| 29 |
- |
1 |
#!/usr/bin/perl
|
|
|
2 |
|
|
|
3 |
# Redirect error messages to a log of my choosing. (it's annoying to filter for errors in the shared env)
|
|
|
4 |
#my $error_log_path = $ENV{SERVER_NAME} eq "volunteers.rollercon.com" ? "/home3/rollerco/logs/" : "/tmp/";
|
|
|
5 |
#close STDERR;
|
|
|
6 |
#open STDERR, '>>', $error_log_path.'vorc_error.log' or warn "Failed to open redirected logfile ($0): $!";
|
|
|
7 |
#warn "Redirecting errors to ${error_log_path}vorc_error.log";
|
|
|
8 |
|
|
|
9 |
use strict;
|
|
|
10 |
use PEEPS;
|
|
|
11 |
use CGI qw/param header start_html url/;
|
|
|
12 |
use CGI::Cookie;
|
|
|
13 |
our $h = HTML::Tiny->new( mode => 'html' );
|
|
|
14 |
my $dbh = getRCDBH ();
|
|
|
15 |
|
|
|
16 |
my $cookie_string = authenticate (1) || die;
|
|
|
17 |
my ($EML, $PWD, $LVL) = split /&/, $cookie_string;
|
|
|
18 |
my $user = $ORCUSER;
|
|
|
19 |
#my $activated = $ORCUSER->{access};
|
|
|
20 |
|
|
|
21 |
my %FIELDS = (
|
|
|
22 |
id => 5,
|
|
|
23 |
policy_name => 10,
|
|
|
24 |
fee => 15,
|
|
|
25 |
person_id => 20,
|
|
|
26 |
created => 25,
|
|
|
27 |
start => 30,
|
|
|
28 |
end => 35,
|
|
|
29 |
active => 40,
|
|
|
30 |
terminated => 45,
|
|
|
31 |
policy_id => 50,
|
|
|
32 |
square_id => 55
|
|
|
33 |
);
|
|
|
34 |
sub byfield { $FIELDS{$a} <=> $FIELDS{$b}; }
|
|
|
35 |
|
|
|
36 |
|
|
|
37 |
#foreach (sort keys %ENV) {
|
|
|
38 |
# warn "$_: $ENV{$_}";
|
|
|
39 |
#}
|
|
|
40 |
|
|
|
41 |
use DateTime;
|
|
|
42 |
my $dt = DateTime->today;
|
|
|
43 |
$dt =~ s/T00\:00\:00$//;
|
|
|
44 |
|
|
|
45 |
my $coverage_id = WebDB::trim scalar param ("id") // ERROR ("Missing PolicyID", "Can't view a policy without an ID to look for.", "No PolicyID provided to View Policy");
|
|
|
46 |
my $userid = WebDB::trim scalar param ("userid") // $user->{id};
|
| 59 |
- |
47 |
my $terminate = WebDB::trim scalar param ("terminate") // undef;
|
|
|
48 |
my $reinstate = WebDB::trim scalar param ("reinstate") // undef;
|
| 29 |
- |
49 |
|
|
|
50 |
my $coverage = getCoverageByID ($coverage_id, $userid) // ERROR ("PolicyID Not Found", "Can't find a policy (that belongs to this user) with that ID.", "PolicyID provided to View Policy not found");
|
|
|
51 |
|
| 59 |
- |
52 |
if ($terminate) {
|
|
|
53 |
ERROR ("Unauthorized", "Only System Admins can terminate a policy", "SECURITY: Attempt to terminate policy $coverage->{id} for $coverage->{person_id}") unless $user->{SYSADMIN};
|
|
|
54 |
ERROR ("Invalid Policy", "You attempted to terminate a policy that isn't valid", "Attempted to terminate invalid policy $coverage->{id} for $coverage->{person_id}") unless isPersonCovered ($coverage->{person_id}) eq $coverage->{id};
|
|
|
55 |
|
|
|
56 |
# We've checked that they're a SysAdmin and that this is the current valid policy. Go ahead and terminate it.
|
|
|
57 |
use WebDB;
|
|
|
58 |
my $dbh = WebDB::connect;
|
|
|
59 |
|
|
|
60 |
$dbh->do ("update coverage set coverage.terminated = date(now()), active = null where id = ? and person_id = ?", undef, $coverage->{id}, $coverage->{person_id});
|
|
|
61 |
logit ($user->{id}, "Terminated policy $coverage->{id} for person $coverage->{person_id}");
|
|
|
62 |
logit ($coverage->{person_id}, "Policy $coverage->{id} was terminated by a System Admin");
|
|
|
63 |
|
|
|
64 |
$coverage = getCoverageByID ($coverage_id, $userid);
|
|
|
65 |
}
|
|
|
66 |
|
|
|
67 |
if ($reinstate) {
|
|
|
68 |
ERROR ("Unauthorized", "Only System Admins can reinstate a policy", "SECURITY: Attempt to reinstate policy $coverage->{id} for $coverage->{person_id}") unless $user->{SYSADMIN};
|
|
|
69 |
ERROR ("Invalid Policy", "You attempted to reinstate a policy that isn't valid", "Attempted to reinstate invalid policy $coverage->{id} for $coverage->{person_id}") unless $coverage->{terminated} =~ /^\d{4}-\d{2}-\d{2}$/;
|
|
|
70 |
|
|
|
71 |
# We've checked that they're a SysAdmin and that this is the current valid policy. Go ahead and terminate it.
|
|
|
72 |
use WebDB;
|
|
|
73 |
my $dbh = WebDB::connect;
|
|
|
74 |
|
|
|
75 |
($coverage->{still_valid}) = $dbh->selectrow_array ("select if(datediff(?, date(now())) >= 0, 1, 0)", undef, $coverage->{end});
|
|
|
76 |
ERROR ("Invalid Policy", "You attempted to reinstate a policy that ended before today", "Attempted to reinstate already ended policy $coverage->{id} for $coverage->{person_id}") unless $coverage->{still_valid};
|
|
|
77 |
|
|
|
78 |
$dbh->do ("update coverage set coverage.terminated = null, active = 1 where id = ? and person_id = ?", undef, $coverage->{id}, $coverage->{person_id});
|
|
|
79 |
logit ($user->{id}, "Reinstated policy $coverage->{id} for person $coverage->{person_id}");
|
|
|
80 |
logit ($coverage->{person_id}, "Policy $coverage->{id} was reinstated by a System Admin");
|
|
|
81 |
|
|
|
82 |
$coverage = getCoverageByID ($coverage_id, $userid);
|
|
|
83 |
}
|
|
|
84 |
|
|
|
85 |
if ($coverage->{terminated}) {
|
|
|
86 |
use WebDB;
|
|
|
87 |
my $dbh = WebDB::connect;
|
|
|
88 |
|
|
|
89 |
($coverage->{still_valid}) = $dbh->selectrow_array ("select if(datediff(?, date(now())) >= 0, 1, 0)", undef, $coverage->{end});
|
|
|
90 |
}
|
|
|
91 |
|
|
|
92 |
#$coverage->{active} = $coverage->{active} ? "True" : "False";
|
|
|
93 |
$coverage->{active} = isPersonCovered ($coverage->{person_id}) eq $coverage->{id} ? "True" : "False";
|
|
|
94 |
$coverage->{terminated} = "False" unless $coverage->{terminated};
|
| 29 |
- |
95 |
$coverage->{created} .= " UTC";
|
| 59 |
- |
96 |
$coverage->{terminated} .= ($user->{SYSADMIN} and isPersonCovered ($coverage->{person_id}) eq $coverage->{id}) ? " ".$h->button ({onClick=>"if (confirm('Are you sure you want to terminate this policy?')) { window.location.href='view_policy?terminate=true&id=$coverage->{id}&userid=$coverage->{person_id}'; } else { return false; }"}, "Terminate") : "";
|
|
|
97 |
$coverage->{terminated} .= ($user->{SYSADMIN} and $coverage->{terminated} =~ /^\d{4}-\d{2}-\d{2}$/ and $coverage->{still_valid}) ? " ".$h->button ({onClick=>"if (confirm('Are you sure you want to reinstate this policy?')) { window.location.href='view_policy?reinstate=true&id=$coverage->{id}&userid=$coverage->{person_id}'; } else { return false; }"}, "Reinstate") : "";
|
| 29 |
- |
98 |
|
| 59 |
- |
99 |
$coverage->{person_id} = $coverage->{person_id} ? $h->a ({ href=>"view_user?person_id=$coverage->{person_id}" }, $coverage->{person_id}." [".getUser ($coverage->{person_id})->{derby_name}."]") : "";
|
|
|
100 |
|
| 29 |
- |
101 |
print header (-cookie=>CGI::Cookie->new(-name=>'PEEPSAUTH',-value=>"$cookie_string"));
|
|
|
102 |
printRCHeader("View Policy: ".$coverage_id);
|
|
|
103 |
|
|
|
104 |
|
|
|
105 |
print $h->div ({ class=>"index" }, [$h->p ({ class=>"heading" }, "Policy Details:"),
|
|
|
106 |
$h->div ({ class=>"rTable", style=>"min-width: 0%;" }, [
|
| 30 |
- |
107 |
$h->div ({ class=>"rTableRow" }, map { [$h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, ucfirst ($_).": ", $coverage->{$_})] } sort byfield grep { exists $FIELDS{$_} } keys %{$coverage})]),
|
| 35 |
- |
108 |
$h->p ($h->input ({ type=>"button", onClick=>"window.location.href='$ENV{HTTP_REFERER}'", value=>"Back"}))]);
|
| 29 |
- |
109 |
|
| 30 |
- |
110 |
|
| 29 |
- |
111 |
print $h->close ("body"), $h->close ("html");
|
|
|
112 |
|
|
|
113 |
|
|
|
114 |
|
|
|
115 |
|
|
|
116 |
|
|
|
117 |
|
|
|
118 |
|
|
|
119 |
|
|
|
120 |
sub ERROR {
|
|
|
121 |
my $header = shift // "Unknown Error";
|
|
|
122 |
my $text = shift // "Something unexpectedly bad happened.";
|
|
|
123 |
my $logmsg = shift // "Unknown Error happened while viewing the Attestation page";
|
|
|
124 |
|
|
|
125 |
print header (-cookie=>CGI::Cookie->new(-name=>'PEEPSAUTH',-value=>"$cookie_string"));
|
|
|
126 |
printRCHeader("Atttestation");
|
|
|
127 |
print $h->close ("table");
|
|
|
128 |
print $h->h2 ($header);
|
|
|
129 |
print $h->div ({ style=>"max-width:450px;" }, $text, " ");
|
|
|
130 |
print $h->button ({onclick => "window.location.href='/';"}, "Home");
|
|
|
131 |
print $h->close ("BODY", "HTML");
|
|
|
132 |
logit ($user->{id}, $logmsg);
|
|
|
133 |
exit;
|
|
|
134 |
}
|
|
|
135 |
|