diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2017-05-15 10:49:38 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2017-05-15 10:49:38 -0700 |
| commit | 1cd83e5112019111a8f6c16eacd5264a95abcfb2 (patch) | |
| tree | f2168c6a593233a54de0a67bbc0a0f7390d2f1e4 | |
| parent | 9d1c56465919772772ec8b11fec196c8506865bb (diff) | |
separate edit and delete rights for customer notes, RT#76001
| -rw-r--r-- | FS/FS/AccessRight.pm | 1 | ||||
| -rw-r--r-- | FS/FS/access_right.pm | 1 | ||||
| -rw-r--r-- | httemplate/misc/delete-note.html | 4 | ||||
| -rw-r--r-- | httemplate/view/cust_main/menu.html | 2 | ||||
| -rw-r--r-- | httemplate/view/cust_main/notes/notes.html | 16 |
5 files changed, 14 insertions, 10 deletions
diff --git a/FS/FS/AccessRight.pm b/FS/FS/AccessRight.pm index 285a770..2d95953 100644 --- a/FS/FS/AccessRight.pm +++ b/FS/FS/AccessRight.pm @@ -258,6 +258,7 @@ tie my %rights, 'Tie::IxHash', 'Customer note and attachment rights' => [ 'Add customer note', #NEW 'Edit customer note', #NEW + 'Delete customer note', #NEWEST 'View attachments', #NEW 'Browse attachments', #NEW 'Download attachment', #NEW diff --git a/FS/FS/access_right.pm b/FS/FS/access_right.pm index 1a0a1cb..f1614ff 100644 --- a/FS/FS/access_right.pm +++ b/FS/FS/access_right.pm @@ -258,6 +258,7 @@ sub _upgrade_data { # class method ], 'Resend invoices' => 'Print and mail invoices', 'List customers' => 'Customers: Customer churn report', + 'Edit customer note' => 'Delete customer note', ); # foreach my $old_acl ( keys %onetime ) { diff --git a/httemplate/misc/delete-note.html b/httemplate/misc/delete-note.html index 436326f..e6d2127 100644 --- a/httemplate/misc/delete-note.html +++ b/httemplate/misc/delete-note.html @@ -1,6 +1,6 @@ <%init> die "access denied" - unless $FS::CurrentUser::CurrentUser->access_right('Edit customer note'); + unless $FS::CurrentUser::CurrentUser->access_right('Delete customer note'); my ($notenum) = $cgi->keywords; $notenum =~ /^\d+$/ or die "bad notenum '$notenum'"; @@ -8,4 +8,4 @@ my $note = FS::cust_main_note->by_key($notenum) or die "notenum '$notenum' not found"; $note->delete; </%init> -<% $cgi->redirect($p.'view/cust_main.cgi?'.$note->custnum) %> +<% $cgi->redirect($p.'view/cust_main.cgi?custnum='.$note->custnum. ';show=notes') %> diff --git a/httemplate/view/cust_main/menu.html b/httemplate/view/cust_main/menu.html index 9e910f8..dcba1fb 100644 --- a/httemplate/view/cust_main/menu.html +++ b/httemplate/view/cust_main/menu.html @@ -206,7 +206,7 @@ my @menu = ( confexists => '!cust_main-disable_notes', acl => 'Add customer note', width => 875, - height => 538, + height => 548, }, { label => 'Attach file', diff --git a/httemplate/view/cust_main/notes/notes.html b/httemplate/view/cust_main/notes/notes.html index f998ba4..c643003 100644 --- a/httemplate/view/cust_main/notes/notes.html +++ b/httemplate/view/cust_main/notes/notes.html @@ -69,19 +69,21 @@ function display_notes_classnum (classnum) { % "?custnum=$custnum". % ";notenum=$notenum", % 'actionlabel' => emt('Edit customer note'), -% 'width' => 616, -% 'height' => 575, +% 'width' => 875, +% 'height' => 548, % 'frame' => 'top', % ); % my $clickjs = qq!onclick="$onclick"!; % % my $edit = ''; -% if ($curuser->access_right('Edit customer note') ) { +% if ( $curuser->access_right('Edit customer note') ) { +% $edit = qq! <A HREF="javascript:void(0);" $clickjs>(!.emt('edit').')</A>'; +% } +% if ( $curuser->access_right('Delete customer note') ) { % my $delete_url = $fsurl.'misc/delete-note.html?'.$notenum; -% $edit = qq! <A HREF="javascript:void(0);" $clickjs>(!.emt('edit').')</A>'. -% qq! <A HREF="$delete_url" !. -% qq! onclick="return confirm('Delete this note?')">!. -% '('.emt('delete').')</A>'; +% $edit .= qq! <A HREF="$delete_url" !. +% qq! onclick="return confirm('Delete this note?')">!. +% '('.emt('delete').')</A>'; % } % <TR CLASS="grid custnote<% $note->sticky ? ' stickynote' : '' %>" |