head	1.14;
access;
symbols
	TIGRIS_1_1_0RC2:1.7.8.2
	TIGRIS_1_1_0RC1:1.7.8.2
	TIGRIS_1_1:1.7.8.2.0.2
	TIGRIS_1_0_8:1.7.8.2
	TIGRIS_1_0_8RC3:1.7.8.2
	TIGRIS_1_0_8RC2:1.7.8.2
	TIGRIS_1_0_8RC1:1.7.8.2
	TIGRIS_1_0_7:1.7.8.2
	TIGRIS_1_0_7RC3:1.7.8.2
	TIGRIS_1_0_7RC2:1.7.8.2
	TIGRIS_1_0_7RC1:1.7.8.2
	TIGRIS_1_0_6:1.7.8.2
	TIGRIS_1_0_6RC5:1.7.8.2
	TIGRIS_1_0_6RC4:1.7.8.2
	TIGRIS_1_0_6RC3:1.7.8.2
	TIGRIS_1_0_6RC2:1.7.8.2
	TIGRIS_1_0_6RC1:1.7.8.2
	TIGRIS_1_0_5:1.7
	TIGRIS_1_0_5RC6:1.7
	TIGRIS_1_0_5RC5:1.7
	TIGRIS_1_0_5RC4:1.7
	TIGRIS_1_0_5RC3:1.7
	TIGRIS_1_0_5RC2:1.7
	TIGRIS_1_0_5RC1:1.7
	TIGRIS_1_0_4:1.7
	TIGRIS_1_0_3:1.7
	TIGRIS_1_0_2:1.7
	TIGRIS_1_0_1:1.7
	TIGRIS_1_0:1.7.0.8
	TIGRIS_1_0_0:1.7
	TIGRIS_1_0_0_RC1:1.7.0.4
	dlr:1.1.1
	TIGRIS_0_9_2_4:1.7
	TIGRIS_0_9_2_3:1.7
	HELM_PEER_PORT_BRANCH:1.1.1.2
	TURBINE_PEER:1.7
	TIGRIS_0_9_2_1:1.7
	TIGRIS_0_9_2:1.7.0.2
	TIGRIS_0_9_0:1.4.0.2
	TIGRIS_0_8_4:1.3.0.2
	NEWHELM:1.1.1.1
	TIGRIS_NOV_12_2000:1.1.1;
locks; strict;
comment	@# @;


1.14
date	2001.07.30.18.07.19;	author kmaples;	state dead;
branches;
next	1.13;

1.13
date	2001.07.10.05.02.00;	author kmaples;	state Exp;
branches;
next	1.12;

1.12
date	2001.06.05.22.36.18;	author kmaples;	state Exp;
branches;
next	1.11;

1.11
date	2001.05.31.21.30.37;	author kmaples;	state Exp;
branches;
next	1.10;

1.10
date	2001.05.30.22.06.50;	author kmaples;	state Exp;
branches;
next	1.9;

1.9
date	2001.04.18.02.02.58;	author kmaples;	state Exp;
branches;
next	1.8;

1.8
date	2001.04.17.04.44.54;	author kmaples;	state Exp;
branches;
next	1.7;

1.7
date	2001.01.13.02.04.52;	author kmaples;	state Exp;
branches
	1.7.8.1;
next	1.6;

1.6
date	2000.12.28.01.48.09;	author kmaples;	state Exp;
branches;
next	1.5;

1.5
date	2000.12.27.22.57.44;	author kmaples;	state Exp;
branches;
next	1.4;

1.4
date	2000.12.08.23.58.26;	author kmaples;	state Exp;
branches;
next	1.3;

1.3
date	2000.11.16.04.36.42;	author kmaples;	state Exp;
branches
	1.3.2.1;
next	1.2;

1.2
date	2000.11.16.00.38.49;	author kmaples;	state Exp;
branches;
next	1.1;

1.1
date	2000.11.12.21.17.38;	author dlr;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	2000.11.12.21.17.38;	author dlr;	state Exp;
branches;
next	1.1.1.2;

1.1.1.2
date	2001.02.21.00.36.20;	author dlr;	state Exp;
branches;
next	;

1.3.2.1
date	2000.12.12.18.23.03;	author kmaples;	state Exp;
branches;
next	;

1.7.8.1
date	2001.05.31.01.29.28;	author kmaples;	state Exp;
branches;
next	1.7.8.2;

1.7.8.2
date	2001.06.01.00.30.40;	author kmaples;	state Exp;
branches;
next	;


desc
@@


1.14
log
@Issue number: 4544, 4242
Making the world a better place by removing the scripts the taskrunner
used to need to run to create IZ users.
@
text
@#!/usr/bin/perl

# ================================================================
# Copyright (c) 2000 Collab.Net.  All rights reserved.
# 
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
# 
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 
# 3. The end-user documentation included with the redistribution, if
# any, must include the following acknowlegement: "This product includes
# software developed by Collab.Net (http://www.Collab.Net/)."
# Alternately, this acknowlegement may appear in the software itself, if
# and wherever such third-party acknowlegements normally appear.
# 
# 4. The hosted project names must not be used to endorse or promote
# products derived from this software without prior written
# permission. For written permission, please contact info@@collab.net.
# 
# 5. Products derived from this software may not use the "Tigris" name
# nor may "Tigris" appear in their names without prior written
# permission of Collab.Net.
# 
# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
# IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
# IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
# ====================================================================
# 
# This software consists of voluntary contributions made by many
# individuals on behalf of Collab.Net.
#

# 
# $Id: issuezilla-user-add,v 1.13 2001/07/10 05:02:00 kmaples Exp $
# --------------------
# 

# Flush buffer, just in case:
$| = 1;

use strict;
use DBI;

# For the sake of -T:
$ENV{'PATH'} = "/bin:/usr/bin:/usr/local/bin";

# Process arguments
my $project_name       = $ARGV[0] || '';
my $dbname             = $ARGV[1] || '';
my $domain_name        = $ARGV[2] || '';
my $issues_realname    = $ARGV[3] || ''; # : - sep. list
my $issues_username    = $ARGV[4] || ''; # : - sep. list
my $issues_role        = $ARGV[5] || '';
my $multiple_dbs       = $ARGV[6] || '';
  
# Split the list of users:
my @@realnames = split(':',$issues_realname);
my @@usernames = split(':',$issues_username);

# String for current sql statement
my $command;

# Placeholder vars for db work:
my ($select, $ret);

# Prefix used to denote disabled accounts:
my $disabled_pfx = 'ex-'; 

# NOTE - this script requires the info necessary to connect
# to the correct DB, e.g., username/password, DB name, etc.

my $dbuser         = $ENV{DATABASE_USER}     || '';
my $dbpass         = $ENV{DATABASE_PASSWORD} || '';

# Grab just the filename portion of this script to use as a 
# log identifier:
my $script_name = $0;
$script_name =~ s/^.*\/([^\/]+)$/  $1/;

# Default return value for this script:
my $return_code = 0;

# array to hold data for insert:
my @@inserts;

#---------------------------------------------------------------
# MAIN
#---------------------------------------------------------------
# Complain if the list of users doesn't match the list of names:
unless($#realnames == $#usernames){
    print "$script_name: list of usernames and realnames don't match\n";
    exit(1);
}

# Fail if we don't have what we need to talk to the database:
unless($dbname && $dbuser && $dbpass){
    print "$script_name: envrionmentals for DB access not set\n";
    exit(1);
}

my $dbc = join(':',"DBI:mysql:$dbname",$ENV{DATABASE_HOST},$ENV{DATABASE_PORT});
my $CONN = DBI->connect($dbc, $dbuser, $dbpass);

# Check for a good connection:
unless( $CONN =~ m/HASH/){
    print "$script_name: no connection to database: $!\n";
    exit(1);
}

# Quote the constants:
$issues_role     = $CONN->quote( $issues_role );

# Now iterate over the list of users provided, inserting each
# in turn:
for(0 .. $#usernames){
    # Some email address for issuezilla:
    my $login_name     = $usernames[$_] . '@@' . $domain_name;
    my $disabled_login = $disabled_pfx . $login_name; 
    my $realname       = $realnames[$_];

    # Do the sql quoting for the values we're gonna play with:
    foreach($login_name, $realname, $disabled_login){
        $_ = $CONN->quote( $_ );
    }

    # Test and insert in the 'profiles' table:
    # 1. account exists, but was disabled:
    print "$script_name: checking for disabled record in 'profiles' table for $login_name\n";
    
    # There is the probability that this will be called on users that already exist;
    # in this case, we want to re-enable the account in the event that it was disabled,
    # and possibly update permissions

    if($multiple_dbs){
        # multiple db mode:
        # we want to honor the permissions that are being explicitly set
        # over any that might already be present, and enable the account in the 
        # event it was disabled: 
        $command = qq[
            UPDATE profiles SET
            login_name     = $login_name,
            disabledtext   = ''
            WHERE 
            login_name     = $disabled_login
            OR
            login_name     = $login_name
        ];
    } else {
        # Single db mode:
        # If we're in single-database mode, we're relegating the management 
        # of permissions in IZ to the adminstrator to handle through the 
        # interface provided by IZ; this command just ensures that if disbled
        # by helm, the account would be re-enabled:

        $command = qq[
            UPDATE profiles SET
            login_name     = $login_name
            WHERE 
            login_name     = $disabled_login
            OR
            login_name     = $login_name
        ];
    }
    
    $select = $CONN->prepare($command);
    $ret    = $select->execute;

    if($ret && $ret ne '0E0'){
        # Regardless of the command that was executed, it was 
        # successful (returned a row), so no need for an insert:
        print "$script_name: record found and update\n";
    } else {
        print "$script_name: no record updated; scheduling for insert\n";
        
        my $istr = qq{($login_name, $realname, 'All', 1)};
        
        push(@@inserts, $istr);      
    }
}

# Done updating users; now perform any inserts that were scheduled:
if(@@inserts){
    print "$script_name: performing inserts\n";
    
    my $insert_values = join(',', @@inserts);

    # There are two conditions that might have led us to these inserts;
    # either there was no row above to update (hence the need to 
    # create a record), or the update was identical to the existing
    # row, so mysql ignored it and returned no rows.  For this 
    # reason, we're obliged to use 'IGNORE' here, meaning that it's
    # possible that inserts will be attempted where duplicate 
    # keys exist:
    
    $command = qq[
        INSERT IGNORE INTO profiles
        (login_name, realname, emailnotification, newemailtech)
        VALUES
            $insert_values
    ];
        
    $select = $CONN->prepare($command);
    $ret    = $select->execute;

    unless($ret){
        # This represents a failure of some sort, but what is not
        # determined.  Presumably, either was already an account 
        # by that name, or there was a problem writing to the db.
        # However, since there may be a number of users that
        # this script is being run against, don't blow out here, but
        # make a note that all was not well:        
        print "$script_name: unable to perform insert: $!\n";
        $return_code = 1;
    }
}

# Clean up and leave quietly:
$select->finish();
$CONN->disconnect;

exit($return_code);

#---------------------------------------------------------------
# END MAIN
#---------------------------------------------------------------


@


1.13
log
@Issue number: 4544
Sanity check-in round 3.  Editing users and groups works using new schema
and abstraction. Changed helper scripts to add appropriately.
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.12 2001/06/05 22:36:18 kmaples Exp $
@


1.12
log
@Issue number: 4242
Completely removing IZ's password and LDAP code.  This is in advance of
more signifigant changes to persuade IZ to obtain permission information
directly from Helm.

This is a large-scale cleanup of code which is useless to IZ, since it
obtains the information it uses for authentication from Helm in any event.
Password information was merely dummy strings that acted as placeholders
in the profiles table; as of now, it is sufficient to have an entry in
the profiles table (non-disabled, of course) for access.

Related changes can be found in issuezilla/
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.11 2001/05/31 21:30:37 kmaples Exp $
a157 1
            groupset       = $issues_role, 
d191 1
a191 1
        my $istr = qq{($login_name, $realname, $issues_role, 'All', 1)};
d213 1
a213 1
        (login_name, realname, groupset, emailnotification, newemailtech)
@


1.11
log
@Issue number: 4242
An optimization, and a bug fix: the script was incorrectly reporting mysql
noops as no record; inserts are now performed with IGNORE to prevent this
from incorrectly reporting such a circumstance as a script failure.  Any
inserts that need to be performed are now performed en masse.
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.10 2001/05/30 22:06:50 kmaples Exp $
a71 2
my $issues_password    = $ENV{ISSUZILLA_PASSWORD};

a126 1
$issues_password = $CONN->quote( $issues_password );
d192 1
a192 2
        my $istr = qq{($login_name, $issues_password, ENCRYPT($issues_password), 
             $realname, $issues_role, 'All', 1)};
d214 1
a214 2
        (login_name, password, cryptpassword,
            realname, groupset, emailnotification, newemailtech)
@


1.10
log
@Issue number: 4242

Providing some optimizations to reduce the number sql hits per operation.
If successful, will port this to branch.
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.9 2001/04/18 02:02:58 kmaples Exp $
d101 3
d191 1
a191 1
        print "$script_name: record found and re-enabled.\n";
d193 22
a214 1
        print "$script_name: no record updated; performing insert\n";
d216 7
a222 10
        $command = qq[
            INSERT INTO profiles SET
            login_name     = $login_name,
            password       = $issues_password,
            cryptpassword  = ENCRYPT($issues_password),
            realname       = $realname,
            groupset       = $issues_role,
            emailnotification = 'All',
            newemailtech   = 1
        ];
d224 2
a225 2
        $select = $CONN->prepare($command);
        $ret    = $select->execute;
d227 9
a235 10
        unless($ret){
            # This represents a failure of some sort, but what is not
            # determined.  Presumably, either was already an account 
            # by that name, or there was a problem writing to the db.
            # However, since there may be a number of users that
            # this script is being run against, don't blow out here, but
            # make a note that all was not well:        
            print "$script_name: unable to perform insert: $!\n";
            $return_code = 1;
        }
d248 1
@


1.9
log
@Undoing yesterday's commit - my hastiness to implement some sort of logging
level notion into these scripts caused me great pain.
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.7 2001/01/13 02:04:52 kmaples Exp $
a61 2
# Detaint the args by brute force:
@@ARGV = detaint_array(@@ARGV);
d98 3
d106 2
a107 2
	print "$script_name: list of usernames and realnames don't match\n";
	exit(1);
d132 2
a133 2
	# Some email address for issuezilla:
	my $login_name     = $usernames[$_] . '@@' . $domain_name;
d135 1
a135 1
	my $realname       = $realnames[$_];
d137 4
a140 4
	# Do the sql quoting for the values we're gonna play with:
	foreach($login_name, $realname, $disabled_login){
	    $_ = $CONN->quote( $_ );
	}
d142 1
a142 1
	# Test and insert in the 'profiles' table:
d144 28
a171 1
	print "$script_name: checking for disabled record in 'profiles' table for $login_name\n";
d177 2
d180 23
a202 1

d206 9
a214 2
        if($ret && $ret ne '0E0'){
            print "$script_name: record found, re-enabled.\n";
d216 1
a216 64
     
    # 2. account exists:
	print "$script_name: checking for previous record in 'profiles' table for $login_name\n";
	
	$command = qq[
	    SELECT * FROM profiles WHERE
	    login_name     = $login_name
	    LIMIT 1
	];
	
	$select = $CONN->prepare($command);
	$ret    = $select->execute;
	
	if($ret && $ret ne '0E0'){
	    
	    print "$script_name: record found for $login_name\n";
	    
	    # If we're in single-database mode, that's it - this is success
	    # since we're relegating the management of permissions in IZ to
	    # the adminstrator to handle through the interface:
	    
	    unless($multiple_dbs){
	    	print "$script_name: no further action in SINGLE db mode\n";
	    	next;
	    } 
	    
	    # Normally, this would be the end of it - we'd declare success.  But there
	    # is the probability that this will be called on users that already exist.
	    # If this is the case, we want to honor the permissions that are being set
	    # over any that might already be present, and enable the account in the 
	    # event it was disabled: 
	
	    $command = qq[
	        UPDATE profiles SET
	        groupset       = $issues_role, 
	        disabledtext   = ''
	        WHERE
	        login_name     = $login_name
	    ];
	
	} else {
	    print "$script_name: performing insert\n";
	
	    $command = qq[
	        INSERT INTO profiles SET
	        login_name     = $login_name,
	        password       = $issues_password,
	        cryptpassword  = ENCRYPT($issues_password),
	        realname       = $realname,
	        groupset       = $issues_role,
	        emailnotification = 'All',
	        newemailtech   = 1
	    ];
	
	}
	
	$select = $CONN->prepare($command);
	$ret    = $select->execute;
	
	unless($ret){
	    print "$script_name: unable to perform insert: $!\n";
	    $CONN->disconnect;
	    exit(1);
	}
d223 2
a227 18


# A crude attempt to overcome data tainting in perl:
#-------------------
sub detaint_array {
#-------------------
    my @@unclean = @@_;
    my @@clean = ();

    foreach(@@unclean){
        # We don't really have rules for this, so at the moment
        # this acts as a passthrough:
        $_ =~ m/^(.*)$/;
        push(@@clean,$1);
    }

    return(@@clean);
}
@


1.8
log
@Scripts now use IN_PRODUCTION to determine logging level
@
text
@a53 5
my $scripts_dir = $ENV{'SANDBOX'} . '/helm/perl/scripts';

require "$scripts_dir/ParentChildArgumentBridge.pl"
    or die "Require failed: $!\n";

d105 1
a105 1
	print_log(1, "$script_name: list of usernames and realnames don't match\n");
d111 1
a111 1
    print_log(1, "$script_name: envrionmentals for DB access not set\n");
d120 1
a120 1
    print_log(1, "$script_name: no connection to database: $!\n");
d143 1
a143 1
	print_log(1, "$script_name: checking for disabled record in 'profiles' table for $login_name\n");
d155 1
a155 1
            print_log(1, "$script_name: record found, re-enabled.\n");
d159 1
a159 1
	print_log(1, "$script_name: checking for previous record in 'profiles' table for $login_name\n");
d172 1
a172 1
	    print_log(1, "$script_name: record found for $login_name\n");
d179 1
a179 1
	    	print_log(1, "$script_name: no further action in SINGLE db mode\n");
d198 1
a198 1
	    print_log(1, "$script_name: performing insert\n");
d217 1
a217 1
	    print_log(1, "$script_name: unable to perform insert: $!\n");
@


1.7
log
@First furtive attempts to support remote databases.
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.6 2000/12/28 01:48:09 kmaples Exp $
d54 5
d110 1
a110 1
	print "$script_name: list of usernames and realnames don't match\n";
d116 1
a116 1
    print "$script_name: envrionmentals for DB access not set\n";
d125 1
a125 1
    print "$script_name: no connection to database: $!\n";
d148 1
a148 1
	print "$script_name: checking for disabled record in 'profiles' table for $login_name\n";
d160 1
a160 1
            print "$script_name: record found, re-enabled.\n";
d164 1
a164 1
	print "$script_name: checking for previous record in 'profiles' table for $login_name\n";
d177 1
a177 1
	    print "$script_name: record found for $login_name\n";
d184 1
a184 1
	    	print "$script_name: no further action in SINGLE db mode\n";
d203 1
a203 1
	    print "$script_name: performing insert\n";
d222 1
a222 1
	    print "$script_name: unable to perform insert: $!\n";
@


1.7.8.1
log
@Issue number: 4242
Reviewed by:  stack@@collab.net
Porting to branch several changes to the scripts which manipulate iz
users to reduce the number of db hits per operation.
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.9 2001/04/18 02:02:58 kmaples Exp $
d62 2
a99 3
# Default return value for this script:
my $return_code = 0;

d105 2
a106 2
    print "$script_name: list of usernames and realnames don't match\n";
    exit(1);
d131 2
a132 2
    # Some email address for issuezilla:
    my $login_name     = $usernames[$_] . '@@' . $domain_name;
d134 1
a134 1
    my $realname       = $realnames[$_];
d136 4
a139 4
    # Do the sql quoting for the values we're gonna play with:
    foreach($login_name, $realname, $disabled_login){
        $_ = $CONN->quote( $_ );
    }
d141 1
a141 1
    # Test and insert in the 'profiles' table:
d143 1
a143 11
    print "$script_name: checking for disabled record in 'profiles' table for $login_name\n";
    
    # There is the probability that this will be called on users that already exist;
    # in this case, we want to re-enable the account in the event that it was disabled,
    # and possibly update permissions

    if($multiple_dbs){
        # multiple db mode:
        # we want to honor the permissions that are being explicitly set
        # over any that might already be present, and enable the account in the 
        # event it was disabled: 
d146 1
a146 3
            login_name     = $login_name,
            groupset       = $issues_role, 
            disabledtext   = ''
a148 2
            OR
            login_name     = $login_name
a149 6
    } else {
        # Single db mode:
        # If we're in single-database mode, we're relegating the management 
        # of permissions in IZ to the adminstrator to handle through the 
        # interface provided by IZ; this command just ensures that if disbled
        # by helm, the account would be re-enabled:
a150 31
        $command = qq[
            UPDATE profiles SET
            login_name     = $login_name
            WHERE 
            login_name     = $disabled_login
            OR
            login_name     = $login_name
        ];
    }
    
    $select = $CONN->prepare($command);
    $ret    = $select->execute;

    if($ret && $ret ne '0E0'){
        # Regardless of the command that was executed, it was 
        # successful (returned a row), so no need for an insert:
        print "$script_name: record found and re-enabled.\n";
    } else {
        print "$script_name: no record updated; performing insert\n";
    
        $command = qq[
            INSERT INTO profiles SET
            login_name     = $login_name,
            password       = $issues_password,
            cryptpassword  = ENCRYPT($issues_password),
            realname       = $realname,
            groupset       = $issues_role,
            emailnotification = 'All',
            newemailtech   = 1
        ];
        
d154 2
a155 9
        unless($ret){
            # This represents a failure of some sort, but what is not
            # determined.  Presumably, either was already an account 
            # by that name, or there was a problem writing to the db.
            # However, since there may be a number of users that
            # this script is being run against, don't blow out here, but
            # make a note that all was not well:        
            print "$script_name: unable to perform insert: $!\n";
            $return_code = 1;
d157 64
a220 1
    }
a226 2
exit($return_code);

d230 18
@


1.7.8.2
log
@Issue number: 4242
Reviewed by:  stack@@collab.net
Porting from HEAD:
An optimization, and a bug fix: the script was incorrectly reporting mysql
noops as no record; inserts are now performed with IGNORE to prevent this
from incorrectly reporting such a circumstance as a script failure.  Any
inserts that need to be performed are now performed en masse.
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.11 2001/05/31 21:30:37 kmaples Exp $
a100 3
# array to hold data for insert:
my @@inserts;

d188 1
a188 1
        print "$script_name: record found and update\n";
d190 1
a190 12
        print "$script_name: no record updated; scheduling for insert\n";
        
        my $istr = qq{($login_name, $issues_password, ENCRYPT($issues_password), 
             $realname, $issues_role, 'All', 1)};
        
        push(@@inserts, $istr);      
    }
}

# Done updating users; now perform any inserts that were scheduled:
if(@@inserts){
    print "$script_name: performing inserts\n";
d192 10
a201 17
    my $insert_values = join(',', @@inserts);

    # There are two conditions that might have led us to these inserts;
    # either there was no row above to update (hence the need to 
    # create a record), or the update was identical to the existing
    # row, so mysql ignored it and returned no rows.  For this 
    # reason, we're obliged to use 'IGNORE' here, meaning that it's
    # possible that inserts will be attempted where duplicate 
    # keys exist:
    
    $command = qq[
        INSERT IGNORE INTO profiles
        (login_name, password, cryptpassword,
            realname, groupset, emailnotification, newemailtech)
        VALUES
            $insert_values
    ];
d203 2
a204 2
    $select = $CONN->prepare($command);
    $ret    = $select->execute;
d206 10
a215 9
    unless($ret){
        # This represents a failure of some sort, but what is not
        # determined.  Presumably, either was already an account 
        # by that name, or there was a problem writing to the db.
        # However, since there may be a number of users that
        # this script is being run against, don't blow out here, but
        # make a note that all was not well:        
        print "$script_name: unable to perform insert: $!\n";
        $return_code = 1;
a227 1

@


1.6
log
@Implemented the following changes to support single-db installations of
IZ based on conversations with CC - these changes only apply to elements
in issuezilla.  When IZ is in single-db mode:

* Users are added if the do not exist
* User roles are flattened to either 'observer' or 'admin'
* User accounts are NOT updated with new permissions if they already exist
* User accounts are NOT deleted
* Projects are NOT deleted

The presumption in most/all of these cases is that the admin will be
responsible for manually performing these functions through IZs interface.
All of these changes are to prevent helm updates from inadvertently trashing
users' priviliges in one project when they are changed in another project,
since in single-db mode there's no provision for differentiation.  I
expect to refine this in the near-future.
@
text
@d50 1
a50 1
# $Id: issuezilla-user-add,v 1.5 2000/12/27 22:57:44 kmaples Exp $
d115 1
a115 1
my $dbc = "DBI:mysql:$dbname";
@


1.5
log
@Framework changes to recognize whether database type is set to single or
multiple.  This implements no changes in the behavior of the scripts, only
changes in the framework.
@
text
@a48 1

d50 1
a50 1
# $Id: issuezilla-user-add,v 1.4 2000/12/08 23:58:26 kmaples Exp $
d133 1
a133 1
        my $disabled_login = $disabled_pfx . $login_name; 
d142 1
a142 1
        # 1. account exists, but was disabled:
d158 1
a158 1
        # 2. account exists:
d171 1
d173 10
@


1.4
log
@Changed the way in which users are treated when their accounts are created
or disabled - particularly when all of their roles have been revoked.  Now
when users are 'deleted' (and this can occur when they have had roles in the
project, but currently have had all roles revoked) the account is marked
'disabled' (to permit IZ to handle bugs to disabled users as it wishes) and
the account is renamed 'ex-'{accountname}, preventing anyone from being
able to log in with this account, but allowing the disabled user to query
and otherwise use an open source project's database as they would if they
were a registered user without an issuzilla account.
@
text
@d51 1
a51 1
# $Id: issuezilla-user-add,v 1.3 2000/11/16 04:36:42 kmaples Exp $
d73 2
@


1.3
log
@Fixing user addition.
@
text
@d51 1
a51 1
# $Id: issuezilla-user-add,v 1.2 2000/11/16 00:38:49 kmaples Exp $
d84 4
a87 1
 
d131 3
a133 2
	my $login_name = $usernames[$_] . '@@' . $domain_name;
	my $realname   = $realnames[$_];
d136 1
a136 1
	foreach($login_name, $realname){
d141 17
@


1.3.2.1
log
@Importing into branch.  These changes alter how users are added/deleted,
such that the revokation of all roles on a project will treat the user as
a 'registered user' rather than persona non grata.  Resolves bug reported
as http://idendev.sc-support.sp.collab.net/issues/show_bug.cgi?id=7
@
text
@d51 1
a51 1
# $Id: $
d84 1
a84 4

# Prefix used to denote disabled accounts:
my $disabled_pfx = 'ex-'; 

d128 2
a129 3
	my $login_name     = $usernames[$_] . '@@' . $domain_name;
        my $disabled_login = $disabled_pfx . $login_name; 
	my $realname       = $realnames[$_];
d132 1
a132 1
	foreach($login_name, $realname, $disabled_login){
a136 17
        # 1. account exists, but was disabled:
	print "$script_name: checking for disabled record in 'profiles' table for $login_name\n";
        $command = qq[
            UPDATE profiles SET
            login_name     = $login_name
            WHERE 
            login_name     = $disabled_login
        ];

        $select = $CONN->prepare($command);
        $ret    = $select->execute;

        if($ret && $ret ne '0E0'){
            print "$script_name: record found, re-enabled.\n";
        }
     
        # 2. account exists:
@


1.2
log
@Changed presumptive mailing addresses to be <user>@@<project>.<domain>
@
text
@d51 1
a51 1
# $Id: issuezilla-user-add,v 1.1.1.1 2000/11/12 21:17:38 dlr Exp $
d128 1
a128 1
	my $login_name = $usernames[$_] . '@@' . $project_name . '.' . $domain_name;
@


1.1
log
@Initial revision
@
text
@d51 1
a51 1
# $Id: issuezilla-user-add,v 1.11 2000/11/01 20:28:31 kmaples Exp $
d67 6
a72 5
my $dbname             = $ARGV[0] || '';
my $domain_name        = $ARGV[1] || '';
my $issues_realname    = $ARGV[2] || ''; # : - sep. list
my $issues_username    = $ARGV[3] || ''; # : - sep. list
my $issues_role        = $ARGV[4] || '';
d128 1
a128 1
	my $login_name = $usernames[$_] . '@@' . $domain_name;
@


1.1.1.1
log
@Merging newhelm tree into helm, as per IZ issue #557.  Previous major version of helm is tagged TIGRIS_NOV_11_2000.
@
text
@@


1.1.1.2
log
@Replacing the HEAD with the HELM_PEER_PORT_BRANCH.
@
text
@d49 1
d51 1
a51 1
# $Id: issuezilla-user-add,v 1.7 2001/01/13 02:04:52 kmaples Exp $
d67 5
a71 8
my $project_name       = $ARGV[0] || '';
my $dbname             = $ARGV[1] || '';
my $domain_name        = $ARGV[2] || '';
my $issues_realname    = $ARGV[3] || ''; # : - sep. list
my $issues_username    = $ARGV[4] || ''; # : - sep. list
my $issues_role        = $ARGV[5] || '';
my $multiple_dbs       = $ARGV[6] || '';
  
d83 1
a83 4

# Prefix used to denote disabled accounts:
my $disabled_pfx = 'ex-'; 

d110 1
a110 1
my $dbc = join(':',"DBI:mysql:$dbname",$ENV{DATABASE_HOST},$ENV{DATABASE_PORT});
d127 2
a128 3
	my $login_name     = $usernames[$_] . '@@' . $domain_name;
    my $disabled_login = $disabled_pfx . $login_name; 
	my $realname       = $realnames[$_];
d131 1
a131 1
	foreach($login_name, $realname, $disabled_login){
a135 17
    # 1. account exists, but was disabled:
	print "$script_name: checking for disabled record in 'profiles' table for $login_name\n";
        $command = qq[
            UPDATE profiles SET
            login_name     = $login_name
            WHERE 
            login_name     = $disabled_login
        ];

        $select = $CONN->prepare($command);
        $ret    = $select->execute;

        if($ret && $ret ne '0E0'){
            print "$script_name: record found, re-enabled.\n";
        }
     
    # 2. account exists:
a147 1
	    
a148 10
	    
	    # If we're in single-database mode, that's it - this is success
	    # since we're relegating the management of permissions in IZ to
	    # the adminstrator to handle through the interface:
	    
	    unless($multiple_dbs){
	    	print "$script_name: no further action in SINGLE db mode\n";
	    	next;
	    } 
	    
@

