Legend:
- Unmodified
- Added
- Removed
-
trunk/DNSDB.pm
r293 r294 1115 1115 my $inherit = shift || 0; 1116 1116 1117 my $ failmsg = '';1117 my $resultmsg = ''; 1118 1118 1119 1119 # see if we're switching from inherited to custom. for bonus points, … … 1121 1121 # to set/alter custom perms, and both if we're switching from custom to 1122 1122 # inherited. 1123 my $sth = $dbh->prepare("SELECT (u.permission_id=g.permission_id) AS was_inherited,u.permission_id,g.permission_id". 1123 my $sth = $dbh->prepare("SELECT (u.permission_id=g.permission_id) AS was_inherited,u.permission_id,g.permission_id,". 1124 ($type eq 'user' ? 'u.group_id,u.username' : 'u.parent_group_id,u.group_name'). 1124 1125 " FROM ".($type eq 'user' ? 'users' : 'groups')." u ". 1125 1126 " JOIN groups g ON u.".($type eq 'user' ? '' : 'parent_')."group_id=g.group_id ". … … 1127 1128 $sth->execute($id); 1128 1129 1129 my ($wasinherited,$permid,$parpermid ) = $sth->fetchrow_array;1130 my ($wasinherited,$permid,$parpermid,$parid,$name) = $sth->fetchrow_array; 1130 1131 1131 1132 # hack phtoui … … 1168 1169 } # (inherited->)? custom 1169 1170 1171 if ($type eq 'user') { 1172 $resultmsg = "Updated permissions for user $name"; 1173 } else { 1174 $resultmsg = "Updated default permissions for group $name"; 1175 } 1176 _log($dbh, (group_id => ($type eq 'user' ? $parid : $id), entry => $resultmsg)); 1170 1177 $dbh->commit; 1171 1178 }; # end eval … … 1173 1180 my $msg = $@; 1174 1181 eval { $dbh->rollback; }; 1175 return ('FAIL',"$failmsg: $msg ($permid)"); 1176 } else { 1177 return ('OK',$permid); 1178 } 1179 1182 return ('FAIL',"Error changing permissions: $msg"); 1183 } 1184 1185 return ('OK',$resultmsg); 1180 1186 } # end changePermissions() 1181 1187 … … 2006 2012 local $dbh->{RaiseError} = 1; 2007 2013 2008 my $failmsg = '';2009 2010 2014 # Wrap all the SQL in a transaction 2011 2015 eval { … … 2059 2063 ##fixme: add another table to hold name/email for log table? 2060 2064 2065 _log($dbh, (group_id => $group, entry => "Added user $username ($fname $lname)")); 2061 2066 # once we get here, we should have suceeded. 2062 2067 $dbh->commit; … … 2066 2071 my $msg = $@; 2067 2072 eval { $dbh->rollback; }; 2068 return ('FAIL',$msg." $failmsg"); 2069 } else { 2070 return ('OK',$user_id); 2071 } 2073 if ($config{log_failures}) { 2074 _log($dbh, (group_id => $group, entry => "Error adding user $username: $msg")); 2075 $dbh->commit; # since we enabled transactions earlier 2076 } 2077 return ('FAIL',"Error adding user $username: $msg"); 2078 } 2079 2080 return ('OK',"User $username ($fname $lname) added"); 2072 2081 } # end addUser 2073 2082 … … 2112 2121 my $phone = shift || ''; # not going format-check 2113 2122 2114 my $ failmsg = '';2123 my $resultmsg = ''; 2115 2124 2116 2125 # Allow transactions, and raise an exception on errors so we can catch it later. … … 2124 2133 # Actual blank passwords are bad, mm'kay? 2125 2134 if (!$pass) { 2126 $sth = $dbh->prepare("SELECT password FROM users WHERE user_id=?"); 2127 $sth->execute($uid); 2128 ($pass) = $sth->fetchrow_array; 2135 ($pass) = $dbh->selectrow_array("SELECT password FROM users WHERE user_id=?", undef, ($uid)); 2129 2136 } else { 2130 2137 $pass = unix_md5_crypt($pass); … … 2132 2139 2133 2140 eval { 2134 my $sth = $dbh->prepare(q( 2135 UPDATE users 2136 SET username=?, password=?, firstname=?, lastname=?, phone=?, type=?, status=? 2137 WHERE user_id=? 2138 ) 2139 ); 2140 $sth->execute($username, $pass, $fname, $lname, $phone, $type, $state, $uid); 2141 $dbh->do("UPDATE users SET username=?, password=?, firstname=?, lastname=?, phone=?, type=?, status=?". 2142 " WHERE user_id=?", undef, ($username, $pass, $fname, $lname, $phone, $type, $state, $uid)); 2143 $resultmsg = "Updated user info for $username ($fname $lname)"; 2144 _log($dbh, group_id => $group, entry => $resultmsg); 2141 2145 $dbh->commit; 2142 2146 }; … … 2144 2148 my $msg = $@; 2145 2149 eval { $dbh->rollback; }; 2146 return ('FAIL',"$failmsg: $msg"); 2147 } else { 2148 return ('OK','OK'); 2149 } 2150 if ($config{log_failures}) { 2151 _log($dbh, (group_id => $group, entry => "Error updating user $username: $msg")); 2152 $dbh->commit; # since we enabled transactions earlier 2153 } 2154 return ('FAIL',"Error updating user $username: $msg"); 2155 } 2156 2157 return ('OK',$resultmsg); 2150 2158 } # end updateUser() 2151 2159 -
trunk/dns.cgi
r293 r294 1016 1016 my ($code,$msg) = changePermissions($dbh, 'group', $webvar{gid}, \%chperms); 1017 1017 if ($code eq 'OK') { 1018 logaction(0, $session->param("username"), $webvar{gid},1019 "Updated default permissions in group $webvar{gid} (".groupName($dbh, $webvar{gid}).")");1020 1018 if ($alterperms) { 1021 1019 changepage(page => "grpman", warnmsg => … … 1023 1021 groupName($dbh, $webvar{gid})." updated with reduced access"); 1024 1022 } else { 1025 changepage(page => "grpman", resultmsg => 1026 "Updated default permissions in group ".groupName($dbh, $webvar{gid})); 1023 changepage(page => "grpman", resultmsg => $msg); 1027 1024 } 1028 1025 } # fallthrough else 1029 logaction(0, $session->param("username"), $webvar{gid}, "Failed to update default permissions in group ".1030 groupName($dbh, $webvar{gid}).": $msg")1031 if $config{log_failures};1032 1026 # no point in doing extra work 1033 1027 fill_permissions($page, \%chperms); … … 1261 1255 $page->param(add => 1) if $webvar{useraction} eq 'add'; 1262 1256 1263 my ($code,$msg); 1257 # can't re-use $code and $msg for update if we want to be able to identify separate failure states 1258 my ($code,$code2,$msg,$msg2) = ('OK','OK','OK','OK'); 1264 1259 1265 1260 my $alterperms = 0; # flag iff we need to force custom permissions due to user's current access limits … … 1315 1310 ($webvar{makeactive} eq 'on' ? 1 : 0), $webvar{accttype}, $permstring, 1316 1311 $webvar{fname}, $webvar{lname}, $webvar{phone}); 1317 logaction(0, $session->param("username"), $curgroup, "Added user $webvar{uname} (uid $msg)")1318 if $code eq 'OK';1319 1312 } else { 1320 1313 changepage(page => "useradmin", errmsg => "You do not have permission to edit users") … … 1324 1317 changepage(page => "useradmin", errmsg => "You do not have permission to edit the requested user"); 1325 1318 } 1326 # User update is icky. I'd really like to do this in one atomic 1327 # operation, but that would duplicate a **lot** of code in DNSDB.pm 1319 # User update is icky. I'd really like to do this in one atomic operation, 1320 # but that gets hairy by either duplicating a **lot** of code in DNSDB.pm 1321 # or self-torture trying to not commit the transaction until we're really done. 1328 1322 # Allowing for changing group, but not coding web support just yet. 1329 1323 ($code,$msg) = updateUser($dbh, $webvar{uid}, $webvar{uname}, $webvar{gid}, $webvar{pass1}, … … 1332 1326 if ($code eq 'OK') { 1333 1327 $newperms{admin} = 1 if $webvar{accttype} eq 'S'; 1334 ($code,$msg) = changePermissions($dbh, 'user', $webvar{uid}, \%newperms, ($permstring eq 'i')); 1335 logaction(0, $session->param("username"), $curgroup, 1336 "Updated uid $webvar{uid}, user $webvar{uname} ($webvar{fname} $webvar{lname})"); 1328 ($code2,$msg2) = changePermissions($dbh, 'user', $webvar{uid}, \%newperms, ($permstring eq 'i')); 1337 1329 } 1338 1330 } 1339 1331 } 1340 1332 1341 if ($code eq 'OK' ) {1342 1333 if ($code eq 'OK' && $code2 eq 'OK') { 1334 my %pageparams = (page => "useradmin"); 1343 1335 if ($alterperms) { 1344 changepage(page => "useradmin", warnmsg =>1345 "You can only grant permissions you hold. $webvar{uname} ".1346 ($webvar{useraction} eq 'add' ? 'added' : 'updated')." with reduced access.");1336 $pageparams{warnmsg} = "You can only grant permissions you hold.\nUser ". 1337 ($webvar{useraction} eq 'add' ? "$webvar{uname} added" : "info updated for $webvar{uname}"). 1338 ".\nPermissions ".($webvar{useraction} eq 'add' ? 'added' : 'updated')." with reduced access."; 1347 1339 } else { 1348 changepage(page => "useradmin", resultmsg => "Successfully ". 1349 ($webvar{useraction} eq 'add' ? 'added' : 'updated')." user $webvar{uname}"); 1340 $pageparams{resultmsg} = "$msg".($webvar{useraction} eq 'add' ? '' : "\n$msg2"); 1350 1341 } 1342 changepage(%pageparams); 1351 1343 1352 1344 # add/update failed: … … 1367 1359 $page->param(pass1 => $webvar{pass1}); 1368 1360 $page->param(pass2 => $webvar{pass2}); 1369 $page->param(errmsg => $msg); 1361 $page->param(errmsg => "User info updated but permissions update failed: $msg2") if $code eq 'OK'; 1362 $page->param(errmsg => $msg) if $code ne 'OK'; 1370 1363 fill_permissions($page, \%newperms); 1371 1364 fill_actypelist($webvar{accttype}); 1372 1365 fill_clonemelist(); 1373 logaction(0, $session->param("username"), $curgroup, "Failed to $webvar{useraction} user ".1374 "$webvar{uname}: $msg")1375 if $config{log_failures};1376 1366 } 1377 1367 … … 1394 1384 fill_actypelist($userinfo->{type}); 1395 1385 # not using this yet, but adding it now means we can *much* more easily do so later. 1396 $page->param(gid => $ webvar{group_id});1386 $page->param(gid => $userinfo->{group_id}); 1397 1387 1398 1388 my %curperms; -
trunk/templates/user.tmpl
r207 r294 16 16 <table border="0" cellspacing="2" cellpadding="2" width="450"> 17 17 <TMPL_IF add_failed> <tr> 18 <td class="errhead" colspan="2"> Error <TMPL_IF add>adding<TMPL_ELSE>updating</TMPL_IF> user <TMPL_VAR NAME=uname>:<TMPL_VAR NAME=errmsg></td>18 <td class="errhead" colspan="2"><TMPL_VAR NAME=errmsg></td> 19 19 </tr></TMPL_IF> 20 20 <tr class="darkrowheader"><td colspan="2" align="center"><TMPL_IF add>Add<TMPL_ELSE>Edit</TMPL_IF> User</td></tr>
Note:
See TracChangeset
for help on using the changeset viewer.