From f8a2b88692e21d46799738c13d4d12cfa95b4152 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Fri, 23 Jun 2023 17:33:51 +0200
Subject: hotspot-to-wpa: support non-local users

This has some limitations, though: The password is not known and
additional configuration can not be given in user's comment.
---
 doc/hotspot-to-wpa.md | 3 +++
 global-functions.rsc  | 2 +-
 hotspot-to-wpa.rsc    | 5 ++++-
 news-and-changes.rsc  | 1 +
 4 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md
index 0abe18b..097cba4 100644
--- a/doc/hotspot-to-wpa.md
+++ b/doc/hotspot-to-wpa.md
@@ -54,6 +54,9 @@ Create hotspot login credentials:
     /ip/hotspot/user/add comment="Test User 1" name=user1 password=v3ry;
     /ip/hotspot/user/add comment="Test User 2" name=user2 password=s3cr3t;
 
+This also works with authentication via radius, but is limited then:
+Additional information is not available, including the password.
+
 Additionally templates can be created to give more options for access list:
 
 * `action`: set to `reject` to ignore logins on that hotspot
diff --git a/global-functions.rsc b/global-functions.rsc
index 1f1cfa1..0378775 100644
--- a/global-functions.rsc
+++ b/global-functions.rsc
@@ -12,7 +12,7 @@
 :local 0 "global-functions";
 
 # expected configuration version
-:global ExpectedConfigVersion 101;
+:global ExpectedConfigVersion 102;
 
 # global variables not to be changed by user
 :global GlobalFunctionsReady false;
diff --git a/hotspot-to-wpa.rsc b/hotspot-to-wpa.rsc
index d7aeb65..ede4daf 100644
--- a/hotspot-to-wpa.rsc
+++ b/hotspot-to-wpa.rsc
@@ -25,7 +25,10 @@ $ScriptLock $0;
 }
 
 :local Date [ /system/clock/get date ];
-:local UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
+:local UserVal ({});
+:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={
+  :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ];
+}
 :local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ];
 :local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ];
 
diff --git a/news-and-changes.rsc b/news-and-changes.rsc
index e33a7db..b062c5e 100644
--- a/news-and-changes.rsc
+++ b/news-and-changes.rsc
@@ -15,6 +15,7 @@
   99="Modified 'dhcp-to-dns', which dropped global configuration. Settings moved to dhcp server's network definitions.";
   100="The script 'ssh-keys-import' became a module 'mod/ssh-keys-import' with enhanced functionality.";
   101="Introduced new script 'fw-addr-lists' to download, import and update firewall address-lists.";
+  102="Modified 'hotspot-to-wpa' to support non-local (radius) users.";
 };
 
 # Migration steps to be applied on script updates
-- 
cgit v1.2.3-54-g00ecf