[freeside-commits] branch FREESIDE_4_BRANCH updated. cfd85994ae364f5b7c0c4bc1bf30d3485e748a08
Mark Wells
mark at 420.am
Tue Feb 9 10:57:26 PST 2016
The branch, FREESIDE_4_BRANCH has been updated
via cfd85994ae364f5b7c0c4bc1bf30d3485e748a08 (commit)
from a19a04f0b684c64039c03216d398af534c858bf9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit cfd85994ae364f5b7c0c4bc1bf30d3485e748a08
Author: Mark Wells <mark at freeside.biz>
Date: Tue Feb 9 10:57:08 2016 -0800
Revert "make password-insecure option work when adding a new svc_acct, #40236"
This reverts commit a19a04f0b684c64039c03216d398af534c858bf9.
- password-insecure option is 3.x only.
diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm
index 47290b5..3fb787c 100644
--- a/FS/FS/Password_Mixin.pm
+++ b/FS/FS/Password_Mixin.pm
@@ -43,16 +43,6 @@ sub is_password_allowed {
my $self = shift;
my $password = shift;
- my $cust_main = $self->cust_main;
-
- # workaround for non-inserted services
- if ( !$cust_main and $self->get('pkgnum') ) {
- my $cust_pkg = FS::cust_pkg->by_key($self->get('pkgnum'));
- $cust_main = $cust_pkg->cust_main if $cust_pkg;
- }
- warn "is_password_allowed: no customer could be identified" if !$cust_main;
- return '' if $cust_main && $conf->config_bool('password-insecure', $cust_main->agentnum);
-
# basic checks using Data::Password;
# options for Data::Password
$DICTIONARY = 4; # minimum length of disallowed words
diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi
index 33231ad..ca26c6c 100755
--- a/httemplate/edit/svc_acct.cgi
+++ b/httemplate/edit/svc_acct.cgi
@@ -52,10 +52,9 @@
<INPUT TYPE="text" ID="clear_password" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
<& /elements/random_pass.html, 'clear_password' &><BR>
<DIV ID="clear_password_result" STYLE="font-size: smaller"></DIV>
- <& /elements/validate_password.html,
- 'fieldid' => 'clear_password',
- 'svcnum' => $svcnum ,
- 'pkgnum' => $pkgnum,
+ <& '/elements/validate_password.html',
+ 'fieldid' => 'clear_password',
+ 'svcnum' => $svcnum
&>
</TD>
</TR>
diff --git a/httemplate/elements/validate_password.html b/httemplate/elements/validate_password.html
index f067ad8..a488c4f 100644
--- a/httemplate/elements/validate_password.html
+++ b/httemplate/elements/validate_password.html
@@ -5,9 +5,8 @@ To validate passwords via javascript/xmlhttp:
<INPUT ID="password_field" TYPE="text">
<DIV ID="password_field_result">
<& '/elements/validate_password.html',
- fieldid => 'password_field',
- svcnum => $svcnum,
- pkgnum => $pkgnum, # used if the service doesn't exist yet
+ fieldid => 'password_field',
+ svcnum => $svcnum
&>
The ID of the input field can be anything; the ID of the DIV in which to display results
@@ -28,10 +27,7 @@ function add_password_validation (fieldid) {
var resultfield = document.getElementById(fieldid);
if (this.value) {
resultfield.innerHTML = '<SPAN STYLE="color: blue;">Validating password...</SPAN>';
- validate_password('fieldid',fieldid,
- 'svcnum',<% $opt{'svcnum'} |js_string %>,
- 'pkgnum',<% $opt{'pkgnum'} |js_string %>,
- 'password',this.value,
+ validate_password('fieldid',fieldid,'svcnum','<% $opt{'svcnum'} %>','password',this.value,
function (result) {
result = JSON.parse(result);
var resultfield = document.getElementById(result.fieldid);
diff --git a/httemplate/misc/xmlhttp-validate_password.html b/httemplate/misc/xmlhttp-validate_password.html
index 1efb4aa..28dbf64 100644
--- a/httemplate/misc/xmlhttp-validate_password.html
+++ b/httemplate/misc/xmlhttp-validate_password.html
@@ -1,14 +1,13 @@
<%doc>
-Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is
-only acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise
-create an empty dummy svc_acct), 'pkgnum' (for when the svc_acct isn't yet
-inserted), and 'fieldid' (for html post-processing, passed along in results
-for convenience.)
-
-Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is
-valid), 'error' (error text if password is invalid) or 'syserror' (error text
-if password could not be validated.) Only one of these keys will be set.
-Will also set 'fieldid' if it was passed.
+Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is only
+acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise create an
+empty dummy svc_acct) and 'fieldid' (for html post-processing, passed along in
+results for convenience.)
+
+Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is valid),
+'error' (error text if password is invalid) or 'syserror' (error text if password
+could not be validated.) Only one of these keys will be set. Will also set
+'fieldid' if it was passed.
</%doc>
<% encode_json($result) %>
@@ -33,13 +32,9 @@ my $validate_password = sub {
$result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/;
return \%result if $result{'syserror'};
- my $pkgnum = $arg{'pkgnum'};
- $result{'syserror'} = 'Invalid pkgnum' unless $pkgnum =~ /^\d*$/;
- return \%result if $result{'syserror'};
-
my $svc_acct = $svcnum
? qsearchs('svc_acct',{'svcnum' => $svcnum})
- : FS::svc_acct->new({ 'pkgnum' => $pkgnum });
+ : (new FS::svc_acct {});
$result{'syserror'} = 'Could not find service' unless $svc_acct;
return \%result if $result{'syserror'};
-----------------------------------------------------------------------
Summary of changes:
FS/FS/Password_Mixin.pm | 10 ----------
httemplate/edit/svc_acct.cgi | 7 +++----
httemplate/elements/validate_password.html | 10 +++-------
httemplate/misc/xmlhttp-validate_password.html | 25 ++++++++++--------------
4 files changed, 16 insertions(+), 36 deletions(-)
More information about the freeside-commits
mailing list