This MUST NOT be called from check(). It should be called by the office UI,
self-service ClientAPI, or other I<user-interactive> code that processes a
password change, and only if the user has taken some action with the intent
-of changing the password.
+of setting the password.
=cut
disable_inventory => 1,
},
'_password' => { label => 'Password',
- required => 1
+ #required => 1
},
'gid' => {
label => 'GID',
}
}
-$new->_password($old->_password) if $old;
-if ( $cgi->param('clear_password') eq '*HIDDEN*'
- || $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) {
- die "fatal: no previous account to recall hidden password from!" unless $old;
+# check whether the password is set as "fixed" in the service def. if so,
+# ignore the password that was submitted and use the fixed value.
+
+my $psc = $part_svc->part_svc_column('_password');
+if ( $psc->columnflag eq 'F' ) {
+
+ $new->set('_password', $psc->columnvalue);
+
} else {
- my $newpass = $cgi->param('clear_password');
- if ( !$old or ! $old->check_password($newpass) ) {
- # then the password is being changed
- $error ||= $new->is_password_allowed($newpass)
- || $new->set_password($newpass);
+
+ $new->_password($old->_password) if $old;
+ if ( $cgi->param('clear_password') eq '*HIDDEN*'
+ || $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) {
+ die "fatal: no previous account to recall hidden password from!"
+ unless $old;
+ } else {
+ my $newpass = $cgi->param('clear_password');
+ if ( !$old or ! $old->check_password($newpass) ) {
+ # then the password is being changed
+ $error ||= $new->is_password_allowed($newpass)
+ || $new->set_password($newpass);
+ }
}
+
}
if ( ! $error ) {
my $cgi = shift;
my $svcnum = $cgi->param('svcnum');
my $error = '';
+ my $old;
+ my $part_svc;
+
if ( $svcnum ) {
- my $old = FS::svc_dsl->by_key($svcnum);
+ $old = FS::svc_dsl->by_key($svcnum);
+ $part_svc = $old->part_svc;
+ } else {
+ my $svcpart = $cgi->param('svcpart') or die "svcpart required";
+ $part_svc = FS::part_svc->by_key($svcpart);
+ }
+ my $psc = $part_svc->part_svc_column('password');
+ if ( $psc->columnflag eq 'F' ) {
+ # enforce it here and skip password validation
+ $cgi->param('password', $psc->columnvalue;
+ } else {
my $newpass = $cgi->param('password');
if ( $old and $newpass ne $old->password ) {
$error ||= $old->is_password_allowed($newpass);
% $password = '';
% $show_pw .= '<I>('. mt('hidden') .')</I>';
% }
+% my $psc = $part_svc->part_svc_column('_password');
+% if ( $psc->columnflag eq 'F' and $psc->columnvalue eq '' ) {
+% # show nothing
+% } else {
<TR>
<TD ALIGN="right"><% mt('Password') %></TD>
<TD STYLE="background-color: #ffffff; white-space: nowrap">
<% $show_pw %>
-% my $curuser = $FS::CurrentUser::CurrentUser;
-% if ( $curuser->access_right('Provision customer service') or
-% ($curuser->access_right('Edit password') and
-% ! $part_svc->restrict_edit_password) )
-% {
+% my $curuser = $FS::CurrentUser::CurrentUser;
+% if ( $curuser->access_right('Provision customer service') or
+% ($curuser->access_right('Edit password') and
+% ! $part_svc->restrict_edit_password)
+% and $psc->columnflag ne 'F'
+% )
+% {
<& /elements/change_password.html,
'svc_acct' => $svc_acct,
'curr_value' => $password,
&>
-% }
+% }
</TD>
</TR>
+% }
% if ( $conf->exists('security_phrase') ) {
<& /view/elements/tr.html, label=>mt('Security phrase'), value=>$svc_acct->sec_phrase &>