diff options
| author | Mitch Jackson <mitch@freeside.biz> | 2018-07-17 22:14:07 -0500 |
|---|---|---|
| committer | Mitch Jackson <mitch@freeside.biz> | 2018-07-18 18:09:33 +0000 |
| commit | 81fe2b6311b181a32a81fa81fcccfff1c7d471d1 (patch) | |
| tree | 190a37dda195780ff8562efc4aed2b928d0f5634 | |
| parent | ea2858e409d074c635288824300de542c7615862 (diff) | |
RT# 32234 Change unmask_ss from global conf to group access right
| -rw-r--r-- | FS/FS/Conf.pm | 2 | ||||
| -rw-r--r-- | FS/FS/Upgrade.pm | 13 | ||||
| -rw-r--r-- | FS/FS/access_group.pm | 50 |
3 files changed, 63 insertions, 2 deletions
diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm index 9bdd67f..1b25cb5 100644 --- a/FS/FS/Conf.pm +++ b/FS/FS/Conf.pm @@ -2193,7 +2193,7 @@ and customer address. Include units.', { 'key' => 'unmask_ss', - 'section' => 'e-checks', + 'section' => 'deprecated', 'description' => "Don't mask social security numbers in the web interface.", 'type' => 'checkbox', }, diff --git a/FS/FS/Upgrade.pm b/FS/FS/Upgrade.pm index 3e04127..1f47217 100644 --- a/FS/FS/Upgrade.pm +++ b/FS/FS/Upgrade.pm @@ -192,6 +192,19 @@ If you need to continue using the old Form 477 report, turn on the $lh->maketext($_) if length($_); } } + + unless ( FS::upgrade_journal->is_done('deprecate_unmask_ss') ) { + if ( $conf->config_bool( 'unmask_ss' )) { + warn "'unmask_ssn' deprecated from global configuration\n"; + for my $access_group ( qsearch( access_group => {} )) { + $access_group->grant_access_right( 'Unmask customer SSN' ); + warn " - 'Unmask customer SSN' access right granted to '" . + $access_group->groupname . "' employee group\n"; + } + } + FS::upgrade_journal->set_done('deprecate_unmask_ss'); + } + } sub upgrade_overlimit_groups { diff --git a/FS/FS/access_group.pm b/FS/FS/access_group.pm index a2b9774..4f6c85b 100644 --- a/FS/FS/access_group.pm +++ b/FS/FS/access_group.pm @@ -2,6 +2,7 @@ package FS::access_group; use base qw( FS::m2m_Common FS::m2name_Common FS::Record ); use strict; +use Carp qw( croak ); use FS::Record qw( qsearch qsearchs ); use FS::access_right; @@ -137,6 +138,54 @@ sub access_right { ); } +=item grant_access_right RIGHTNAME + +Grant the specified specified FS::access_right record to this group. +Return the FS::access_right record. + +=cut + +sub grant_access_right { + my ( $self, $rightname ) = @_; + + croak "grant_access_right() requires \$rightname" + unless $rightname; + + my $access_right = $self->access_right( $rightname ); + return $access_right if $access_right; + + $access_right = FS::access_right->new({ + righttype => 'FS::access_group', + rightobjnum => $self->groupnum, + rightname => $rightname, + }); + if ( my $error = $access_right->insert ) { + die "grant_access_right() error: $error"; + } + + $access_right; +} + +=item revoke_access_right RIGHTNAME + +Revoke the specified FS::access_right record from this group. + +=cut + +sub revoke_access_right { + my ( $self, $rightname ) = @_; + + croak "revoke_access_right() requires \$rightname" + unless $rightname; + + my $access_right = $self->access_right( $rightname ) + or return; + + if ( my $error = $access_right->delete ) { + die "revoke_access_right() error: $error"; + } +} + =back =head1 BUGS @@ -148,4 +197,3 @@ L<FS::Record>, schema.html from the base documentation. =cut 1; - |