {
+ ( $> == $freeside_uid );
+}
+
+=item checkruid
+
+Returns true if the real UID is that of the freeside user.
+
+=cut
+
+sub checkruid {
+ ( $< == $freeside_uid );
+}
+
+=item swapuid
+
+Swaps real and effective UIDs.
+
+=cut
+
+sub swapuid {
+ ($<,$>) = ($>,$<);
+}
+
+=back
+
+=head1 BUGS
+
+Not OO.
+
+No capabilities yet. When mod_perl and Authen::DBI are implemented,
+cgisuidsetup will go away as well.
+
+=head1 SEE ALSO
+
+L<FS::Record>, L<CGI::Base>, L<DBI>
+
+=head1 HISTORY
+
+ivan@voicenet.com 97-jun-4 - 9
+
+untaint otaker ivan@voicenet.com 97-jul-7
+
+generalize and auto-get uid (getotaker still needs to be db'ed)
+ivan@sisd.com 97-nov-10
+
+&cgisuidsetup logs into database. other cleaning.
+ivan@sisd.com 97-nov-22,23
+
+&adminsuidsetup logs into database with otaker='freeside' (for
+automated tasks like billing)
+ivan@sisd.com 97-dec-13
+
+added sub datasrc for fs-setup ivan@sisd.com 98-feb-21
+
+datasrc, user and pass now come from conf/secrets ivan@sisd.com 98-jun-28
+
+added ChopBlanks to DBI call (see man DBI) ivan@sisd.com 98-aug-16
+
+pod, use FS::Conf, implemented cgisuidsetup as adminsuidsetup,
+inlined suidsetup
+ivan@sisd.com 98-sep-12
+
+=cut
+
+1;
+
projects / freeside.git / commitdiff