}
+ # this is here because this routine is called by both fs_ and ng_ main pages, where it appears
+ # it is not customer-specific, though it is only shown to authenticated customers
+ # it is not currently agent-specific, though at some point it might be
+ $return{'announcement'} = join(' ',$conf->config('selfservice-announcement')) || '';
+
return { 'error' => '',
'custnum' => $custnum,
%return,
)
&& ! $svc_acct->check_password($p->{'old_password'});
+ # should move password length checks into is_password_allowed
$error = 'Password too short.'
if length($p->{'new_password'}) < ($conf->config('passwordmin') || 6);
$error = 'Password too long.'
if length($p->{'new_password'}) > ($conf->config('passwordmax') || 8);
- $svc_acct->set_password($p->{'new_password'});
- $error ||= $svc_acct->replace();
+ $error ||= $svc_acct->is_password_allowed($p->{'new_password'})
+ || $svc_acct->set_password($p->{'new_password'})
+ || $svc_acct->replace();
#regular pw change in self-service should change contact pw too, otherwise its
#way too confusing. hell its confusing they're separate at all, but alas.
if ( $svc_acct ) {
- $svc_acct->set_password($p->{'new_password'});
- my $error = $svc_acct->replace();
+ my $error ||= $svc_acct->is_password_allowed($p->{'new_password'})
+ || $svc_acct->set_password($p->{'new_password'})
+ || $svc_acct->replace();
return { %$info, 'error' => $error } if $error;
map { $_ => $packet->{$_} }
qw( username _password sec_phrase popnum domsvc ),
};
+
+ my $error = $svc->is_password_allowed($packet->{_password});
+ return { error => $error } if $error;
my @acct_snarf;
my $snarfnum = 1;
},
{
+ 'key' => 'password-no_reuse',
+ 'section' => 'password',
+ 'description' => 'Minimum number of password changes before a password can be reused. By default, passwords can be reused without restriction.',
+ 'type' => 'text',
+ },
+
+ {
'key' => 'datavolume-forcemegabytes',
'section' => 'UI',
'description' => 'All data volumes are expressed in megabytes',
},
{
+ 'key' => 'selfservice-announcement',
+ 'section' => 'self-service',
+ 'description' => 'HTML announcement to display to all authenticated users on account overview page',
+ 'type' => 'textarea',
+ },
+
+ {
'key' => 'logout-timeout',
'section' => 'UI',
'description' => 'If set, automatically log users out of the backoffice after this many minutes.',
use FS::report_batch;
use FS::report_batch;
use FS::report_batch;
+ use FS::password_history;
# Sammath Naur
if ( $FS::Mason::addl_handler_use ) {
--- /dev/null
+package FS::Password_Mixin;
+
+use FS::Record qw(qsearch);
+use FS::Conf;
+use FS::password_history;
+use Authen::Passphrase;
+use Authen::Passphrase::BlowfishCrypt;
+# https://rt.cpan.org/Ticket/Display.html?id=72743
+
+our $DEBUG = 1;
+our $conf;
+FS::UID->install_callback( sub {
+ $conf = FS::Conf->new;
+ # this is safe
+ #eval "use Authen::Passphrase::BlowfishCrypt;";
+});
+
+our $me = '[' . __PACKAGE__ . ']';
+
+our $BLOWFISH_COST = 10;
+
+=head1 NAME
+
+FS::Password_Mixin - Object methods for accounts that have passwords governed
+by the password policy.
+
+=head1 METHODS
+
+=over 4
+
+=item is_password_allowed PASSWORD
+
+Checks the password against the system password policy. Returns an error
+message on failure, an empty string on success.
+
+This MUST NOT be called from check(). It should be called by the office UI,
+self-service ClientAPI, or other I<user-interactive> code that processes a
+password change, and only if the user has taken some action with the intent
+of changing the password.
+
+=cut
+
+sub is_password_allowed {
+ my $self = shift;
+ my $password = shift;
+
+ # check length and complexity here
+
+ if ( $conf->config('password-no_reuse') =~ /^(\d+)$/ ) {
+
+ my $no_reuse = $1;
+
+ # "the last N" passwords includes the current password and the N-1
+ # passwords before that.
+ warn "$me checking password reuse limit of $no_reuse\n" if $DEBUG;
+ my @latest = qsearch({
+ 'table' => 'password_history',
+ 'hashref' => { $self->password_history_key => $self->get($self->primary_key) },
+ 'order_by' => " ORDER BY created DESC LIMIT $no_reuse",
+ });
+
+ # don't check the first one; reusing the current password is allowed.
+ shift @latest;
+
+ foreach my $history (@latest) {
+ warn "$me previous password created ".$history->created."\n" if $DEBUG;
+ if ( $history->password_equals($password) ) {
+ my $message;
+ if ( $no_reuse == 1 ) {
+ $message = "This password is the same as your previous password.";
+ } else {
+ $message = "This password was one of the last $no_reuse passwords on this account.";
+ }
+ return $message;
+ }
+ } #foreach $history
+
+ } # end of no_reuse checking
+
+ '';
+}
+
+=item password_history_key
+
+Returns the name of the field in L<FS::password_history> that's the foreign
+key to this table.
+
+=cut
+
+sub password_history_key {
+ my $self = shift;
+ $self->table . '__' . $self->primary_key;
+}
+
+=item insert_password_history
+
+Creates a L<FS::password_history> record linked to this object, with its
+current password.
+
+=cut
+
+sub insert_password_history {
+ my $self = shift;
+ my $encoding = $self->_password_encoding;
+ my $password = $self->_password;
+ my $auth;
+
+ if ( $encoding eq 'bcrypt' or $encoding eq 'crypt' ) {
+
+ # it's smart enough to figure this out
+ $auth = Authen::Passphrase->from_crypt($password);
+
+ } elsif ( $encoding eq 'ldap' ) {
+
+ $password =~ s/^{PLAIN}/{CLEARTEXT}/i; # normalize
+ $auth = Authen::Passphrase->from_rfc2307($password);
+ if ( $auth->isa('Authen::Passphrase::Clear') ) {
+ # then we've been given the password in cleartext
+ $auth = $self->_blowfishcrypt( $auth->passphrase );
+ }
+
+ } elsif ( $encoding eq 'plain' ) {
+
+ $auth = $self->_blowfishcrypt( $password );
+
+ }
+
+ my $password_history = FS::password_history->new({
+ _password => $auth->as_rfc2307,
+ created => time,
+ $self->password_history_key => $self->get($self->primary_key),
+ });
+
+ my $error = $password_history->insert;
+ return "recording password history: $error" if $error;
+ '';
+
+}
+
+=item _blowfishcrypt PASSWORD
+
+For internal use: takes PASSWORD and returns a new
+L<Authen::Passphrase::BlowfishCrypt> object representing it.
+
+=cut
+
+sub _blowfishcrypt {
+ my $class = shift;
+ my $passphrase = shift;
+ return Authen::Passphrase::BlowfishCrypt->new(
+ cost => $BLOWFISH_COST,
+ salt_random => 1,
+ passphrase => $passphrase,
+ );
+}
+
+=back
+
+=head1 SEE ALSO
+
+L<FS::password_history>
+
+=cut
+
+1;
'quotation_pkg_detail' => {
'columns' => [
'detailnum', 'serial', '', '', '', '',
- 'billpkgnum', 'int', '', '', '', '', # actually links to quotationpkgnum
+ 'quotationpkgnum', 'int', '', '', '', '',
'format', 'char', 'NULL', 1, '', '', # not used for anything
'detail', 'varchar', '', 255, '', '',
],
'primary_key' => 'detailnum',
'unique' => [],
- 'index' => [ [ 'billpkgnum' ] ],
+ 'index' => [ [ 'quotationpkgnum' ] ],
'foreign_keys' => [
- { columns => [ 'billpkgnum' ],
+ { columns => [ 'quotationpkgnum' ],
table => 'quotation_pkg',
references => [ 'quotationpkgnum' ],
},
],
},
+ 'password_history' => {
+ 'columns' => [
+ 'passwordnum', 'serial', '', '', '', '',
+ '_password', 'varchar', 'NULL', $char_d, '', '',
+ 'encryption_method', 'varchar', 'NULL', $char_d, '', '',
+ 'created', @date_type, '', '',
+ # each table that needs password history gets a column here, and
+ # an entry in foreign_keys.
+ 'svc_acct__svcnum', 'int', 'NULL', '', '', '',
+ 'svc_dsl__svcnum', 'int', 'NULL', '', '', '',
+ 'svc_alarm__svcnum', 'int', 'NULL', '', '', '',
+ 'agent__agentnum', 'int', 'NULL', '', '', '',
+ 'contact__contactnum', 'int', 'NULL', '', '', '',
+ 'access_user__usernum', 'int', 'NULL', '', '', '',
+ ],
+ 'primary_key' => 'passwordnum',
+ 'unique' => [],
+ 'index' => [],
+ 'foreign_keys' => [
+ { columns => [ 'svc_acct__svcnum' ],
+ table => 'svc_acct',
+ references => [ 'svcnum' ],
+ },
+ { columns => [ 'svc_dsl__svcnum' ],
+ table => 'svc_dsl',
+ references => [ 'svcnum' ],
+ },
+ { columns => [ 'svc_alarm__svcnum' ],
+ table => 'svc_alarm',
+ references => [ 'svcnum' ],
+ },
+ { columns => [ 'agent__agentnum' ],
+ table => 'agent',
+ references => [ 'agentnum' ],
+ },
+ { columns => [ 'contact__contactnum' ],
+ table => 'contact',
+ references => [ 'contactnum' ],
+ },
+ { columns => [ 'access_user__usernum' ],
+ table => 'access_user',
+ references => [ 'usernum' ],
+ },
+ ],
+ },
+
# name type nullability length default local
#'new_table' => {
my $escape_function = $opt{escape_function} || sub { shift };
my $csv = new Text::CSV_XS;
+ my $key = $self->primary_key;
if ( $opt{format_function} ) {
)
}
qsearch ({ 'table' => $self->detail_table,
- 'hashref' => { 'billpkgnum' => $self->billpkgnum },
+ 'hashref' => { $key => $self->get($key) },
'order_by' => 'ORDER BY detailnum',
});
} elsif ( $opt{'no_usage'} ) {
my $sql = "SELECT detail FROM ". $self->detail_table.
- " WHERE billpkgnum = ". $self->billpkgnum.
+ " WHERE " . $key . " = ". $self->get($key).
" AND ( format IS NULL OR format != 'C' ) ".
" ORDER BY detailnum";
my $sth = dbh->prepare($sql) or die dbh->errstr;
}
my $sql = "SELECT format, detail FROM ". $self->detail_table.
- " WHERE billpkgnum = ". $self->billpkgnum.
+ " WHERE " . $key . " = ". $self->get($key).
" ORDER BY detailnum";
my $sth = dbh->prepare($sql) or die dbh->errstr;
$sth->execute or die $sth->errstr;
multisection: a flag indicating that this is a multisection invoice,
which does something complicated.
-preref_callback: coderef run for each line item, code should return HTML to be
-displayed before that line item (quotations only)
-
Returns a list of hashrefs, each of which may contain:
pkgnum, description, amount, unit_amount, quantity, pkgpart, _is_setup, and
'no_usage' => $opt{'no_usage'},
);
- if ( ref($cust_bill_pkg) eq 'FS::quotation_pkg' ) {
- # XXX this should be pulled out into quotation_pkg
-
- warn "$me _items_cust_bill_pkg cust_bill_pkg is quotation_pkg\n"
- if $DEBUG > 1;
- # quotation_pkgs are never fees, so don't worry about the case where
- # part_pkg is undefined
-
- # and I guess they're never bundled either?
- if ( $cust_bill_pkg->setup != 0 ) {
- my $description = $desc;
- $description .= ' Setup'
- if $cust_bill_pkg->recur != 0
- || $discount_show_always
- || $cust_bill_pkg->recur_show_zero;
- #push @b, {
- # keep it consistent, please
- $s = {
- 'pkgnum' => $cust_bill_pkg->pkgpart, #so it displays in Ref
- 'description' => $description,
- 'amount' => sprintf("%.2f", $cust_bill_pkg->setup),
- 'unit_amount' => sprintf("%.2f", $cust_bill_pkg->unitsetup),
- 'quantity' => $cust_bill_pkg->quantity,
- 'preref_html' => ( $opt{preref_callback}
- ? &{ $opt{preref_callback} }( $cust_bill_pkg )
- : ''
- ),
- };
- }
- if ( $cust_bill_pkg->recur != 0 ) {
- #push @b, {
- $r = {
- 'pkgnum' => $cust_bill_pkg->pkgpart, #so it displays in Ref
- 'description' => "$desc (". $cust_bill_pkg->part_pkg->freq_pretty.")",
- 'amount' => sprintf("%.2f", $cust_bill_pkg->recur),
- 'unit_amount' => sprintf("%.2f", $cust_bill_pkg->unitrecur),
- 'quantity' => $cust_bill_pkg->quantity,
- 'preref_html' => ( $opt{preref_callback}
- ? &{ $opt{preref_callback} }( $cust_bill_pkg )
- : ''
- ),
- };
- }
-
- } elsif ( $cust_bill_pkg->pkgnum > 0 ) {
+ if ( $cust_bill_pkg->pkgnum > 0 ) {
# a "normal" package line item (not a quotation, not a fee, not a tax)
warn "$me _items_cust_bill_pkg cust_bill_pkg is non-tax\n"
+ $cust_bill_pkg->recur)
};
- } # if quotation / package line item / other line item
+ } # if package line item / other line item
# decide whether to show active discounts here
if (
} else {
# the normal case, not a supplemental package
$next_bill = $part_pkg->add_freq($sdate, $options{freq_override} || 0);
- return "unparsable frequency: ". $part_pkg->freq
+ return "unparsable frequency: ".
+ ($options{freq_override} || $part_pkg->freq)
if $next_bill == -1;
}
my @discount_pkgs = $self->_discount_pkgs_and_bill;
shift @discount_pkgs; #discard bill;
-
- map { $terms{$_->months} = 1 }
+
+ # convert @discount_pkgs (the list of packages that have available discounts)
+ # to a list of distinct term lengths in months, and strip any decimal places
+ # from the number of months, not that it should have any
+ map { $terms{sprintf('%.0f', $_->months)} = 1 }
grep { $_->months && $_->months > 1 }
map { $_->discount }
map { $_->part_pkg->part_pkg_discount }
# If you add anything, be sure to add a description in
# httemplate/edit/msg_template.html.
sub substitutions {
+ my $payinfo_sub = sub {
+ my $obj = shift;
+ ($obj->payby eq 'CARD' || $obj->payby eq 'CHEK')
+ ? $obj->paymask
+ : $obj->decrypt($obj->payinfo)
+ };
+ my $payinfo_end = sub {
+ my $obj = shift;
+ my $payinfo = &$payinfo_sub($obj);
+ substr($payinfo, -4);
+ };
{ 'cust_main' => [qw(
display_custnum agentnum agent_name
# overrides the one in cust_main in cases where a cust_pay is passed
[ payby => sub { FS::payby->shortname(shift->payby) } ],
[ date => sub { time2str("%a %B %o, %Y", shift->_date) } ],
- [ payinfo => sub {
- my $cust_pay = shift;
- ($cust_pay->payby eq 'CARD' || $cust_pay->payby eq 'CHEK') ?
- $cust_pay->paymask : $cust_pay->decrypt($cust_pay->payinfo)
- } ],
+ [ 'payinfo' => $payinfo_sub ],
+ [ 'payinfo_end' => $payinfo_end ],
],
# for refund receipts
'cust_refund' => [
[ refund => sub { sprintf("%.2f", shift->refund) } ],
[ payby => sub { FS::payby->shortname(shift->payby) } ],
[ date => sub { time2str("%a %B %o, %Y", shift->_date) } ],
- [ payinfo => sub {
- my $cust_refund = shift;
- ($cust_refund->payby eq 'CARD' || $cust_refund->payby eq 'CHEK') ?
- $cust_refund->paymask : $cust_refund->decrypt($cust_refund->payinfo)
- } ],
+ [ 'payinfo' => $payinfo_sub ],
+ [ 'payinfo_end' => $payinfo_end ],
],
# for payment decline messages
# try to support all cust_pay fields
[ paid => sub { sprintf("%.2f", shift->paid) } ],
[ payby => sub { FS::payby->shortname(shift->payby) } ],
[ date => sub { time2str("%a %B %o, %Y", shift->_date) } ],
- [ payinfo => sub {
- my $pending = shift;
- ($pending->payby eq 'CARD' || $pending->payby eq 'CHEK') ?
- $pending->paymask : $pending->decrypt($pending->payinfo)
- } ],
+ [ 'payinfo' => $payinfo_sub ],
+ [ 'payinfo_end' => $payinfo_end ],
],
};
}
use base 'FS::part_export';
use vars qw( %info );
use String::ShellQuote;
+use Net::OpenSSH;
#tie my %options, 'Tie::IxHash';
#;
sub _export_insert {
my($self, $svc_acct) = (shift, shift);
- eval "use Net::OpenSSH;";
- return $@ if $@;
open my $def_in, '<', '/dev/null' or die "unable to open /dev/null";
my $ssh = Net::OpenSSH->new( $self->machine,
#well, we're just going to disable them for now, but there you go
- eval "use Net::OpenSSH;";
- return $@ if $@;
-
open my $def_in, '<', '/dev/null' or die "unable to open /dev/null";
my $ssh = Net::OpenSSH->new( $self->machine,
default_stdin_fh => $def_in );
--- /dev/null
+package FS::password_history;
+use base qw( FS::Record );
+
+use strict;
+use FS::Record qw( qsearch qsearchs );
+use Authen::Passphrase;
+
+# the only bit of autogenerated magic in here
+our @foreign_keys;
+FS::UID->install_callback(sub {
+ @foreign_keys = grep /__/, __PACKAGE__->dbdef_table->columns;
+});
+
+=head1 NAME
+
+FS::password_history - Object methods for password_history records
+
+=head1 SYNOPSIS
+
+ use FS::password_history;
+
+ $record = new FS::password_history \%hash;
+ $record = new FS::password_history { 'column' => 'value' };
+
+ $error = $record->insert;
+
+ $error = $new_record->replace($old_record);
+
+ $error = $record->delete;
+
+ $error = $record->check;
+
+=head1 DESCRIPTION
+
+An FS::password_history object represents a current or past password used
+by a login account, employee, or other account managed within Freeside.
+FS::password_history inherits from FS::Record. The following fields are
+currently supported:
+
+=over 4
+
+=item passwordnum - primary key
+
+=item _password - the encrypted password, as an RFC2307-style string
+("{CRYPT}$2a$08$..." or "{MD5}1ab201f..." or similar). This is a serialized
+L<Authen::Passphrase> object.
+
+=item created - the date the password was set to this value. The record with
+the most recent created time is the current password.
+
+=back
+
+Plus one of the following foreign keys:
+
+=over 4
+
+=item svc_acct__svcnum
+
+=item svc_dsl__svcnum
+
+=item svc_alarm__svcnum
+
+=item agent__agentnum
+
+=item contact__contactnum
+
+=item access_user__usernum
+
+=back
+
+=head1 METHODS
+
+=over 4
+
+=item new HASHREF
+
+Creates a new password history record. To add the record to the database,
+see L<"insert">.
+
+=cut
+
+sub table { 'password_history'; }
+
+=item insert
+
+=item delete
+
+=item replace OLD_RECORD
+
+=item check
+
+Checks all fields to make sure this is a valid password history record. If
+there is an error, returns the error, otherwise returns false. Called by the
+insert and replace methods.
+
+=cut
+
+sub check {
+ my $self = shift;
+
+ my $error =
+ $self->ut_numbern('passwordnum')
+ || $self->ut_anything('_password')
+ || $self->ut_numbern('create')
+ || $self->ut_numbern('create')
+ ;
+ return $error if $error;
+
+ # FKs are mutually exclusive
+ my $fk_in_use;
+ foreach my $fk ( @foreign_keys ) {
+ if ( $self->get($fk) ) {
+ $self->ut_numbern($fk);
+ return "multiple records linked to this password_history" if $fk_in_use;
+ $fk_in_use = $fk;
+ }
+ }
+
+ $self->SUPER::check;
+}
+
+=item linked_acct
+
+Returns the object that's using this password.
+
+=cut
+
+sub linked_acct {
+ my $self = shift;
+
+ foreach my $fk ( @foreign_keys ) {
+ if ( my $val = $self->get($fk) ) {
+ my ($table, $key) = split(/__/, $fk);
+ return qsearchs($table, { $key => $val });
+ }
+ }
+}
+
+=item password_equals PASSWORD
+
+Returns true if PASSWORD (plaintext) is the same as the one stored in the
+history record, false if not.
+
+=cut
+
+sub password_equals {
+
+ my ($self, $check_password) = @_;
+
+ # _password here is always LDAP-style.
+ try {
+ my $auth = Authen::Passphrase->from_rfc2307($self->_password);
+ return $auth->match($check_password);
+ } catch {
+ # if there's somehow bad data in the _password field, then it doesn't
+ # match anything. much better than having it match _everything_.
+ warn "password_history #" . $self->passwordnum . ": $_";
+ return '';
+ }
+
+}
+
+=back
+
+=head1 BUGS
+
+=head1 SEE ALSO
+
+L<FS::Record>
+
+=cut
+
+1;
+
# # (for invoice display order)
sub discount_table { 'quotation_pkg_discount'; }
-
-# detail table uses non-quotation fieldnames, see billpkgnum below
sub detail_table { 'quotation_pkg_detail'; }
-=item billpkgnum
-
-Sets/returns quotationpkgnum, for ease of integration with TemplateItem_Mixin::details
-
-=cut
-
-sub billpkgnum {
- my $self = shift;
- $self->quotationpkgnum(@_);
-}
-
=item insert
Adds this record to the database. If there is an error, returns the error,
local $FS::UID::AutoCommit = 0;
my $dbh = dbh;
- foreach my $detail ( qsearch('quotation_pkg_detail',{ 'billpkgnum' => $self->quotationpkgnum }) ) {
+ foreach my $detail ( qsearch('quotation_pkg_detail',{ 'quotationpkgnum' => $self->quotationpkgnum }) ) {
my $error = $detail->delete;
if ( $error ) {
$dbh->rollback if $oldAutoCommit;
foreach my $detail ( @details ) {
my $quotation_pkg_detail = new FS::quotation_pkg_detail {
- 'billpkgnum' => $self->quotationpkgnum,
- 'detail' => $detail,
+ 'quotationpkgnum' => $self->quotationpkgnum,
+ 'detail' => $detail,
};
$error = $quotation_pkg_detail->insert;
if ( $error ) {
}
+sub details_header {
+ return ();
+}
+
=item cust_bill_pkg_display [ type => TYPE ]
=cut
primary key
-=item billpkgnum
+=item quotationpkgnum
-named thusly for quick compatability with L<FS::TemplateItem_Mixin>,
-actually the quotationpkgnum for the relevant L<FS::quotation_pkg>
+for the relevant L<FS::quotation_pkg>
=item detail
my $error =
$self->ut_numbern('detailnum')
- || $self->ut_foreign_key('billpkgnum', 'quotation_pkg', 'quotationpkgnum')
+ || $self->ut_foreign_key('quotationpkgnum', 'quotation_pkg', 'quotationpkgnum')
|| $self->ut_text('detail')
;
return $error if $error;
qsearchs( 'reason_type', { 'typenum' => shift->reason_type } );
}
+=item merge
+
+Accepts an arrayref of reason objects, to be merged into this reason.
+Reasons must all have the same reason_type class as this one.
+Matching reasonnums will be replaced in the following tables:
+
+ cust_bill_void
+ cust_bill_pkg_void
+ cust_credit
+ cust_credit_void
+ cust_pay_void
+ cust_pkg_reason
+ cust_refund
+
+=cut
+
+sub merge {
+ my ($self,$reasons) = @_;
+ return "Bad input for merge" unless ref($reasons) eq 'ARRAY';
+
+ my $class = $self->reasontype->class;
+
+ local $SIG{HUP} = 'IGNORE';
+ local $SIG{INT} = 'IGNORE';
+ local $SIG{QUIT} = 'IGNORE';
+ local $SIG{TERM} = 'IGNORE';
+ local $SIG{TSTP} = 'IGNORE';
+ local $SIG{PIPE} = 'IGNORE';
+
+ my $oldAutoCommit = $FS::UID::AutoCommit;
+ local $FS::UID::AutoCommit = 0;
+ my $dbh = dbh;
+
+ my $error;
+ foreach my $reason (@$reasons) {
+ last if $error;
+ next if $reason->reasonnum eq $self->reasonnum;
+ $error = "Mismatched reason type class"
+ unless $reason->reasontype->class eq $class;
+ foreach my $table ( qw(
+ cust_bill_void
+ cust_bill_pkg_void
+ cust_credit
+ cust_credit_void
+ cust_pay_void
+ cust_pkg_reason
+ cust_refund
+ )) {
+ last if $error;
+ my @fields = ('reasonnum');
+ push(@fields, 'void_reasonnum') if $table eq 'cust_credit_void';
+ foreach my $field (@fields) {
+ last if $error;
+ foreach my $obj ( qsearch($table,{ $field => $reason->reasonnum }) ) {
+ last if $error;
+ $obj->set($field,$self->reasonnum);
+ $error = $obj->replace;
+ }
+ }
+ }
+ $error ||= $reason->delete;
+ }
+
+ if ( $error ) {
+ $dbh->rollback if $oldAutoCommit;
+ return $error;
+ }
+
+ $dbh->commit or die $dbh->errstr if $oldAutoCommit;
+
+ '';
+
+}
+
=back
=head1 CLASS METHODS
FS::svc_Radius_Mixin
FS::svc_Tower_Mixin
FS::svc_IP_Mixin
+ FS::Password_Mixin
FS::svc_Common
);
'child_objects' => $self->child_objects,
%options,
);
+
+ $error ||= $self->insert_password_history;
+
if ( $error ) {
$dbh->rollback if $oldAutoCommit;
return $error;
my $dbh = dbh;
$error = $new->SUPER::replace($old, @_); # usergroup here
+
+ # don't need to record this unless the password was changed
+ if ( $old->_password ne $new->_password ) {
+ $error ||= $new->insert_password_history;
+ }
+
if ( $error ) {
$dbh->rollback if $oldAutoCommit;
return $error if $error;
FS::MAC_Mixin
FS::svc_Common
);
-use FS::Record qw( qsearch qsearchs );
+use FS::Record qw( dbh qsearch qsearchs );
use FS::circuit_provider;
use FS::circuit_type;
use FS::circuit_termination;
sub search_sql {
my ($class, $string) = @_;
my @where = ();
- push @where, 'LOWER(svc_circuit.circuit_id) = \''.lc($string).'\'';
- push @where, 'LOWER(circuit_provider.provider) = \''.lc($string).'\'';
- push @where, 'LOWER(circuit_type.typename) = \''.lc($string).'\'';
+ push @where, 'LOWER(svc_circuit.circuit_id) = ' . dbh->quote($string);
+ push @where, 'LOWER(circuit_provider.provider) = ' . dbh->quote($string);
+ push @where, 'LOWER(circuit_type.typename) = ' . dbh->quote($string);
'(' . join(' OR ', @where) . ')';
}
t/report_batch.t
FS/report_batch.pm
t/report_batch.t
+FS/password_history.pm
+t/password_history.t
--- /dev/null
+BEGIN { $| = 1; print "1..1\n" }
+END {print "not ok 1\n" unless $loaded;}
+use FS::password_history;
+$loaded=1;
+print "ok 1\n";
Priority: extra
Maintainer: Ivan Kohler <ivan-debian@420.am>
Uploaders: Jeremy Davis <jeremyd@freeside.biz>
-Build-Depends: debhelper (>= 5), perl (>= 5.8)
+Build-Depends: debhelper (>= 5), perl (>= 5.8), torrus-common
Standards-Version: 3.7.2
Homepage: http://www.freeside.biz/freeside
libemail-address-list-perl,
libsymbol-global-name-perl, libdate-extract-perl, librole-basic-perl,
libhtml-formattext-withlinks-andtables-perl, libcrypt-x509-perl,
- libdata-guid-perl
+ libdata-guid-perl, libparams-classify-perl (>= 0.013-5.1)
Suggests: libbusiness-onlinepayment-perl
Description: Libraries for Freeside billing and trouble ticketing
Freeside is a web-based billing and trouble ticketing application.
} else {
$OUT .= '<P>You have no outstanding invoices.</P>';
}
-
%>
+<%= $announcement || '' %>
+
<%=
if ( @support_services ) {
$OUT .= '<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=2 BGCOLOR="#eeeeee">'.
'fields' => \@fields,
'links' => \@links,
'align' => $align,
+ 'html_form' => qq!<FORM ACTION="${p}misc/reason_merge.html" METHOD="POST">!,
+ 'html_foot' => $html_foot,
)
%>
<%init>
my $classname = $FS::reason_type::class_name{$class};
my $classpurpose = $FS::reason_type::class_purpose{$class};
-my $html_init = ucfirst($classname). " reasons $classpurpose.<BR><BR>".
+my $html_init = include('/elements/init_overlib.html').
+ucfirst($classname). " reasons $classpurpose.<BR><BR>".
qq!<A HREF="${p}edit/reason.html?class=$class">!.
"<I>Add a $classname reason</I></A><BR><BR>";
$align .= 'cl';
}
+# reason merge handling
+push @header, '';
+push @fields, sub {
+ my $reason = shift;
+ my $reasonnum = $reason->reasonnum;
+ qq!<INPUT TYPE="checkbox" NAME="reasonnum" VALUE="$reasonnum">!;
+};
+push @links, '';
+$align .= 'l';
+my $html_foot = include('/search/elements/checkbox-foot.html',
+ onclick => include( '/elements/popup_link_onclick.html',
+ js_action => q!'! . "${p}misc/reason-merge.html?" . q!' + toCGIString()!,
+ actionlabel => 'Merge reasons',
+ ),
+ label => 'merge selected reasons',
+ minboxes => 2,
+) . '</FORM>';
</%init>
'',
],
'disable_total' => 1,
+ 'html_form' => qq!<FORM ACTION="${p}misc/reason_merge.html" METHOD="POST">!,
+ 'html_foot' => $html_foot,
&>
<%init>
} keys (%FS::reason_type::class_name)
);
-$html_init .= '<BR><P>' .
+$html_init .= include('/elements/init_overlib.html').
+ '<BR><P>' .
$classname . ' reasons ' .
$FS::reason_type::class_purpose{$class} .
'. Reason types allow reasons to be grouped for reporting purposes.' .
'link' => $p. "edit/reason.html?class=$class&reasonnum=".
$_->reasonnum,
},
+ {
+ 'data' => q!<INPUT TYPE="checkbox" NAME="reasonnum" VALUE="! . $_->reasonnum . q!">!,
+ 'align' => 'right',
+ },
];
}
$reason_type->enabled_reasons ),
'align' => 'left',
'link' => $p. "edit/reason.html?class=$class",
'data_style' => 'i',
- }
+ },
+ { 'data' => '' },
]
];
my $link = [ $p.'edit/reason_type.html?class='.$class.'&typenum=', 'typenum' ];
+my $html_foot = include('/search/elements/checkbox-foot.html',
+ onclick => include( '/elements/popup_link_onclick.html',
+ js_action => q!'! . "${p}misc/reason-merge.html?" . q!' + toCGIString()!,
+ actionlabel => 'Merge reasons',
+ ),
+ label => 'merge selected reasons',
+ minboxes => 2,
+) . '</FORM>';
+
</%init>
if ($cgi->param('hidecustomerrouters') eq '1') {
$extra_sql = 'WHERE svcnum > 0';
- $cgi->param('hidecustomerrouters', 0);
+ $cgi->delete('hidecustomerrouters');
push @menubar, 'Show customer routers', $cgi->self_url();
+ $cgi->param('hidecustomerrouters', 1);
} else {
$cgi->param('hidecustomerrouters', 1);
push @menubar, 'Hide customer routers', $cgi->self_url();
+ $cgi->delete('hidecustomerrouters');
}
my $count_sql = $extra_sql. ( $extra_sql =~ /WHERE/ ? ' AND' : 'WHERE' ).
<P>
Latex invoice template based on a template from eBills
<http://ebills.sourceforge.net/> by Mark Asplen-Taylor <mark@asplen.co.uk>,
-licensed under the terms fo the GNU GPL.
+licensed under the terms of the GNU GPL.
<P>
Contains "JS Calendar" <http://dynarch.com/mishoo/calendar.epl>
by Mark James, licensed under the terms of the Creative Commons Attribution
2.5 License.
+<P>
+Includes icon from
+http://www.iconarchive.com/show/oxygen-icons-by-oxygen-icons.org/Actions-document-edit-icon.html
+licensed under GNU Lesser General Public License
+</P>
+
</BODY>
</HTML>
'$payby' => 'Payment method',
'$date' => 'Payment date',
'$payinfo' => 'Card/account# (masked)',
+ '$payinfo_end' => 'Card/account last 4 digits',
'$error' => 'Decline reason',
],
'cust_refund' => [
'$payby' => 'Refund method',
'$date' => 'Refund date',
'$payinfo' => 'Card/account# (masked)',
+ '$payinfo_end' => 'Card/account last 4 digits',
],
'system_log' => [
'$logmessage' => 'Log entry message',
<% include( 'elements/process.html',
'table' => 'reason',
- 'redirect' => popurl(3) . 'browse/reason.html?class=' .
+ 'redirect' => popurl(3) . 'browse/reason_type.html?class=' .
$cgi->param('class') . '&',
)
%>
|| $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) {
die "fatal: no previous account to recall hidden password from!" unless $old;
} else {
- $error ||= $new->set_password($cgi->param('clear_password'));
+ my $newpass = $cgi->param('clear_password');
+ if ( ! $old->check_password($newpass) ) {
+ # then the password is being changed
+ $error ||= $new->is_password_allowed($newpass)
+ || $new->set_password($newpass);
+ }
}
if ( ! $error ) {
<TD BGCOLOR="#ffffff"><% $part_pkg->comment |h %></TD>
</TR>
- <TR>
- <TD COLSPAN=2>Detail: </TD>
- </TR>
-
% my $row = 0;
% for ( @details ) {
<TR>
- <TD></TD>
+ <TD ALIGN="right"><% $row ? '' : 'Detail' %></TD>
<TD>
<INPUT TYPE="text" NAME="detail<% $row %>" SIZE="60" MAXLENGTH="65" VALUE="<% $_ |h %>" rownum="<% $row++ %>" onkeyup="possiblyAddRow" onchange="possiblyAddrow">
</TD>
var row = document.createElement('TR');
var empty_cell = document.createElement('TD');
+ if (!rownum) {
+ empty_cell.innerHTML = 'Detail:'
+ empty_cell.style.textAlign = 'right';
+ }
row.appendChild(empty_cell);
var detail_cell = document.createElement('TD');
<ul>
<li><i>custnum</i>: Customer number
<li><i>amount</i>:
- <li><i>reasonnum</i>: <A HREF="<%$p%>browse/reason.html?class=R">Credit reason</A>
+ <li><i>reasonnum</i>: <A HREF="<%$p%>browse/reason_type.html?class=R">Credit reason</A>
<li><i>invnum</i>: Invoice number
</ul>
<BR><BR>
( $curuser->access_right('Edit password') and
! $part_svc->restrict_edit_password )
);
-my $error = $svc_acct->set_password($cgi->param('password'))
+my $newpass = $cgi->param('password');
+my $error = $svc_acct->is_password_allowed($newpass)
+ || $svc_acct->set_password($newpass)
|| $svc_acct->replace;
# annoyingly specific to view/svc_acct.cgi, for now...
--- /dev/null
+% if ($success) {
+<% include('/elements/header-popup.html', 'Reason Merge Success') %>
+<SCRIPT>
+window.top.location.reload()
+</SCRIPT>
+% } else {
+<% include('/elements/header-popup.html', 'Merge Reasons') %>
+% if ($error) {
+<P STYLE="color: red;"><% emt($error) %></P>
+% }
+% if (@reasons > 1) {
+<P>
+The following reasons will be merged into one.
+Please select one reason to merge the others into.
+</P>
+<FORM METHOD="POST" ACTION="<% "${p}misc/reason-merge.html" %>">
+<P>
+% foreach my $reason (@reasons) {
+<INPUT TYPE="hidden" NAME="reasonnum" VALUE="<% $reason->reasonnum %>">
+<INPUT TYPE="radio" NAME="destreasonnum" VALUE="<% $reason->reasonnum %>">
+<% $reason->reason %><BR>
+% }
+<P>
+<P>Caution: merging reasons cannot be undone!</P>
+<P><INPUT TYPE="submit" NAME="process_merge" value="Merge"></P>
+</FORM>
+% } else {
+<BUTTON TYPE="button" onClick="parent.cClick();">Close</BUTTON>
+% }
+% }
+
+<%init>
+my @reasonnums = $cgi->param('reasonnum');
+my $destreasonnum = $cgi->param('destreasonnum');
+
+my $error;
+my $class;
+my @reasons;
+my $destreason;
+foreach my $reasonnum (@reasonnums) {
+ unless ($reasonnum =~ /^\d+$/) {
+ $error = "Invalid reasonnum $reasonnum.";
+ last;
+ }
+ my $reason = qsearchs('reason',{ 'reasonnum' => $reasonnum });
+ unless ($reason) {
+ $error = "Reason $reasonnum could not be loaded.";
+ last;
+ }
+ my $reasontype = $reason->reasontype;
+ $class ||= $reasontype->class;
+ if ($class ne $reasontype->class) {
+ $error = "Selected reasons must have the same reason type class.";
+ last;
+ }
+ push(@reasons, $reason);
+ $destreason = $reason if $reasonnum eq $destreasonnum;
+}
+
+unless ($error) {
+ $error = "No reasons selected." unless @reasons;
+ $error = "Select two or more reasons to merge." unless @reasons > 1;
+}
+
+@reasons = () if $error;
+
+my $success = 0;
+if ($cgi->param('process_merge') && !$error) {
+ if ($destreason) {
+ $error = $destreason->merge(\@reasons);
+ $success = 1 unless $error;
+ } else {
+ $error = "No destination reason selected.";
+ }
+}
+
+</%init>
},
],
filter => '.name = "pkgpart"', # see below
+ minboxes => 2, #will remove checkboxes if there aren't at least this many
),
&>
}
}
%# avoid the need for "$areboxes" late-evaluation hackery
+% if ($opt{'minboxes'}) {
+if ( checkboxes.length < <% $opt{'minboxes'} %> ) {
+ for (i = 0; i < checkboxes.length; i++) {
+ checkboxes[i].parentNode.removeChild(checkboxes[i]);
+ }
+ checkboxes = [];
+}
+% }
if ( checkboxes.length == 0 ) {
document.getElementById('checkbox_footer').style.display = 'none';
}
?>
-Hello <? echo htmlspecialchars($name); ?><BR><BR>
+<P>Hello <? echo htmlspecialchars($name); ?></P>
<? if ( $signupdate_pretty ) { ?>
- Thank you for being a customer since <? echo $signupdate_pretty; ?><BR><BR>
+ <P>Thank you for being a customer since <? echo $signupdate_pretty; ?></P>
<? } ?>
-Your current balance is: <B>$<? echo $balance ?></B><BR><BR>
+<P>Your current balance is: <B>$<? echo $balance ?></B></P>
+
+<? echo $announcement ?>
<!--
your open invoices if you have any & payment link if you have one. more insistant if you're late?
#! /bin/sh
# From configure.ac Revision.
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for RT rt-4.2.11.
+# Generated by GNU Autoconf 2.69 for RT rt-4.2.12.
#
# Report bugs to <rt-bugs@bestpractical.com>.
#
# Identity of this package.
PACKAGE_NAME='RT'
PACKAGE_TARNAME='rt'
-PACKAGE_VERSION='rt-4.2.11'
-PACKAGE_STRING='RT rt-4.2.11'
+PACKAGE_VERSION='rt-4.2.12'
+PACKAGE_STRING='RT rt-4.2.12'
PACKAGE_BUGREPORT='rt-bugs@bestpractical.com'
PACKAGE_URL=''
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures RT rt-4.2.11 to adapt to many kinds of systems.
+\`configure' configures RT rt-4.2.12 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of RT rt-4.2.11:";;
+ short | recursive ) echo "Configuration of RT rt-4.2.12:";;
esac
cat <<\_ACEOF
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-RT configure rt-4.2.11
+RT configure rt-4.2.12
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by RT $as_me rt-4.2.11, which was
+It was created by RT $as_me rt-4.2.12, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
rt_version_minor=2
-rt_version_patch=11
+rt_version_patch=12
test "x$rt_version_major" = 'x' && rt_version_major=0
test "x$rt_version_minor" = 'x' && rt_version_minor=0
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by RT $as_me rt-4.2.11, which was
+This file was extended by RT $as_me rt-4.2.12, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-RT config.status rt-4.2.11
+RT config.status rt-4.2.12
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
push @messages, {
Tag => $protocol,
Classes => [qw/keycheck bad/],
- Value => loc( "Public key '0x[_1]' is required to verify signature", $line->{'Key'} ),
+ Value => $m->interp->apply_escapes( loc( "Public key '0x[_1]' is required to verify signature", $line->{'Key'} ), 'h'),
};
}
}
push @messages, {
Tag => $protocol,
Classes => ['passphrasecheck', lc $line->{Status}],
- Value => loc( $line->{'Message'} ),
+ Value => $m->interp->apply_escapes( loc( $line->{'Message'} ), 'h'),
};
}
elsif ( $line->{'Operation'} eq 'Decrypt' ) {
push @messages, {
Tag => $protocol,
Classes => ['decrypt', lc $line->{Status}],
- Value => loc( $line->{'Message'} ),
+ Value => $m->interp->apply_escapes( loc( $line->{'Message'} ), 'h'),
};
}
elsif ( $line->{'Operation'} eq 'Verify' ) {
push @messages, {
Tag => $protocol,
Classes => ['verify', lc $line->{Status}, 'trust-'.($line->{Trust} || 'UNKNOWN')],
- Value => loc( $line->{'Message'} ),
+ Value => $m->interp->apply_escapes( loc( $line->{'Message'} ), 'h'),
};
}
else {
push @messages, {
Tag => $protocol,
Classes => [lc $line->{Operation}, lc $line->{Status}],
- Value => loc( $line->{'Message'} ),
+ Value => $m->interp->apply_escapes( loc( $line->{'Message'} ), 'h'),
}
}
}
function update_addprincipal_title(title) {
var h3 = jQuery("#acl-AddPrincipal h3");
- h3.html( h3.text().replace(/: .*$/,'') + ": " + title );
+ h3.text( h3.text().replace(/: .*$/,'') + ": " + title );
}
// when a value is selected from the autocompleter
The result of the rendering is the text line with the output values
separated by colon (:).
-=back
-
=item * C<disable-legend>, C<disable-title>, C<disable-vertical-label>
When set to C<yes>, the corresponding elements of the graph are not displayed.
-
+=back
=head3 Styling Profiles