[freeside-commits] branch FREESIDE_3_BRANCH updated. 7e39ac20af1070bd6521f6199b043abf2afa73d7
Mark Wells
mark at 420.am
Mon Feb 8 16:12:44 PST 2016
The branch, FREESIDE_3_BRANCH has been updated
via 7e39ac20af1070bd6521f6199b043abf2afa73d7 (commit)
from 460d06a996538bc1db22db8d1d8029c7bd9e6d0c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7e39ac20af1070bd6521f6199b043abf2afa73d7
Author: Mark Wells <mark at freeside.biz>
Date: Mon Feb 8 16:09:28 2016 -0800
make password-insecure option work when adding a new svc_acct, #40236
diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index a27dd54..bdfab18 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -46,6 +46,13 @@ sub is_password_allowed {
my $password = shift;
my $cust_main = $self->cust_main;
+
+ # workaround for non-inserted services
+ if ( !$cust_main and $self->get('pkgnum') ) {
+ my $cust_pkg = FS::cust_pkg->by_key($self->get('pkgnum'));
+ $cust_main = $cust_pkg->cust_main if $cust_pkg;
+ }
+ warn "is_password_allowed: no customer could be identified" if !$cust_main;
return '' if $cust_main && $conf->config_bool('password-insecure', $cust_main->agentnum);
# basic checks using Data::Password;
diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi
index ff8e316..4266046 100755
--- a/httemplate/edit/svc_acct.cgi
+++ b/httemplate/edit/svc_acct.cgi
@@ -52,9 +52,10 @@
<INPUT TYPE="text" ID="clear_password" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
<& /elements/random_pass.html, 'clear_password' &><BR>
<DIV ID="clear_password_result" STYLE="font-size: smaller"></DIV>
- <& '/elements/validate_password.html',
- 'fieldid' => 'clear_password',
- 'svcnum' => $svcnum
+ <& /elements/validate_password.html,
+ 'fieldid' => 'clear_password',
+ 'svcnum' => $svcnum ,
+ 'pkgnum' => $pkgnum,
&>
</TD>
</TR>
diff --git a/httemplate/elements/validate_password.html b/httemplate/elements/validate_password.html
index a488c4f..f067ad8 100644
--- a/httemplate/elements/validate_password.html
+++ b/httemplate/elements/validate_password.html
@@ -5,8 +5,9 @@ To validate passwords via javascript/xmlhttp:
<INPUT ID="password_field" TYPE="text">
<DIV ID="password_field_result">
<& '/elements/validate_password.html',
- fieldid => 'password_field',
- svcnum => $svcnum
+ fieldid => 'password_field',
+ svcnum => $svcnum,
+ pkgnum => $pkgnum, # used if the service doesn't exist yet
&>
The ID of the input field can be anything; the ID of the DIV in which to display results
@@ -27,7 +28,10 @@ function add_password_validation (fieldid) {
var resultfield = document.getElementById(fieldid);
if (this.value) {
resultfield.innerHTML = '<SPAN STYLE="color: blue;">Validating password...</SPAN>';
- validate_password('fieldid',fieldid,'svcnum','<% $opt{'svcnum'} %>','password',this.value,
+ validate_password('fieldid',fieldid,
+ 'svcnum',<% $opt{'svcnum'} |js_string %>,
+ 'pkgnum',<% $opt{'pkgnum'} |js_string %>,
+ 'password',this.value,
function (result) {
result = JSON.parse(result);
var resultfield = document.getElementById(result.fieldid);
diff --git a/httemplate/misc/xmlhttp-validate_password.html b/httemplate/misc/xmlhttp-validate_password.html
index 28dbf64..1efb4aa 100644
--- a/httemplate/misc/xmlhttp-validate_password.html
+++ b/httemplate/misc/xmlhttp-validate_password.html
@@ -1,13 +1,14 @@
<%doc>
-Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is only
-acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise create an
-empty dummy svc_acct) and 'fieldid' (for html post-processing, passed along in
-results for convenience.)
-
-Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is valid),
-'error' (error text if password is invalid) or 'syserror' (error text if password
-could not be validated.) Only one of these keys will be set. Will also set
-'fieldid' if it was passed.
+Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is
+only acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise
+create an empty dummy svc_acct), 'pkgnum' (for when the svc_acct isn't yet
+inserted), and 'fieldid' (for html post-processing, passed along in results
+for convenience.)
+
+Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is
+valid), 'error' (error text if password is invalid) or 'syserror' (error text
+if password could not be validated.) Only one of these keys will be set.
+Will also set 'fieldid' if it was passed.
</%doc>
<% encode_json($result) %>
@@ -32,9 +33,13 @@ my $validate_password = sub {
$result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/;
return \%result if $result{'syserror'};
+ my $pkgnum = $arg{'pkgnum'};
+ $result{'syserror'} = 'Invalid pkgnum' unless $pkgnum =~ /^\d*$/;
+ return \%result if $result{'syserror'};
+
my $svc_acct = $svcnum
? qsearchs('svc_acct',{'svcnum' => $svcnum})
- : (new FS::svc_acct {});
+ : FS::svc_acct->new({ 'pkgnum' => $pkgnum });
$result{'syserror'} = 'Could not find service' unless $svc_acct;
return \%result if $result{'syserror'};
-----------------------------------------------------------------------
Summary of changes:
FS/FS/Password_Mixin.pm | 7 +++++++
httemplate/edit/svc_acct.cgi | 7 ++++---
httemplate/elements/validate_password.html | 10 +++++++---
httemplate/misc/xmlhttp-validate_password.html | 25 ++++++++++++++----------
4 files changed, 33 insertions(+), 16 deletions(-)
More information about the freeside-commits
mailing list