From 776b6c8e2c064b42b89e22e2d5d01afb65dd8bb3 Mon Sep 17 00:00:00 2001
From: Mark Wells <mark@freeside.biz>
Date: Tue, 9 Feb 2016 10:56:13 -0800
Subject: [PATCH] Revert "make password-insecure option work when adding a new
 svc_acct, #40236"

This reverts commit 9d0796956b83a47a3258e1d388289f6b59f7444d.
- password-insecure option is 3.x only.
---
 FS/FS/Password_Mixin.pm                        | 10 ----------
 httemplate/edit/svc_acct.cgi                   |  7 +++----
 httemplate/elements/validate_password.html     | 10 +++-------
 httemplate/misc/xmlhttp-validate_password.html | 25 ++++++++++---------------
 4 files changed, 16 insertions(+), 36 deletions(-)

diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index 47290b5fa..3fb787c47 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -43,16 +43,6 @@ sub is_password_allowed {
   my $self = shift;
   my $password = shift;
 
-  my $cust_main = $self->cust_main;
-
-  # workaround for non-inserted services
-  if ( !$cust_main and $self->get('pkgnum') ) {
-    my $cust_pkg = FS::cust_pkg->by_key($self->get('pkgnum'));
-    $cust_main = $cust_pkg->cust_main if $cust_pkg;
-  }
-  warn "is_password_allowed: no customer could be identified" if !$cust_main;
-  return '' if $cust_main && $conf->config_bool('password-insecure', $cust_main->agentnum);
-
   # basic checks using Data::Password;
   # options for Data::Password
   $DICTIONARY = 4;   # minimum length of disallowed words
diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi
index 33231adeb..ca26c6cf0 100755
--- a/httemplate/edit/svc_acct.cgi
+++ b/httemplate/edit/svc_acct.cgi
@@ -52,10 +52,9 @@
     <INPUT TYPE="text" ID="clear_password" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
     <& /elements/random_pass.html, 'clear_password' &><BR>
     <DIV ID="clear_password_result" STYLE="font-size: smaller"></DIV>
-    <& /elements/validate_password.html, 
-        'fieldid' => 'clear_password',
-        'svcnum' => $svcnum ,
-        'pkgnum' => $pkgnum,
+    <& '/elements/validate_password.html', 
+         'fieldid' => 'clear_password',
+         'svcnum' => $svcnum 
     &>
   </TD>
 </TR>
diff --git a/httemplate/elements/validate_password.html b/httemplate/elements/validate_password.html
index f067ad8fc..a488c4f16 100644
--- a/httemplate/elements/validate_password.html
+++ b/httemplate/elements/validate_password.html
@@ -5,9 +5,8 @@ To validate passwords via javascript/xmlhttp:
   <INPUT ID="password_field" TYPE="text">
   <DIV ID="password_field_result">
   <& '/elements/validate_password.html', 
-      fieldid  => 'password_field',
-      svcnum   => $svcnum,
-      pkgnum   => $pkgnum, # used if the service doesn't exist yet
+     fieldid  => 'password_field',
+     svcnum   => $svcnum
   &>
 
 The ID of the input field can be anything;  the ID of the DIV in which to display results
@@ -28,10 +27,7 @@ function add_password_validation (fieldid) {
     var resultfield = document.getElementById(fieldid);
     if (this.value) {
       resultfield.innerHTML = '<SPAN STYLE="color: blue;">Validating password...</SPAN>';
-      validate_password('fieldid',fieldid,
-                        'svcnum',<% $opt{'svcnum'} |js_string %>,
-                        'pkgnum',<% $opt{'pkgnum'} |js_string %>,
-                        'password',this.value,
+      validate_password('fieldid',fieldid,'svcnum','<% $opt{'svcnum'} %>','password',this.value,
         function (result) {
           result = JSON.parse(result);
           var resultfield = document.getElementById(result.fieldid);
diff --git a/httemplate/misc/xmlhttp-validate_password.html b/httemplate/misc/xmlhttp-validate_password.html
index 1efb4aaa3..28dbf6460 100644
--- a/httemplate/misc/xmlhttp-validate_password.html
+++ b/httemplate/misc/xmlhttp-validate_password.html
@@ -1,14 +1,13 @@
 <%doc>
-Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is
-only acceptable value.)  Also accepts 'svcnum' (for svc_acct, will otherwise
-create an empty dummy svc_acct), 'pkgnum' (for when the svc_acct isn't yet
-inserted), and 'fieldid' (for html post-processing, passed along in results
-for convenience.)
-
-Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is
-valid), 'error' (error text if password is invalid) or 'syserror' (error text
-if password could not be validated.)  Only one of these keys will be set.
-Will also set 'fieldid' if it was passed.
+Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is only 
+acceptable value.)  Also accepts 'svcnum' (for svc_acct, will otherwise create an
+empty dummy svc_acct) and 'fieldid' (for html post-processing, passed along in 
+results for convenience.)
+
+Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is valid),
+'error' (error text if password is invalid) or 'syserror' (error text if password
+could not be validated.)  Only one of these keys will be set.  Will also set
+'fieldid' if it was passed.
 </%doc>
 
 <% encode_json($result) %>
@@ -33,13 +32,9 @@ my $validate_password = sub {
   $result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/;
   return \%result if $result{'syserror'};
 
-  my $pkgnum = $arg{'pkgnum'};
-  $result{'syserror'} = 'Invalid pkgnum' unless $pkgnum =~ /^\d*$/;
-  return \%result if $result{'syserror'};
-
   my $svc_acct = $svcnum 
     ? qsearchs('svc_acct',{'svcnum' => $svcnum})
-    : FS::svc_acct->new({ 'pkgnum' => $pkgnum });
+    : (new FS::svc_acct {});
   $result{'syserror'} = 'Could not find service' unless $svc_acct;
   return \%result if $result{'syserror'};
 
-- 
2.11.0